search

ansible / terraform-provider-ansible

community terraform provider for ansible
https://registry.terraform.io/providers/ansible/ansible/latest
GNU General Public License v3.0
195 stars 43 forks source link

resource "ansible_playbook" on proxmox (*GRPCProvider).ApplyResourceChange) error #43

Open jhalbrecht opened 1 year ago

jhalbrecht commented 1 year ago

On reddit I was asked to file an issue.

[timaoutloud](https://www.reddit.com/user/timaoutloud/)
OP
·
[1 hr. ago](https://www.reddit.com/r/Terraform/comments/11xikmg/comment/jp9i4vx/?utm_source=reddit&utm_medium=web2x&context=3)
Could the two of you file an issue for the engineers to take a look at this?

Problem

I tried to use the new ansible/ansible ansible_playbook resource in a simple .tf to create a vm on proxmox.

FWIW I experimented with changing the file name to a non existent play-book receiving the same error(s) either way. In the debugging it would be hady, for me, to have some indicaton of file exists.

[ERROR] vertex "ansible_playbook.playbook_initial" error: Plugin did not respond

Code

terraform {
    # required_version = ">= 0.13.0"
    required_providers {
        proxmox = {
            source = "telmate/proxmox"
            #version = "2.9.3"
        }
        ansible = {
            source = "ansible/ansible"
            version = "1.1.0"
       }
    }
}
resource "ansible_host" "allm" {
  name   = var.allmip
  groups = ["allm"]
  variables = {
    ansible_user                    = "root"
    ansible_ssh_private_key_file    = "root_id_rsa"
    ansible_python_interpreter      = "/usr/bin/python3"
    # ansible_ssh_common_args       = "-o StrictHostKeyChecking=no"
    # --ssh-common-args='-o StrictHostKeyChecking=no'
    # TODO: I'm setting these in the environment now, I'd prefer to provision it in the play book
    # export ANSIBLE_SSH_HOST_KEY_CHECKING=False    
    }
}
resource "terraform_data" "ansible_inventory" {
  provisioner "local-exec" {
    command = "ansible-inventory -i inventory.yml --graph --vars"
  }
  depends_on = [null_resource.wait_for_route]
}
resource "ansible_playbook" "playbook_initial" {
  # playbook   = "/home/jeffa/dev/devops/terraform/proximo/anythingllm/jtest.yml"
  playbook    = "jtest.yml"
  # playbook    = "nowayjtest.yml"
  name        = var.allmip
  verbosity   = "6"
  # replayable = true
  extra_vars = {
    // ansible_ssh_extra_args  = "-o StrictHostKeyChecking=no"
    // ansible_ssh_common_args ="'-o StrictHostKeyChecking=no'"
    // ansible_ssh_extra_args='-o StrictHostKeyChecking=no'
  }
  depends_on = [terraform_data.ansible_inventory]
}

Log extract

Ignore this in the log, I ran it on a host with updated ansible with the same results. terraform_data.ansible_inventory (local-exec): [WARNING]: Collection cloud.terraform does not support Ansible version 2.12.10

