ansible roles are not copying template configuration into container hosts

[thatsk]

Issue Type

• Bug report

Molecule and Ansible details

ansible --version && molecule --version
ansible 2.7.10
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Apr  9 2019, 14:30:50) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]
molecule, version 2.20.1

Molecule installation method (one of):

• pip

Ansible installation method (one of):

• OS package

Detail any linters or test runners used:

dependency: name: galaxy driver: name: docker lint: name: yamllint platforms:

• name: inpup01p1 hostname: inpup01p1 image: puppetmaster:2.0 pre_build_image: True privileged: True volumes:
  • /sys/fs/cgroup:/sys/fs/cgroup:ro command: "/usr/sbin/init" capabilities:
  • SYS_ADMIN networks:
  • name: example
• name: nocon01p1 hostname: nocon01p1 image: centos:7.6 pre_build_image: True privileged: True volumes:
  • /sys/fs/cgroup:/sys/fs/cgroup:ro command: "/usr/sbin/init" capabilities:
  • SYS_ADMIN exposed_ports:
  • 8500/tcp
  • 8500/udp
  • 8301/tcp
  • 8301/udp published_ports:
  • 0.0.0.0:8500:8500/tcp
  • 0.0.0.0:8500:8500/udp networks:
  • name: example
• name: nocon02p1 hostname: nocon02p1 image: centos:7.6 pre_build_image: True privileged: True volumes:
  • /sys/fs/cgroup:/sys/fs/cgroup:ro command: "/usr/sbin/init" capabilities:
  • SYS_ADMIN exposed_ports:
  • 8500/tcp
  • 8500/udp
  • 8301/tcp
  • 8301/udp networks:
  • name: example
• name: nocon03p1 hostname: nocon03p1 image: centos:7.6 pre_build_image: True privileged: True volumes:
  • /sys/fs/cgroup:/sys/fs/cgroup:ro command: "/usr/sbin/init" capabilities:
  • SYS_ADMIN exposed_ports:
  • 8500/tcp
  • 8500/udp
  • 8301/tcp
  • 8301/udp networks:
  • name: example
• name: nocon04p1 hostname: nocon04p1 image: centos:7.6 pre_build_image: True privileged: True volumes:
  • /sys/fs/cgroup:/sys/fs/cgroup:ro command: "/usr/sbin/init" capabilities:
  • SYS_ADMIN exposed_ports:
  • 8500/tcp
  • 8500/udp
  • 8301/tcp
  • 8301/udp networks:
  • name: example provisioner: name: ansible options: vvv: true lint: name: ansible-lint playbooks: prepare: prepare.yaml env: ANSIBLE_ROLES_PATH: ../resources/roles/ verifier: name: testinfra lint: name: flake8

prepare.yaml

• hosts: nocon01p1, nocon02p1, nocon03p1 gather_facts: true vars: hosts_add_basic_ipv6: false hosts_add_ansible_managed_hosts: true hosts_network_interface: eth1 hosts_entries:
  • name: pulp ip: 10.173.96.177 aliases:
    • pulp roles:
      • hosts

i am using this roles
https://github.com/bertvv/ansible-role-hosts.git

Desired Behavior

it should modify hosts file of every container.

Actual Behaviour

The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_copy_payload_lofnwe/ansible_copy_payload.zip/ansible/module_utils/basic.py", line 2592, in atomic_move
    os.rename(b_tmp_dest_name, b_dest)
OSError: [Errno 16] Device or resource busy

fatal: [nocon01p1]: FAILED! => {
    "changed": false,
    "checksum": "4b3f405fab4e3570f9bae91a12c2475c1d8feef1",
    "diff": [],
    "invocation": {
        "module_args": {
            "_original_basename": "etc_hosts.j2",
            "attributes": null,
            "backup": false,
            "checksum": "4b3f405fab4e3570f9bae91a12c2475c1d8feef1",
            "content": null,
            "delimiter": null,
            "dest": "/etc/hosts",
            "directory_mode": null,
            "follow": false,
            "force": true,
            "group": "root",
            "local_follow": null,
            "mode": 420,
            "owner": "root",
            "regexp": null,
            "remote_src": null,
            "selevel": null,
            "serole": null,
            "setype": null,
            "seuser": null,
            "src": "/root/.ansible/tmp/ansible-tmp-1558616775.13-94474003016736/source",
            "unsafe_writes": null,
            "validate": null
        }
    },
    "msg": "Unable to make /root/.ansible/tmp/ansible-tmp-1558616775.13-94474003016736/source into to /etc/hosts, failed final rename from /etc/.ansible_tmpV1vvPLhosts: [Errno 16] Device or resource busy"
}
The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_copy_payload_Ptxd2h/ansible_copy_payload.zip/ansible/module_utils/basic.py", line 2592, in atomic_move
    os.rename(b_tmp_dest_name, b_dest)
OSError: [Errno 16] Device or resource busy

