Closed
Description
SUMMARY
Using podman connection plugin with ansible - it fails to run and reports permission denied error:
PermissionError: [Errno 13] Permission denied: b'/root/.ansible/tmp/ansible-tmp-1560332641.0692234-230169342520221/AnsiballZ_setup.py'
On Fedora29 podman can't mount rootless containers, it fails with error: Error: cannot mount using driver overlay in rootless mode
In the plugin the error isn't handled and mount point is empty, which causes copying ansible temporary files to /root/.ansible/tmp on the localhost, not to container itself. It should support direct copy of files using "podman cp" without mount if it's not available on the current system. (Also may need support for root containers, but it's a different story)
Also podman plugin should fail on errors when copying files or encounter any other problem, not continue to work silently.
ISSUE TYPE
- Bug Report
COMPONENT NAME
ansible-podman
ANSIBLE VERSION
ansible 2.9.0.dev0
config file = /home/sshnaidm/.ansible.cfg
configured module search path = ['/home/sshnaidm/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/sshnaidm/venvs/molecule-dev/lib/python3.7/site-packages/ansible
executable location = /home/sshnaidm/venvs/molecule-dev/bin/ansible
python version = 3.7.3 (default, May 11 2019, 00:45:16) [GCC 8.3.1 20190223 (Red Hat 8.3.1-2)]
CONFIGURATION
DEFAULT_CALLBACK_PLUGIN_PATH(/home/sshnaidm/.ansible.cfg) = ['/home/sshnaidm/ansible_plugins']
DEFAULT_CALLBACK_WHITELIST(/home/sshnaidm/.ansible.cfg) = ['profile_tasks']
DEFAULT_HASH_BEHAVIOUR(/home/sshnaidm/.ansible.cfg) = merge
DEFAULT_LOG_PATH(/home/sshnaidm/.ansible.cfg) = /home/sshnaidm/ansible_logs
DEFAULT_STDOUT_CALLBACK(/home/sshnaidm/.ansible.cfg) = debug
HOST_KEY_CHECKING(/home/sshnaidm/.ansible.cfg) = False
OS / ENVIRONMENT
Fedora release 29 (Twenty Nine)
Linux h 5.0.17-200.fc29.x86_64 #1 SMP Mon May 20 15:39:10 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
STEPS TO REPRODUCE
start container:
podman run -d --name testc --rm python:3.6 sleep 1dplaybook file:
- hosts: testc
connection: podman
tasks:
- name: Install it
package:
name: vim
state: latestinventory file:
testc ansible_host=testc ansible_connection=podman
command to run:
ansible-playbook -v /tmp/pod.yaml -i inventoryEXPECTED RESULTS
Ansible connects to running testc container and install there vim.
ACTUAL RESULTS
ansible-playbook 2.9.0.dev0
config file = /home/sshnaidm/.ansible.cfg
configured module search path = ['/home/sshnaidm/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/sshnaidm/venvs/molecule-dev/lib/python3.7/site-packages/ansible
executable location = /home/sshnaidm/venvs/molecule-dev/bin/ansible-playbook
python version = 3.7.3 (default, May 11 2019, 00:45:16) [GCC 8.3.1 20190223 (Red Hat 8.3.1-2)]
Using /home/sshnaidm/.ansible.cfg as config file
setting up inventory plugins
host_list declined parsing /tmp/test-inv as it did not pass its verify_file() method
script declined parsing /tmp/test-inv as it did not pass its verify_file() method
auto declined parsing /tmp/test-inv as it did not pass its verify_file() method
Parsed /tmp/test-inv inventory source with ini plugin
Loading callback plugin debug of type stdout, v2.0 from /home/sshnaidm/venvs/molecule-dev/lib/python3.7/site-packages/ansible/plugins/callback/debug.py
Loading callback plugin profile_tasks of type aggregate, v2.0 from /home/sshnaidm/venvs/molecule-dev/lib/python3.7/site-packages/ansible/plugins/callback/profile_tasks.py
PLAYBOOK: pod.yaml ************************************************************************************************************************************************************************************************
Positional arguments: /tmp/pod.yaml
verbosity: 4
connection: smart
timeout: 10
become_method: sudo
tags: ('all',)
inventory: ('/tmp/test-inv',)
forks: 5
1 plays in /tmp/pod.yaml
