task failed Set no_proxy to all assigned cluster IPs and hostnames

[1337andre]

What happened?

with 2.24 we run into this error, while collecting facts

we use some proxy configs

TASK [kubespray-defaults : Set no_proxy to all assigned cluster IPs and hostnames] ***
fatal: [vxtigk8s01.hcp-infra.hidden.de -> localhost]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'ansible.vars.hostvars.HostVarsVars object' has no attribute 'ansible_hostname'. 'ansible.vars.hostvars.HostVarsVars object' has no attribute 'ansible_hostname'\n\nThe error appears to be in '/kubespray/roles/kubespray-defaults/tasks/no_proxy.yml': line 2, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n---\n- name: Set no_proxy to all assigned cluster IPs and hostnames\n  ^ here\n"}

To make it run again, we have to set gather_facts: true in task "Bootstrap hosts for Ansible"
https://github.com/kubernetes-sigs/kubespray/blob/master/playbooks/facts.yml#L6

What did you expect to happen?

Task kubespray-defaults : Set no_proxy to all assigned cluster IPs and hostnames] should run

How can we reproduce it (as minimally and precisely as possible)?

un all.yml defined some proxy vars

http_proxy: "http://proxy.hidden.de:9080"
https_proxy: "http://proxy.hidden.de:9080"

## Refer to roles/kubespray-defaults/defaults/main.yml before modifying no_proxy
# no_proxy: ""

## If you need exclude all cluster nodes from proxy and other resources, add other resources here.
additional_no_proxy: "hidden.de,10.0.0.0/8,172.16.0.0/12,.svc,.svc.cluster.local"

OS

Linux 5.4.0-169-generic x86_64
ubuntu 20.04

Version of Ansible

ansible=9.1.0
ansible-core=2.16.2

Version of Python

3.11.7

Version of Kubespray (commit)

v2.24.0

Network plugin used

calico

Full inventory with variables

No response

Command used to invoke ansible

No response

Output of ansible run

No response

Anything else we need to know

No response

[VannTen]

additional_no_proxy: "hidden.de,10.0.0.0/8,172.16.0.0/12,.svc,.svc.cluster.local"

I think the various no_proxy stuff don't support cidr notation, unfortunately...

[vthieu1210]

http_proxy: "http://proxy.net:80/"
https_proxy: "http://proxy.net:80/"
# https_proxy_cert_file: ""

## Refer to roles/kubespray-defaults/defaults/main/main.yml before modifying no_proxy
# no_proxy: ""

## If you need exclude all cluster nodes from proxy and other resources, add other resources here.
additional_no_proxy: "registry.private.net"

I'm facing the same bug even with single domain in no_proxy.
The config above still works fine with v2.23.x .

[polarAli]

I have the same issue with v2.24.0. I have used this configuration in many prior versions and there is no issue

http_proxy: "http://sample.proxy:23453"
https_proxy: "http://sample.proxy:23453"
# https_proxy_cert_file: ""

## Refer to roles/kubespray-defaults/defaults/main/main.yml before modifying no_proxy
# no_proxy: ""

## If you need exclude all cluster nodes from proxy and other resources, add other resources here.
additional_no_proxy: "neor.cloud,.neor.cloud,.neor.space,.ir"

[VishnuParthasarathy]

When trying to scale a cluster on 1.24.6, I receive the below error on ONLY couple of nodes, whereas all other hosts where added w/o any issues.

TASK [kubespray-defaults : Set no_proxy to all assigned cluster IPs and hostnames] ***
fatal: [xyzworker# -> localhost]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'ansible.vars.hostvars.HostVarsVars object' has no attribute 'ansible_hostname'\n\nThe error appears to be in '......./manage_k8s_cluster/kubespray/roles/kubespray-defaults/tasks/no_proxy.yml': line 2, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n---\n- name: Set no_proxy to all assigned cluster IPs and hostnames\n ^ here\n"}

Any pointers on what could be the issue?

[MCVL1911]

Same issue with v2.24.0
If I set no_proxy with value from additional_no_proxy it works fine, but it was not required on any previous version

http_proxy: "http://sample.proxy:23453"
https_proxy: "http://sample.proxy:23453"
# https_proxy_cert_file: ""

## Refer to roles/kubespray-defaults/defaults/main/main.yml before modifying no_proxy
no_proxy: "neor.cloud,.neor.cloud,.neor.space,.ir"

## If you need exclude all cluster nodes from proxy and other resources, add other resources here.
additional_no_proxy: "neor.cloud,.neor.cloud,.neor.space,.ir"

[miro-grapeup]

It looks like the logic in the https://github.com/kubernetes-sigs/kubespray/blob/master/roles/kubespray-defaults/tasks/main.yaml has changed.

    - "'bootstrap-os' not in ansible_play_role_names or
      'kubernetes-sigs.kubespray.bootstrap-os' not in ansible_play_role_names"
    - http_proxy is defined or https_proxy is defined
    - no_proxy is not defined

This additional or 'kubernetes-sigs.kubespray.bootstrap-os' not in ansible_play_role_names makes it to be always executed. Previously there was only check on bootstrap-os. For me it looks like there should be and instead of or - otherwise it will be skipped only when bootstrap-os and kubernetes-sigs.kubespray.bootstrap-os are present in ansible_play_role_names and I am afraid it was not a purpose.

[VannTen]

Could you check if the linked PR fix the issue ?