fatal: [nocon02p1]: FAILED! => {
    "changed": false,
    "checksum": "a7779bc0e68106719907e1a97bf50d1cdae8b2e7",
    "diff": [],
    "invocation": {
        "module_args": {
            "_original_basename": "etc_hosts.j2",
            "attributes": null,
            "backup": false,
            "checksum": "a7779bc0e68106719907e1a97bf50d1cdae8b2e7",
            "content": null,
            "delimiter": null,
            "dest": "/etc/hosts",
            "directory_mode": null,
            "follow": false,
            "force": true,
            "group": "root",
            "local_follow": null,
            "mode": 420,
            "owner": "root",
            "regexp": null,
            "remote_src": null,
            "selevel": null,
            "serole": null,
            "setype": null,
            "seuser": null,
            "src": "/root/.ansible/tmp/ansible-tmp-1558616775.31-186801450187651/source",
            "unsafe_writes": null,
            "validate": null
        }
    },
    "msg": "Unable to make /root/.ansible/tmp/ansible-tmp-1558616775.31-186801450187651/source into to /etc/hosts, failed final rename from /etc/.ansible_tmpQrJsbPhosts: [Errno 16] Device or resource busy"
}
The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_copy_payload_Iy2DSa/ansible_copy_payload.zip/ansible/module_utils/basic.py", line 2592, in atomic_move
    os.rename(b_tmp_dest_name, b_dest)
OSError: [Errno 16] Device or resource busy

fatal: [nocon03p1]: FAILED! => {
    "changed": false,
    "checksum": "9c7e1cc5ddc28c69784f653c4a1e5ea229880706",
    "diff": [],
    "invocation": {
        "module_args": {
            "_original_basename": "etc_hosts.j2",
            "attributes": null,
            "backup": false,
            "checksum": "9c7e1cc5ddc28c69784f653c4a1e5ea229880706",
            "content": null,
            "delimiter": null,
            "dest": "/etc/hosts",
            "directory_mode": null,
            "follow": false,
            "force": true,
            "group": "root",
            "local_follow": null,
            "mode": 420,
            "owner": "root",
            "regexp": null,
            "remote_src": null,
            "selevel": null,
            "serole": null,
            "setype": null,
            "seuser": null,
            "src": "/root/.ansible/tmp/ansible-tmp-1558616775.32-192566833611638/source",
            "unsafe_writes": null,
            "validate": null
        }
    },
    "msg": "Unable to make /root/.ansible/tmp/ansible-tmp-1558616775.32-192566833611638/source into to /etc/hosts, failed final rename from /etc/.ansible_tmpspRaPhhosts: [Errno 16] Device or resource busy"
}

output of running molecule --debug.

[thatsk]

Even simple linefile is not working prepare.yaml

• hosts: nocon01p1, nocon02p1, nocon03p1 gather_facts: false tasks:

  • lineinfile: path: /etc/hosts line: '10.173.34.4 pulp'

  The full traceback is: Traceback (most recent call last): File "/tmp/ansible_lineinfile_payload_hYXOLU/ansible_lineinfile_payload.zip/ansible/module_utils/basic.py", line 2592, in atomic_move os.rename(b_tmp_dest_name, b_dest) OSError: [Errno 16] Device or resource busy