PLAY [testc] ******************************************************************************************************************************************************************************************************
TASK [Gathering Facts] ********************************************************************************************************************************************************************************************
task path: /tmp/pod.yaml:1
Wednesday 12 June 2019 12:44:01 +0300 (0:00:00.027) 0:00:00.027 ********
<testc> RUN [b'podman', b'mount', b'testc']
<testc> RUN [b'podman', b'exec', b'testc', b'/bin/sh', b'-c', b'echo ~ && sleep 0']
<testc> RUN [b'podman', b'exec', b'testc', b'/bin/sh', b'-c', b'( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1560332641.0692234-230169342520221 `" && echo ansible-tmp-1560332641.0692234-230169342520221="` echo /root/.ansible/tmp/ansible-tmp-1560332641.0692234-230169342520221 `" ) && sleep 0']
<testc> Attempting python interpreter discovery
<testc> RUN [b'podman', b'exec', b'testc', b'/bin/sh', b'-c', b"echo PLATFORM; uname; echo FOUND; command -v '/usr/bin/python'; command -v 'python3.7'; command -v 'python3.6'; command -v 'python3.5'; command -v 'python2.7'; command -v 'python2.6'; command -v '/usr/libexec/platform-python'; command -v '/usr/bin/python3'; command -v 'python'; echo ENDFOUND && sleep 0"]
<testc> Python interpreter discovery fallback (pipelining support required for extended interpreter discovery)
Using module file /home/sshnaidm/venvs/molecule-dev/lib/python3.7/site-packages/ansible/modules/system/setup.py
<testc> PUT /home/sshnaidm/.ansible/tmp/ansible-local-8288hqjec7rg/tmp9io85ha4 TO /root/.ansible/tmp/ansible-tmp-1560332641.0692234-230169342520221/AnsiballZ_setup.py
The full traceback is:
Traceback (most recent call last):
File "/home/sshnaidm/venvs/molecule-dev/lib/python3.7/site-packages/ansible/executor/task_executor.py", line 145, in run
res = self._execute()
File "/home/sshnaidm/venvs/molecule-dev/lib/python3.7/site-packages/ansible/executor/task_executor.py", line 635, in _execute
result = self._handler.run(task_vars=variables)
File "/home/sshnaidm/venvs/molecule-dev/lib/python3.7/site-packages/ansible/plugins/action/gather_facts.py", line 70, in run
res = self._execute_module(module_name=fact_module, module_args=mod_args, task_vars=task_vars, wrap_async=False)
File "/home/sshnaidm/venvs/molecule-dev/lib/python3.7/site-packages/ansible/plugins/action/__init__.py", line 836, in _execute_module
self._transfer_data(remote_module_path, module_data)
File "/home/sshnaidm/venvs/molecule-dev/lib/python3.7/site-packages/ansible/plugins/action/__init__.py", line 447, in _transfer_data
self._transfer_file(afile, remote_path)
File "/home/sshnaidm/venvs/molecule-dev/lib/python3.7/site-packages/ansible/plugins/action/__init__.py", line 424, in _transfer_file
self._connection.put_file(local_path, remote_path)
File "/home/sshnaidm/venvs/molecule-dev/lib/python3.7/site-packages/ansible/plugins/connection/podman.py", line 128, in put_file
to_bytes(real_out_path, errors='surrogate_or_strict')
File "/home/sshnaidm/venvs/molecule-dev/lib64/python3.7/shutil.py", line 121, in copyfile
with open(dst, 'wb') as fdst:
PermissionError: [Errno 13] Permission denied: b'/root/.ansible/tmp/ansible-tmp-1560332641.0692234-230169342520221/AnsiballZ_setup.py'
fatal: [testc]: FAILED! => {}
MSG:
Unexpected failure during module execution.
PLAY RECAP ********************************************************************************************************************************************************************************************************
testc : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
Wednesday 12 June 2019 12:44:02 +0300 (0:00:01.563) 0:00:01.590 ********
===============================================================================
Gathering Facts -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1.56s
/tmp/pod.yaml:1 --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------