ansible - rhel8
32 views
Skip to first unread message
Chris Bidwell - NOAA Federal
Jul 15, 2020, 2:17:09 PM7/15/20
to ansible...@googlegroups.com
Hey all,
having an interesting issue with my latest rhel8 installation.
Trying to install an rpm from a URL. Here's my playbook:
---
- name: Install zabbix
hosts: ALL_LINUX
become: yes
vars_files:
- passwd.yml
- vars.yml
ignore_errors: yes
vars:
os_version: "{{ ansible_distribution_major_version }}"
zabbix_repo: /etc/yum.repos.d/zabbix.repo
zabbix_config: /etc/zabbix/zabbix_agentd.conf
zabbix_8: https://repo.zabbix.com/zabbix/4.4/rhel/8/x86_64/zabbix-release-4.4-1.el8.noarch.rpm
zabbix_7: https://repo.zabbix.com/zabbix/4.4/rhel/7/x86_64/zabbix-release-4.4-1.el7.noarch.rpm
zabbix_6: https://repo.zabbix.com/zabbix/4.4/rhel/6/x86_64/zabbix-release-4.4-1.el6.noarch.rpm
proxy_env:
http_proxy: 'http://proxy:8080'
- name: Install zabbix
hosts: ALL_LINUX
become: yes
vars_files:
- passwd.yml
- vars.yml
ignore_errors: yes
vars:
os_version: "{{ ansible_distribution_major_version }}"
zabbix_repo: /etc/yum.repos.d/zabbix.repo
zabbix_config: /etc/zabbix/zabbix_agentd.conf
zabbix_8: https://repo.zabbix.com/zabbix/4.4/rhel/8/x86_64/zabbix-release-4.4-1.el8.noarch.rpm
zabbix_7: https://repo.zabbix.com/zabbix/4.4/rhel/7/x86_64/zabbix-release-4.4-1.el7.noarch.rpm
zabbix_6: https://repo.zabbix.com/zabbix/4.4/rhel/6/x86_64/zabbix-release-4.4-1.el6.noarch.rpm
proxy_env:
http_proxy: 'http://proxy:8080'
- name: check if repo files exists
stat:
path: "{{ zabbix_repo }}"
register: zabbix_exists
tags:
- YUM
- CHECK
stat:
path: "{{ zabbix_repo }}"
register: zabbix_exists
tags:
- YUM
- CHECK
- name: "install 8 if not exists (proxy)"
dnf:
name: "{{ zabbix_8 }}"
state: latest
disable_gpg_check: yes
ignore_errors: true
environment: "{{ proxy_env }}"
when:
- ansible_distribution_major_version is version('8', '=')
- zabbix_exists.stat.exists == False
- ansible_default_ipv4.address is match('192\.168\.226\.') or
ansible_default_ipv4.address is match('10\.172\.226\.')
tags:
- PROXY
- YUM
dnf:
name: "{{ zabbix_8 }}"
state: latest
disable_gpg_check: yes
ignore_errors: true
environment: "{{ proxy_env }}"
when:
- ansible_distribution_major_version is version('8', '=')
- zabbix_exists.stat.exists == False
- ansible_default_ipv4.address is match('192\.168\.226\.') or
ansible_default_ipv4.address is match('10\.172\.226\.')
tags:
- PROXY
- YUM
Here is my error output:
TASK [install 8 if not exists (proxy)] *******************************************************************************************************************************************************************
fatal: [corona-lx]: FAILED! => {"changed": false, "msg": "Failure downloading https://repo.zabbix.com/zabbix/4.4/rhel/8/x86_64/zabbix-release-4.4-1.el8.noarch.rpm, Request failed: <urlopen error [Errno 97] Address family not supported by protocol>", "results": []}
fatal: [corona-lx]: FAILED! => {"changed": false, "msg": "Failure downloading https://repo.zabbix.com/zabbix/4.4/rhel/8/x86_64/zabbix-release-4.4-1.el8.noarch.rpm, Request failed: <urlopen error [Errno 97] Address family not supported by protocol>", "results": []}
Thought it may be dns-related but I'm able to resolve the name fine.
vinoth kumar
Jul 15, 2020, 2:24:18 PM7/15/20
to ansible...@googlegroups.com
Where is your actual tasks starts ?
