'any_errors_fatal' Broken For Unreachable Hosts v2 #15523
Comments
mattmonkey83
changed the title
|
Just noticed something while comparing v.2 with v.1.9.5 - If I run the playbook above against two hosts, one reachable, the other not in v.1.9.5 I get this - If I re-run the playbook against the same hosts but with The behaviour of |
|
Hi @mattmonkey83, this appears to be resolved by the feature branch I've pushed based mainly on @vroy's work: https://github.com/ansible/ansible/compare/vroy_backward-compatible-executor Using an inventory with an unreachable host named [root@jimi 15523]# ansible-playbook -vv -i inv test.yml
Using /etc/ansible/ansible.cfg as config file
PLAYBOOK: test.yml *************************************************************
2 plays in test.yml
PLAY [test] ********************************************************************
TASK [ping] ********************************************************************
task path: /root/testing/15523/test.yml:10
fatal: [test]: UNREACHABLE! => {"changed": false, "msg": "SSH Error: data could not be sent to the remote host. Make sure this host can be reached over ssh", "unreachable": true}
PLAY RECAP *********************************************************************
test : ok=0 changed=0 unreachable=1 failed=0
[root@jimi 15523]#
So the unreachable host halts the play execution. If you can confirm, I'll close this when we merge that feature branch in. |
jimi-c
added
needs_info
|
Hi @jimi-c, thanks for looking at this. I've finally managed to get round to testing your branch. There's some improvement - When there's only unreachable hosts, it matches v.1.9 behaviour which is great - Unfortunately there is still a difference when only a subset of hosts are unreachable - Versus what I'd consider to be correct behaviour in v.1.9 - |
|
@mattmonkey83 I actually think this is more correct? The second play uses a different host than the first, so shouldn't it continue running? |
|
@jimi-c I can't really agree. Yes it is a different host targeted in the second part of the example playbook, but there are occasions when we want a playbook to abort rather than proceed. For example if a playbook has tasks to configure 3 webservers followed by tasks to add them to the load balancer - We might not want the load balancer tasks to take place if one of the webservers wasn't successfully configured. That's the reason we use 'any_errors_fatal'. I hope that makes sense. Let me know if you need further clarification. |
|
@mattmonkey83 ahh yes, I wasn't really thinking of this in the context of any_errors_fatal. In that case, I'd agree with you. |
jimi-c
removed
needs_info
Closing This TicketHi! We believe the above commit should resolve this problem for you. This will also be included in the next release. If you continue seeing any problems related to this issue, or if you have any further questions, please let us know by stopping by one of the two mailing lists, as appropriate:
Because this project is very active, we're unlikely to see comments made on closed tickets, but the mailing list is a great way to ask questions, or post if you don't think this particular issue is resolved. Thank you! |
|
Thanks @jimi-c - Re-tested using latest from source and the problem now appears to be resolved 😄 |
|
Hi All , fatal: [g_all_hosts | default([])]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname g_all_hosts | default([]): Name or service not known\r\n", "unreachable": true} [rhnuser3@ip-172-31-10-250 ~]$ ansible -m ping all We have verified following steps. Master communicating to the node [rhnuser3@ip-172-31-10-250 ~]$ ssh rhnuser3@35.182.190.60 Node Communicating to the master [rhnuser3@ip-172-31-9-57 ~]$ ssh rhnuser3@172.31.10.250 We have changed necessary changed necessary configuration file from master and node server. vi /etc/ansible/ansible.cfg inventory = /etc/ansible/hosts
We have updated /etc/hosts/file – it is look like [rhnuser3@ip-172-31-10-250 ~]$ cat /etc/hosts 172.31.10.250 master sudo vi /etc/ssh/sshd_config sudo cat /var/log/secure Aug 16 08:28:09 localhost sshd[22792]: Disconnecting: Too many authentication failures for root [preauth] Master server i performed the following commands cat /home/rhnuser3/.ssh/id_rsa.pub sudo vi /home/rhnuser3/.ssh/authorized_keys sudo chmod 600 .ssh/authorized_keys sudo chown rhnuser3:rhnuser3 .ssh/authorized_keys cat /home/rhnuser3/.ssh/id_rsa Node server i performed the following command. cd /home/rhnuser3 mkdir .ssh chmod 700 .ssh chown rhnuser3:rhnuser3 .ssh sudo vi /home/rhnuser3/.ssh/authorized_keys sudo chmod 600 .ssh/authorized_keys sudo chown rhnuser3:rhnuser3 .ssh/authorized_keys sudo vi /home/rhnuser3/.ssh/id_rsa sudo chmod 600 .ssh/id_rsa sudo chown rhnuser3:rhnuser3 .ssh/id_rsa Please try suggest on these. |
|
[rhnuser3@master ~]$ ansible --version [rhnuser3@master ~]$ cat /etc/redhat-release |
|
@virtusademo that may be a question better directed at the openstack-ansible team, which is not directly affiliated with us here in the Ansible project. |
ISSUE TYPE
ANSIBLE VERSION
CONFIGURATION
Default
OS / ENVIRONMENT
N/A
SUMMARY
We've been testing our playbooks in v2 and noticed that
any_errors_fatalisn't respected when a host is unreachable.The playbooks previously aborted in v1.9.5 but proceed in v2.
STEPS TO REPRODUCE
Run this playbook where
testis a server who's SSH key is not loaded to force permission denied.EXPECTED RESULTS
Playbook should abort after failed ping task on
test.ACTUAL RESULTS
Playbook continues to next host group and completes debug task.
The text was updated successfully, but these errors were encountered: