[ansible-project] Re: Ansible copy module hangs on CentOS 7

2015-07-24 Thread Martin Ilchev 
After a lot of digging I was able to find the source of the problem. There 
was an sshd_config.j2 template that was taken from Debian based system. In 
it the default settings for Subsystem is different than CentOS
# Debian
Subsystem sftp /usr/lib/openssh/sftp-server
#Centos
Subsystem sftp /usr/libexec/openssh/sftp-server

so lib vs libexec after restoring the config file back to normal the 
playbook completes without errors.

Hopefully this will save someone else a couple of days.
M

On Thursday, 16 July 2015 13:07:02 UTC+1, Martin Ilchev wrote:
>
> Hi Guys,
>
> I have a playbook to copy DNS zone files from local directory to a remote 
> one and restart the named service. The playbook is as follows:
> ---
> # This playbook upgrades zone data files from the control machine to all 
> DNS servers 1 machine at a time
>
> - name: Upgrade zone data files. Reload named-chroot if required
>   hosts: dnsservers
>   gather_facts: no
>   sudo: yes
>   serial: 1
>   tasks:
>
> - name: copy dns zone files from control machine to DNS servers
>   copy: src=zones/ dest=/var/named owner=root group=named mode=0440
>   register: namedzones
>
> - name: restart dns service if required
>   service: name=named-chroot state=restarted
>   when: namedzones.changed
>
> I test run the playbook as follows:
>
> ansible-playbook -vv dns-copy-zones.yml --ask-become-pass --check
>
> The output is:
> SUDO password: 
>
> PLAY [Upgrade zone data files. Reload named-chroot if required] *** 
>
> TASK: [copy dns zone files from control machine to DNS servers] ***
> fatal: [192.168.16.195] => ssh connection error while waiting for sudo 
> password prompt
>
> FATAL: all hosts have already failed -- aborting   
> 
> 
>
> PLAY RECAP 
>  
>to retry, use: --limit @/home/martin/dns-copy-zones.retry
>
> 192.168.16.195 : ok=0changed=0unreachable=1failed=0
>
> When I increase the verbosity I can see 5-6 files are copied then copy 
> hangs locally on transferring the next file and eventually times out.
>
> On the remote machine if I tail /var/log/secure I can see all the files up 
> to the last one going through.
>
> The machine I run the playbook from and the destination machine are both 
> CentOS 7. The version is ansible 1.9.2.
>
> Below is the more verbose output I have highlighted what I think are the 
> important messages. I am only including the last file to go through 
> successfully and the next one to hang (let me know if you require the full 
> output):
> ON CONTROL MACHINE:
> <192.168.16.195> EXEC ssh -C -tt -v -o ControlMaster=auto -o 
> ControlPersist=60s -o 
> ControlPath="/home/martin/.ansible/cp/ansible-ssh-%h-%p-%r" -o 
> KbdInteractiveAuthentication=no -o 
> PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey 
> -o PasswordAuthentication=no -o ConnectTimeout=10 192.168.16.195 /bin/sh -c 
> 'sudo -k && sudo -H -S -p "[sudo via ansible, 
> key=zasgrvyvetzjqebxkfgjmaeohbealypu] password: " -u root /bin/sh -c 
> '"'"'echo BECOME-SUCCESS-zasgrvyvetzjqebxkfgjmaeohbealypu; rc=flag; [ -r 
> /var/named/named.empty ] || rc=2; [ -f /var/named/named.empty ] || rc=1; [ 
> -d /var/named/named.empty ] && rc=3; python -V 2>/dev/null || rc=4; [ 
> x"$rc" != "xflag" ] && echo "${rc} "/var/named/named.empty && exit 0; 
> (python -c '"'"'"'"'"'"'"'"'import hashlib; BLOCKSIZE = 65536; hasher = 
> hashlib.sha1(); afile = 
> open("'"'"'"'"'"'"'"'"'/var/named/named.empty'"'"'"'"'"'"'"'"'", "rb") buf 
> = afile.read(BLOCKSIZE) while len(buf) > 0: hasher.update(buf) buf = 
> afile.read(BLOCKSIZE) afile.close() 
> print(hasher.hexdigest())'"'"'"'"'"'"'"'"' 2>/dev/null) || (python -c 
> '"'"'"'"'"'"'"'"'import sha; BLOCKSIZE = 65536; hasher = sha.sha(); afile = 
> open("'"'"'"'"'"'"'"'"'/var/named/named.empty'"'"'"'"'"'"'

[ansible-project] Ansible copy module hangs on CentOS 7

2015-07-16 Thread Martin Ilchev 
Hi Guys,

I have a playbook to copy DNS zone files from local directory to a remote 
one and restart the named service. The playbook is as follows:
---
# This playbook upgrades zone data files from the control machine to all 
DNS servers 1 machine at a time

- name: Upgrade zone data files. Reload named-chroot if required
  hosts: dnsservers
  gather_facts: no
  sudo: yes
  serial: 1
  tasks:

- name: copy dns zone files from control machine to DNS servers
  copy: src=zones/ dest=/var/named owner=root group=named mode=0440
  register: namedzones

- name: restart dns service if required
  service: name=named-chroot state=restarted
  when: namedzones.changed

I test run the playbook as follows:

ansible-playbook -vv dns-copy-zones.yml --ask-become-pass --check

The output is:
SUDO password: 

PLAY [Upgrade zone data files. Reload named-chroot if required] *** 

TASK: [copy dns zone files from control machine to DNS servers] ***
fatal: [192.168.16.195] => ssh connection error while waiting for sudo 
password prompt

FATAL: all hosts have already failed -- aborting   



PLAY RECAP 
 
   to retry, use: --limit @/home/martin/dns-copy-zones.retry

192.168.16.195 : ok=0changed=0unreachable=1failed=0

When I increase the verbosity I can see 5-6 files are copied then copy 
hangs locally on transferring the next file and eventually times out.