Tasks is missing
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAHKi8Ci7hMJzUDYuDM1AVpnpYf9xH%2BjogANN6EzMOvWNF8AMrA%40mail.gmail.com.
Chris Bidwell - NOAA Federal
Jul 15, 2020, 2:55:29 PM7/15/20
to ansible...@googlegroups.com
Here is the whole playbook:
---
- name: Install zabbix
hosts: ALL_LINUX
become: yes
vars_files:
- passwd.yml
- vars.yml
ignore_errors: yes
vars:
os_version: "{{ ansible_distribution_major_version }}"
zabbix_repo: /etc/yum.repos.d/zabbix.repo
zabbix_config: /etc/zabbix/zabbix_agentd.conf
zabbix_8: https://repo.zabbix.com/zabbix/4.4/rhel/8/x86_64/zabbix-release-4.4-1.el8.noarch.rpm
zabbix_7: https://repo.zabbix.com/zabbix/4.4/rhel/7/x86_64/zabbix-release-4.4-1.el7.noarch.rpm
zabbix_6: https://repo.zabbix.com/zabbix/4.4/rhel/6/x86_64/zabbix-release-4.4-1.el6.noarch.rpm
proxy_env:
http_proxy: 'http://proxy:8080'
- name: Install zabbix
hosts: ALL_LINUX
become: yes
vars_files:
- passwd.yml
- vars.yml
ignore_errors: yes
vars:
os_version: "{{ ansible_distribution_major_version }}"
zabbix_repo: /etc/yum.repos.d/zabbix.repo
zabbix_config: /etc/zabbix/zabbix_agentd.conf
zabbix_8: https://repo.zabbix.com/zabbix/4.4/rhel/8/x86_64/zabbix-release-4.4-1.el8.noarch.rpm
zabbix_7: https://repo.zabbix.com/zabbix/4.4/rhel/7/x86_64/zabbix-release-4.4-1.el7.noarch.rpm
zabbix_6: https://repo.zabbix.com/zabbix/4.4/rhel/6/x86_64/zabbix-release-4.4-1.el6.noarch.rpm
proxy_env:
http_proxy: 'http://proxy:8080'
tasks:
- name: cat /etc/yum.conf
shell: cat /etc/yum.conf
register: proxy
tags:
- YUM
- name: cat /etc/yum.conf
shell: cat /etc/yum.conf
register: proxy
tags:
- YUM
- name: check if repo files exists
stat:
path: "{{ zabbix_repo }}"
register: zabbix_exists
tags:
- YUM
- CHECK
- name: "install 8 if not exists (proxy)"
dnf:
name: "{{ zabbix_8 }}"
state: latest
disable_gpg_check: yes
ignore_errors: true
environment: "{{ proxy_env }}"
when:
- ansible_distribution_major_version is version('8', '=')
- zabbix_exists.stat.exists == False
- ansible_default_ipv4.address is match('192\.168\.226\.') or
ansible_default_ipv4.address is match('10\.172\.226\.')
tags:
- PROXY
- YUM
- name: "install 8 if not exists (noproxy)"
dnf:
name: "{{ zabbix_8 }}"
state: latest
disable_gpg_check: yes
ignore_errors: true
when:
- ansible_distribution_major_version is version('8', '=')
- zabbix_exists.stat.exists == False
- ansible_distribution_major_version is version('8', '=')
- zabbix_exists.stat.exists == False
- ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.') or
ansible_default_ipv4.address is match('192\.168\.225\.') or
ansible_default_ipv4.address is match('192\.168\.227\.') or
ansible_default_ipv4.address is match('192\.168\.228\.') or
ansible_default_ipv4.address is match('192\.168\.223\.')
ansible_default_ipv4.address is match('192\.168\.223\.') or
ansible_default_ipv4.address is match('192\.168\.225\.') or
ansible_default_ipv4.address is match('192\.168\.227\.') or
ansible_default_ipv4.address is match('192\.168\.228\.') or
ansible_default_ipv4.address is match('192\.168\.223\.')
