Closed acdoussan closed 1 year ago
acdoussan
commented
1 year ago Looking more at this, think this might be an issue specific to Amazon Linux. It is RHEL based with yum but I am running AL2 and I imagine this thinks 2 is the RHEL release, when its just the Amazon Linux version. I assumed EPEL could be used here but maybe this is ill advised? Will need to dig a bit deeper.
acdoussan
commented
1 year ago output from cat /etc/os-release
NAME="Amazon Linux"
VERSION="2"
ID="amzn"
ID_LIKE="centos rhel fedora"
VERSION_ID="2"
PRETTY_NAME="Amazon Linux 2"
ANSI_COLOR="0;33"
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2:-:internal"
HOME_URL="https://amazonlinux.com/"
VARIANT="internal"Looks like epel is recommended to be installed differently for AL2
sudo amazon-linux-extras install epel -yhttps://aws.amazon.com/premiumsupport/knowledge-center/ec2-enable-epel/
Any interest in a PR adding support for AL2? Just need some rough guidance on how you'd like to achieve that if so. Probably just guards on the main tasks, or maybe separate task files, one for AL2 and one for everyone else?
acdoussan
commented
1 year ago also see recommendations to use rhel 7
https://sysadminxpert.com/install-epel-repository-on-linux/#EPEL_Repository_for_Amazon_Linux
On my AL2 machine, epel is missing from amazon-linux-extras, might be better to take this approach
$ sudo amazon-linux-extras install epel -y
Topic epel is not found.Have done some more tinkering, I now have:
- name: gather os specific variables
include_vars: "{{ item }}"
with_first_found:
- "os_vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version}}.yml"
- "os_vars/{{ ansible_distribution }}.yml"
tags: ["always"]as a pretask, and I made a file in os_vars/Amazon-2.yml that contains:
epel_repo_url: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm"
epel_repo_gpg_key_url: "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7"
and then I import the role as:
- name: enable epel on RHEL systems
import_role:
name: geerlingguy.repo-epel
become: yes
when: configure_epel and ansible_os_family == "RedHat"
tags: ["epel"]However, this gives me the following error:
TASK [geerlingguy.repo-epel : Check if EPEL repo is already configured.] *************************************************************************************************************************************************************
fatal: [127.0.0.1]: FAILED! => changed=false
module_stderr: ''
module_stdout: ''
msg: |-
MODULE FAILURE
See stdout/stderr for the exact error
rc: 1If i run the role with become: no I get the following error:
TASK [geerlingguy.repo-epel : Import EPEL GPG key.] *************************************************************************************************************************************************************************************
fatal: [127.0.0.1]: FAILED! => changed=false
attempts: 5
msg: |-
error: cannot open Packages index using db5 - Permission denied (13)
error: cannot open Packages database in /var/lib/rpm
error: /tmp/tmpDJkiX8: key 1 import failed.Interesting note is that the stat succeeds with become: no, but not with become: yes
acdoussan
commented
1 year ago The module failure stuff when using become is due to locked down sudo permissions, ended up having to set ANSIBLE_EXECUTABLE, and it appears that after doing that, the role ran successfully.
With that fixed, that just leaves configuring the role to use the right EPEL URL for AL2.
stale[bot]
commented
1 year ago This issue has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution!
Please read this blog post to see the reasons why I mark issues as stale.
github-actions[bot]
commented
1 year ago This issue has been closed due to inactivity. If you feel this is in error, please reopen the issue or file a new issue with the relevant details.
Recently added this to a project, appears the default config may no longer be valid? I get the following error:
Looking at https://dl.fedoraproject.org/pub/epel/ it appears there is a GPG key for 4-7, but nothing for 1-3.