FAQ and troubleshooting¶
Q:Tasks being run by the provisioner?¶
The provision_lab.yml playbook creates a work bench for each
student, configures them for password authentication, and creates an
inventory file for each user with their IP’s and credentials. An
instructor inventory file is also created in the current directory which
will let the instructor access the nodes of any student. This file will
be called instructor_inventory.txt
Q:What gets created on AWS¶
AWS VPC creation (Amazon Web Services Virtual Private Cloud)
Creation of an SSH key pair (stored at ./WORKSHOPNAME/WORKSHOPNAME-private.pem)
Creation of a AWS EC2 security group - Creation of a subnet for the VPC
Creation of an internet gateway for the VPC - Creation of route table for VPC (for reachability from internet)
Q:What EC2 instances does provisioner spin up¶
One ansible control node using a Centos image
Two webservers using a Centos image
One BIG-IP using the BEST license (pre-licensed)
Q.What tasks does provisioner perfrom on the BIG-IP¶
Changes the default MGMT password
Problem: Provioner fails - SSH connectivity¶
Provisioner fails at task [Wait for all nodes to have SSH reachability]
Solution
Make sure there is a private key of the form <<workshop_name>>-private.pem in folder f5_provisioner/provisioner/<<workshop_name>>/
If ley is not present run the following:
Teardown lab: ansible-playbook teardown_lab.yml -e @f5_vars.yml
Provision again: ansible-playbook provision_lab.yml -e @f5_vars.yml
Problem: boto3 missing¶
fatal: [localhost]: FAILED! => {"attempts": 1, "changed": false, "msg": "Python modules \"botocore\" or \"boto3\" are missing, please install both"}
OR
fatal: [localhost]: FAILED! => {"attempts": 1, "changed": false, "msg": "boto is required for this module"}
Solution
pip install boto boto3
Problem:unable to locate credentials¶
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: NoCredentialsError: Unable to locate credentials
fatal: [localhost]: FAILED! => {"attempts": 1, "changed": false, "msg": "Failed to describe VPCs: Unable to locate credentials"}
Solution
Set your Access Key ID and Secret Access Key under ~/.aws/credentials
[root@centos ~]# cat ~/.aws/credentials
[default]
aws_access_key_id = ABCDEFGHIJKLMNOP
aws_secret_access_key = ABCDEFGHIJKLMNOP/ABCDEFGHIJKLMNOP
Problem: wrong version of Ansible¶
TASK [make sure we are running correct Ansible Version] ********************************
fatal: [localhost]: FAILED! => {
"assertion": "ansible_version.minor >= 6",
"changed": false,
"evaluated_to": false
}
Solution
Install 2.8 or later.
Problem: wrong version of boto3¶
make sure we are running correct boto version
py_cmd.stdout.startswith('1.7')
Solution
Install and/or upgrade boto3
pip install boto3 --upgrade
Problem: AWS Signature Failure¶
"error": {
"message": "Signature expired: 20180703T083815Z is now earlier than 20180703T152801Z (20180703T154301Z - 15 min.)",
"code": "SignatureDoesNotMatch",
"type": "Sender"
Solution
Ensure the time on your Ansible Tower
Problem: F5 Workshop provisioner fails on mac¶
TASK [f5_setup : Install AS3] *******************************************************************************
fatal: [TESTWORKSHOP-student1-f5]: FAILED! => {"changed": false, "cmd": "rpm -qp --queryformat '%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}' <ommited>/workshops/provisioner/roles/f5_setup/files/f5-appsvcs-3.4.0-2.noarch.rpm", "msg": "[Errno 2] No such file or directory", "rc": 2}
Solution
$ brew install rpm