tags:
- PROXY
- YUM
- name: "install 7 if not exists (proxy)"
yum:
name: "{{ zabbix_7 }}"
yum:
name: "{{ zabbix_7 }}"
state: latest
disable_gpg_check: yes
ignore_errors: true
environment: "{{ proxy_env }}"
when:
- ansible_distribution_major_version is version('7', '=')
- zabbix_exists.stat.exists == False
- ansible_default_ipv4.address is match('
192\.168\.226\.') or
ansible_default_ipv4.address is match('10\.172\.226\.')
tags:
- PROXY
- YUM
- name: "install 7 if not exists (noproxy)"
yum:
name: "{{ zabbix_7 }}"
yum:
name: "{{ zabbix_7 }}"
state: latest
disable_gpg_check: yes
ignore_errors: true
when:
- ansible_distribution_major_version is version('7', '=')
- zabbix_exists.stat.exists == False
- ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.') or
ansible_default_ipv4.address is match('192\.168\.225\.') or
ansible_default_ipv4.address is match('192\.168\.227\.') or
ansible_default_ipv4.address is match('192\.168\.228\.') or
ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.')
- ansible_distribution_major_version is version('7', '=')
- zabbix_exists.stat.exists == False
- ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.') or
ansible_default_ipv4.address is match('192\.168\.225\.') or
ansible_default_ipv4.address is match('192\.168\.227\.') or
ansible_default_ipv4.address is match('192\.168\.228\.') or
ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.')
tags:
- PROXY
- YUM
- name: "install 6 if not exists (proxy)"
yum:
name: "{{ zabbix_6 }}"
state: latest
yum:
name: "{{ zabbix_6 }}"
state: latest
ignore_errors: true
environment: "{{ proxy_env }}"
when:
- ansible_distribution_major_version is version('6', '=')
- zabbix_exists.stat.exists == False
- ansible_default_ipv4.address is match('192\.
168\.226\.') or
ansible_default_ipv4.address is match('10\.172\.226\.')
tags:
- YUM
- name: "install 6 if not exists (no proxy)"
yum:
name: "{{ zabbix_6 }}"
state: latest
ignore_errors: true
when:
- ansible_distribution_major_version is version('6', '=')
- zabbix_exists.stat.exists == False
- ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.') or
ansible_default_ipv4.address is match('192\.168\.225\.') or
ansible_default_ipv4.address is match('192\.168\.227\.') or
ansible_default_ipv4.address is match('192\.168\.228\.') or
ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.')
tags:
- YUM
- name: add proxy to zabbix.repo if needed
lineinfile:
path: /etc/yum.repos.d/zabbix.repo
regexp: 'proxy'
state: present
line: 'proxy=http://proxy:8080'
insertafter: '\[zabbix\]'
when:
- ansible_default_ipv4.address is match('192\.168\.226\.') or
- name: "install 6 if not exists (no proxy)"
yum:
name: "{{ zabbix_6 }}"
state: latest
ignore_errors: true
when:
- ansible_distribution_major_version is version('6', '=')
- zabbix_exists.stat.exists == False
- ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.') or
ansible_default_ipv4.address is match('192\.168\.225\.') or
ansible_default_ipv4.address is match('192\.168\.227\.') or
ansible_default_ipv4.address is match('192\.168\.228\.') or
ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.')
tags:
- YUM
- name: add proxy to zabbix.repo if needed
lineinfile:
path: /etc/yum.repos.d/zabbix.repo
regexp: 'proxy'
state: present
line: 'proxy=http://proxy:8080'
insertafter: '\[zabbix\]'
when:
- ansible_default_ipv4.address is match('192\.168\.226\.') or
ansible_default_ipv4.address is match('10\.172\.226\.')
