Provisioner Fails when using capitalized letters in ec2_name_prefix

[VDI-Tech-Guy]

Problem Summary

When provisioning using a capital letter in the ec2_name_prefix will fail the code run due to not being able to access the "Store SSH Key Pair" as it looks for directories and files without capital letters, there is a | lower placed somewhere in the code that causes the error.

This didnt happen in much older code but it does now.

Issue Type

Bug

Extra vars file

---
# region where the nodes will live
ec2_region: us-west-2

# name prefix for all the VMs
ec2_name_prefix: F5-TestDrive-Test

# creates student_total of workbenches for the workshop
student_total: 1 

# Set the right workshop type, like network, rhel or f5 (see above)
workshop_type: f5

# Generate offline token to authenticate the calls to Red Hat's APIs
# Can be accessed at https://access.redhat.com/management/api
offline_token: "..."

# Required for podman authentication to registry.redhat.io
redhat_username: MyRHUser
redhat_password: "s^perSecretP@ss!"

#####OPTIONAL VARIABLES

# add prebuilt false
pre_build: false

# turn DNS on for control nodes, and set to type in valid_dns_type
dns_type: aws

# password for Ansible control node
admin_password: s^perSecretP@ss!

# Sets the Route53 DNS zone to use for Amazon Web Services
workshop_dns_zone: "mydomain.com"

# automatically installs Tower to control node
controllerinstall: true

# SHA value of targeted AAP bundle setup files.
provided_sha_value: 7456b98f2f50e0e1d4c93fb4e375fe8a9174f397a5b1c0950915224f7f020ec4

# default vars for ec2 AMIs (ec2_info) are located in provisioner/roles/manage_ec2_instances/defaults/main/main.yml
# select ec2_info AMI vars can be overwritten via ec2_xtra vars, e.g.:
ec2_xtra:
  f5node:
    owners: 679593333241
    size: t3.large
    os_type: linux
    disk_volume_type: gp3
    disk_space: 100
    disk_iops: 3000
    disk_throughput: 125
    architecture: x86_64
    filter: 'F5 BIGIP-16.*PAYG-Best 25Mbps*'
    username: admin

f5_ee: "quay.io/f5_business_development/mmabis-ee-test:latest"

Ansible Playbook Output

[ec2-user@ip-10-0-100-29 provisioner]$ ansible-playbook provision_lab.yml -e @/git/aap-test.yaml
[WARNING]: Unable to parse /git/workshops-main-branch/provisioner/hosts as an inventory source
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [initial check setup] *******************************************************************************************************************************************************************************

TASK [Gathering Facts] ***********************************************************************************************************************************************************************************
ok: [localhost]

TASK [run pre-check role to make sure workshop will complete provisioning] *******************************************************************************************************************************

TASK [../roles/workshop_check_setup : make sure we are running correct Ansible Version] ******************************************************************************************************************
ok: [localhost] => {
    "changed": false,
    "msg": "All assertions passed"
}

TASK [../roles/workshop_check_setup : make sure workshop_type is set to a correct value] *****************************************************************************************************************
ok: [localhost] => {
    "changed": false,
    "msg": "All assertions passed"
}

TASK [../roles/workshop_check_setup : make sure dns_type is set to a correct value] **********************************************************************************************************************
ok: [localhost] => {
    "changed": false,
    "msg": "All assertions passed"
}

TASK [../roles/workshop_check_setup : make sure network_type is set to a correct value] ******************************************************************************************************************
skipping: [localhost]

TASK [../roles/workshop_check_setup : make sure DNS name is 65 characters or less] ***********************************************************************************************************************
ok: [localhost] => {
    "changed": false,
    "msg": "All assertions passed"
}

TASK [../roles/workshop_check_setup : make sure security_console is set to a correct value] **************************************************************************************************************
skipping: [localhost]

TASK [../roles/workshop_check_setup : make sure we are not running with TESTWORKSHOP as the name so no overlap] ******************************************************************************************
ok: [localhost] => {
    "changed": false,
    "msg": "All assertions passed"
}

TASK [../roles/workshop_check_setup : make sure we are not using `ansible` as the password] **************************************************************************************************************
ok: [localhost] => {
    "changed": false,
    "msg": "All assertions passed"
}

TASK [../roles/workshop_check_setup : automation controller checks] **************************************************************************************************************************************
included: /git/workshops-main-branch/roles/workshop_check_setup/tasks/controller.yml for localhost

TASK [../roles/workshop_check_setup : ensure workshop folder F5-TestDrive-Test exists] *******************************************************************************************************************
changed: [localhost]

TASK [../roles/workshop_check_setup : Enforce use of user/password for manifest download] ****************************************************************************************************************
skipping: [localhost]

TASK [../roles/workshop_check_setup : Download manifest.zip] *********************************************************************************************************************************************
skipping: [localhost]

TASK [../roles/workshop_check_setup : Check that the manifest.zip exists] ********************************************************************************************************************************
ok: [localhost]

TASK [../roles/workshop_check_setup : fail] **************************************************************************************************************************************************************
skipping: [localhost]

