Unable to provision environment

[nmarian85]

Was trying to provision a new env with the code that was working some time ago but now I got a failure. Any ideas on this ? Did something change on the CDP Control Plane schema for provisioning a new env ? cdpcli and the provisioning from the GUI seem to work ok. I have the latest collection version installed and the last version of cdpy.

- name: "Install CDP environment {{ env_name }}"
  cloudera.cloud.env:
    name: "{{ env_name }}"
    state: present
    vpc_id: "{{ env_vpc_id }}"
    credential: "{{ env_credential['credential_name'] }}"
    cloud: aws
    region: "{{ env_region }}"
    log_location: "{{ env_log_bucket }}"
    log_identity: "{{ env_log_role_instance_profile }}"
    public_key_text: "{{ env_public_key }}"
    default_sg: "{{ cdl_sg }}"
    knox_sg: "{{ cdl_sg }}"
    subnet_ids: "{{ env_subnets }}"
    workload_analytics: "{{ env_workload_analytics }}"
    tags: "{{ env_tags }}"
    tunnel: true
    endpoint_access_scheme: "PRIVATE"
    debug: true

fatal: [localhost]: FAILED! => {
    "changed": false,
    "error": "{'base_error': ClientError('An error occurred: An internal error has occurred. Retry your request, but if the problem persists, contact us with details by posting a message on the Cloudera Community forums. (Status Code: 500; Error Code: UNKNOWN; Service: environments; Operation: createAWSEnvironment; Request ID: 9379dd19-2189-4fa7-b756-46102518d473;)'), 'ext_traceback': ['  File \"/root/.ansible/tmp/ansible-tmp-1651159796.2873318-309-269697597535418/AnsiballZ_env.py\", line 107, in <module>\\n    _ansiballz_main()\\n', '  File \"/root/.ansible/tmp/ansible-tmp-1651159796.2873318-309-269697597535418/AnsiballZ_env.py\", line 99, in _ansiballz_main\\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\\n', '  File \"/root/.ansible/tmp/ansible-tmp-1651159796.2873318-309-269697597535418/AnsiballZ_env.py\", line 47, in invoke_module\\n    runpy.run_module(mod_name=\\'ansible_collections.cloudera.cloud.plugins.modules.env\\', init_globals=dict(_module_fqn=\\'ansible_collections.cloudera.cloud.plugins.modules.env\\', _modlib_path=modlib_path),\\n', '  File \"/usr/lib64/python3.9/runpy.py\", line 210, in run_module\\n    return _run_module_code(code, init_globals, run_name, mod_spec)\\n', '  File \"/usr/lib64/python3.9/runpy.py\", line 97, in _run_module_code\\n    _run_code(code, mod_globals, init_globals,\\n', '  File \"/usr/lib64/python3.9/runpy.py\", line 87, in _run_code\\n    exec(code, run_globals)\\n', '  File \"/tmp/ansible_cloudera.cloud.env_payload_vc180gq4/ansible_cloudera.cloud.env_payload.zip/ansible_collections/cloudera/cloud/plugins/modules/env.py\", line 1067, in <module>\\n', '  File \"/tmp/ansible_cloudera.cloud.env_payload_vc180gq4/ansible_cloudera.cloud.env_payload.zip/ansible_collections/cloudera/cloud/plugins/modules/env.py\", line 1057, in main\\n', '  File \"/tmp/ansible_cloudera.cloud.env_payload_vc180gq4/ansible_cloudera.cloud.env_payload.zip/ansible_collections/cloudera/cloud/plugins/modules/env.py\", line 679, in __init__\\n', '  File \"/tmp/ansible_cloudera.cloud.env_payload_vc180gq4/ansible_cloudera.cloud.env_payload.zip/ansible_collections/cloudera/cloud/plugins/module_utils/cdp_common.py\", line 42, in _impl\\n    result = f(self, *args, **kwargs)\\n', '  File \"/tmp/ansible_cloudera.cloud.env_payload_vc180gq4/ansible_cloudera.cloud.env_payload.zip/ansible_collections/cloudera/cloud/plugins/modules/env.py\", line 752, in process\\n', '  File \"/root/.local/lib/python3.9/site-packages/cdpy/environments.py\", line 102, in create_aws_environment\\n    resp = self.sdk.call(\\n', '  File \"/root/.local/lib/python3.9/site-packages/cdpy/common.py\", line 594, in call\\n    parsed_err = CdpError(err)\\n'], 'error_code': 'UNKNOWN', 'violations': 'An internal error has occurred. Retry your request, but if the problem persists, contact us with details by posting a message on the Cloudera Community forums.', 'message': 'Client request error', 'status_code': '500', 'rc': 1, 'service': 'environments', 'operation': 'createAWSEnvironment', 'request_id': '9379dd19-2189-4fa7-b756-46102518d473', 'sdk_out': '', 'sdk_out_lines': []}",
    "violations": "An internal error has occurred. Retry your request, but if the problem persists, contact us with details by posting a message on the Cloudera Community forums."
}

MSG:

Client request error

[wmudge]

Can you provide the output of the following:

• cdp --version
• ansible-galaxy collection list

[nmarian85]

@wmudge Here you go.