tags:
- YUM
- name: Change http to https
replace:
path: /etc/yum.repos.d/zabbix.repo
regexp: 'http:'
replace: 'https:'
tags:
- HTTPS
- name: Install zabbix-agent
yum:
name: zabbix-agent
state: latest
ignore_errors: true
- name: Check firewalld
firewalld:
port: 10050/tcp
permanent: true
state: enabled
when:
- ansible_distribution_major_version is version('7', '=') or
- name: Change http to https
replace:
path: /etc/yum.repos.d/zabbix.repo
regexp: 'http:'
replace: 'https:'
tags:
- HTTPS
- name: Install zabbix-agent
yum:
name: zabbix-agent
state: latest
ignore_errors: true
- name: Check firewalld
firewalld:
port: 10050/tcp
permanent: true
state: enabled
when:
- ansible_distribution_major_version is version('7', '=') or
ansible_distribution_major_version is version('8', '=')
notify: restart firewalld
- name: Output iptables
shell: iptables -L -n
register: iptables_rules
tags: IPTABLES
- name: Check iptables
iptables:
chain: INPUT
source: 192.168.224.240/32
protocol: tcp
destination_port: 10050
jump: ACCEPT
when:
- ansible_distribution_major_version is version('6', '=')
- iptables_rules.find("10050") == -1
notify:
- iptables save
- restart iptables
tags: IPTABLES
- name: Update server
lineinfile:
path: "{{ zabbix_config }}"
regexp: '^Server\=127.0.0.1'
line: 'Server=atsb-pup-svr-lx'
notify: restart zabbix
- name: comment out hostname
lineinfile:
path: "{{ zabbix_config }}"
regexp: '^Hostname\='
line: '#Hostname='
notify: restart zabbix
- name: uncomment HostnameItem
lineinfile:
path: "{{ zabbix_config }}"
regexp: '^#\ HostnameItem.*'
line: 'HostnameItem=system.hostname'
notify: restart zabbix
- name: Enable on boot and start
service:
name: zabbix-agent
state: started
enabled: yes
- name: Upgrade zabbix yum repo
block:
- name: cat /etc/yum.conf
shell: cat /etc/yum.conf
register: upgrade_proxy
- name: Upgrade RHEL7 Zabbix Yum BES
yum:
name: "{{ zabbix_7 }}"
state: latest
when:
- ansible_distribution_major_version is version('7', '=')
- ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.') or
ansible_default_ipv4.address is match('192\.168\.227\.') or
ansible_default_ipv4.address is match('192\.168\.228\.') or
ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.')
- name: Upgrade RHEL6 Zabbix Yum BES
yum:
name: "{{ zabbix_6 }}"
state: latest
when:
- ansible_distribution_major_version is version('6', '=')
- ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.') or
ansible_default_ipv4.address is match('192\.168\.227\.') or
ansible_default_ipv4.address is match('192\.168\.228\.') or
ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.')
- name: Upgrade RHEL7 Zabbix Yum NCS
yum:
name: "{{ zabbix_7 }}"
state: latest
environment: "{{ proxy_env }}"
when:
- ansible_distribution_major_version is version('7', '=')
- name: Output iptables
shell: iptables -L -n
register: iptables_rules
tags: IPTABLES
- name: Check iptables
iptables:
chain: INPUT
source: 192.168.224.240/32
protocol: tcp
destination_port: 10050
jump: ACCEPT
when:
- ansible_distribution_major_version is version('6', '=')
- iptables_rules.find("10050") == -1
notify:
- iptables save
- restart iptables
tags: IPTABLES
- name: Update server
lineinfile:
path: "{{ zabbix_config }}"
regexp: '^Server\=127.0.0.1'
line: 'Server=atsb-pup-svr-lx'
notify: restart zabbix
- name: comment out hostname
lineinfile:
path: "{{ zabbix_config }}"
regexp: '^Hostname\='
line: '#Hostname='
notify: restart zabbix
- name: uncomment HostnameItem
lineinfile:
path: "{{ zabbix_config }}"
regexp: '^#\ HostnameItem.*'
line: 'HostnameItem=system.hostname'
notify: restart zabbix
- name: Enable on boot and start
service:
name: zabbix-agent
state: started
enabled: yes
- name: Upgrade zabbix yum repo
block:
- name: cat /etc/yum.conf
shell: cat /etc/yum.conf
register: upgrade_proxy
- name: Upgrade RHEL7 Zabbix Yum BES
yum:
name: "{{ zabbix_7 }}"
state: latest
when:
- ansible_distribution_major_version is version('7', '=')
- ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.') or
ansible_default_ipv4.address is match('192\.168\.227\.') or
ansible_default_ipv4.address is match('192\.168\.228\.') or
ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.')
