cerc-io/testnet-ops
18
0
Fork 1
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

failure: Deploy Kubernetes step of setup-k8.yml #13

New Issue
Closed
opened 2024-10-18 04:48:40 +00:00 by VPhung24 · 2 comments
VPhung24 commented 2024-10-18 04:48:40 +00:00
Owner
Copy Link

Attempting to setup a service provider on a Ubuntu 22.04 LTS DO droplet. Getting error:

fatal: [deployer.nyc.sp.igloo.tools]: FAILED! => {"changed": true, "cmd": ["ansible-playbook", "-i", "hosts", "site.yml", "--tags=k8s", "--limit=snowballtoolsorg_nyc", "--user", "serviceprovider"], "delta": "0:00:09.068927", "end": "2024-10-18 04:08:34.248619", "msg": "non-zero return code", "rc": 2, "start": "2024-10-18 04:08:25.179692", "stderr": "[WARNING]: Platform linux on host snowballtoolsorg-nyc-cluster-control is using\nthe discovered Python interpreter at /usr/bin/python3.10, but future\ninstallation of another Python interpreter could change the meaning of that\npath. See https://docs.ansible.com/ansible-\ncore/2.17/reference_appendices/interpreter_discovery.html for more information.", "stderr_lines": ["[WARNING]: Platform linux on host snowballtoolsorg-nyc-cluster-control is using", "the discovered Python interpreter at /usr/bin/python3.10, but future", "installation of another Python interpreter could change the meaning of that", "path. See https://docs.ansible.com/ansible-", "core/2.17/reference_appendices/interpreter_discovery.html for more information."], "stdout": "\nPLAY [Setup hosts] *************************************************************\n\nTASK [Gathering Facts] *********************************************************\nok: [snowballtoolsorg-nyc-cluster-control]\n\nPLAY [Setup stack orchestrator] ************************************************\nskipping: no hosts matched\n\nPLAY [Setup k8s clusters] ******************************************************\n\nTASK [Gathering Facts] *********************************************************\nok: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : gather local facts] ************************************************\nok: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : set true node type] ************************************************\nok: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : load type specific values] *****************************************\nok: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : load system specific values] ***************************************\nskipping: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : add generic server taint] ******************************************\nskipping: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : add generic agent label] *******************************************\nskipping: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : increase open file limit] ******************************************\nok: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : download install script] *******************************************\nok: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : check config paths] ************************************************\nok: [snowballtoolsorg-nyc-cluster-control] => (item=/etc/rancher/k3s)\nok: [snowballtoolsorg-nyc-cluster-control] => (item=/var/lib/rancher/k3s/server/manifests/)\n\nTASK [k8s : template cluster config] *******************************************\nchanged: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : type specific configuration] ***************************************\nincluded: /home/serviceprovider/service-provider-template/roles/k8s/tasks/k3s/config.yml for snowballtoolsorg-nyc-cluster-control\n\nTASK [k8s : begining cluster creation] *****************************************\nincluded: /home/serviceprovider/service-provider-template/roles/k8s/tasks/k3s/main.yml for snowballtoolsorg-nyc-cluster-control\n\nTASK [k8s : k3s boostrap initial server node] **********************************\nchanged: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : k3s add additional server nodes] ***********************************\nskipping: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : k3s add agent nodes] ***********************************************\nskipping: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : include kubeconf block] ********************************************\nincluded: /home/serviceprovider/service-provider-template/roles/k8s/tasks/shared/kubeconf.yml for snowballtoolsorg-nyc-cluster-control\n\nTASK [k8s : fetch kubeconfig] **************************************************\nchanged: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : update local kubeconfig] *******************************************\nchanged: [snowballtoolsorg-nyc-cluster-control -> localhost]\n\nTASK [k8s : include secret block] **********************************************\nincluded: /home/serviceprovider/service-provider-template/roles/k8s/tasks/shared/secrets.yml for snowballtoolsorg-nyc-cluster-control\n\nTASK [k8s : apply template based secrets] **************************************\nskipping: [snowballtoolsorg-nyc-cluster-control] => (item=None) \nskipping: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : apply locally stored secrets] **************************************\nfailed: [snowballtoolsorg-nyc-cluster-control -> localhost] (item=None) => {\"censored\": \"the output has been hidden due to the fact that 'no_log: true' was specified for this result\", \"changed\": true}\nfatal: [snowballtoolsorg-nyc-cluster-control -> localhost]: FAILED! => {\"censored\": \"the output has been hidden due to the fact that 'no_log: true' was specified for this result\", \"changed\": true}\n\nPLAY RECAP *********************************************************************\nsnowballtoolsorg-nyc-cluster-control : ok=16   changed=4    unreachable=0    failed=1    skipped=6    rescued=0    ignored=0   ", "stdout_lines": ["", "PLAY [Setup hosts] *************************************************************", "", "TASK [Gathering Facts] *********************************************************", "ok: [snowballtoolsorg-nyc-cluster-control]", "", "PLAY [Setup stack orchestrator] ************************************************", "skipping: no hosts matched", "", "PLAY [Setup k8s clusters] ******************************************************", "", "TASK [Gathering Facts] *********************************************************", "ok: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : gather local facts] ************************************************", "ok: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : set true node type] ************************************************", "ok: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : load type specific values] *****************************************", "ok: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : load system specific values] ***************************************", "skipping: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : add generic server taint] ******************************************", "skipping: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : add generic agent label] *******************************************", "skipping: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : increase open file limit] ******************************************", "ok: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : download install script] *******************************************", "ok: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : check config paths] ************************************************", "ok: [snowballtoolsorg-nyc-cluster-control] => (item=/etc/rancher/k3s)", "ok: [snowballtoolsorg-nyc-cluster-control] => (item=/var/lib/rancher/k3s/server/manifests/)", "", "TASK [k8s : template cluster config] *******************************************", "changed: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : type specific configuration] ***************************************", "included: /home/serviceprovider/service-provider-template/roles/k8s/tasks/k3s/config.yml for snowballtoolsorg-nyc-cluster-control", "", "TASK [k8s : begining cluster creation] *****************************************", "included: /home/serviceprovider/service-provider-template/roles/k8s/tasks/k3s/main.yml for snowballtoolsorg-nyc-cluster-control", "", "TASK [k8s : k3s boostrap initial server node] **********************************", "changed: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : k3s add additional server nodes] ***********************************", "skipping: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : k3s add agent nodes] ***********************************************", "skipping: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : include kubeconf block] ********************************************", "included: /home/serviceprovider/service-provider-template/roles/k8s/tasks/shared/kubeconf.yml for snowballtoolsorg-nyc-cluster-control", "", "TASK [k8s : fetch kubeconfig] **************************************************", "changed: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : update local kubeconfig] *******************************************", "changed: [snowballtoolsorg-nyc-cluster-control -> localhost]", "", "TASK [k8s : include secret block] **********************************************", "included: /home/serviceprovider/service-provider-template/roles/k8s/tasks/shared/secrets.yml for snowballtoolsorg-nyc-cluster-control", "", "TASK [k8s : apply template based secrets] **************************************", "skipping: [snowballtoolsorg-nyc-cluster-control] => (item=None) ", "skipping: [snowballtoolsorg-nyc-cluster-control]"provider-template/roles/k8s/tasks/k3s/config.yml for snowballtoolsorg-nyc-cluster-control", "", "TASK [k8s : begining cluster creation] *****************************************", "included: /home/serviceprovider/service-provider-template/roles/k8s/tasks/k3s/main.yml for snowballtoolsorg-nyc-cluster-control", "", "TASK [k8s : k3s boostrap initial server node] **********************************", "changed: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : k3s add additional server nodes] ***********************************", "skipping: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : k3s add agent nodes] ***********************************************", "skipping: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : include kubeconf block] ********************************************", "included: /home/serviceprovider/service-provider-template/roles/k8s/tasks/shared/kubeconf.yml for snowballtoolsorg-nyc-cluster-control", "", "TASK [k8s : fetch kubeconfig] **************************************************", "changed: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : update local kubeconfig] *******************************************", "changed: [snowballtoolsorg-nyc-cluster-control -> localhost]", "", "TASK [k8

vars folder:

  • container-vars.yml
container_registry_username: "snowballregistry"
container_registry_password: "<container_registry_password>"
container_registry_domain: "container-registry.pwa.{{ full_domain }}"
  • dns-vars.yml
full_domain: "deployer.nyc.sp.igloo.tools"
subdomain_prefix: "snowballtools"
subdomain_cluster_control: "{{ subdomain_prefix }}-cluster-control"
service_provider_ip: "<service_provider_ip>"
do_api_token: "<do_api_token>"
  • gpg-vars.yml
gpg_user_name: "nycspgpg"
gpg_user_email: "viv@snowballtools.xyz"
gpg_passphrase: "<gpg_passphrase>"
  • k8s-vars.yml
target_host: "deployment_host"
gpg_key_id: "{{ sec_key_id }}"
vault_passphrase: "{{ gpg_passphrase }}"
org_id: "snowballtoolsorg"
location_id: "nyc"
base_domain: "igloo"
support_email: "viv@snowballtools.xyz"
ansible_ssh_extra_args: '-o StrictHostKeyChecking=no'
  • user-vars.yml
username: "serviceprovider"
password: "<password>"
path_to_ssh_key: "~/.ssh/do.pub"
  • webapp-vars.yml
ALICE_PK: "{{ ALICE_PK }}"
BOND_ID: "{{ BOND_ID }}"
authority_name: "snowballauthority"
cpu_reservation: "2"
memory_reservation: "4G"
cpu_limit: "4"
memory_limit: "99G"
deployer_gpg_passphrase: "<deployer_gpg_passphrase>"

with hosts.ini

[root_host]
nyc.sp.igloo.tools ansible_host=<ansible_host> ansible_user=root ansible_ssh_common_args='-o ForwardAgent=yes'

[deployment_host]
deployer.nyc.sp.igloo.tools ansible_host=<ansible_host (same as root_host ansible_host)> ansible_user=serviceprovider ansible_ssh_common_args='-o ForwardAgent=yes'
  1. installed ansible on my machine, set both remote and machine lang as described, and added relevant ssh keys
  2. created the user using
LANG=en_US.utf8 ansible-playbook setup-user.yml -i hosts.ini --extra-vars='{ "target_host": "deployment_host" }'
  1. set deployment_host in hosts.ini as above
  2. tried ansible-playbook service-provider-setup.yml -i hosts.ini --extra-vars='{ target_host: "deployment_host" }' --user serviceprovider and ansible-playbook service-provider-setup.yml -i hosts.ini --extra-vars='{ target_host: "deployment_host" }' --user $USER (both get error above)

failing at [k8s : apply locally stored secrets] **************************************\nfailed: [snowballtoolsorg-nyc-cluster-control -> localhost] (item=None) on remote host

