ansible roles are not copying template configuration into container hosts

[thatsk]

Issue Type

• Bug report

Molecule and Ansible details

ansible --version && molecule --version
ansible 2.7.10
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Apr  9 2019, 14:30:50) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]
molecule, version 2.20.1

Molecule installation method (one of):

• pip

Ansible installation method (one of):

• OS package

Detail any linters or test runners used:

dependency:
name: galaxy
driver:
name: docker
lint:
name: yamllint
platforms:

• name: inpup01p1
  hostname: inpup01p1
  image: puppetmaster:2.0
  pre_build_image: True
  privileged: True
  volumes:
  • /sys/fs/cgroup:/sys/fs/cgroup:ro
    command: "/usr/sbin/init"
    capabilities:
  • SYS_ADMIN
    networks:
  • name: example
• name: nocon01p1
  hostname: nocon01p1
  image: centos:7.6
  pre_build_image: True
  privileged: True
  volumes:
  • /sys/fs/cgroup:/sys/fs/cgroup:ro
    command: "/usr/sbin/init"
    capabilities:
  • SYS_ADMIN
    exposed_ports:
  • 8500/tcp
  • 8500/udp
  • 8301/tcp
  • 8301/udp
    published_ports:
  • 0.0.0.0:8500:8500/tcp
  • 0.0.0.0:8500:8500/udp
    networks:
  • name: example
• name: nocon02p1
  hostname: nocon02p1
  image: centos:7.6
  pre_build_image: True
  privileged: True
  volumes:
  • /sys/fs/cgroup:/sys/fs/cgroup:ro
    command: "/usr/sbin/init"
    capabilities:
  • SYS_ADMIN
    exposed_ports:
  • 8500/tcp
  • 8500/udp
  • 8301/tcp
  • 8301/udp
    networks:
  • name: example
• name: nocon03p1
  hostname: nocon03p1
  image: centos:7.6
  pre_build_image: True
  privileged: True
  volumes:
  • /sys/fs/cgroup:/sys/fs/cgroup:ro
    command: "/usr/sbin/init"
    capabilities:
  • SYS_ADMIN
    exposed_ports:
  • 8500/tcp
  • 8500/udp
  • 8301/tcp
  • 8301/udp
    networks:
  • name: example
• name: nocon04p1
  hostname: nocon04p1
  image: centos:7.6
  pre_build_image: True
  privileged: True
  volumes:
  • /sys/fs/cgroup:/sys/fs/cgroup:ro
    command: "/usr/sbin/init"
    capabilities:
  • SYS_ADMIN
    exposed_ports:
  • 8500/tcp
  • 8500/udp
  • 8301/tcp
  • 8301/udp
    networks:
  • name: example
    provisioner:
    name: ansible
    options:
    vvv: true
    lint:
    name: ansible-lint
    playbooks:
    prepare: prepare.yaml
    env:
    ANSIBLE_ROLES_PATH: ../resources/roles/
    verifier:
    name: testinfra
    lint:
    name: flake8

prepare.yaml

• hosts: nocon01p1, nocon02p1, nocon03p1
  gather_facts: true
  vars:
  hosts_add_basic_ipv6: false
  hosts_add_ansible_managed_hosts: true
  hosts_network_interface: eth1
  hosts_entries:
  - name: pulp
  ip: 10.173.96.177
  aliases:
  - pulp
  roles:
  • hosts

i am using this roles
https://github.com/bertvv/ansible-role-hosts.git

Desired Behavior

it should modify hosts file of every container.

Actual Behaviour

The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_copy_payload_lofnwe/ansible_copy_payload.zip/ansible/module_utils/basic.py", line 2592, in atomic_move
    os.rename(b_tmp_dest_name, b_dest)
OSError: [Errno 16] Device or resource busy

fatal: [nocon01p1]: FAILED! => {
    "changed": false,
    "checksum": "4b3f405fab4e3570f9bae91a12c2475c1d8feef1",
    "diff": [],
    "invocation": {
        "module_args": {
            "_original_basename": "etc_hosts.j2",
            "attributes": null,
            "backup": false,
            "checksum": "4b3f405fab4e3570f9bae91a12c2475c1d8feef1",
            "content": null,
            "delimiter": null,
            "dest": "/etc/hosts",
            "directory_mode": null,
            "follow": false,
            "force": true,
            "group": "root",
            "local_follow": null,
            "mode": 420,
            "owner": "root",
            "regexp": null,
            "remote_src": null,
            "selevel": null,
            "serole": null,
            "setype": null,
            "seuser": null,
            "src": "/root/.ansible/tmp/ansible-tmp-1558616775.13-94474003016736/source",
            "unsafe_writes": null,
            "validate": null
        }
    },
    "msg": "Unable to make /root/.ansible/tmp/ansible-tmp-1558616775.13-94474003016736/source into to /etc/hosts, failed final rename from /etc/.ansible_tmpV1vvPLhosts: [Errno 16] Device or resource busy"
}
The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_copy_payload_Ptxd2h/ansible_copy_payload.zip/ansible/module_utils/basic.py", line 2592, in atomic_move
    os.rename(b_tmp_dest_name, b_dest)
OSError: [Errno 16] Device or resource busy

fatal: [nocon02p1]: FAILED! => {
    "changed": false,
    "checksum": "a7779bc0e68106719907e1a97bf50d1cdae8b2e7",
    "diff": [],
    "invocation": {
        "module_args": {
            "_original_basename": "etc_hosts.j2",
            "attributes": null,
            "backup": false,
            "checksum": "a7779bc0e68106719907e1a97bf50d1cdae8b2e7",
            "content": null,
            "delimiter": null,
            "dest": "/etc/hosts",
            "directory_mode": null,
            "follow": false,
            "force": true,
            "group": "root",
            "local_follow": null,
            "mode": 420,
            "owner": "root",
            "regexp": null,
            "remote_src": null,
            "selevel": null,
            "serole": null,
            "setype": null,
            "seuser": null,
            "src": "/root/.ansible/tmp/ansible-tmp-1558616775.31-186801450187651/source",
            "unsafe_writes": null,
            "validate": null
        }
    },
    "msg": "Unable to make /root/.ansible/tmp/ansible-tmp-1558616775.31-186801450187651/source into to /etc/hosts, failed final rename from /etc/.ansible_tmpQrJsbPhosts: [Errno 16] Device or resource busy"
}
The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_copy_payload_Iy2DSa/ansible_copy_payload.zip/ansible/module_utils/basic.py", line 2592, in atomic_move
    os.rename(b_tmp_dest_name, b_dest)
OSError: [Errno 16] Device or resource busy

fatal: [nocon03p1]: FAILED! => {
    "changed": false,
    "checksum": "9c7e1cc5ddc28c69784f653c4a1e5ea229880706",
    "diff": [],
    "invocation": {
        "module_args": {
            "_original_basename": "etc_hosts.j2",
            "attributes": null,
            "backup": false,
            "checksum": "9c7e1cc5ddc28c69784f653c4a1e5ea229880706",
            "content": null,
            "delimiter": null,
            "dest": "/etc/hosts",
            "directory_mode": null,
            "follow": false,
            "force": true,
            "group": "root",
            "local_follow": null,
            "mode": 420,
            "owner": "root",
            "regexp": null,
            "remote_src": null,
            "selevel": null,
            "serole": null,
            "setype": null,
            "seuser": null,
            "src": "/root/.ansible/tmp/ansible-tmp-1558616775.32-192566833611638/source",
            "unsafe_writes": null,
            "validate": null
        }
    },
    "msg": "Unable to make /root/.ansible/tmp/ansible-tmp-1558616775.32-192566833611638/source into to /etc/hosts, failed final rename from /etc/.ansible_tmpspRaPhhosts: [Errno 16] Device or resource busy"
}

output of running molecule --debug.

[thatsk]

Even simple linefile is not working
prepare.yaml

• hosts: nocon01p1, nocon02p1, nocon03p1
  gather_facts: false
  tasks:

  • lineinfile:
    path: /etc/hosts
    line: '10.173.34.4 pulp'

  The full traceback is:
  Traceback (most recent call last):
  File "/tmp/ansible_lineinfile_payload_hYXOLU/ansible_lineinfile_payload.zip/ansible/module_utils/basic.py", line 2592, in atomic_move
  os.rename(b_tmp_dest_name, b_dest)
  OSError: [Errno 16] Device or resource busy