- name: Upgrade RHEL6 Zabbix Yum BES
yum:
name: "{{ zabbix_6 }}"
state: latest
when:
- ansible_distribution_major_version is version('6', '=')
- ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.') or
ansible_default_ipv4.address is match('192\.168\.227\.') or
ansible_default_ipv4.address is match('192\.168\.228\.') or
ansible_default_ipv4.address is match('192\.168\.224\.') or
ansible_default_ipv4.address is match('192\.168\.223\.')
- name: Upgrade RHEL7 Zabbix Yum NCS
yum:
name: "{{ zabbix_7 }}"
state: latest
environment: "{{ proxy_env }}"
when:
- ansible_distribution_major_version is version('7', '=')
- ansible_default_ipv4.address is match('192\.168\.226\.') or
ansible_default_ipv4.address is match('10\.172\.226\.')
- name: Upgrade RHEL6 Zabbix Yum NCS
yum:
name: "{{ zabbix_6 }}"
state: latest
environment: "{{ proxy_env }}"
when:
- ansible_distribution_major_version is version('6', '=')
yum:
name: "{{ zabbix_6 }}"
state: latest
environment: "{{ proxy_env }}"
when:
- ansible_distribution_major_version is version('6', '=')
- ansible_default_ipv4.address is match('192\.168\.226\.') or
ansible_default_ipv4.address is match('10\.172\.226\.')
- name: Change http to https
replace:
path: /etc/yum.repos.d/zabbix.repo
regexp: 'http:'
replace: 'https:'
tags:
- HTTPS
notify: yum clean all
- name: add proxy to zabbix.repo for NCS systems
lineinfile:
path: /etc/yum.repos.d/zabbix.repo
regexp: 'proxy'
state: present
line: 'proxy=http://proxy:8080'
insertafter: '\[zabbix\]'
when:
- upgrade_proxy.stdout.find('proxy') != -1
- name: Upgrade zabbix-agent
yum:
name: zabbix-agent
state: latest
notify: restart zabbix
tags: never
handlers:
- name: restart zabbix
service:
name: zabbix-agent
state: restarted
- name: restart firewalld
service:
name: firewalld
state: restarted
- name: iptables save
command: iptables-save > /etc/sysconfig/iptables
tags: IPTABLES
- name: restart iptables
service:
name: iptables
state: restarted
tags: IPTABLES
- name: yum clean all
shell: yum clean all
replace:
path: /etc/yum.repos.d/zabbix.repo
regexp: 'http:'
replace: 'https:'
tags:
- HTTPS
notify: yum clean all
- name: add proxy to zabbix.repo for NCS systems
lineinfile:
path: /etc/yum.repos.d/zabbix.repo
regexp: 'proxy'
state: present
line: 'proxy=http://proxy:8080'
insertafter: '\[zabbix\]'
when:
- upgrade_proxy.stdout.find('proxy') != -1
- name: Upgrade zabbix-agent
yum:
name: zabbix-agent
state: latest
notify: restart zabbix
tags: never
handlers:
- name: restart zabbix
service:
name: zabbix-agent
state: restarted
- name: restart firewalld
service:
name: firewalld
state: restarted
- name: iptables save
command: iptables-save > /etc/sysconfig/iptables
tags: IPTABLES
- name: restart iptables
service:
name: iptables
state: restarted
tags: IPTABLES
- name: yum clean all
shell: yum clean all
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAJ%2BRxtQjbUTX%3DmEf6qh%2BR%2BSdh%3DKMRiC7TpbhJm3y9SaaRGQ%2B1w%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages