ansible.builtin.cron
196 views
Skip to first unread message
John Welby
Apr 19, 2023, 10:26:40 AM4/19/23
to Ansible Project
All,
Can a playbook be run by 'job', i.e. instead of a script.
I created a playbook that creates an entry in crontab, which it does successfully, but it does not execute the playbook I specified in job:
Thanks!
John
Will McDonald
Apr 19, 2023, 10:56:07 AM4/19/23
to ansible...@googlegroups.com
More information would be helpful here.
1. Can you share your usage of ansible.builtin.cron?
2. Can you share the output of crontab -l for the user you're creating the cron job for/as, or the contents of /etc/crontab and/or /etc/cron.* ?
3. What's in your cronlog or systemd journal?
4. Obvious question but you do have a vixie cron variant installed and the appropriate services started?
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/34c698f9-be82-4e15-a486-3dddb5ebf3ecn%40googlegroups.com.
John Welby
Apr 19, 2023, 12:08:49 PM4/19/23
to Ansible Project
---
- name: Create a cronjob to patch dev instances
hosts: controller
tasks:
- name: Schedule cron
ansible.builtin.cron:
name: This cronjob is scheduled by Ansible
minute: "15"
hour: "12"
day: "*"
month: "*"
weekday: "3"
user: ec2-user
job: "/home/jwelby/ansible/sub-playbooks/ansible-playbook -i dev-hosts /home/jwelby/ansible/sub-playbooks/patching.yml"
state: present
crontab -l
30 15 * * 3 /home/jwelby/ansible/sub-playbooks/patching.yaml
crond.service is active and running
Thanks!
John
Dick Visser
Apr 19, 2023, 12:17:24 PM4/19/23
to ansible...@googlegroups.com
Things run from cron usually have a very limited set of time environments variables available to them.
I assume you have no output at all now, so you don't know where to start looking.
Start by ensuring that you receive any output from cron (pipe to email, write to log, whatever is appropriate in your use case)
That will reveal the reason why it's not working.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/d31172bf-3b3a-4749-882f-437e0401d345n%40googlegroups.com.
Sent from Gmail Mobile
Rowe, Walter P. (Fed)
Apr 19, 2023, 12:18:35 PM4/19/23
to ansible...@googlegroups.com
job: "/home/jwelby/ansible/sub-playbooks/ansible-playbook -i dev-hosts /home/jwelby/ansible/sub-playbooks/patching.yml"
30 15 * * 3 /home/jwelby/ansible/sub-playbooks/patching.yaml
These don't match. cron isn't running ansible-playbook. It is trying to run the YAML file itself.
Walter
--
Walter Rowe, Division Chief
Infrastructure Services, OISM
Mobile: 202.355.4123
Walter
--
Walter Rowe, Division Chief
Infrastructure Services, OISM
Mobile: 202.355.4123
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/d31172bf-3b3a-4749-882f-437e0401d345n%40googlegroups.com.
Dick Visser
Apr 19, 2023, 12:21:47 PM4/19/23
to ansible...@googlegroups.com
Also the file name extensions are different (yml vs yaml). Are we looking at some copy paste errors?
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/DFE1A099-5F3B-4992-8993-CB0B03F7BD26%40nist.gov.
Will McDonald
Apr 19, 2023, 12:28:31 PM4/19/23
to ansible...@googlegroups.com
There's a discrepancy between your job as defined in your playbook and your output as listed from crontab -l. I suspect that's just transcription but worth double-checking? (Walter and Dick have also spotted that.)
I'd also check that the ec2-user which is who you're creating the crontab as has appropriate permissions and ownership of /home/jwelby/ and can descend into that tree and "do stuff".
And finally, check your logs/journal. As Dick mentioned, the cron execution environment is restrictive, so it's likely whatever's happening will be logged under _COMM = crontab or UNIT crontab.service.
I'd get it working with a simple debug job firing every 5 minutes with a playbook which just runs a debug or touches a file, check for its execution successfully in the journal logs then increase the complexity in stages.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/d31172bf-3b3a-4749-882f-437e0401d345n%40googlegroups.com.
