Solved: different behaviours ansible-playbook vs ansible-n...

bahadirbklogl

Greetings,

I have been working on RH294 - Red Hat Enterprise Linux Automation with Ansible course.
While execution with ansible-playbook fails with syntax error, ansible-navigator does not ? . why ? I can't see if there are issues with my yml

yaml is from Section 3.2: Guided Exercise: Managing Variables

- name: depoloy and start apache httpd serv'ce
  hosts: webserver
  vars:
    web_pkg: httpd
    firewall_pkg: firewalld
    web_service: firewalld
    firewall_service: httpd
    rule: http

  tasks:
    - name: install necessary
      ansible.builtin.dnf:
        name:
          - "{{ web_pkg }}"
          - "{{ firewall_pkg }}"
        state: latest

    - name: "the {{ firewall_service }} is started and enabled"
      ansible.builtin.service:
        name: "{{ item }}"
        enabled: true
        state: started
      loop:
        - "{{ firewall_service }}"
        - "{{ web_service }}"
    - name: Web content is in place
      ansible.builtin.copy:
        content: "Example web content"
        dest: /var/www/html/index.html

    - name : firewall port for "{{ rule }}" open
      ansible.posix.firewalld:
        service: "{{ rule }}"
        permanent: true
        immediate: true
        state: enabled

[student@workstation data-variables]$ ansible-navigator run playbook.yml -m stdout

PLAY [depoloy and start apache httpd serv'ce] **********************************

TASK [Gathering Facts] *********************************************************
ok: [servera.lab.example.com]

TASK [install necessary] *******************************************************
ok: [servera.lab.example.com]

TASK [the httpd is started and enabled] ****************************************
ok: [servera.lab.example.com] => (item=httpd)
ok: [servera.lab.example.com] => (item=firewalld)

TASK [Web content is in place] *************************************************
ok: [servera.lab.example.com]

TASK [firewall port for "http" open] *******************************************
ok: [servera.lab.example.com]

PLAY RECAP *********************************************************************
servera.lab.example.com    : ok=5    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
[student@workstation data-variables]$ ansible-playbook playbook.yml 
ERROR! couldn't resolve module/action 'ansible.posix.firewalld'. This often indicates a misspelling, missing collection, or incorrect module path.

The error appears to be in '/home/student/data-variables/playbook.yml': line 31, column 7, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:


    - name : firewall port for "{{ rule }}" open
      ^ here
We could be wrong, but this one looks like it might be an issue with
missing quotes. Always quote template expression brackets when they
start a value. For instance:

    with_items:
      - {{ foo }}

Should be written as:

    with_items:
      - "{{ foo }}"
[student@workstation data-variables]$

bonnevil

In short, your YAML is fine. It's just that ansible.posix isn't installed on the workstation but is available in the automation execution environment container that ansible-navigator uses to run playbooks.

View solution in original post

bonnevil

This one is real simple. When you use ansible-navigator, you're running in an execution environment container, and the one you're using includes the ansible.posix Ansible Content Collection along with several others. When you use ansible-playbook, your "execution environment" is not in a container but uses the workstation itself, and it probably only has Ansible Core installed (because that's what RHEL ships) and therefore it probably only has the ansible.builtin Ansible Content Collection installed, which is always included with Ansible Core. That's the error, the syntax error seems to be exactly at the point where Ansible can't find the module the playbook is asking for.

bonnevil

In short, your YAML is fine. It's just that ansible.posix isn't installed on the workstation but is available in the automation execution environment container that ansible-navigator uses to run playbooks.

Trevor

bahadirbklogl, a lovely question!

Let's start with some troubleshooting, and a sprinkling of explanations.

The firewalld module is part of the ansible.posix collection, and is NOT included
in ansible-core. Let's ensure this collection (i.e. ansible.posix) is installed. To do
so, execute the following command:

# ansible-galaxy collection list

Note: The reason that I make reference to ansible-core, is because the ansible-playbook
tool, runs playbooks using the local Ansible Core installation, along with its
configured dependencies.

Okay, I won't go any further with explanations. I'll await the report of your running
that ansible-galaxy collection list command. Standing by...

Trevor "Red Hat Evangelist" Chandler

Chetan_Tiwary_

@bahadirbklogl You have got the remedy through comments by @bonnevil and @Trevor .

Please refer the official docs here regarding the collection : https://docs.ansible.com/ansible/latest/collections/ansible/posix/firewalld_module.html

bahadirbklogl

Wow, I never knew that by posting here I would get so much detailed support and thorough explanations!
I truly appreciate you sharing your expertise. It was incredibly helpful! @bonnevil @Chetan_Tiwary_ @Trevor

Trevor

bahadirbklogl, your questions do 2 thihgs for me:
1) They will require me to add knowledge that I don't already have
2) They will reinforce the knowledge that I already have

It's a win-win for me!!!!

This truly is a learning community!! Everyone member of this community
GENUINELY wants to assist with learning!!

Keep your questions coming!

Trevor "Red Hat Evangelist" Chandler

different behaviours ansible-playbook vs ansible-navigator. why?

Ansible

Ansible Engine

automation