search

osism / issues

This repository is used for bug reports that are cross-project or not bound to a specific repository (or to an unknown repository).
https://www.osism.tech
1 stars 1 forks source link

issues while bootstrapping manager node - Creation of the operator user #700

Closed yeoldegrove closed 11 months ago

yeoldegrove commented 11 months ago

I followed the documentation here ...

... to get started using OSISM.

user5@ceph-osism-jumphost:~$ docker run --rm -v $(pwd)/output:/output -it quay.io/osism/cookiecutter
  [1/19] with_ceph (1):
  [2/19] ceph_network_backend (192.168.80.0/20): 10.6.0.0/16
  [3/19] ceph_network_frontend (192.168.64.0/20): 10.6.0.0/16
  [4/19] ceph_version (quincy):
  [5/19] domain (osism.xyz): user5.local
  [6/19] fqdn_external (api.osism.xyz): api.user5.local
  [7/19] fqdn_internal (api-int.osism.xyz): api-int.user5.local
  [8/19] git_host (github.com):
  [9/19] git_port (22):
  [10/19] git_repository (osism/cfg-cookiecutter):
  [11/19] git_username (git):
  [12/19] git_version (main):
  [13/19] ip_external (192.168.96.9): 10.6.2.97
  [14/19] ip_internal (192.168.32.9): 10.6.2.97
  [15/19] manager_version (latest):
  [16/19] name_server (149.112.112.112):
  [17/19] ntp_server (de.pool.ntp.org):
  [18/19] openstack_version (2023.1):
  [19/19] project_name (configuration):
osism.cfg-generics:
  - cloning osism.cfg-generics to /root/.gilt/clone/github.com/osism.cfg-generics
  - copied (main) /root/.gilt/clone/github.com/osism.cfg-generics/gilt.yml to /output/configuration/./gilt.yml
osism.cfg-generics:
  - copied (main) /root/.gilt/clone/github.com/osism.cfg-generics/src/render-images.py to /output/configuration/./environments/manager/render-images.py
  - copied (main) /root/.gilt/clone/github.com/osism.cfg-generics/gilt.yml to /output/configuration/./gilt.yml
  - copied (main) /root/.gilt/clone/github.com/osism.cfg-generics/requirements.txt to /output/configuration/./requirements.txt
  - copied (main) /root/.gilt/clone/github.com/osism.cfg-generics/environments/manager/images.yml to /output/configuration/environments/manager/images.yml
  - copied (main) /root/.gilt/clone/github.com/osism.cfg-generics/environments/manager/run.sh to /output/configuration/environments/manager/run.sh
  - copied (main) /root/.gilt/clone/github.com/osism.cfg-generics/environments/manager/ansible.cfg to /output/configuration/environments/manager/ansible.cfg
  - copied (main) /root/.gilt/clone/github.com/osism.cfg-generics/environments/manager/requirements.txt to /output/configuration/environments/manager/
  - running `python3 render-images.py` in /output/configuration/environments/manager/
  - running `rm render-images.py` in /output/configuration/environments/manager/
Generating public/private rsa key pair.
Your identification has been saved in secrets/id_rsa.operator
Your public key has been saved in secrets/id_rsa.operator.pub
The key fingerprint is:
SHA256:n2gIbilJ3oGRf6AjpUg3wBFKeKOlqp3cjcP+v+FC7Ck
The key's randomart image is:
+---[RSA 4096]----+
|o=o              |
|+.=.             |
|.*++.            |
|=o.=..           |
|= = +.. S        |
|.+ = =o. o .     |
|.o++==..+ o      |
|. +oE =o .       |
|   ..+.o+.       |
+----[SHA256]-----+
Generating public/private rsa key pair.
Your identification has been saved in secrets/id_rsa.configuration
Your public key has been saved in secrets/id_rsa.configuration.pub
The key fingerprint is:
SHA256:/mjwYfPwkLayovLW4gipe9ZnGTgmovxGkBzJauCFAvY
The key's randomart image is:
+---[RSA 4096]----+
|+.o              |
|+=..             |
|* +E             |
|.*               |
|. .  .  S.       |
|....+ o.O        |
|=..= . B.O       |
|=o=.+ = +oo      |
|+O*+ +.+. .      |
+----[SHA256]-----+
Encryption successful
Encryption successful
Encryption successful
Encryption successful
Encryption successful
Encryption successful
Encryption successful
Encryption successful
Encryption successful