  fatal: [nocon03p1]: FAILED! => { "changed": false, "invocation": { "module_args": { "attributes": null, "backrefs": false, "backup": false, "content": null, "create": false, "delimiter": null, "directory_mode": null, "firstmatch": false, "follow": false, "force": null, "group": null, "insertafter": null, "insertbefore": null, "line": "10.173.34.4 pulp", "mode": null, "owner": null, "path": "/etc/hosts", "regexp": null, "remote_src": null, "selevel": null, "serole": null, "setype": null, "seuser": null, "src": null, "state": "present", "unsafe_writes": null, "validate": null } }, "msg": "Unable to make /tmp/tmp0a7TiL into to /etc/hosts, failed final rename from /etc/.ansible_tmpkGWrPFhosts: [Errno 16] Device or resource busy" } The full traceback is: Traceback (most recent call last): File "/tmp/ansible_lineinfile_payload_Iut9n0/ansible_lineinfile_payload.zip/ansible/module_utils/basic.py", line 2592, in atomic_move os.rename(b_tmp_dest_name, b_dest) OSError: [Errno 16] Device or resource busy

  fatal: [nocon01p1]: FAILED! => { "changed": false, "invocation": { "module_args": { "attributes": null, "backrefs": false, "backup": false, "content": null, "create": false, "delimiter": null, "directory_mode": null, "firstmatch": false, "follow": false, "force": null, "group": null, "insertafter": null, "insertbefore": null, "line": "10.173.34.4 pulp", "mode": null, "owner": null, "path": "/etc/hosts", "regexp": null, "remote_src": null, "selevel": null, "serole": null, "setype": null, "seuser": null, "src": null, "state": "present", "unsafe_writes": null, "validate": null } }, "msg": "Unable to make /tmp/tmprzIiFY into to /etc/hosts, failed final rename from /etc/.ansible_tmpEoBNZQhosts: [Errno 16] Device or resource busy" } The full traceback is: Traceback (most recent call last): File "/tmp/ansible_lineinfile_payload_GiRQ72/ansible_lineinfile_payload.zip/ansible/module_utils/basic.py", line 2592, in atomic_move os.rename(b_tmp_dest_name, b_dest) OSError: [Errno 16] Device or resource busy

  fatal: [nocon02p1]: FAILED! => { "changed": false, "invocation": { "module_args": { "attributes": null, "backrefs": false, "backup": false, "content": null, "create": false, "delimiter": null, "directory_mode": null, "firstmatch": false, "follow": false, "force": null, "group": null, "insertafter": null, "insertbefore": null, "line": "10.173.34.4 pulp", "mode": null, "owner": null, "path": "/etc/hosts", "regexp": null, "remote_src": null, "selevel": null, "serole": null, "setype": null, "seuser": null, "src": null, "state": "present", "unsafe_writes": null, "validate": null } }, "msg": "Unable to make /tmp/tmppHrHa5 into to /etc/hosts, failed final rename from /etc/.ansible_tmpBM6vskhosts: [Errno 16] Device or resource busy" }

  PLAY RECAP ***** nocon01p1 : ok=0 changed=0 unreachable=0 failed=1 nocon02p1 : ok=0 changed=0 unreachable=0 failed=1 nocon03p1 : ok=0 changed=0 unreachable=0 failed=1

ERROR:

[decentral1se]

OSError: [Errno 16] Device or resource busy

Which driver are you using?

This seems like a driver issue and not something on the Molecule layer?

[anial-pro]

I found answer on this comment , may be it help.

[weshouman]

Same here, when I manually edit the /etc/hosts it works.
But when that's automated through ansible and being tested with molecule, that fails for both Centos and Ubuntu.

[sshnaidm]

Editing /etc/hosts in docker container is tricky. You'd better to use different driver for testing roles that edit /etc/hosts directly, with docker driver it won't work well.

[thatsk]

so whats the correct solution for this ?

[till]

Ran into this as well, so I understand that /etc/hosts is off-limit, but the reason why I think I need it is in order to make hostnames work between containers.

So for example:

platforms:
  - name: node1
    image: centos:8
    pre_build_image: True
    command: /sbin/init
    privileged: true
    tmpfs:
      - /run
      - /tmp
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:rw
      - /sys/fs/cgroup:/sys/fs/cgroup:ro
  - name: node2
    image: centos:8
    pre_build_image: True
    command: /sbin/init
    privileged: true
    tmpfs:
      - /run
      - /tmp
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:rw
      - /sys/fs/cgroup:/sys/fs/cgroup:ro

When I docker exec -it node2 bash, I can ping node2 but not node1. I can ping node1's IP though, but there is no mechanism to resolve it on node2.