terraform_data.ansible_inventory: Creating...
2023-06-18T16:46:59.931-0700 [INFO]  Starting apply for terraform_data.ansible_inventory
2023-06-18T16:46:59.931-0700 [DEBUG] terraform_data.ansible_inventory: applying the planned Create change
terraform_data.ansible_inventory: Provisioning with 'local-exec'...
terraform_data.ansible_inventory (local-exec): Executing: ["/bin/sh" "-c" "ansible-inventory -i inventory.yml --graph --vars"]
terraform_data.ansible_inventory (local-exec): [WARNING]: Collection cloud.terraform does not support Ansible version 2.12.10
terraform_data.ansible_inventory (local-exec): @all:
terraform_data.ansible_inventory (local-exec):   |--@allm:
terraform_data.ansible_inventory (local-exec):   |  |--192.168.1.20
terraform_data.ansible_inventory (local-exec):   |  |  |--{ansible_python_interpreter = /usr/bin/python3}
terraform_data.ansible_inventory (local-exec):   |  |  |--{ansible_ssh_private_key_file = root_id_rsa}
terraform_data.ansible_inventory (local-exec):   |  |  |--{ansible_user = root}
terraform_data.ansible_inventory (local-exec):   |--@allmgroup:
terraform_data.ansible_inventory (local-exec):   |--@ungrouped:
terraform_data.ansible_inventory: Creation complete after 1s [id=79c37923-1530-96a2-747c-7791c8574e76]
2023-06-18T16:47:01.209-0700 [DEBUG] State storage *statemgr.Filesystem declined to persist a state snapshot
2023-06-18T16:47:01.213-0700 [WARN]  Provider "registry.terraform.io/ansible/ansible" produced an invalid plan for ansible_playbook.playbook_initial, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .replayable: planned value cty.True for a non-computed attribute
      - .extra_vars: planned value cty.NullVal(cty.Map(cty.String)) does not match config value cty.MapValEmpty(cty.String)
      - .diff_mode: planned value cty.False for a non-computed attribute
      - .force_handlers: planned value cty.False for a non-computed attribute
      - .ignore_playbook_failure: planned value cty.False for a non-computed attribute
      - .ansible_playbook_binary: planned value cty.StringVal("ansible-playbook") for a non-computed attribute
      - .check_mode: planned value cty.False for a non-computed attribute
ansible_playbook.playbook_initial: Creating...
2023-06-18T16:47:01.213-0700 [INFO]  Starting apply for ansible_playbook.playbook_initial
2023-06-18T16:47:01.213-0700 [DEBUG] ansible_playbook.playbook_initial: applying the planned Create change
2023-06-18T16:47:01.214-0700 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 2023/06/18 16:47:01 [DEBUG] setting computed for "args" from ComputedKeys
2023-06-18T16:47:01.214-0700 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 2023/06/18 16:47:01 [ANSIBLE ARGS]:
2023-06-18T16:47:01.214-0700 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 2023/06/18 16:47:01 [-vvvvvv -e hostname=192.168.1.20 jtest.yml]
2023-06-18T16:47:01.214-0700 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 2023/06/18 16:47:01 LOG [ansible-playbook]: playbook = jtest.yml
2023-06-18T16:47:01.215-0700 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 2023/06/18 16:47:01 Inventory /tmp/.inventory-3578779107.ini was created
2023-06-18T16:47:01.215-0700 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 2023/06/18 16:47:01 Temp Inventory File: /tmp/.inventory-3578779107.ini
2023-06-18T16:47:01.215-0700 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 2023/06/18 16:47:01 [TEMP DIR]: /tmp
2023-06-18T16:47:01.215-0700 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 2023/06/18 16:47:01 [INVENTORIES]:
2023-06-18T16:47:01.215-0700 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 2023/06/18 16:47:01 [/tmp/.inventory-3578779107.ini]
2023-06-18T16:47:02.265-0700 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 2023/06/18 16:47:02 ERROR [ansible-playbook]: couldn't run ansible-playbook
2023-06-18T16:47:02.265-0700 [DEBUG] provider.terraform-provider-ansible_v1.1.0: jtest.yml! There may be an error within your playbook.
2023-06-18T16:47:02.265-0700 [DEBUG] provider.terraform-provider-ansible_v1.1.0: exit status 4
2023-06-18T16:47:02.267-0700 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/ansible/ansible/1.1.0/linux_amd64/terraform-provider-ansible_v1.1.0 pid=130775 error="exit status 1"
2023-06-18T16:47:02.267-0700 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2023-06-18T16:47:02.267-0700 [ERROR] plugin.(*GRPCProvider).ApplyResourceChange: error="rpc error: code = Unavailable desc = error reading from server: EOF"
2023-06-18T16:47:02.269-0700 [DEBUG] State storage *statemgr.Filesystem declined to persist a state snapshot
2023-06-18T16:47:02.269-0700 [ERROR] vertex "ansible_playbook.playbook_initial" error: Plugin did not respond
_
_ Error: Plugin did not respond
_
_   with ansible_playbook.playbook_initial,
_   on anythingllm.tf line 91, in resource "ansible_playbook" "playbook_initial":
_   91: resource "ansible_playbook" "playbook_initial" {
_
_ The plugin encountered an error, and failed to respond to the plugin.(*GRPCProvider).ApplyResourceChange call. The plugin logs may contain more details.
_
2023-06-18T16:47:02.273-0700 [DEBUG] provider: plugin exited
jeffa@terraible:~/dev/devops/terraform/proximo/anythingllm$ cat /tmp/.inventory-3578779107.ini was created
[default]
192.168.1.20cat: was: No such file or directory
cat: created: No such file or directory
jeffa@terraible:~/dev/devops/terraform/proximo/anythingllm$
ashleyghooper commented 1 year ago

The plugin.(*GRPCProvider).ApplyResourceChange request was cancelled. seems to be a fairly generic error that is emitted when the ansible-playbook command terminates with an error.

In my case, one reason I saw it was because I'm using some wrapper scripts to enable connecting to Google Cloud instances using their Identity Aware Proxy (IAP). The script requires passing in an Ansible variable zone to specify the GCP zone, and this Ansible provider wasn't passing that variable through to the generated inventory file, even though I'd specified it on the ansible_host in Terraform. I was able to work around it by hard coding the zone in the vars section of the playbook.

luckpng commented 1 year ago

Hi guys!

I'm with the same problem here. In my case I'm creating a GCP VM and trying to apply the playbook with the same errors. The ansible_host is working properly but not ansible_playbook.

jtognazzi commented 1 year ago

https://github.com/ansible/terraform-provider-ansible/issues/37 Similar issue here, where the ansible_playbook resource is not using the ansible_user and ansible_host variables from ansible_host resource

lae commented 1 year ago

Like @ashleyghooper stated earlier, the error given is effectively a generic error masking the real error.

