Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow SSH synchronization between Docker containers #65698

Merged
merged 2 commits into from Feb 20, 2020
Merged

Allow SSH synchronization between Docker containers #65698

merged 2 commits into from Feb 20, 2020

Conversation

nbendafi-yseop
Copy link
Contributor

SUMMARY

When using Molecule, use of synchonize module works as expected when syncing data from controller to inventory_hostname (driver: Docker).

But if fails to sync data over SSH between two controlled containers during a play on one of them when the other is used as delegate_to

Note:

The two controlled host are prepared during Molecule prepare phase to communicate with each other (SSH keys shared and authorized_key updated accordingly)

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

lib/ansible/plugins/action/synchronize.py

ADDITIONAL INFORMATION
molecule --debug converge 

---
- name: Converge
  hosts: server
  tasks:
    - name: Send data from backup server to destination server
      become: true
      synchronize:
        src: "/backup/{{ src_server }}/hourly.0/home/{{ user }}/{{ item }}"
        dest: "/home/{{ user }}/volumes//{{ item }}/"
      with_items:
        - conf
        - data
      delegate_to: "{{ backup_server }}"
failed: [server -> backup-server] (item=conf) => {
    "ansible_loop_var": "item",
    "changed": false,
    "cmd": "/bin/rsync --delay-updates -F --compress --archive --blocking-io --rsh=/usr/bin/docker exec -u root -i --out-format=<<CHANGED>>%i %n%L /backup/org-server/hourly.0/home/user/ server:/home/user",
    "invocation": {
        "module_args": {
            "_local_rsync_password": null,
            "_local_rsync_path": "rsync",
            "_substitute_controller": false,
            "archive": true,
            "checksum": false,
            "compress": true,
            "copy_links": false,
            "delete": false,
            "dest": "server:/home/user/volumes/conf/",
            "dest_port": null,
            "dirs": false,
            "existing_only": false,
            "group": null,
            "link_dest": null,
            "links": null,
            "mode": "push",
            "owner": null,
            "partial": false,
            "perms": null,
            "private_key": null,
            "recursive": null,
            "rsync_opts": [
                "--blocking-io",
                "--rsh=/usr/bin/docker exec -u root -i"
            ],
            "rsync_path": null,
            "rsync_timeout": 0,
            "set_remote_user": true,
            "src": "/backup/org-server/hourly.0/home/user/conf",
            "ssh_args": null,
            "times": null,
            "verify_host": false
        }
    },
    "item": "conf",
    "msg": "rsync: Failed to exec /usr/bin/docker: No such file or directory (2)\nrsync error: error in IPC code (code 14) at pipe.c(85) [sender=3.1.2]\nrsync: connection unexpectedly closed (0 bytes received so far) [sender]\nrsync error: error in IPC c
ode (code 14) at io.c(226) [sender=3.1.2]\n",
    "rc": 14
}

@ansibot ansibot added affects_2.10 This issue/PR affects Ansible v2.10 bug This issue/PR relates to a bug. core_review In order to be merged, this PR must follow the core review workflow. needs_triage Needs a first human triage before being processed. small_patch support:core This issue/PR relates to code supported by the Ansible Engineering Team. needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. and removed core_review In order to be merged, this PR must follow the core review workflow. labels Dec 10, 2019
@nbendafi-yseop
Copy link
Contributor Author

nbendafi-yseop commented Dec 11, 2019
edited

Looks like a test that has nothing to do with changed code has randomly failed, due to netwwork timeout

ipify_facts-yfyvNp / /root/ansible/test/results/.tmp/integration/ipify_facts-ocRFjZ-ÅÑŚÌβŁÈ/test/integration/targets/ipify_facts/tasks/main.yml:27 / [testhost] testhost: ipify_facts : get information about current IP using ipify facts validate_certs={{ validate_certs }}, timeout=30
{
"changed": false, 
"msg": "No valid or no response from url https://api.ipify.org/ within 30 seconds (timeout)"
}

(cf. Shippable #153281 - 78)

@ansibot ansibot added core_review In order to be merged, this PR must follow the core review workflow. and removed needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. labels Dec 11, 2019
@ansibot ansibot added the stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. label Dec 19, 2019
@samdoran samdoran removed the needs_triage Needs a first human triage before being processed. label Dec 19, 2019
@samdoran
Copy link
Contributor

Related to #62107 (comment).

@samdoran
Copy link
Contributor

We will most likely not be adding further special casing to this plugin.

@nbendafi-yseop
Copy link
Contributor Author

Thanks for the answer. But unlike #62107, which is clearly a new feature, this seems to be a bug fix. Having connection transport as Docker between controller and controlled node A and B shouldn't involve that connection transport between node A and node B must be Docker as well.
So falling back to use command module would be rather sad.

@nbendafi-yseop
Copy link
Contributor Author

@samdoran Should I consider this issue as dead end ?

@samdoran
Copy link
Contributor

rebuild_merge

@ansibot ansibot added shipit This PR is ready to be merged by Core support:community This issue/PR relates to code supported by the Ansible community. needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. and removed core_review In order to be merged, this PR must follow the core review workflow. small_patch stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. shipit This PR is ready to be merged by Core needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. labels Feb 20, 2020
@ansibot ansibot added the shipit This PR is ready to be merged by Core label Feb 20, 2020
@ansibot ansibot merged commit 854925b into ansible:devel Feb 20, 2020
@samdoran samdoran mentioned this pull request Feb 24, 2020
Merged
mattclay pushed a commit that referenced this pull request Mar 3, 2020
@samdoran @nabilbendafi
[stable-2.9] Allow SSH synchronization between Docker containers (#65698
a0c3d89 
) (#67713)

* [stable-2.9] Allow SSH synchronization between Docker containers
(cherry picked from commit 1c15a48)

Co-authored-by: Nabil BENDAFI <nabil@bendafi.fr>

* Add changelog

(cherry picked from commit 854925b)

Co-authored-by: Nabil BENDAFI <nabilbendafi@users.noreply.github.com>
@ansible ansible locked and limited conversation to collaborators Mar 19, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
affects_2.10 This issue/PR affects Ansible v2.10 bug This issue/PR relates to a bug. shipit This PR is ready to be merged by Core support:community This issue/PR relates to code supported by the Ansible community. support:core This issue/PR relates to code supported by the Ansible Engineering Team.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@nbendafi-yseop @samdoran @ansibot @nabilbendafi