Run CLI install - doesn't succeed but times out looking for license key

[kassi]

Description

I included the role in my workbook - for debugging it's actually the only role included. I provided all information necessary as environment variables.

When I run the playbook, it stalls at the "Run CLI install" level and eventually times out with an error message.

I set verbosity to debug and can watch the /tmp/newrelic-cli-debug.log. It basically writes the same line every 10 seconds.

level=debug msg="could not load string value for key region, returning zero value: no value found at path *.region"
level=debug msg="segment tracked InstallStarted"
level=debug msg="performing request"
level=debug msg="performing request"
level=debug msg="performing request"
...
level=debug msg="segment tracked UnableToFetchLicenseKey"
level=fatal msg="could not fetch license key for account 374502:, license key:  403 response returned"

The command being run is

/usr/local/bin/newrelic install -y -n infrastructure-agent-installer,nginx-open-source-integration,apache-open-source-integration,mysql-open-source-integration,php-agent-installer --debug --tag nr_deployed_by:ansible-install 2>&1 | tee /tmp/newrelic-cli-debug.log

Interestingly when I provide the exact same values as env vars to the command directly and enter it in a shell on the server (as root), it immediately uses the license key provided and starts the installation. This finally fails though for 4 our of 6 services.

I also checked that the values in the environment are all set correctly (replacing the actual output in the role with an env statement). I also put single quotes around my license key since it starts with a digit, but that didn't change anything.

  ⊘  Apache Integration  (unsupported)
  ✔  Infrastructure Agent  (installed)
  ✔  Logs Integration  (installed)
  ⊘  NGINX Integration  (unsupported)
  ⊘  MySQL Integration  (unsupported)
  ⊘  PHP Agent  (unsupported)

which however is a different issue.

Steps to Reproduce

Have a playbook

- name: Provision Virtual Server
  hosts: all
  gather_facts: yes
  remote_user: root

  roles:
    - role: newrelic.newrelic_install
      vars:
        verbosity: debug
        targets:
          - infrastructure
          - nginx
          - apache
          - mysql
          - apm-php
  environment:
    NEW_RELIC_API_KEY: "{{ new_relic_api_key }}"
    NEW_RELIC_ACCOUNT_ID: "{{ new_relic_account_id }}"
    NEW_RELIC_REGION: "EU"
    NEW_RELIC_LICENSE_KEY: "{{ new_relic_license_key_installer }}"
    NEW_RELIC_APACHE_STATUS_URL: http://127.0.0.1:7080/server-status?auto
    NEW_RELIC_MYSQL_USERNAME: "{{ new_relic_mysql_username }}"
    NEW_RELIC_MYSQL_PASSWORD: "{{ new_relic_mysql_password }}"
    NEW_RELIC_MYSQL_ROOT_PASSWORD: "{{ new_relic_mysql_root_password }}"

with valid values for the environment variables taken from my account and run it.

Watch output as well as debug log written to /tmp/newrelic-cli-debug.log on the server being provisioned.

Expected Behavior

• The provided LICENSE_KEY from the environment in the playbook should be taken.
• debug log should show the same output as when run on the command line.
• installation should finish without errors.

Relevant Logs / Console output

Your Environment

Ansible host: MacOS Ventura 13.5 Ansible: ansible [core 2.15.2]

Host: Linux, Ubuntu 22.04.2 LTS Apache/2.4.52 nginx version: nginx/1.24.0 mysql Ver 15.1 Distrib 10.6.12-MariaDB

Additional context

[amolero-nr]

Hi @kassi! Thank you for your detailed report! We'll review soon.

[rthorn-nr]

Hi @kassi , thank you for reaching out and for including all of these details.

It looks like the account ID noted is in the US datacenter. The 403 from fetching the license key is likely related to the region associated with your account. Please try running the install with NEW_RELIC_REGION: "US" (or omitting it as US is the default) and let us know how it goes.

Also, we recommend setting region, account ID, and API (user) key. The New Relic CLI will find your license key as long as those other three variables are correct, so it is optional (and not documented in this repo) to pass the license key through to the CLI, and you may want to omit it if that supports your use case and makes this easier to debug.

[kassi]

Hi @rthorn-nr. That's an interesting take. I used to set all variables on the command line except the REGION - with region set to EU it's behaving the same. ~~However, when unset it in the ansible role or even explicitly set it to US, it still behaves the same, i.e. not installing but finally returns a "could not fetch license key for account 374502:, license key: 401 response returned: Invalid credentials provided. Missing API key or an invalid API key was provided.". This is even more weird since it used to work on the command line without region (tested it again).~~

My fault. I tested a lot and put single quotes around the API key, which made it invalid.

[kassi]

Do you know whether it's possible to change the account region? When I opened it some year ago I wasn't able to select a region.

[rthorn-nr]

Hi @kassi , unfortunately it's not possible to migrate your account to the EU datacenter.

Glad to hear that you're up and running!

[kassi]

Alright, thanks a lot.