On the remote machine if I tail /var/log/secure I can see all the files up 
to the last one going through.

The machine I run the playbook from and the destination machine are both 
CentOS 7. The version is ansible 1.9.2.

Below is the more verbose output I have highlighted what I think are the 
important messages. I am only including the last file to go through 
successfully and the next one to hang (let me know if you require the full 
output):
ON CONTROL MACHINE:
<192.168.16.195> EXEC ssh -C -tt -v -o ControlMaster=auto -o 
ControlPersist=60s -o 
ControlPath="/home/martin/.ansible/cp/ansible-ssh-%h-%p-%r" -o 
KbdInteractiveAuthentication=no -o 
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey 
-o PasswordAuthentication=no -o ConnectTimeout=10 192.168.16.195 /bin/sh -c 
'sudo -k && sudo -H -S -p "[sudo via ansible, 
key=zasgrvyvetzjqebxkfgjmaeohbealypu] password: " -u root /bin/sh -c 
'"'"'echo BECOME-SUCCESS-zasgrvyvetzjqebxkfgjmaeohbealypu; rc=flag; [ -r 
/var/named/named.empty ] || rc=2; [ -f /var/named/named.empty ] || rc=1; [ 
-d /var/named/named.empty ] && rc=3; python -V 2>/dev/null || rc=4; [ 
x"$rc" != "xflag" ] && echo "${rc} "/var/named/named.empty && exit 0; 
(python -c '"'"'"'"'"'"'"'"'import hashlib; BLOCKSIZE = 65536; hasher = 
hashlib.sha1(); afile = 
open("'"'"'"'"'"'"'"'"'/var/named/named.empty'"'"'"'"'"'"'"'"'", "rb") buf 
= afile.read(BLOCKSIZE) while len(buf) > 0: hasher.update(buf) buf = 
afile.read(BLOCKSIZE) afile.close() 
print(hasher.hexdigest())'"'"'"'"'"'"'"'"' 2>/dev/null) || (python -c 
'"'"'"'"'"'"'"'"'import sha; BLOCKSIZE = 65536; hasher = sha.sha(); afile = 
open("'"'"'"'"'"'"'"'"'/var/named/named.empty'"'"'"'"'"'"'"'"'", "rb") buf 
= afile.read(BLOCKSIZE) while len(buf) > 0: hasher.update(buf) buf = 
afile.read(BLOCKSIZE) afile.close() 
print(hasher.hexdigest())'"'"'"'"'"'"'"'"' 2>/dev/null) || (echo 
'"'"'"'"'"'"'"'"'0 '"'"'"'"'"'"'"'"'/var/named/named.empty)'"'"''
<192.168.16.195> EXEC ssh -C -tt -v -o ControlMaster=auto -o 
ControlPersist=60s -o 
ControlPath="/home/martin/.ansible/cp/ansible-ssh-%h-%p-%r" -o 
KbdInteractiveAuthentication=no -o 
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey 
-o PasswordAuthentication=no -o ConnectTimeout=10 192.168.16.195 /bin/sh -c 
'sudo -k && sudo -H -S -p "[sudo via ansible, 
key=bnbotucjqsepetntcsddztjuluwdvzam] password: " -u root /bin/sh -c 
'"'"'echo BECOME-SUCCESS-bnbotucjqsepetntcsddztjuluwdvzam; rc=flag; [ -r 
/var/named/named.localhost ] || rc=2; [ -f /var/named/named.localhost ] || 
rc=1; [ -d /var/named/named.localhost ] && rc=3; python -V 2>/dev/null || 
rc=4; [ x"$rc" != "xflag" ] && echo "${rc} "/var/named/named.localhost && 
exit 0; (python -c '"'"'"'"'"'"'"'"'import hashlib; BLOCKSIZE = 65536; 
hasher = hashlib.sha1(); afile = 
open("'"'"'"'"'"'"'"'"'/var/named/named.localhost'"'"'"'"'"'"'"'"'", "rb") 
buf = afile.read(BLOCKSIZE) while len(buf) > 0: hasher.update(buf) buf = 
afile.read(BLOCKSIZE) afile.close() 
print(hasher.hexdigest())'"'"'"'"'"'"'"'"' 2>/dev/null) || (python -c 
'"'"'"'"'"'"'"'"'import sha; BLOCKSIZE = 65536; hasher = sha.sha(); afile = 
open("'"'"'"'"'"'"'"'"'/var/named/named.localhost'"'"'"'"'"'"'"'"'", "rb") 
buf = afile.read(BLOCKSIZE) while len(buf) > 0: hasher.update(buf) buf = 
afile.read(BLOCKSIZE) afile.close() 
print(hasher.hexdigest())'"'"'"'"'"'