docker_container module always falsely report 'changed' and 'kernel_memory' attribute seems to be the culprit

[ishan jain]

I have a playbook which in the end ensure that a docker container with provided attributes is started. So consider this task below (stripped off some of the stuff)

      - name: Start container

        docker_container:

          name: "{{cname}}"

          image: "{{ image }}"

          state: started

          memory:             "{{ mem }}"

          memory_reservation: "{{ memr }}"

          memory_swap:        "{{ mems }}"

          kernel_memory:      0

This setup was working fine earlier but when i updated to Ansible 2.4.3, this container task would always report changed, while nothing at all is changed for the container on docker host. The container is not even being restarted and yet this task would show 'changed'. I tried to compare the json returned by the above task with the json of docker inspect on my container, and they were exactly the same.

During debugging, i started commenting out some attributes and when i commented out 'kernel_memory', it stopped reporting 'changed' and now it is back to the intended behavior of 'OK'. So i know this attribute is the culprit, i just don't know what is wrong. I check Ansible 2.6 as well and it has the same problem. 

Can anyone please explain what am i doing wrong here or is it some problem in the docker_container module ?

[Felix Fontein]

Hi,

> I have a playbook which in the end ensure that a docker container
> with provided attributes is started. So consider this task below
> (stripped off some of the stuff)
>
>
> - name: Start container
> docker_container:
> name: "{{cname}}"
> image: "{{ image }}"
> state: started
> memory: "{{ mem }}"
> memory_reservation: "{{ memr }}"
> memory_swap: "{{ mems }}"
> kernel_memory: 0
>
>
> This setup was working fine earlier but when i updated to Ansible

> 2.4.3, this container task would *always report changed*, while

which version of Ansible did you use before? And did you also upgrade
the docker-py / docker Python package (on the nodes)?

> During debugging, i started commenting out some attributes and when i
> commented out 'kernel_memory', it stopped reporting 'changed' and now
> it is back to the intended behavior of 'OK'. So i know this attribute
> is the culprit, i just don't know what is wrong. I check Ansible 2.6
> as well and it has the same problem.
>
> Can anyone please explain what am i doing wrong here or is it some
> problem in the docker_container module ?

I debugged this a bit; the problem is that the argument kernel_memory
("0", i.e. as a string) is compared to a number (0); the comparison
fails and docker_container things there is some work to do. I've looked
at various versions of the docker_container module, the code always
looked very similar, so I doubt this ever worked differently.

(Actually, it could be that older versions did not set changed=True when
updating the limits, so this wasn't visible with older versions of
Ansible.)

Anyway, this is a bug in the docker_container module IMO. You should
create a ticket for it:
https://github.com/ansible/ansible/issues/new?template=bug_report.md

Cheers,
Felix

[ishan jain]

Hi Felix,

Providing 0 or "0" values has the same undesired result. Although, if i provide empty value (''), then it runs just fine. 

I have raised a bug here - https://github.com/ansible/ansible/issues/42692

BR,

Ishan

[Syed Jafar]

Could someone please let me know how to go about updating/patching Ubuntu systems via Ansible playbook. 

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/09e92e06-87c7-4cfc-829a-7749a9e6f881%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Syed Jafar]

Can someone please tell me what I am doing wrong with the Ansible Playbook syntax. Listed below is the Playbook and the error I am getting. 

# Basic provisioning example

- ec2:

    key_name: Ansible

    instance_type: t2.micro

    image: ami-db710fa3

    group_id: sg-d271b9a2

    wait: yes

    volumes:

      - device_name: /dev/xvda

        volume_type: gp2

        volume_size: 8

        delete_on_termination: true 

    count: 3

    vpc_subnet_id: subnet-a29fdcf8

    assign_public_ip: yes

ERROR! 'ec2' is not a valid attribute for a Play

The error appears to have been in '/private/etc/ansible/playbooks/ec2.yml': line 2, column 3, but may

be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

# Basic provisioning example

- ec2:

  ^ here

[Kai Stian Olstad]

On 13.07.2018 19:26, Syed Jafar wrote:
> Can someone please tell me what I am doing wrong with the Ansible
> Playbook
> syntax. Listed below is the Playbook and the error I am getting.
>
>
> # Basic provisioning example
>
>
> - ec2:
>
>
> key_name: Ansible
>
>
> instance_type: t2.micro
>
>
> image: ami-db710fa3
>
>
> group_id: sg-d271b9a2
>
>
> wait: yes
>
>
> volumes:
>
>
> - device_name: /dev/xvda
>
>
> volume_type: gp2
>
>
> volume_size: 8
>
>
> delete_on_termination: true
>
>
> count: 3
>
>
> vpc_subnet_id: subnet-a29fdcf8
>
>
> assign_public_ip: yes
>
>
>
>
> ERROR! 'ec2' is not a valid attribute for a Play

This is not a playbook but a task, recommend you read this
https://docs.ansible.com/ansible/latest/user_guide/playbooks_intro.html

--
Kai Stian Olstad

[Syed Jafar]

I live in Mountain View, CA and am looking for someone with Ansible expertise who I can spend 2-3 hours with in order to get up to speed with Ansible. I am willing to pay $100/hr or whatever it takes. 

Thanks,

Syed Jafar