  fatal: [nocon03p1]: FAILED! => {
  "changed": false,
  "invocation": {
  "module_args": {
  "attributes": null,
  "backrefs": false,
  "backup": false,
  "content": null,
  "create": false,
  "delimiter": null,
  "directory_mode": null,
  "firstmatch": false,
  "follow": false,
  "force": null,
  "group": null,
  "insertafter": null,
  "insertbefore": null,
  "line": "10.173.34.4 pulp",
  "mode": null,
  "owner": null,
  "path": "/etc/hosts",
  "regexp": null,
  "remote_src": null,
  "selevel": null,
  "serole": null,
  "setype": null,
  "seuser": null,
  "src": null,
  "state": "present",
  "unsafe_writes": null,
  "validate": null
  }
  },
  "msg": "Unable to make /tmp/tmp0a7TiL into to /etc/hosts, failed final rename from /etc/.ansible_tmpkGWrPFhosts: [Errno 16] Device or resource busy"
  }
  The full traceback is:
  Traceback (most recent call last):
  File "/tmp/ansible_lineinfile_payload_Iut9n0/ansible_lineinfile_payload.zip/ansible/module_utils/basic.py", line 2592, in atomic_move
  os.rename(b_tmp_dest_name, b_dest)
  OSError: [Errno 16] Device or resource busy

  fatal: [nocon01p1]: FAILED! => {
  "changed": false,
  "invocation": {
  "module_args": {
  "attributes": null,
  "backrefs": false,
  "backup": false,
  "content": null,
  "create": false,
  "delimiter": null,
  "directory_mode": null,
  "firstmatch": false,
  "follow": false,
  "force": null,
  "group": null,
  "insertafter": null,
  "insertbefore": null,
  "line": "10.173.34.4 pulp",
  "mode": null,
  "owner": null,
  "path": "/etc/hosts",
  "regexp": null,
  "remote_src": null,
  "selevel": null,
  "serole": null,
  "setype": null,
  "seuser": null,
  "src": null,
  "state": "present",
  "unsafe_writes": null,
  "validate": null
  }
  },
  "msg": "Unable to make /tmp/tmprzIiFY into to /etc/hosts, failed final rename from /etc/.ansible_tmpEoBNZQhosts: [Errno 16] Device or resource busy"
  }
  The full traceback is:
  Traceback (most recent call last):
  File "/tmp/ansible_lineinfile_payload_GiRQ72/ansible_lineinfile_payload.zip/ansible/module_utils/basic.py", line 2592, in atomic_move
  os.rename(b_tmp_dest_name, b_dest)
  OSError: [Errno 16] Device or resource busy

  fatal: [nocon02p1]: FAILED! => {
  "changed": false,
  "invocation": {
  "module_args": {
  "attributes": null,
  "backrefs": false,
  "backup": false,
  "content": null,
  "create": false,
  "delimiter": null,
  "directory_mode": null,
  "firstmatch": false,
  "follow": false,
  "force": null,
  "group": null,
  "insertafter": null,
  "insertbefore": null,
  "line": "10.173.34.4 pulp",
  "mode": null,
  "owner": null,
  "path": "/etc/hosts",
  "regexp": null,
  "remote_src": null,
  "selevel": null,
  "serole": null,
  "setype": null,
  "seuser": null,
  "src": null,
  "state": "present",
  "unsafe_writes": null,
  "validate": null
  }
  },
  "msg": "Unable to make /tmp/tmppHrHa5 into to /etc/hosts, failed final rename from /etc/.ansible_tmpBM6vskhosts: [Errno 16] Device or resource busy"
  }

  PLAY RECAP *********************************************************************
  nocon01p1 : ok=0 changed=0 unreachable=0 failed=1
  nocon02p1 : ok=0 changed=0 unreachable=0 failed=1
  nocon03p1 : ok=0 changed=0 unreachable=0 failed=1

ERROR:

[decentral1se]

OSError: [Errno 16] Device or resource busy

Which driver are you using?

This seems like a driver issue and not something on the Molecule layer?

[anial-pro]

I found answer on this comment , may be it help.

[weshouman]

Same here, when I manually edit the /etc/hosts it works.
But when that's automated through ansible and being tested with molecule, that fails for both Centos and Ubuntu.

[sshnaidm]

Editing /etc/hosts in docker container is tricky. You'd better to use different driver for testing roles that edit /etc/hosts directly, with docker driver it won't work well.

[thatsk]

so whats the correct solution for this ?

[till]

Ran into this as well, so I understand that /etc/hosts is off-limit, but the reason why I think I need it is in order to make hostnames work between containers.

