我正在尝试使用molecule
测试一个非常基本的角色。
(venv) [red@jumphost docker-ops]$ cat roles/fake_role/tasks/main.yml
---
# tasks file for fake_role
- name: fake_role | debug remote_tmp
debug:
msg: "remote_tmp is {{ remote_tmp | default('not_set') }}"
- name: who am i
shell:
cmd: whoami
register: whoami_output
- name: debug who am i
debug:
msg: "{{ whoami_output }}"
这是我的molecule.yml
:
(venv) [red@jumphost docker-ops]$ cat roles/fake_role/molecule/default/molecule.yml
---
dependency:
name: galaxy
driver:
name: docker
# platforms:
# - name: instance
platforms:
- name: instance
image: docker.io/pycontribs/centos:7
pre_build_image: true
privileged: true
volume mounts:
- "sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
provisioner:
name: ansible
verifier:
name: ansible
当我运行 ansible 版本时,我可以看到我的 ansible.cfg 是/etc/ansible/ansible.cfg
我设置了remote_tmp
in it.
(venv) [red@jumphost fake_role]$ ansible --version
/home/red/GIT/venv/lib64/python3.6/site-packages/ansible/parsing/vault/__init__.py:44: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography and will be removed in a future release.
from cryptography.exceptions import InvalidSignature
ansible [core 2.11.12]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/red/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/red/GIT/venv/lib64/python3.6/site-packages/ansible
ansible collection location = /home/red/.ansible/collections:/usr/share/ansible/collections
executable location = /home/russell.cecala/GIT/venv/bin/ansible
python version = 3.6.8 (default, Oct 19 2021, 05:14:06) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)]
jinja version = 3.0.3
libyaml = True
(venv) [red@ajumphost fake_role]$ grep remote_tmp /etc/ansible/ansible.cfg
#remote_tmp = ~/.ansible/tmp
remote_tmp = /tmp
当我跑...
(venv) [red@jumphost docker-ops]$ cd roles/fake_role/
(venv) [russell.cecala@jumphost fake_role]$ molecule test
...我得到这个输出...
... lots of output ...
PLAY [Converge] ****************************************************************
TASK [Include red.fake_role] *****************************************
/home/red/GIT/venv/lib64/python3.6/site-packages/ansible/parsing/vault/__init__.py:44: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography and will be removed in a future release.
from cryptography.exceptions import InvalidSignature
TASK [brightpattern.fake_role : fake_role | debug remote_tmp] ******************
ok: [instance] => {
"msg": "remote_tmp is not_set"
}
TASK [red.fake_role : who am i] **************************************
fatal: [instance]: UNREACHABLE! => {"changed": false, "msg": "Failed to create temporary directory.
In some cases, you may have been able to authenticate and did not have permissions on the
target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted
in \"/tmp\", for more error information use -vvv. Failed command was:
( umask 77 && mkdir -p \"` echo ~/.ansible/tmp `\"&& mkdir \"` echo ~/.ansible/tmp/ansible-tmp-1668100608.7567627-2234645-21513917172593 `\" && echo ansible-tmp-1668100608.7567627-2234645-21513917172593=\"` echo ~/.ansible/tmp/ansible-tmp-1668100608.7567627-2234645-21513917172593 `\" ), exited with result 1",
"unreachable": true}
PLAY RECAP *********************************************************************
instance : ok=1 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
... a lot more output ...
为什么没有将remote_tmp 设置为/tmp?
UPDATE:
这是我的新 molecular.yml:
(venv) [red@ap-jumphost fake_role]$ cat molecule/default/molecule.yml
---
dependency:
name: galaxy
driver:
name: docker
platforms:
- name: instance
image: docker.io/pycontribs/centos:7
pre_build_image: true
privileged: true
volume mounts:
- "sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
provisioner:
name: ansible
config_options:
defaults:
remote_tmp: /tmp
verifier:
name: ansible
但我仍然遇到同样的错误:
(venv) [red@ap-jumphost fake_role]$ molecule test
...
INFO Running default > prepare
WARNING Skipping, prepare playbook not configured.
INFO Running default > converge
[DEPRECATION WARNING]: Ansible will require Python 3.8 or newer on the
controller starting with Ansible 2.12. Current version: 3.6.8 (default, Oct 19
2021, 05:14:06) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)]. This feature will be
removed from ansible-core in version 2.12. Deprecation warnings can be disabled
by setting deprecation_warnings=False in ansible.cfg.
PLAY [Converge] ****************************************************************
TASK [Include red.fake_role] *****************************************
/home/red/GIT/venv/lib64/python3.6/site-packages/ansible/parsing/vault/__init__.py:44: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography and will be removed in a future release.
from cryptography.exceptions import InvalidSignature
TASK [red.fake_role : fake_role | debug remote_tmp] ******************
ok: [instance] => {
"msg": "remote_tmp is not_set"
}
TASK [red.fake_role : fake_role | debug ansible_remote_tmp] **********
ok: [instance] => {
"msg": "ansible_remote_tmp is not_set"
}
TASK [red.fake_role : who am i] **************************************
fatal: [instance]: UNREACHABLE! => {"changed": false, "msg": "Failed to create temporary directory.In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in \"/tmp\", for more error information use -vvv. Failed command was: ( umask 77 && mkdir -p \"` echo /tmp `\"&& mkdir \"` echo /tmp/ansible-tmp-1668192366.5684752-2515263-14400147623756 `\" && echo ansible-tmp-1668192366.5684752-2515263-14400147623756=\"` echo /tmp/ansible-tmp-1668192366.5684752-2515263-14400147623756 `\" ), exited with result 1", "unreachable": true}
PLAY RECAP *********************************************************************
instance : ok=2 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
WARNING Retrying execution failure 4 of: ansible-playbook --inventory /home/red/.cache/molecule/fake_role/default/inventory --skip-tags molecule-notest,notest /home/red/GIT/docker-ops/roles/fake_role/molecule/default/converge.yml
CRITICAL Ansible return code was 4, command was: ['ansible-playbook', '--inventory', '/home/red/.cache/molecule/fake_role/default/inventory', '--skip-tags', 'molecule-notest,notest', '/home/red/GIT/docker-ops/roles/fake_role/molecule/default/converge.yml']
更容易阅读错误消息:
fatal: [instance]: UNREACHABLE! =>
{"changed": false,
"msg": "Failed to create temporary directory.In some cases, you may have been able to
authenticate and did not have permissions on the target directory. Consider
changing the remote tmp path in ansible.cfg to a path rooted in \"/tmp\",
for more error information use -vvv.
Failed command was: ( umask 77 && mkdir -p \"` echo /tmp `\"&& mkdir \"` echo /tmp/ansible-tmp-1668192366.5684752-2515263-14400147623756 `\" && echo ansible-tmp-1668192366.5684752-2515263-14400147623756=\"` echo /tmp/ansible-tmp-1668192366.5684752-2515263-14400147623756 `\" ), exited with result 1", "unreachable": true}
我确实注意到
~/.cache/molecule/fake_role/default/ansible.cfg 文件确实设置了remote_tmp。
[defaults]
ansible_managed = Ansible managed: Do NOT edit this file manually!
display_failed_stderr = True
forks = 50
retry_files_enabled = False
host_key_checking = False
nocows = 1
interpreter_python = auto_silent
remote_tmp = /tmp
[ssh_connection]
scp_if_ssh = True
control_path = %(directory)s/%%h-%%p-%%r