Attempting to setup a service provider on a `Ubuntu 22.04 LTS` DO droplet. Getting error: ``` fatal: [deployer.nyc.sp.igloo.tools]: FAILED! => {"changed": true, "cmd": ["ansible-playbook", "-i", "hosts", "site.yml", "--tags=k8s", "--limit=snowballtoolsorg_nyc", "--user", "serviceprovider"], "delta": "0:00:09.068927", "end": "2024-10-18 04:08:34.248619", "msg": "non-zero return code", "rc": 2, "start": "2024-10-18 04:08:25.179692", "stderr": "[WARNING]: Platform linux on host snowballtoolsorg-nyc-cluster-control is using\nthe discovered Python interpreter at /usr/bin/python3.10, but future\ninstallation of another Python interpreter could change the meaning of that\npath. See https://docs.ansible.com/ansible-\ncore/2.17/reference_appendices/interpreter_discovery.html for more information.", "stderr_lines": ["[WARNING]: Platform linux on host snowballtoolsorg-nyc-cluster-control is using", "the discovered Python interpreter at /usr/bin/python3.10, but future", "installation of another Python interpreter could change the meaning of that", "path. See https://docs.ansible.com/ansible-", "core/2.17/reference_appendices/interpreter_discovery.html for more information."], "stdout": "\nPLAY [Setup hosts] *************************************************************\n\nTASK [Gathering Facts] *********************************************************\nok: [snowballtoolsorg-nyc-cluster-control]\n\nPLAY [Setup stack orchestrator] ************************************************\nskipping: no hosts matched\n\nPLAY [Setup k8s clusters] ******************************************************\n\nTASK [Gathering Facts] *********************************************************\nok: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : gather local facts] ************************************************\nok: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : set true node type] ************************************************\nok: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : load type specific values] *****************************************\nok: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : load system specific values] ***************************************\nskipping: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : add generic server taint] ******************************************\nskipping: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : add generic agent label] *******************************************\nskipping: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : increase open file limit] ******************************************\nok: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : download install script] *******************************************\nok: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : check config paths] ************************************************\nok: [snowballtoolsorg-nyc-cluster-control] => (item=/etc/rancher/k3s)\nok: [snowballtoolsorg-nyc-cluster-control] => (item=/var/lib/rancher/k3s/server/manifests/)\n\nTASK [k8s : template cluster config] *******************************************\nchanged: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : type specific configuration] ***************************************\nincluded: /home/serviceprovider/service-provider-template/roles/k8s/tasks/k3s/config.yml for snowballtoolsorg-nyc-cluster-control\n\nTASK [k8s : begining cluster creation] *****************************************\nincluded: /home/serviceprovider/service-provider-template/roles/k8s/tasks/k3s/main.yml for snowballtoolsorg-nyc-cluster-control\n\nTASK [k8s : k3s boostrap initial server node] **********************************\nchanged: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : k3s add additional server nodes] ***********************************\nskipping: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : k3s add agent nodes] ***********************************************\nskipping: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : include kubeconf block] ********************************************\nincluded: /home/serviceprovider/service-provider-template/roles/k8s/tasks/shared/kubeconf.yml for snowballtoolsorg-nyc-cluster-control\n\nTASK [k8s : fetch kubeconfig] **************************************************\nchanged: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : update local kubeconfig] *******************************************\nchanged: [snowballtoolsorg-nyc-cluster-control -> localhost]\n\nTASK [k8s : include secret block] **********************************************\nincluded: /home/serviceprovider/service-provider-template/roles/k8s/tasks/shared/secrets.yml for snowballtoolsorg-nyc-cluster-control\n\nTASK [k8s : apply template based secrets] **************************************\nskipping: [snowballtoolsorg-nyc-cluster-control] => (item=None) \nskipping: [snowballtoolsorg-nyc-cluster-control]\n\nTASK [k8s : apply locally stored secrets] **************************************\nfailed: [snowballtoolsorg-nyc-cluster-control -> localhost] (item=None) => {\"censored\": \"the output has been hidden due to the fact that 'no_log: true' was specified for this result\", \"changed\": true}\nfatal: [snowballtoolsorg-nyc-cluster-control -> localhost]: FAILED! => {\"censored\": \"the output has been hidden due to the fact that 'no_log: true' was specified for this result\", \"changed\": true}\n\nPLAY RECAP *********************************************************************\nsnowballtoolsorg-nyc-cluster-control : ok=16 changed=4 unreachable=0 failed=1 skipped=6 rescued=0 ignored=0 ", "stdout_lines": ["", "PLAY [Setup hosts] *************************************************************", "", "TASK [Gathering Facts] *********************************************************", "ok: [snowballtoolsorg-nyc-cluster-control]", "", "PLAY [Setup stack orchestrator] ************************************************", "skipping: no hosts matched", "", "PLAY [Setup k8s clusters] ******************************************************", "", "TASK [Gathering Facts] *********************************************************", "ok: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : gather local facts] ************************************************", "ok: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : set true node type] ************************************************", "ok: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : load type specific values] *****************************************", "ok: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : load system specific values] ***************************************", "skipping: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : add generic server taint] ******************************************", "skipping: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : add generic agent label] *******************************************", "skipping: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : increase open file limit] ******************************************", "ok: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : download install script] *******************************************", "ok: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : check config paths] ************************************************", "ok: [snowballtoolsorg-nyc-cluster-control] => (item=/etc/rancher/k3s)", "ok: [snowballtoolsorg-nyc-cluster-control] => (item=/var/lib/rancher/k3s/server/manifests/)", "", "TASK [k8s : template cluster config] *******************************************", "changed: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : type specific configuration] ***************************************", "included: /home/serviceprovider/service-provider-template/roles/k8s/tasks/k3s/config.yml for snowballtoolsorg-nyc-cluster-control", "", "TASK [k8s : begining cluster creation] *****************************************", "included: /home/serviceprovider/service-provider-template/roles/k8s/tasks/k3s/main.yml for snowballtoolsorg-nyc-cluster-control", "", "TASK [k8s : k3s boostrap initial server node] **********************************", "changed: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : k3s add additional server nodes] ***********************************", "skipping: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : k3s add agent nodes] ***********************************************", "skipping: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : include kubeconf block] ********************************************", "included: /home/serviceprovider/service-provider-template/roles/k8s/tasks/shared/kubeconf.yml for snowballtoolsorg-nyc-cluster-control", "", "TASK [k8s : fetch kubeconfig] **************************************************", "changed: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : update local kubeconfig] *******************************************", "changed: [snowballtoolsorg-nyc-cluster-control -> localhost]", "", "TASK [k8s : include secret block] **********************************************", "included: /home/serviceprovider/service-provider-template/roles/k8s/tasks/shared/secrets.yml for snowballtoolsorg-nyc-cluster-control", "", "TASK [k8s : apply template based secrets] **************************************", "skipping: [snowballtoolsorg-nyc-cluster-control] => (item=None) ", "skipping: [snowballtoolsorg-nyc-cluster-control]"provider-template/roles/k8s/tasks/k3s/config.yml for snowballtoolsorg-nyc-cluster-control", "", "TASK [k8s : begining cluster creation] *****************************************", "included: /home/serviceprovider/service-provider-template/roles/k8s/tasks/k3s/main.yml for snowballtoolsorg-nyc-cluster-control", "", "TASK [k8s : k3s boostrap initial server node] **********************************", "changed: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : k3s add additional server nodes] ***********************************", "skipping: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : k3s add agent nodes] ***********************************************", "skipping: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : include kubeconf block] ********************************************", "included: /home/serviceprovider/service-provider-template/roles/k8s/tasks/shared/kubeconf.yml for snowballtoolsorg-nyc-cluster-control", "", "TASK [k8s : fetch kubeconfig] **************************************************", "changed: [snowballtoolsorg-nyc-cluster-control]", "", "TASK [k8s : update local kubeconfig] *******************************************", "changed: [snowballtoolsorg-nyc-cluster-control -> localhost]", "", "TASK [k8 ``` vars folder: - `container-vars.yml` ```yml container_registry_username: "snowballregistry" container_registry_password: "<container_registry_password>" container_registry_domain: "container-registry.pwa.{{ full_domain }}" ``` - `dns-vars.yml` ```yml full_domain: "deployer.nyc.sp.igloo.tools" subdomain_prefix: "snowballtools" subdomain_cluster_control: "{{ subdomain_prefix }}-cluster-control" service_provider_ip: "<service_provider_ip>" do_api_token: "<do_api_token>" ``` - `gpg-vars.yml` ```yml gpg_user_name: "nycspgpg" gpg_user_email: "viv@snowballtools.xyz" gpg_passphrase: "<gpg_passphrase>" ``` - `k8s-vars.yml` ```yml target_host: "deployment_host" gpg_key_id: "{{ sec_key_id }}" vault_passphrase: "{{ gpg_passphrase }}" org_id: "snowballtoolsorg" location_id: "nyc" base_domain: "igloo" support_email: "viv@snowballtools.xyz" ansible_ssh_extra_args: '-o StrictHostKeyChecking=no' ``` - `user-vars.yml` ```yml username: "serviceprovider" password: "<password>" path_to_ssh_key: "~/.ssh/do.pub" ``` - `webapp-vars.yml` ```yml ALICE_PK: "{{ ALICE_PK }}" BOND_ID: "{{ BOND_ID }}" authority_name: "snowballauthority" cpu_reservation: "2" memory_reservation: "4G" cpu_limit: "4" memory_limit: "99G" deployer_gpg_passphrase: "<deployer_gpg_passphrase>" ``` with `hosts.ini` ``` [root_host] nyc.sp.igloo.tools ansible_host=<ansible_host> ansible_user=root ansible_ssh_common_args='-o ForwardAgent=yes' [deployment_host] deployer.nyc.sp.igloo.tools ansible_host=<ansible_host (same as root_host ansible_host)> ansible_user=serviceprovider ansible_ssh_common_args='-o ForwardAgent=yes' ``` 1. installed `ansible` on my machine, set both remote and machine lang as described, and added relevant ssh keys 2. created the user using ``` LANG=en_US.utf8 ansible-playbook setup-user.yml -i hosts.ini --extra-vars='{ "target_host": "deployment_host" }' ``` 2. set `deployment_host` in `hosts.ini` as above 3. tried `ansible-playbook service-provider-setup.yml -i hosts.ini --extra-vars='{ target_host: "deployment_host" }' --user serviceprovider` and `ansible-playbook service-provider-setup.yml -i hosts.ini --extra-vars='{ target_host: "deployment_host" }' --user $USER` (both get error above) failing at `[k8s : apply locally stored secrets] **************************************\nfailed: [snowballtoolsorg-nyc-cluster-control -> localhost] (item=None)` on remote host
adwait commented 2024-10-21 11:17:33 +00:00
Copy Link