TASK [../roles/workshop_check_setup : check workshop specific information] *******************************************************************************************************************************
included: /git/workshops-main-branch/roles/workshop_check_setup/tasks/unsupported_workshop.yml for localhost => (item=/git/workshops-main-branch/roles/workshop_check_setup/tasks/unsupported_workshop.yml)

TASK [../roles/workshop_check_setup : unsupported workshop for workshop_check_setup role] ****************************************************************************************************************
ok: [localhost] => {
    "msg": "no more setup for workshop_check_setup role the f5 does not have any specific setup specified"
}

TASK [run AWS check setup if using AWS] ******************************************************************************************************************************************************************

TASK [../roles/aws_check_setup : grab boto version] ******************************************************************************************************************************************************
changed: [localhost]

TASK [../roles/aws_check_setup : make sure we are running correct boto version] **************************************************************************************************************************
ok: [localhost] => {
    "changed": false,
    "msg": "All assertions passed"
}

TASK [../roles/aws_check_setup : check for underscores in workshop name] *********************************************************************************************************************************
skipping: [localhost]

TASK [../roles/aws_check_setup : does route53 zone exist] ************************************************************************************************************************************************
ok: [localhost]

TASK [../roles/aws_check_setup : make sure workshop_dns_zone is owned by your account] *******************************************************************************************************************
ok: [localhost] => {
    "changed": false,
    "msg": "All assertions passed"
}

TASK [../roles/aws_check_setup : Find available AZ for region us-west-2] *********************************************************************************************************************************
ok: [localhost]

TASK [../roles/aws_check_setup : Remove any AZs in the aws_az_deny_list when defined] ********************************************************************************************************************
ok: [localhost]

TASK [../roles/aws_check_setup : Output AWS Availability Zones (AZs)] ************************************************************************************************************************************
skipping: [localhost]

TASK [../roles/aws_check_setup : SET AZ ZONE TO FIRST AVAILABLE] *****************************************************************************************************************************************
ok: [localhost]

TASK [../roles/aws_check_setup : grab information about AWS user] ****************************************************************************************************************************************
ok: [localhost]

TASK [../roles/aws_check_setup : print whoami] ***********************************************************************************************************************************************************
ok: [localhost] => {
    "whoami": {
        "account": "250871914685",
        "account_alias": "",
        "arn": "arn:aws:iam::250871914685:user/matt_mabis_programmatic_access",
        "changed": false,
        "failed": false,
        "user_id": "AIDATU2JBUC6RHXGIDTCZ"
    }
}

TASK [../roles/aws_check_setup : save username of AWS user] **********************************************************************************************************************************************
ok: [localhost]

TASK [../roles/aws_check_setup : save account id of AWS user] ********************************************************************************************************************************************
ok: [localhost]

TASK [download AAP] **************************************************************************************************************************************************************************************

TASK [../roles/aap_download : check if aap.tar.gz exists] ************************************************************************************************************************************************
ok: [localhost]

TASK [../roles/aap_download : download aap.tar.gz from specified URL] ************************************************************************************************************************************
skipping: [localhost]

TASK [../roles/aap_download : download aap.tar.gz from access.redhat.com] ********************************************************************************************************************************
skipping: [localhost]

TASK [../roles/aap_download : check if aap.tar.gz again (post download)] *********************************************************************************************************************************
ok: [localhost]

TASK [../roles/aap_download : Verify sha256sum of aap.tar.gz] ********************************************************************************************************************************************
skipping: [localhost]

PLAY [Create lab instances in AWS] ***********************************************************************************************************************************************************************

TASK [Cluster nodes] *************************************************************************************************************************************************************************************
skipping: [localhost]

TASK [include_role : ../roles/manage_ec2_instances] ******************************************************************************************************************************************************

TASK [../roles/manage_ec2_instances : overwrite select ec2_info vars if ec2_xtra vars are provided] ******************************************************************************************************
ok: [localhost]

TASK [../roles/manage_ec2_instances : include_tasks] *****************************************************************************************************************************************************
skipping: [localhost]

TASK [../roles/manage_ec2_instances : check if we have access to pre_build AMI images] *******************************************************************************************************************
included: /git/workshops-main-branch/roles/manage_ec2_instances/tasks/check_prebuild.yml for localhost

TASK [../roles/manage_ec2_instances : check if we have access to AMI] ************************************************************************************************************************************
ok: [localhost]

TASK [../roles/manage_ec2_instances : check if we have access to pre_build hub AMI images] ***************************************************************************************************************
skipping: [localhost]

TASK [../roles/manage_ec2_instances : provision aws resources and instances] *****************************************************************************************************************************
included: /git/workshops-main-branch/roles/manage_ec2_instances/tasks/provision.yml for localhost

TASK [../roles/manage_ec2_instances : ensure workshop folder F5-TestDrive-Test exists] *******************************************************************************************************************
ok: [localhost]

TASK [../roles/manage_ec2_instances : provision aws resources] *******************************************************************************************************************************************
included: /git/workshops-main-branch/roles/manage_ec2_instances/tasks/resources/resources.yml for localhost