[root@4bdb03254bd9 ansible]# cdp --version
0.9.59 (BETA)
[root@4bdb03254bd9 ansible]# ansible-galaxy collection list

# /root/.local/lib/python3.9/site-packages/ansible_collections
Collection                    Version
----------------------------- -------
amazon.aws                    2.2.0
ansible.netcommon             2.6.1
ansible.posix                 1.3.0
ansible.utils                 2.5.2
ansible.windows               1.9.0
arista.eos                    3.1.0
awx.awx                       19.4.0
azure.azcollection            1.12.0
check_point.mgmt              2.3.0
chocolatey.chocolatey         1.2.0
cisco.aci                     2.2.0
cisco.asa                     2.1.0
cisco.intersight              1.0.18
cisco.ios                     2.8.1
cisco.iosxr                   2.9.0
cisco.ise                     1.2.1
cisco.meraki                  2.6.1
cisco.mso                     1.4.0
cisco.nso                     1.0.3
cisco.nxos                    2.9.1
cisco.ucs                     1.8.0
cloud.common                  2.1.0
cloudscale_ch.cloud           2.2.1
community.aws                 2.4.0
community.azure               1.1.0
community.ciscosmb            1.0.4
community.crypto              2.2.4
community.digitalocean        1.16.0
community.dns                 2.0.9
community.docker              2.3.0
community.fortios             1.0.0
community.general             4.7.0
community.google              1.0.0
community.grafana             1.3.3
community.hashi_vault         2.4.0
community.hrobot              1.2.3
community.kubernetes          2.0.1
community.kubevirt            1.0.0
community.libvirt             1.0.2
community.mongodb             1.3.3
community.mysql               2.3.5
community.network             3.1.0
community.okd                 2.1.0
community.postgresql          1.7.1
community.proxysql            1.3.1
community.rabbitmq            1.1.0
community.routeros            2.0.0
community.sap                 1.0.0
community.skydive             1.0.0
community.sops                1.2.1
community.vmware              1.18.0
community.windows             1.9.0
community.zabbix              1.5.1
containers.podman             1.9.3
cyberark.conjur               1.1.0
cyberark.pas                  1.0.13
dellemc.enterprise_sonic      1.1.0
dellemc.openmanage            4.4.0
dellemc.os10                  1.1.1
dellemc.os6                   1.0.7
dellemc.os9                   1.0.4
f5networks.f5_modules         1.15.0
fortinet.fortimanager         2.1.4
fortinet.fortios              2.1.4
frr.frr                       1.0.3
gluster.gluster               1.0.2
google.cloud                  1.0.2
hetzner.hcloud                1.6.0
hpe.nimble                    1.1.4
ibm.qradar                    1.0.3
infinidat.infinibox           1.3.3
infoblox.nios_modules         1.2.1
inspur.sm                     1.3.0
junipernetworks.junos         2.10.0
kubernetes.core               2.3.0
mellanox.onyx                 1.0.0
netapp.aws                    21.7.0
netapp.azure                  21.10.0
netapp.cloudmanager           21.15.0
netapp.elementsw              21.7.0
netapp.ontap                  21.17.3
netapp.storagegrid            21.10.0
netapp.um_info                21.8.0
netapp_eseries.santricity     1.3.0
netbox.netbox                 3.6.0
ngine_io.cloudstack           2.2.3
ngine_io.exoscale             1.0.0
ngine_io.vultr                1.1.1
openstack.cloud               1.7.2
openvswitch.openvswitch       2.1.0
ovirt.ovirt                   1.6.6
purestorage.flasharray        1.12.1
purestorage.flashblade        1.9.0
sensu.sensu_go                1.13.0
servicenow.servicenow         1.0.6
splunk.es                     1.0.2
t_systems_mms.icinga_director 1.28.0
theforeman.foreman            2.2.0
vyos.vyos                     2.8.0
wti.remote                    1.0.3

# /root/.ansible/collections/ansible_collections
Collection     Version
-------------- -------
cloudera.cloud 1.6.0

[root@4bdb03254bd9 ansible]# pip3 list -v | grep cdpy
cdpy               0.8.1     /root/.local/lib/python3.9/site-packages

[wmudge]

I have a hunch something has changed on the control plane -- can you try again with the following parameter to the env module:

cloudera.cloud.env:
  name: etcetc
  ...
  freeipa:
    instanceCountByGroup: 2     # Or 3 for HA

For example: https://github.com/cloudera-labs/cloudera.exe/blob/main/roles/platform/tasks/setup_aws_env.yml#L36-L37

[nmarian85]

@wmudge : you saved me :). Indeed, when specifying the instanceCountByGroup param.

How should we now proceed ? Should we try a PR to update the documentation and the code so that it will fail if freeipa param is not specified in the cloudera.cloud.env module ? Or do you think that the Control Plane schema could be adjusted ?

Was checking the CDP REST API documentation https://cloudera.github.io/cdp-dev-docs/api-docs/environments/index.html#_createawsenvironmentrequest and I guess that now the freeipa flag should be marked as mandatory in case .

[wmudge]

We have a ticket open with the endpoint owners, and I would like to wait for their answer before firing up the PRs. Once we hear back from them, I will look at issuing a hot fix if needed.

Thanks for reporting this bug!

[nmarian85]

No problem. Would happily contribute to the PR if needed. Many thanks again.