Closed kasadasi closed 3 years ago
@kasadasi We'd recommend upgrading to the latest oci ansible collection and oci sdk versions.
To get more insights into the issue, can you provide us the logs by running the playbook with
-vvv
to get more detailed logging.
@rohnigam
Thanks for your quick response.
I did tested the same with latest collection module and sdk, still facing the same issue.
Please find the logs which I ran -vvv.
[root@localhost vm_mgmt]# ansible-playbook cloudgurad.yml --limit OMCSMAU-IAM -vvv /usr/lib/python2.7/site-packages/ansible/parsing/vault/init.py:44: CryptographyDeprecationWarning: Python 2 is no longer supported by the Python core team. Support for it is now deprecated in cryptography, and will be removed in a future release. from cryptography.exceptions import InvalidSignature ansible-playbook 2.10.6 config file = /srv/vm_mgmt/ansible.cfg configured module search path = [u'/root/.ansible/roles/oracle.oci_ansible_modules/library', u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /bin/ansible-playbook python version = 2.7.5 (default, Nov 13 2020, 02:52:00) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44.0.3)] Using /srv/vm_mgmt/ansible.cfg as config file host_list declined parsing /srv/vm_mgmt/inventory/aucalva01 as it did not pass its verify_file() method script declined parsing /srv/vm_mgmt/inventory/aucalva01 as it did not pass its verify_file() method auto declined parsing /srv/vm_mgmt/inventory/aucalva01 as it did not pass its verify_file() method Parsed /srv/vm_mgmt/inventory/aucalva01 inventory source with ini plugin host_list declined parsing /srv/vm_mgmt/inventory/auchban01 as it did not pass its verify_file() method script declined parsing /srv/vm_mgmt/inventory/auchban01 as it did not pass its verify_file() method auto declined parsing /srv/vm_mgmt/inventory/auchban01 as it did not pass its verify_file() method Parsed /srv/vm_mgmt/inventory/auchban01 inventory source with ini plugin host_list declined parsing /srv/vm_mgmt/inventory/aucpayc01 as it did not pass its verify_file() method script declined parsing /srv/vm_mgmt/inventory/aucpayc01 as it did not pass its verify_file() method auto declined parsing /srv/vm_mgmt/inventory/aucpayc01 as it did not pass its verify_file() method Parsed /srv/vm_mgmt/inventory/aucpayc01 inventory source with ini plugin host_list declined parsing /srv/vm_mgmt/inventory/aucuhca01 as it did not pass its verify_file() method script declined parsing /srv/vm_mgmt/inventory/aucuhca01 as it did not pass its verify_file() method auto declined parsing /srv/vm_mgmt/inventory/aucuhca01 as it did not pass its verify_file() method Parsed /srv/vm_mgmt/inventory/aucuhca01 inventory source with ini plugin host_list declined parsing /srv/vm_mgmt/inventory/bkp_aucuhca01 as it did not pass its verify_file() method script declined parsing /srv/vm_mgmt/inventory/bkp_aucuhca01 as it did not pass its verify_file() method auto declined parsing /srv/vm_mgmt/inventory/bkp_aucuhca01 as it did not pass its verify_file() method Parsed /srv/vm_mgmt/inventory/bkp_aucuhca01 inventory source with ini plugin host_list declined parsing /srv/vm_mgmt/inventory/bkp_aucuhca01_nonrfc1918 as it did not pass its verify_file() method script declined parsing /srv/vm_mgmt/inventory/bkp_aucuhca01_nonrfc1918 as it did not pass its verify_file() method auto declined parsing /srv/vm_mgmt/inventory/bkp_aucuhca01_nonrfc1918 as it did not pass its verify_file() method Parsed /srv/vm_mgmt/inventory/bkp_aucuhca01_nonrfc1918 inventory source with ini plugin host_list declined parsing /srv/vm_mgmt/inventory/omcsmau as it did not pass its verify_file() method script declined parsing /srv/vm_mgmt/inventory/omcsmau as it did not pass its verify_file() method auto declined parsing /srv/vm_mgmt/inventory/omcsmau as it did not pass its verify_file() method Parsed /srv/vm_mgmt/inventory/omcsmau inventory source with ini plugin redirecting (type: callback) ansible.builtin.profile_tasks to ansible.posix.profile_tasks Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: cloudgurad.yml ** 1 plays in cloudgurad.yml [WARNING]: Could not match supplied host pattern, ignoring: occs
PLAY [!occs:*-IAM] **** META: ran handlers
TASK [oci_collection_authenticate : What is my number] **** task path: /srv/vm_mgmt/roles/oci_collection_authenticate/tasks/main.yml:3 Monday 15 March 2021 13:10:44 +0000 (0:00:00.034) 0:00:00.034 **
Thanks @kasadasi for sharing the logs.
I suspect that the Null value is coming from the api itself, and ansible may not be responsible for this,
Can you check getting the configuration via cli once, and share the result with us ?
@rohnigam
Please find result from cli
[root@localhost vm_mgmt]# oci cloud-guard configuration get --compartment-id ocid1.tenancy.oc1..aaaaaaaa7meajoxwl2eovwukpx2tq2zibxf7mdsjimf4qgbq6uba6g4qfafa --profile aucpaap01_iad --config-file /home/vagrant/.oci/config /usr/lib/python2.7/site-packages/oci/_vendor/httpsig_cffi/sign.py:10: CryptographyDeprecationWarning: Python 2 is no longer supported by the Python core team. Support for it is now deprecated in cryptography, and will be removed in a future release. from cryptography.hazmat.backends import default_backend # noqa: F401 /usr/lib/python2.7/site-packages/arrow/arrow.py:28: DeprecationWarning: Arrow will drop support for Python 2.7 and 3.5 in the upcoming v1.0.0 release. Please upgrade to Python 3.6+ to continue receiving updates for Arrow. DeprecationWarning, { "data": { "reporting-region": null, "self-manage-resources": null, "status": "DISABLED" }, "etag": "ace392ae3836c863b580f24eaeb349879cdc454c4c87b8fa9cb6e919a95e0f9b" } [root@localhost vm_mgmt]#
Thanks @kasadasi for sharing the output.
As I had suspected before, the Null is originating from the service itself, that's why ansible is responding with None.
You may have to check with the service team, why is it returning Null.
Closing this ticket since the issue is not specific to OCI Ansible
Issue Report Describe the issue
While trying to enable cloud_gaurd getting following error.
fatal: [OMCSMAU-IAM]: FAILED! => {"changed": false, "msg": "Updating resource failed with exception: Cloud Guard does not support the selected reporting region : None"}
I have noticed that the cloud_guard facts returned null value when gathered from the tenancy.
TASK [oci_collection_enable_cloud_guard : debug] ** Monday 15 March 2021 11:28:35 +0000 (0:00:04.570) 0:00:18.594 ** ok: [OMCSMAU-IAM] => { "msg": { "changed": false, "configuration": { "reporting_region": null, "self_manage_resources": null, "status": "DISABLED" }, "failed": false } }
Expected behavior
The playbook will enable the cloud guard service if it is disabled .
Environment
OS version: Oracle Linux Server release 7.9
Ansible version:
ansible 2.9.9 config file = /root/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /root/.local/lib/python2.7/site-packages/ansible executable location = /root/bin/ansible python version = 2.7.5 (default, Nov 13 2020, 02:52:00) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44.0.3)]
OCI Python SDK version:
2.23.5
OCI Ansible Modules version:
oci==2.23.5 oci-cli==2.10.4
Ansible playbook to reproduce the issue
tasks file for oci_collection_enable_cloud_guard