Many files are not readable for my user, e.g. secrets. They are owned by root.

user5@ceph-osism-jumphost:~$ sudo chown -R user5 output

Some roles are missing.

user5@ceph-osism-jumphost:~$ cd output/configuration/environments/manager/
user5@ceph-osism-jumphost:~/output/configuration/environments/manager$ export ANSIBLE_ASK_VAULT_PASS=True
user5@ceph-osism-jumphost:~/output/configuration/environments/manager$ ANSIBLE_USER=osism ./run.sh operator
created virtual environment CPython3.9.2.final.0-64 in 98ms
  creator CPython3Posix(dest=/home/user5/output/configuration/environments/manager/.venv, clear=False, no_vcs_ignore=False, global=False)
  seeder FromAppData(download=False, pip=bundle, setuptools=bundle, wheel=bundle, via=copy, app_data_dir=/home/user5/.local/share/virtualenv)
    added seed packages: pip==20.3.4, pkg_resources==0.0.0, setuptools==44.1.1, wheel==0.34.2
  activators BashActivator,CShellActivator,FishActivator,PowerShellActivator,PythonActivator,XonshActivator
Collecting ansible-pylibssh==1.1.0
  Using cached ansible_pylibssh-1.1.0-cp39-cp39-manylinux_2_24_x86_64.whl (2.3 MB)
Collecting ansible==8.4.0
  Using cached ansible-8.4.0-py3-none-any.whl (47.4 MB)
Collecting debops==3.0.5
  Using cached debops-3.0.5-py2.py3-none-any.whl (4.2 MB)
Collecting netaddr==0.9.0
  Using cached netaddr-0.9.0-py3-none-any.whl (2.2 MB)
Collecting paramiko==3.3.1
  Using cached paramiko-3.3.1-py3-none-any.whl (224 kB)
Collecting ansible-core~=2.15.4
  Using cached ansible_core-2.15.4-py3-none-any.whl (2.2 MB)
Collecting python-dotenv
  Using cached python_dotenv-1.0.0-py3-none-any.whl (19 kB)
Collecting future
  Using cached future-0.18.3-py3-none-any.whl
Collecting distro
  Using cached distro-1.8.0-py3-none-any.whl (20 kB)
Collecting pyxdg
  Using cached pyxdg-0.28-py2.py3-none-any.whl (49 kB)
Collecting pyyaml
  Using cached PyYAML-6.0.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (738 kB)
Collecting jinja2
  Using cached Jinja2-3.1.2-py3-none-any.whl (133 kB)
Collecting toml
  Using cached toml-0.10.2-py2.py3-none-any.whl (16 kB)
Collecting cryptography>=3.3
  Using cached cryptography-41.0.4-cp37-abi3-manylinux_2_28_x86_64.whl (4.4 MB)
Collecting pynacl>=1.5
  Using cached PyNaCl-1.5.0-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl (856 kB)
Collecting bcrypt>=3.2
  Using cached bcrypt-4.0.1-cp36-abi3-manylinux_2_28_x86_64.whl (593 kB)
Collecting resolvelib<1.1.0,>=0.5.3
  Using cached resolvelib-1.0.1-py2.py3-none-any.whl (17 kB)
Collecting packaging
  Using cached packaging-23.2-py3-none-any.whl (53 kB)
Collecting importlib-resources<5.1,>=5.0
  Using cached importlib_resources-5.0.7-py3-none-any.whl (24 kB)
Collecting cffi>=1.12
  Using cached cffi-1.16.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (443 kB)
Collecting pycparser
  Using cached pycparser-2.21-py2.py3-none-any.whl (118 kB)
Collecting MarkupSafe>=2.0
  Using cached MarkupSafe-2.1.3-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (25 kB)
Installing collected packages: pycparser, MarkupSafe, cffi, resolvelib, pyyaml, packaging, jinja2, importlib-resources, cryptography, toml, pyxdg, python-dotenv, pynacl, future, distro, bcrypt, ansible-core, paramiko, netaddr, debops, ansible-pylibssh, ansible
Successfully installed MarkupSafe-2.1.3 ansible-8.4.0 ansible-core-2.15.4 ansible-pylibssh-1.1.0 bcrypt-4.0.1 cffi-1.16.0 cryptography-41.0.4 debops-3.0.5 distro-1.8.0 future-0.18.3 importlib-resources-5.0.7 jinja2-3.1.2 netaddr-0.9.0 packaging-23.2 paramiko-3.3.1 pycparser-2.21 pynacl-1.5.0 python-dotenv-1.0.0 pyxdg-0.28 pyyaml-6.0.1 resolvelib-1.0.1 toml-0.10.2