So for example:

platforms:
  - name: node1
    image: centos:8
    pre_build_image: True
    command: /sbin/init
    privileged: true
    tmpfs:
      - /run
      - /tmp
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:rw
      - /sys/fs/cgroup:/sys/fs/cgroup:ro
  - name: node2
    image: centos:8
    pre_build_image: True
    command: /sbin/init
    privileged: true
    tmpfs:
      - /run
      - /tmp
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:rw
      - /sys/fs/cgroup:/sys/fs/cgroup:ro

When I docker exec -it node2 bash, I can ping node2 but not node1. I can ping node1's IP though, but there is no mechanism to resolve it on node2.

I am going to work around it and see if I can resolve IPs on the node using my role and distribute these as facts and I saw others who run dnsmasq (in molecule), but I think that's a bit too much. :D Regardless, is there a better way to do this currently?

[sshnaidm]

Podman has option --no-hosts which prevents changing /etc/hosts file in a container and it will remain as is. If need I can add this option to podman driver.
AFAIK there is no such an option in docker.

[till]

@sshnaidm I think I got a little further, but this doesn't have to do anything with Podman.

I think it's more about the following:

1. When I start two containers with docker, they can ping each other, as long as they are on the same network.
2. With molecule, I think the default is network_mode: host, this may prevent that.

I haven't dug into what changing network_mode and maybe a setting network explicitly does. But that's what I'll try as soon as the rest works. In the end, it seems like manipulating /etc/hosts is not necessary in this case.

The goal is still that "DNS resolution" works between node1 and node2, so e.g., they can ping each other:

When I docker exec -it node2 bash, I can ping node2 but not node1. I can ping node1's IP though, but there is no mechanism to resolve it on node2.

[sshnaidm]

The goal is still that "DNS resolution" works between node1 and node2, so e.g., they can ping each other:

In this case all you need it's a link between containers. It could be done with setting them into one network as you did or adding --link. After docker networking patch was merged I think you can do this in molecule config in latest version from github.

[ssbarnea]

This has nothing to do with Molecule, is pure Ansible user issue.

[ngueagho]

PLAY [Configuration du Serveur DNS] *******************************************************************************************************************************************************************************

TASK [Gathering Facts] ********************************************************************************************************************************************************************************************
ok: [ansible_workstation1]
ok: [ansible_workstation2]
ok: [ansible_workstation0]

TASK [configurez /etc/resolv.conf pour utiliser 8.8.8.8 comme serveur DNS] ****************************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: OSError: [Errno 16] Device or resource busy: b'/etc/.ansible_tmp6y85_gofresolv.conf' -> b'/etc/resolv.conf'
fatal: [ansible_workstation1]: FAILED! => {"changed": false, "checksum": "87820f535e606a45250a897a8523337050b93abe", "msg": "Unable to make b'/home/techuser/.ansible/tmp/ansible-tmp-1720471705.4055617-165732809405309/source' into to /etc/resolv.conf, failed final rename from b'/etc/.ansible_tmp6y85_gofresolv.conf': [Errno 16] Device or resource busy: b'/etc/.ansible_tmp6y85_gofresolv.conf' -> b'/etc/resolv.conf'"}
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: OSError: [Errno 16] Device or resource busy: b'/etc/.ansible_tmpuq8w1jsfresolv.conf' -> b'/etc/resolv.conf'
fatal: [ansible_workstation0]: FAILED! => {"changed": false, "checksum": "87820f535e606a45250a897a8523337050b93abe", "msg": "Unable to make b'/home/techuser/.ansible/tmp/ansible-tmp-1720471705.4248533-90969129576217/source' into to /etc/resolv.conf, failed final rename from b'/etc/.ansible_tmpuq8w1jsfresolv.conf': [Errno 16] Device or resource busy: b'/etc/.ansible_tmpuq8w1jsfresolv.conf' -> b'/etc/resolv.conf'"}
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: OSError: [Errno 16] Device or resource busy: b'/etc/.ansible_tmpsjfwfjn4resolv.conf' -> b'/etc/resolv.conf'
fatal: [ansible_workstation2]: FAILED! => {"changed": false, "checksum": "87820f535e606a45250a897a8523337050b93abe", "msg": "Unable to make b'/home/techuser/.ansible/tmp/ansible-tmp-1720471705.3882976-81280533466251/source' into to /etc/resolv.conf, failed final rename from b'/etc/.ansible_tmpsjfwfjn4resolv.conf': [Errno 16] Device or resource busy: b'/etc/.ansible_tmpsjfwfjn4resolv.conf' -> b'/etc/resolv.conf'"}

PLAY RECAP ********************************************************************************************************************************************************************************************************
ansible_workstation0 : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
ansible_workstation1 : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
ansible_workstation2 : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0

i have the same problem