I am going to work around it and see if I can resolve IPs on the node using my role and distribute these as facts and I saw others who run dnsmasq (in molecule), but I think that's a bit too much. :D Regardless, is there a better way to do this currently?

[sshnaidm]

Podman has option --no-hosts which prevents changing /etc/hosts file in a container and it will remain as is. If need I can add this option to podman driver. AFAIK there is no such an option in docker.

[till]

@sshnaidm I think I got a little further, but this doesn't have to do anything with Podman.

I think it's more about the following:

1. When I start two containers with docker, they can ping each other, as long as they are on the same network.
2. With molecule, I think the default is network_mode: host, this may prevent that.

I haven't dug into what changing network_mode and maybe a setting network explicitly does. But that's what I'll try as soon as the rest works. In the end, it seems like manipulating /etc/hosts is not necessary in this case.

The goal is still that "DNS resolution" works between node1 and node2, so e.g., they can ping each other:

When I docker exec -it node2 bash, I can ping node2 but not node1. I can ping node1's IP though, but there is no mechanism to resolve it on node2.

[sshnaidm]

The goal is still that "DNS resolution" works between node1 and node2, so e.g., they can ping each other:

In this case all you need it's a link between containers. It could be done with setting them into one network as you did or adding --link. After docker networking patch was merged I think you can do this in molecule config in latest version from github.

[ssbarnea]

This has nothing to do with Molecule, is pure Ansible user issue.

[ngueagho]

PLAY [Configuration du Serveur DNS] ***

TASK [Gathering Facts] **** ok: [ansible_workstation1] ok: [ansible_workstation2] ok: [ansible_workstation0]

TASK [configurez /etc/resolv.conf pour utiliser 8.8.8.8 comme serveur DNS] **** An exception occurred during task execution. To see the full traceback, use -vvv. The error was: OSError: [Errno 16] Device or resource busy: b'/etc/.ansible_tmp6y85_gofresolv.conf' -> b'/etc/resolv.conf' fatal: [ansible_workstation1]: FAILED! => {"changed": false, "checksum": "87820f535e606a45250a897a8523337050b93abe", "msg": "Unable to make b'/home/techuser/.ansible/tmp/ansible-tmp-1720471705.4055617-165732809405309/source' into to /etc/resolv.conf, failed final rename from b'/etc/.ansible_tmp6y85_gofresolv.conf': [Errno 16] Device or resource busy: b'/etc/.ansible_tmp6y85_gofresolv.conf' -> b'/etc/resolv.conf'"} An exception occurred during task execution. To see the full traceback, use -vvv. The error was: OSError: [Errno 16] Device or resource busy: b'/etc/.ansible_tmpuq8w1jsfresolv.conf' -> b'/etc/resolv.conf' fatal: [ansible_workstation0]: FAILED! => {"changed": false, "checksum": "87820f535e606a45250a897a8523337050b93abe", "msg": "Unable to make b'/home/techuser/.ansible/tmp/ansible-tmp-1720471705.4248533-90969129576217/source' into to /etc/resolv.conf, failed final rename from b'/etc/.ansible_tmpuq8w1jsfresolv.conf': [Errno 16] Device or resource busy: b'/etc/.ansible_tmpuq8w1jsfresolv.conf' -> b'/etc/resolv.conf'"} An exception occurred during task execution. To see the full traceback, use -vvv. The error was: OSError: [Errno 16] Device or resource busy: b'/etc/.ansible_tmpsjfwfjn4resolv.conf' -> b'/etc/resolv.conf' fatal: [ansible_workstation2]: FAILED! => {"changed": false, "checksum": "87820f535e606a45250a897a8523337050b93abe", "msg": "Unable to make b'/home/techuser/.ansible/tmp/ansible-tmp-1720471705.3882976-81280533466251/source' into to /etc/resolv.conf, failed final rename from b'/etc/.ansible_tmpsjfwfjn4resolv.conf': [Errno 16] Device or resource busy: b'/etc/.ansible_tmpsjfwfjn4resolv.conf' -> b'/etc/resolv.conf'"}

PLAY RECAP **** ansible_workstation0 : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
ansible_workstation1 : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
ansible_workstation2 : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0

i have the same problem