Cloning into '/home/user5/.ansible/tmp/ansible-local-66618962b7s0t/tmpo59q9knp/ansible-collection-servicesi1m11u07'...
remote: Enumerating objects: 10269, done.
remote: Counting objects: 100% (1681/1681), done.
remote: Compressing objects: 100% (663/663), done.
remote: Total 10269 (delta 1030), reused 1444 (delta 868), pack-reused 8588
Receiving objects: 100% (10269/10269), 4.95 MiB | 15.70 MiB/s, done.
Resolving deltas: 100% (6406/6406), done.
Already on 'main'
Your branch is up to date with 'origin/main'.
Starting galaxy collection install process
Process install dependency map
Starting collection install process
Installing 'osism.services:999.0.0' to '/home/user5/.ansible/collections/ansible_collections/osism/services'
ERROR! Unexpected Exception, this is probably a bug: [Errno 13] Permission denied: 'manager-remove-osism-mirror-e621c82c1d666cbf.yaml'
to see the full traceback, use -vvv
Cloning into '/home/user5/.ansible/tmp/ansible-local-66634fs2_eokp/tmp_2_hns1r/ansible-playbooks-managervuwa8pb3'...
remote: Enumerating objects: 160, done.
remote: Counting objects: 100% (58/58), done.
remote: Compressing objects: 100% (38/38), done.
remote: Total 160 (delta 30), reused 26 (delta 18), pack-reused 102
Receiving objects: 100% (160/160), 36.42 KiB | 1.07 MiB/s, done.
Resolving deltas: 100% (80/80), done.
Already on 'main'
Your branch is up to date with 'origin/main'.
Starting galaxy collection install process
Process install dependency map
Starting collection install process
Installing 'osism.manager:999.0.0' to '/home/user5/.ansible/collections/ansible_collections/osism/manager'
ERROR! Unexpected Exception, this is probably a bug: [Errno 13] Permission denied: 'MANIFEST.json'
to see the full traceback, use -vvv
Vault password:

PLAY [Create local ssh private key file] *********************************************************************************************************************************

TASK [Create id_operator.rsa file] ***************************************************************************************************************************************
changed: [localhost]

PLAY RECAP ***************************************************************************************************************************************************************
localhost                  : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Vault password:
ERROR! the role 'osism.commons.operator' was not found in osism.manager:ansible.legacy:/home/user5/.ansible/collections/ansible_collections/osism/manager/playbooks/roles:/home/user5/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:/home/user5/.ansible/collections/ansible_collections/osism/manager/playbooks

The error appears to be in '/home/user5/.ansible/collections/ansible_collections/osism/manager/playbooks/operator.yml': line 23, column 7, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

  roles:
    - role: osism.commons.operator
      ^ here

Am I doing something wrong or is something broken?

berendt commented 11 months ago

You have to transfer what you have generated with the Cookiecutter into a Git repository.

berendt commented 11 months ago

The permissions are probably because of the container image. I will add this to the docs that we have to change the permissions after we run cookiecutter inside the container.