TASK [../roles/manage_ec2_instances : Create AWS VPC F5-TestDrive-Test-vpc] ******************************************************************************************************************************
changed: [localhost]

TASK [../roles/manage_ec2_instances : create file for all AWS security group rules] **********************************************************************************************************************
changed: [localhost]

TASK [../roles/manage_ec2_instances : include_vars] ******************************************************************************************************************************************************
ok: [localhost]

TASK [../roles/manage_ec2_instances : Create EC2 security group for VPC named F5-TestDrive-Test-vpc] *****************************************************************************************************
changed: [localhost]

TASK [../roles/manage_ec2_instances : Create subnet for F5-TestDrive-Test-vpc] ***************************************************************************************************************************
changed: [localhost]

TASK [../roles/manage_ec2_instances : Create subnet2 for F5-TestDrive-Test-vpc (SECURITY MODE)] **********************************************************************************************************
changed: [localhost]

TASK [../roles/manage_ec2_instances : vpc internet gateway is present for vpc-013d70db38bad85d3] *********************************************************************************************************
changed: [localhost]

TASK [../roles/manage_ec2_instances : vpc public subnet route table is present for vpc-013d70db38bad85d3] ************************************************************************************************
changed: [localhost]

TASK [../roles/manage_ec2_instances : set variables for instance creation] *******************************************************************************************************************************
ok: [localhost]

TASK [../roles/manage_ec2_instances : Create ssh key pair for workshop F5-TestDrive-Test] ****************************************************************************************************************
changed: [localhost]

TASK [../roles/manage_ec2_instances : save private key] **************************************************************************************************************************************************
changed: [localhost]

TASK [../roles/manage_ec2_instances : use aws storage for key] *******************************************************************************************************************************************
included: /git/workshops-main-branch/roles/manage_ec2_instances/tasks/resources/aws.yml for localhost

TASK [../roles/manage_ec2_instances : s3 bucket for persistent storage of ec2 key exists] ****************************************************************************************************************
changed: [localhost]

TASK [../roles/manage_ec2_instances : Store SSH Key Pair] ************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Local object \"/git/workshops-main-branch/provisioner/f5-testdrive-test/f5-testdrive-test-private.pem\" does not exist for PUT operation"}

PLAY RECAP ***********************************************************************************************************************************************************************************************
localhost                  : ok=44   changed=12   unreachable=0    failed=1    skipped=13   rescued=0    ignored=0   

Ansible Version

[ec2-user@ip-10-0-100-29 provisioner]$ ansible --version
ansible [core 2.14.4]
  config file = /git/workshops-main-branch/provisioner/ansible.cfg
  configured module search path = ['/home/ec2-user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/ec2-user/.local/lib/python3.9/site-packages/ansible
  ansible collection location = /home/ec2-user/.ansible/collections:/usr/share/ansible/collections
  executable location = /home/ec2-user/.local/bin/ansible
  python version = 3.9.16 (main, Dec  8 2022, 00:00:00) [GCC 11.3.1 20221121 (Red Hat 11.3.1-4)] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True

Ansible Configuration

[ec2-user@ip-10-0-100-29 provisioner]$ ansible-config dump --only-changed
CONFIG_FILE() = /git/workshops-main-branch/provisioner/ansible.cfg
DEFAULT_FORKS(/git/workshops-main-branch/provisioner/ansible.cfg) = 50
DEFAULT_HOST_LIST(/git/workshops-main-branch/provisioner/ansible.cfg) = ['/git/workshops-main-branch/provisioner/hosts']
HOST_KEY_CHECKING(/git/workshops-main-branch/provisioner/ansible.cfg) = False
PERSISTENT_COMMAND_TIMEOUT(/git/workshops-main-branch/provisioner/ansible.cfg) = 60
PERSISTENT_CONNECT_TIMEOUT(/git/workshops-main-branch/provisioner/ansible.cfg) = 60
RETRY_FILES_ENABLED(/git/workshops-main-branch/provisioner/ansible.cfg) = False

Ansible Execution Node

CLI Ansible (Ansible Core)

Operating System

[ec2-user@ip-10-0-100-29 provisioner]$ cat /etc/redhat-release 
CentOS Stream release 9

[VDI-Tech-Guy]

@heatmiser

[heatmiser]

@VDI-Tech-Guy Do you suggest that:

1. Utilize ec2_name_prefix | lower be utilized when setting the var
2. A documentation addition to specify what the ec2_name_prefix var is used for and resultant limitations on case used
3. Both 1 and 2
   ???

[VDI-Tech-Guy]

Hey @heatmiser - i know that in the past this worked fine with upper cased characters in it, not sure when the change occurred as i was used aged code at the time (AAP 2.1)

I would suggest #3 to ensure users are aware of the limtation as well as ensure if there was a reason for this that its handled appropriately

Downside is that workshop name will be lowercased but to me its not end of the world

[IPvSean]

@heatmiser are you implementing this, or need help?

[heatmiser]

@IPvSean Circling back on this.