John Welby
Apr 19, 2023, 12:38:04 PM4/19/23
to Ansible Project
Yes, there are copy/paste errors as I am transcribing and scrubbing info from a high-side environment.
Will McDonald
Apr 19, 2023, 1:19:14 PM4/19/23
to ansible...@googlegroups.com
It works as expected for me on a test Fedora machine.
As a test user, create a debug playbook and test it runs.
[test-user@fedora ~]$ id
uid=1001(test-user) gid=1001(test-user) groups=1001(test-user) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[test-user@fedora ~]$ cat debug.yaml
---
- name: touch a timestamped file
hosts: localhost
tasks:
- name: touch a file
ansible.builtin.command: touch /tmp/ansible-cron
[test-user@fedora ~]$ ansible-playbook debug.yaml
PLAY RECAP *********************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[test-user@fedora ~]$ ll /tmp/ansible-cron
-rw-r--r--. 1 test-user test-user 0 Apr 19 17:36 /tmp/ansible-cron
[test-user@fedora ~]$ rm /tmp/ansible-cron
As a real user, schedule the previously tested playbook via cron.
[real-user@fedora ansible-cron]$ cat add-cron.yaml
---
- name: Create a test cronjob to touch a file
hosts: localhost
become: true
tasks:
- name: add crontab entry
[test-user@fedora ~]$ id
uid=1001(test-user) gid=1001(test-user) groups=1001(test-user) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[test-user@fedora ~]$ cat debug.yaml
---
- name: touch a timestamped file
hosts: localhost
tasks:
- name: touch a file
ansible.builtin.command: touch /tmp/ansible-cron
[test-user@fedora ~]$ ansible-playbook debug.yaml
PLAY RECAP *********************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[test-user@fedora ~]$ ll /tmp/ansible-cron
-rw-r--r--. 1 test-user test-user 0 Apr 19 17:36 /tmp/ansible-cron
[test-user@fedora ~]$ rm /tmp/ansible-cron
As a real user, schedule the previously tested playbook via cron.
[real-user@fedora ansible-cron]$ cat add-cron.yaml
---
- name: Create a test cronjob to touch a file
hosts: localhost
become: true
tasks:
- name: add crontab entry
ansible.builtin.cron:
name: This cronjob is scheduled by Ansible
minute: "*"
hour: "*"
day: "*"
month: "*"
weekday: "*"
user: test-user
job: "ansible-playbook -i localhost /home/test-user/debug.yaml"
state: present
[real-user@fedora ansible-cron]$ ansible-playbook add-cron.yaml
PLAY RECAP *********************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@fedora ~]# crontab -l -u test-user
#Ansible: This cronjob is scheduled by Ansible
* * * * * ansible-playbook -i localhost /home/test-user/debug.yaml
[root@fedora ~]# systemctl start crond.service
[root@fedora ~]# ll /tmp/ans*
-rw-r--r--. 1 test-user test-user 0 Apr 19 17:42 /tmp/ansible-cron
hour: "*"
day: "*"
month: "*"
weekday: "*"
user: test-user
job: "ansible-playbook -i localhost /home/test-user/debug.yaml"
state: present
[real-user@fedora ansible-cron]$ ansible-playbook add-cron.yaml
PLAY RECAP *********************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@fedora ~]# crontab -l -u test-user
#Ansible: This cronjob is scheduled by Ansible
* * * * * ansible-playbook -i localhost /home/test-user/debug.yaml
[root@fedora ~]# systemctl start crond.service
[root@fedora ~]# ll /tmp/ans*
-rw-r--r--. 1 test-user test-user 0 Apr 19 17:42 /tmp/ansible-cron
For me the level of log info sent to the journal wasn't terribly helpful, so you might want to try stopping the service and running in the foreground with debug for more detail (YMMV depending on distro/config and customisation):
# systemctl stop crond.service
# crond -n -s -x ext,sch,proc,pars,load,misc
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/ce8f41d2-237e-48fa-8d80-5da96dca751fn%40googlegroups.com.
John Welby
Apr 19, 2023, 1:59:24 PM4/19/23
to Ansible Project
Thanks, I will try that.
Reply all
Reply to author
Forward
0 new messages