Ana provided some steps in #39 (outputting the playbook output via Terraform outputs) that should make these issues easier to debug and fix in practice, I think?

luckpng commented 1 year ago

Hello! The outputs.tf don't show anything useful to debug as stderr and stdout too

mehdi-ra commented 1 year ago

Hi. I got this error too, the problem was my playbook file. When your playbook file is failed you will get this error. It seems that there is not any proper error handling for these errors. You can get errors you are getting by setting ignore_playbook_failure to true for your ansible_playbook resource. then the logs of Ansible will be shown on your debug so you can debug the Ansible playbook. Without ignore_playbook_failure you will get:

 /tmp/.inventory-3619357673.ini /tmp/.inventory-3944771403.ini /tmp/.inventory-4016386583.ini]
2023-09-22T09:22:43.908+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 2023/09/22 09:22:43 ERROR [ansible-playbook]: couldn't run ansible-playbook
2023-09-22T09:22:43.908+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: ./ansible/site.yml! There may be an error within your playbook.
2023-09-22T09:22:43.908+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: exit status 2
2023-09-22T09:22:43.909+0330 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/ansible/ansible/1.1.0/linux_amd64/terraform-provider-ansible_v1.1.0 pid=605284 error="exit status 1"
2023-09-22T09:22:43.909+0330 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2023-09-22T09:22:43.909+0330 [ERROR] plugin.(*GRPCProvider).ApplyResourceChange: error="rpc error: code = Unavailable desc = error reading from server: EOF"
2023-09-22T09:22:43.935+0330 [DEBUG] State storage *statemgr.Filesystem declined to persist a state snapshot
2023-09-22T09:22:43.935+0330 [ERROR] vertex "module.dvh_cluster.ansible_playbook.kind_cluster" error: Plugin did not respond
╷
│ Error: Plugin did not respond
│ 
│   with module.dvh_cluster.ansible_playbook.kind_cluster,
│   on modules/kind-cluster/main.tf line 1, in resource "ansible_playbook" "kind_cluster":
│    1: resource "ansible_playbook" "kind_cluster" {
│ 
│ The plugin encountered an error, and failed to respond to the plugin.(*GRPCProvider).ApplyResourceChange call. The plugin logs may contain more details.

but when you set ignore_playbook_failure to true the debug logs become:

 /tmp/.inventory-3619357673.ini /tmp/.inventory-3944771403.ini /tmp/.inventory-4016386583.ini /tmp/.inventory-722659454.ini]
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 2023/09/22 09:30:26 ERROR [ansible-playbook]: couldn't run ansible-playbook
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: ./ansible/site.yml! There may be an error within your playbook.
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: exit status 2
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 2023/09/22 09:30:26 LOG [ansible-playbook]: 
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: PLAY [Install and create Kubernetes cluster] ***********************************
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: TASK [Include the kind-cluster role] *******************************************
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: /usr/lib/python3/dist-packages/paramiko/transport.py:219: CryptographyDeprecationWarning: Blowfish has been deprecated
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0:   "class": algorithms.Blowfish,
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: TASK [kind-cluster : include_tasks] ********************************************
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: included: /home/me0dira/Documents/projects/organizations/devopshobbies/dvh-cluster-provisioner/ansible/roles/kind-cluster/tasks/pre-install.yml for localhost
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: TASK [kind-cluster : Check Docker installation status] *************************
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: changed: [localhost]
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: TASK [kind-cluster : Fail if Docker is not installed] **************************
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: ok: [localhost] => {
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0:     "changed": false,
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0:     "msg": "All assertions passed"
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: }
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: TASK [kind-cluster : Add docker group to users {{ ansible_user }} groups] ******
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: fatal: [localhost]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'ansible_user' is undefined\n\nThe error appears to be in '/home/me0dira/Documents/projects/organizations/devopshobbies/dvh-cluster-provisioner/ansible/roles/kind-cluster/tasks/pre-install.yml': line 12, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Add docker group to users {{ ansible_user }} groups\n  ^ here\nWe could be wrong, but this one looks like it might be an issue with\nmissing quotes. Always quote template expression brackets when they\nstart a value. For instance:\n\n    with_items:\n      - {{ foo }}\n\nShould be written as:\n\n    with_items:\n      - \"{{ foo }}\"\n"}
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: PLAY RECAP *********************************************************************
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: localhost                  : ok=3    changed=1    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0   
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 
2023-09-22T09:30:26.011+0330 [DEBUG] provider.terraform-provider-ansible_v1.1.0: 2023/09/22 09:30:26 LOG [ansible-playbook]: didn't wait for playbook to execute: exec: Wait was already called
module.dvh_cluster.ansible_playbook.kind_cluster: Creation complete after 1s [id=2023-09-22 09:30:24.875399233 +0330 +0330 m=+0.072935028]
2023-09-22T09:30:26.036+0330 [DEBUG] State storage *statemgr.Filesystem declined to persist a state snapshot
2023-09-22T09:30:26.037+0330 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2023-09-22T09:30:26.038+0330 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/ansible/ansible/1.1.0/linux_amd64/terraform-provider-ansible_v1.1.0 pid=613412
2023-09-22T09:30:26.038+0330 [DEBUG] provider: plugin exited

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

and as you can see there is more information about what wrong is going on so you can start debugging.

gravesm commented 6 months ago

We have improved the logging in v1.2.0 of this provider. Can you confirm that this information is more easily available now?