My main.yml is executing a task called dumb-init and we are getting "msg": "Failed to validate the SSL certificate for github.com:443. Make sure your managed systems have a valid CA certificate installed " error STEPS TO REPRODUCE
Command used : sudo ansible-container --debug build Main.yml - name: Install dumb init get_url: url: https://github.com/Yelp/dumb-init/releases/download/v1.2.0/dumb-init_1.2.0_amd64 dest: /usr/bin/dumb-init owner: root group: root mode: 0775 environment: http_proxy: "http://xxx-proxy-out.xxx.com:8080" https_proxy: "http://xxx-proxy-out.xxxx.com:8080" HTTP_PROXY: "http://xxx-proxy-out.xxxx.com:8080" HTTPS_PROXY: "http://xx-proxy-out.xxx.com:8080" COmmand Used : sudo ansible-container --debug build Log: META: ran handlers TASK [node_container : Install dumb init] ************************************** task path: /src/roles/node_container/tasks/main.yml:2 Using module file /usr/lib/python2.7/site-packages/ansible/modules/net_tools/basics/get_url.py <6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98> ESTABLISH DOCKER CONNECTION FOR USER: root <6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98> EXEC ['/usr/local/bin/docker', 'exec', '-i', u'6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98', u'/bin/sh', '-c', u"/bin/sh -c 'echo ~ && sleep 0'"] <6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98> EXEC ['/usr/local/bin/docker', 'exec', '-i', u'6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98', u'/bin/sh', '-c', u'/bin/sh -c '( umask 77 && mkdir -p "echo /root/.ansible/tmp/ansible-tmp-1510211281.96-149794489024135" && echo ansible-tmp-1510211281.96-149794489024135="echo /root/.ansible/tmp/ansible-tmp-1510211281.96-149794489024135" ) && sleep 0''] <6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98> PUT /tmp/tmpUO7dPT TO /root/.ansible/tmp/ansible-tmp-1510211281.96-149794489024135/get_url.py <6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98> EXEC ['/usr/local/bin/docker', 'exec', '-i', u'6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98', u'/bin/sh', '-c', u"/bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1510211281.96-149794489024135/ /root/.ansible/tmp/ansible-tmp-1510211281.96-149794489024135/get_url.py && sleep 0'"] <6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98> EXEC ['/usr/local/bin/docker', 'exec', '-i', u'6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98', u'/bin/sh', '-c', u'/bin/sh -c 'https_proxy= http://prod-proxy-out.xxx.com:8080 http_proxy= http://prod-proxy-out.xxx.com:8080 HTTPS_PROXY= http://prod-proxy-out.xxxx.com:8080 HTTP_PROXY= http://prod-proxy-out.xxx.com:8080 /_usr/bin/python /root/.ansible/tmp/ansible-tmp-1510211281.96-149794489024135/get_url.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1510211281.96-149794489024135/" > /dev/null 2>&1 && sleep 0''] The full traceback is: File "/tmp/ansible_eDZL6J/ansible_modlib.zip/ansible/module_utils/urls.py", line 1046, in fetch_url client_key=client_key, cookies=cookies) File "/tmp/ansible_eDZL6J/ansible_modlib.zip/ansible/module_utils/urls.py", line 953, in open_url r = urllib_request.urlopen(*urlopen_args) File "/_usr/lib/python2.7/urllib2.py", line 154, in urlopen return opener.open(url, data, timeout) File "/_usr/lib/python2.7/urllib2.py", line 427, in open req = meth(req) File "/tmp/ansible_eDZL6J/ansible_modlib.zip/ansible/module_utils/urls.py", line 765, in http_request build_ssl_validation_error(self.hostname, self.port, paths_checked, e) File "/tmp/ansible_eDZL6J/ansible_modlib.zip/ansible/module_utils/urls.py", line 591, in build_ssl_validation_error raise SSLValidationError(' '.join(msg) % (hostname, port, ", ".join(paths))) fatal: [ansible.node-container]: FAILED! => { "changed": false, "failed": true, "invocation": { "module_args": { "attributes": null, "backup": null, "checksum": "", "client_cert": null, "client_key": null, "content": null, "delimiter": null, "dest": "/usr/bin/dumb-init", "directory_mode": null, "follow": false, "force": false, "force_basic_auth": false, "group": "root", "headers": null, "http_agent": "ansible-httpget", "mode": 509, "owner": "root", "regexp": null, "remote_src": null, "selevel": null, "serole": null, "setype": null, "seuser": null, "sha256sum": "", "src": null, "timeout": 10, "tmp_dest": null, "unsafe_writes": null, "url": " https://github.com/Yelp/dumb-init/releases/download/v1.2.0/dumb-init_1.2.0_amd64 ", "url_password": null, "url_username": null, "use_proxy": true, "validate_certs": true } }, "msg": "Failed to validate the SSL certificate for github.com:443. Make sure your managed systems have a valid CA certificate installed. You can use validate_certs=False if you do not need to confirm the servers identity but this is unsafe and not recommended. Paths checked for this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem, /etc/pki/tls/certs, /usr/share/ca-certificates/cacert.org, /etc/ansible. The exception msg was: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)." } to retry, use: --limit @/tmp/tmpAZLAaM/playbook.retry PLAY RECAP ********************************************************************* ansible.node-container : ok=1 changed=0 unreachable=0 failed=1 2017-11-09T07:08:02.678075 Error applying role! [container.core] caller_file=/_ansible/container/core.py caller_func=apply_role_to_container caller_line=680 engine=<container.docker.engine.Engine object at 0x7f5b840bf710> exit_code=2 playbook=[{'hosts': u'ansible.node-container', 'roles': ['node_container'], 'vars': {}}] 2017-11-09T07:08:02.684010 Playbook run finished. [container.core] caller_file=/_ansible/container/core.py caller_func=conductorcmd_build caller_line=811 exit_code=2 Traceback (most recent call last): File "/usr/bin/conductor", line 11, in load_entry_point('ansible-container', 'console_scripts', 'conductor')() File "/_ansible/container/init.py", line 19, in wrapped return fn(*args, **kwargs) File "/_ansible/container/cli.py", line 399, in conductor_commandline **params) File "/_ansible/container/init.py", line 19, in wrapped return fn(*args, **kwargs) File "/_ansible/container/core.py", line 813, in conductorcmd_build raise RuntimeError('Build failed.') RuntimeError: Build failed. Exception in thread Thread-2: Traceback (most recent call last): File "/usr/lib64/python2.7/threading.py", line 812, in __bootstrap_inner self.run() File "/usr/lib64/python2.7/threading.py", line 765, in run self.__target(*self.__args, **self.__kwargs) File "/usr/lib/python2.7/site-packages/container/utils/logmux.py", line 40, in produce for message in iterator: File "/usr/lib/python2.7/site-packages/docker/api/client.py", line 339, in _multiplexed_response_stream_helper header = response.raw.read(STREAM_HEADER_SIZE_BYTES) File "/usr/lib/python2.7/site-packages/urllib3/response.py", line 231, in read raise ProtocolError('Connection broken: %r' % e, e) ProtocolError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read)) 2017-11-09T07:08:02.876617 Could not connect to container host. Check your docker config [container.cli] caller_file=/usr/lib/python2.7/site-packages/container/cli.py caller_func= call caller_line=328 ANsible _ Version : Ansible Container, version 0.9.2 -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/cda7a6d1-b432-4394-ae12-5bd011d9bfb2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.