Closed balonik closed 5 years ago
So the line in launch_awx_task.sh would look like
ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -vvv -i "127.0.0.1," -c local -v -m postgresql_db -U $DATABASE_USER -a "name=$DATABASE_NAME owner=$DATABASE_USER login_user=$DATABASE_USER login_host=$DATABASE_HOST login_password=$DATABASE_PASSWORD port=$DATABASE_PORT maintenance_db=$DATABASE_NAME" all
I suppose this gets more tricky when using the postres docker image.
Raised a bug in ansible to get it fixed in the ansible module as an option https://github.com/ansible/ansible/issues/44978
Hello @balonik,
Thanks for creating this issue. Based on your most recent comment, this appears to be stemming from an ansible core issue and not AWX and so I am closing.
ISSUE TYPE
COMPONENT NAME
SUMMARY
launch_awx_task.sh and launch_awx.sh (in awx_web docker image) fails when
This is because of 'maintenance_db' concept of postgresql_db ansible module. The module first tries to connect to database specified in 'maintenance_db' parameter as the user specified.
ENVIRONMENT
STEPS TO REPRODUCE
Use AWX installer with external Postgres DB. External Postgres DB does not allow user 'awx' to connect to 'postgres' DB, for example such entry is not in pg_hba.conf file.
This is the line that causes the error: ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -vvv -i "127.0.0.1," -c local -v -m postgresql_db -U $DATABASE_USER -a "name=$DATABASE_NAME owner=$DATABASE_USER login_user=$DATABASE_USER login_host=$DATABASE_HOST login_password=$DATABASE_PASSWORD port=$DATABASE_PORT" all
EXPECTED RESULTS
AWX will start OK.
ACTUAL RESULTS
Following error will appear in the AWX logs during startup: An exception occurred during task execution. To see the full traceback, use -vvv. The error was: OperationalError: FATAL: no pg_hba.conf entry for host "172.18.0.3", user "awx", database "postgres", SSL off 127.0.0.1 | FAILED! => { "changed": false, "msg": "unable to connect to database: FATAL: no pg_hba.conf entry for host \"172.18.0.3\", user \"awx\", database \"postgres\", SSL off\n" }
ADDITIONAL INFORMATION
The easiest fix would be to add the 'maintenance_db' parameter to the specified call and hardcode it to the $DATABASE_NAME as it is expected the user will have access to AWX database.
Full traceback from the ansible call in awx_web:1.0.7.2 dockerhub image.