1

I have a roles/ec2/tasks/main.yml that is trying to create a folder:

---    
- name: Mkdir /opt/applications
  file: path=/opt/applications state=directory

it is called in the roles of start.yml:

- hosts: tag_composant_XXX:&tag_Name_XXX-sandbox
  remote_user: ec2-user
  vars:
    ec2_ami_name: XXX-base-{{ ansible_date_time.year }}-{{ ansible_date_time.month }}-{{ ansible_date_time.day }}
    ec2_ami_description: Ami to launch XXX
    instance_tag_environnement: XXX
  roles:
    - {role: ec2, sudo: true}

it is saying that 

failed: [x.x.x.x] => {"failed": true, "parsed": false}
Traceback (most recent call last):
  File "/home/ec2usr/.ansible/tmp/ansible-tmp-1438095761.0-196976221154211/file", line 1994, in <module>
    main()
  File "/home/ec2usr/.ansible/tmp/ansible-tmp-1438095761.0-196976221154211/file", line 279, in main
    os.mkdir(curpath)
OSError: [Errno 13] Permission denied: '/opt/applications'
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /home/xxx/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: auto-mux: Trying existing master
debug2: fd 3 setting O_NONBLOCK
debug2: mux_client_hello_exchange: master version 4
debug3: mux_client_forwards: request forwardings: 0 local, 0 remote
debug3: mux_client_request_session: entering
debug3: mux_client_request_alive: entering
debug3: mux_client_request_alive: done pid = 4869
debug3: mux_client_request_session: session request sent
debug1: mux_client_request_session: master session id: 2
debug3: mux_client_read_packet: read header failed: Broken pipe
debug2: Received exit status from master 0
Shared connection to x.x.x.x closed.

The execution is done via:

ansible-playbook --private-key=~/.ssh/key -vvvv -i ../ec2.py start.yml

(I have not touched the py script)

It worked before changing the ansible version (see this). What I have done more than just uninstalling + installing ansible, is that I have removed some folders in ~/.ansible/tmp/ (something like ansible-tmp-1438095761.0-196976221154211/, but I do not remember the names exactly). Is it a problem because of it?

I have managed to connect to the EC2 instance manually and create the folder, but with Ansible it seems not to work. Why? What is the problem?

Community
  • 1
  • 1
sop
  • 3,445
  • 8
  • 41
  • 84
  • 1
    `sudo` on role level was recently broken. It should be fixed though in 1.9.1. I can't tell, there were other issues and I switched to the devel branch - where it works. https://github.com/ansible/ansible/pull/10566 – udondan Jul 28 '15 at 16:40
  • I have 1.9.1 now, and there is the problem... – sop Jul 29 '15 at 07:27
  • I have found the problem: `sudo` is replaces by `become`: see comments of http://stackoverflow.com/a/22749788/3062311 – sop Jul 29 '15 at 08:38
  • I know it was changed, but according to docs `sudo` should still work. http://docs.ansible.com/ansible/become.html#sudo-and-su-still-work – udondan Jul 29 '15 at 08:40
  • Strange... I have changed `- {role: ec2, sudo: true}` to `- {role: ec2, become: yes}` and now it works as before doing the update... – sop Jul 29 '15 at 08:54

2 Answers2

4

Not sure if this was possible before. But one can define this directly at the task level now e.g.

- name: Mkdir /opt/applications
  file: 
    path=/opt/applications 
    state=directory
  become: yes

also https://docs.ansible.com/ansible/2.7/user_guide/become.html might help with further questions

SLuck
  • 521
  • 3
  • 14
1

Based on all the comments I am making an answer to this question:

Accordingly to the discussions on the forum of Ansible's repo there was a role level break. So it will be better to switch to 1.9.1 version. What is more, there was another change in the roles: sudo has changed to become (as mentioned in another question's answer). And that seems to fix my problem even if the docs says that sudo still works.

I have replaced:

- {role: ec2, sudo: true}

by

- {role: ec2, become: yes}
Community
  • 1
  • 1
sop
  • 3,445
  • 8
  • 41
  • 84