Hi,

Has the playbook been run previously with an incorrect configuration? This error often occurs when the playbook is rerun without properly cleaning up the GPG key setup.

To resolve this, try cleaning up the existing GPG keys and undeploying k8s. Run the following commands on the machine where the k8s are deployed:

  • Undeploy k8s: 
    $ cd service-provider-template/
$ export VAULT_KEY=<gpg_passphrase>
$ bash .vault/vault-rekey.sh
$ ansible-playbook -i hosts site.yml --tags=k8s --limit=snowballtoolsorg_nyc --user serviceprovider --extra-vars 'k8s_action=destroy'
  • Remove the existing GPG key 
    $ gpg --list-secret-keys --keyid-format=long
----------------------------
sec   rsa4096/DA9E3D638930A699 2024-10-15 [SCEA]
    69A3200727091E72B773BBEBDA9E3D638930A699
uid                 [ultimate] deepstack <support@deepstacksoft.com>
ssb   rsa3072/2B5D80CF44753EFD 2024-10-15 [SEA]

$ gpg --delete-secret-key 69A3200727091E72B773BBEBDA9E3D638930A699

$ gpg --delete-key 69A3200727091E72B773BBEBDA9E3D638930A699
  • Remove the service-provider-template directory 
    $ rm -rf service-provider-template

Rerun the service-provider-setup.yml playbook (on your host machine)

$ ansible-playbook service-provider-setup.yml -i hosts.ini --extra-vars='{ target_host: "deployment_host" }' --user $USER
Hi, Has the playbook been run previously with an incorrect configuration? This error often occurs when the playbook is rerun without properly cleaning up the GPG key setup. To resolve this, try cleaning up the existing GPG keys and undeploying k8s. Run the following commands on the machine where the k8s are deployed: - Undeploy k8s: ``` $ cd service-provider-template/ $ export VAULT_KEY=<gpg_passphrase> $ bash .vault/vault-rekey.sh $ ansible-playbook -i hosts site.yml --tags=k8s --limit=snowballtoolsorg_nyc --user serviceprovider --extra-vars 'k8s_action=destroy' ``` - Remove the existing GPG key ``` $ gpg --list-secret-keys --keyid-format=long ---------------------------- sec rsa4096/DA9E3D638930A699 2024-10-15 [SCEA] 69A3200727091E72B773BBEBDA9E3D638930A699 uid [ultimate] deepstack <support@deepstacksoft.com> ssb rsa3072/2B5D80CF44753EFD 2024-10-15 [SEA] $ gpg --delete-secret-key 69A3200727091E72B773BBEBDA9E3D638930A699 $ gpg --delete-key 69A3200727091E72B773BBEBDA9E3D638930A699 ``` - Remove the `service-provider-template` directory ``` $ rm -rf service-provider-template ``` Rerun the `service-provider-setup.yml` playbook (on your host machine) ``` $ ansible-playbook service-provider-setup.yml -i hosts.ini --extra-vars='{ target_host: "deployment_host" }' --user $USER ```
VPhung24 commented 2024-10-23 18:13:10 +00:00
Author
Owner
Copy Link

Pulled and ran on a clean DO droplet 2e0fbd82f16da9f77fcb9fa1f99c0bb56410ee63 (from two days) and it worked perfectly. Thanks!

Pulled and ran on a clean DO droplet `2e0fbd82f16da9f77fcb9fa1f99c0bb56410ee63` (from two days) and it worked perfectly. Thanks!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
  
Copied from Github

An issue or PR manually copied from GitHub.

  
Kind/Breaking

Breaking change that won't be backward compatible

  
Kind/Bug

Something is not working

  
Kind/Documentation

Documentation changes

  
Kind/Enhancement

Improve existing functionality

  
Kind/Feature

New functionality

  
Kind/Security

This is security issue

  
Kind/Testing

Issue or pull request related to testing

  
Priority
Critical
The priority is critical

  
Priority
High
The priority is high

  
Priority
Low
The priority is low

  
Priority
Medium
The priority is medium

  
Reviewed
Confirmed
Issue has been confirmed

  
Reviewed
Duplicate
This issue or pull request already exists

  
Reviewed
Invalid
Invalid issue

  
Reviewed
Won't Fix
This issue won't be fixed

  
Status
Abandoned
Somebody has started to work on this but abandoned work

  
Status
Blocked
Something is blocking this issue or pull request

  
Status
Need More Info
Feedback is required to reproduce issue or to continue work

No Label
Copied from Github
Kind/Breaking
Kind/Bug
Kind/Documentation
Kind/Enhancement
Kind/Feature
Kind/Security
Kind/Testing
Priority
Critical
Priority
High
Priority
Low
Priority
Medium
Reviewed
Confirmed
Reviewed
Duplicate
Reviewed
Invalid
Reviewed
Won't Fix
Status
Abandoned
Status
Blocked
Status
Need More Info
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: cerc-io/testnet-ops#13
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?