Skip to content
This repository has been archived by the owner on Jan 8, 2023. It is now read-only.

Wait for instance fail on rootfull container creation #77

Closed
0b11stan opened this issue Aug 28, 2021 · 2 comments
Closed

Wait for instance fail on rootfull container creation #77

0b11stan opened this issue Aug 28, 2021 · 2 comments

Comments

@0b11stan
Copy link
Contributor

0b11stan commented Aug 28, 2021
edited
Loading

Hi, first, thank you for the great work around molecule and ansible.

I think I spotted an issue when using rootfull containers with podman.
Pods creations works perfectly but the next step (waiting for them to be up) is failing.
This is not the case when I remove the rootless: false entry.

Versions

molecule 3.4.0 using python 3.9
    ansible:2.11.4
    delegated:3.4.0 from molecule
    podman:0.3.0 from molecule_podman

How to reproduce

python -m venv venv
source venv/bin/activate
pip install 'molecule[podman,lint]'
molecule init role -d podman poc && cd poc
cat > molecule/default/molecule.yml <<EOF
---
dependency:
  name: galaxy
driver:
  name: podman
platforms:
  - name: instance
    image: docker.io/pycontribs/centos:8
    pre_build_image: true
    rootless: false
provisioner:
  name: ansible
  inventory:
    host_vars:
      localhost:
        ansible_become_password: *****
verifier:
  name: ansible
EOF
molecule create

What is happening

TASK [Create molecule instance(s)] *********************************************
changed: [localhost] => (item={'image': 'docker.io/pycontribs/centos:8', 'name': 'instance', 'pre_build_image': True, 'rootless': False})

TASK [Wait for instance(s) creation to complete] *******************************
failed: [localhost] (item={'started': 1, 'finished': 0, 'ansible_job_id': '36758904498.204881', 'results_file': '/root/.ansible_async/36758904498.204881', 'changed': True, 'failed': False, 'item': {'image': 'docker.io/pycontribs/centos:8', 'name': 'instance', 'pre_build_image': True, 'rootless': False}, 'ansible_loop_var': 'item'}) => {"ansible_job_id": "36758904498.204881", "ansible_loop_var": "item", "attempts": 1, "changed": false, "finished": 1, "item": {"ansible_job_id": "36758904498.204881", "ansible_loop_var": "item", "changed": true, "failed": false, "finished": 0, "item": {"image": "docker.io/pycontribs/centos:8", "name": "instance", "pre_build_image": true, "rootless": false}, "results_file": "/root/.ansible_async/36758904498.204881", "started": 1}, "msg": "could not find job", "started": 1}

PLAY RECAP *********************************************************************
localhost                  : ok=4    changed=1    unreachable=0    failed=1    skipped=3    rescued=0    ignored=0

What is expected

TASK [Create molecule instance(s)] *********************************************
changed: [localhost] => (item={'image': 'docker.io/pycontribs/centos:8', 'name': 'instance', 'pre_build_image': True})

TASK [Wait for instance(s) creation to complete] *******************************
FAILED - RETRYING: Wait for instance(s) creation to complete (300 retries left).
FAILED - RETRYING: Wait for instance(s) creation to complete (299 retries left).
FAILED - RETRYING: Wait for instance(s) creation to complete (298 retries left).
changed: [localhost] => (item={'started': 1, 'finished': 0, 'ansible_job_id': '764271195514.201287', 'results_file': '/home/tristan/.ansible_async/764271195514.201287', 'changed': True, 'failed': False, 'item': {'image': 'docker.io/pycontribs/centos:8', 'name': 'instance', 'pre_build_image': True}, 'ansible_loop_var': 'item'})

PLAY RECAP *********************************************************************
localhost                  : ok=5    changed=2    unreachable=0    failed=0    skipped=3    rescued=0    ignored=0
@0b11stan
Copy link
Contributor Author

Looks like a permission problem :

failed: [localhost] (item={'started': 1, 'finished': 0, 'ansible_job_id': '582201872890.312746', 'results_file': '/root/.ansible_async/582201872890.312746', 'changed': True, 'failed': False, 'item': {'image': 'docker.io/pycontribs/centos:8', 'name': 'instance', 'pre_build_image': True, 'rootless': False}, 'ansible_loop_var': 'item'}) => {
    "ansible_job_id": "582201872890.312746",
    "ansible_loop_var": "item",
    "attempts": 1,
    "changed": false,
    "finished": 1,
    "invocation": {
        "module_args": {
            "_async_dir": "/home/tristan/.ansible_async",
            "jid": "582201872890.312746",
            "mode": "status"
        }
    },
    "item": {
        "ansible_job_id": "582201872890.312746",
        "ansible_loop_var": "item",
        "changed": true,
        "failed": false,
        "finished": 0,
        "item": {
            "image": "docker.io/pycontribs/centos:8",
            "name": "instance",
            "pre_build_image": true,
            "rootless": false
        },
        "results_file": "/root/.ansible_async/582201872890.312746",
        "started": 1
    },
    "msg": "could not find job",
    "started": 1
}

I think async_status is looking for the job at /home/tristan/.ansible_async/582201872890.312746 when it's at /root/.ansible_async/582201872890.312746.

@0b11stan
Copy link
Contributor Author

Alright, that's indeed a problem of home folder.
It works for me with this patch.

From 6e413e0f34c11071c96f77607921a0672e9e0d10 Mon Sep 17 00:00:00 2001
From: Tristan Pinaudeau <[email protected]>
Date: Sun, 29 Aug 2021 01:38:56 +0200
Subject: [PATCH] fix: allow waiting for rootless container creation

---
 src/molecule_podman/playbooks/create.yml  | 1 +
 src/molecule_podman/playbooks/destroy.yml | 5 +++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/molecule_podman/playbooks/create.yml b/src/molecule_podman/playbooks/create.yml
index cc79f30..fdb58a6 100644
--- a/src/molecule_podman/playbooks/create.yml
+++ b/src/molecule_podman/playbooks/create.yml
@@ -178,6 +178,7 @@
       changed_when: true

     - name: Wait for instance(s) creation to complete
+      become: "{{ not (item.item.rootless|default(true)) }}"
       async_status:
         jid: "{{ item.ansible_job_id }}"
       register: podman_jobs
diff --git a/src/molecule_podman/playbooks/destroy.yml b/src/molecule_podman/playbooks/destroy.yml
index fd30fac..2eee5a8 100644
--- a/src/molecule_podman/playbooks/destroy.yml
+++ b/src/molecule_podman/playbooks/destroy.yml
@@ -17,9 +17,10 @@
       changed_when: true

     - name: Wait for instance(s) deletion to complete
+      become: "{{ not (item.item.rootless|default(true)) }}"
       async_status:
         jid: "{{ item.ansible_job_id }}"
-      register: docker_jobs
-      until: docker_jobs.finished
+      register: podman_jobs
+      until: podman_jobs.finished
       retries: 300
       with_items: "{{ server.results }}"
--
2.33.0

@0b11stan 0b11stan mentioned this issue Aug 29, 2021
Closed
@0b11stan 0b11stan changed the title Wait for instance fail on rootless container creation Wait for instance fail on rootfull container creation Sep 14, 2021
This was referenced Sep 14, 2021
Merged
Closed
@0b11stan 0b11stan closed this as completed Nov 2, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@0b11stan