+++ This bug was initially created as a clone of Bug #1967083 +++ Clone for 16.1 Description of problem: TASK [lunasa_hsm : set client facts for fqdn] ********************************** Tuesday 01 June 2021 18:16:12 -0400 (0:00:06.966) 0:19:40.336 ********** skipping: [controller-0] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [lunasa_hsm : set client facts for IP override] *************************** Tuesday 01 June 2021 18:16:12 -0400 (0:00:00.066) 0:19:40.403 ********** fatal: [controller-0]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'ansible_fqdn' is undefined\n\nThe error appears to be in '/usr/share/ansible/roles/lunasa_hsm/tasks/main.yaml': line 37, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: set client facts for IP override\n ^ here\n"} Version-Release number of selected component (if applicable): [stack@undercloud share]$ rpm -qa ansible-role-lunasa-hsm ansible-role-lunasa-hsm-1.0.0-1.20210315120131.1f79d94.el8ost.noarch How reproducible: This was encountered during an upshift-ansible 16.2 deploy with the following compose RHOS-16.2-RHEL-8-20210525.n.0 [0]. My Barbican parameters are: [stack@undercloud ~]$ cat barbican-extra-parameters.yaml --- parameter_defaults: BarbicanPkcs11CryptoMKEKLabel: "dwilde_mkek_0" BarbicanPkcs11CryptoHMACLabel: "dwilde_hmac_0" BarbicanPkcs11CryptoTokenLabel: "myHAGroup" BarbicanPkcs11CryptoLogin: "z6nwEm6zSYFsyQGh" BarbicanPkcs11CryptoGlobalDefault: true LunasaVars: lunasa_client_tarball_name: 610-012382-014_SW_Client_HSM_6.2_RevA.tar.zip lunasa_client_tarball_location: http://download-node-02.eng.bos.redhat.com/qa/rhts/lookaside/IdM/rhcs/lunasa_software/610-012382-014_SW_Client_HSM_6.2_RevA.tar.zip lunasa_client_installer_path: 610-012382-014_SW_Client_HSM_6.2_RevA/linux/64/install.sh lunasa_hsms: - hostname: os-luna-hsm-1.perf.lab.eng.rdu2.redhat.com admin_password: "ABC123!!!" partition: secdfgPartition1 partition_serial: 545656014 - hostname: os-luna-hsm-2.perf.lab.eng.rdu2.redhat.com admin_password: "ABC123!!!" partition: secdfgPartition1 partition_serial: 572142014 LunasaClientIPNetwork: hsmnet ControllerIPs: hsmnet: - "10.0.110.168" Steps to Reproduce: 1. Configure upshift-ansible to deploy a lunasa environment: ❯ cat vars.yaml --- # Dave is the one who setup the gitlab runner, which requires an application # credential from keystone to get tokens and interact with Upshift. This # requires Dave's user in upshift to be used for deployments and because # upshift-ansible needs a key to inject into instances. Since keypairs in nova # are user-specific, and application credentials in keystone are user-specific, # both need to be setup by the same user. For example, this would break if one # person created the keypair and the other created the application credential # because the application credential wouldn't be able to list keypairs in nova # since they belong to different users. # # This is something we need to be aware of if we need to rotate out this user, key, # or application credential. username: dwilde keypair_name: dwilde additional_keys: - 'https://github.com/vakwetu.keys' - 'https://github.com/HarryRybacki.keys' - 'https://github.com/lbragstad.keys' - 'https://github.com/d34dh0r53.keys' - 'https://github.com/xek.keys' - 'https://github.com/dmend.keys' - 'https://github.com/jagee.keys' - 'https://github.com/moisesguimaraes.keys' - > ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8zXFd+1fWundCc8sr6uVJv8DAGtWVkzfG6MiM6RKRR/hWIVWhPdlW0VQc7VtbfCnaD91iPtb6ag3+FnnDmDlgCPFN0QXGjNtalJ9Dy/1pZ6VY7K3eDENls+cQH4+fG9Yte5tOgTqRVVQrwQjJ7yE7DIez6BNCbTZdsTT42Xan11QbOhWIzE0vT0xZM77knuSy4gEDH/es3I2888yBYwXCpEmhY/2Qb+8GxtTpdoB0v/HTco8e7ENiiwWlEO5S7BoemDlWye3DX/H2MJlybBx8qXBk2Kh13cT9V8N6/fLQFRK47u/hL8N9QCsqzh9KhzZstilwx4Gc/yex0hzahMep rheslop.local openstack_platform: osp osp_version: '16.1' osp_puddle: 'passed_phase2' deployment_name: dwilde-16-2-luna barbican_simple_crypto: False barbican_luna: True hsm_network_name: provider_net_shared_3 compute_count: 1 controller_count: 1 enable_novajoin: False enable_ovb: False enable_tls: True os_cloud_config: upshift-dwilde private_network_name: dwilde-private-2 external_network: provider_net_shared_3 server_create_timeout: 600 #distro_packages: # - redhat-lsb-core # - iptables-services 2. Deploy environment Actual results: Failure seen above: TASK [lunasa_hsm : set client facts for IP override] *************************** Tuesday 01 June 2021 18:16:12 -0400 (0:00:00.066) 0:19:40.403 ********** fatal: [controller-0]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'ansible_fqdn' is undefined\n\nThe error appears to be in '/usr/share/ansible/roles/lunasa_hsm/tasks/main.yaml': line 37, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: set client facts for IP override\n ^ here\n"} Expected results: Successful Deployment Additional info: We were able to fix this in other places by setting the ansible_fqdn fact in the calling playbook, but the better fix is to stop using ansible_fqdn in the role itself, ansible_facts['fqdn'] is a good alternative. [0]: http://download.eng.brq.redhat.com/rcm-guest/puddles/OpenStack/16.2-RHEL-8/RHOS-16.2-RHEL-8-20210525.n.0/
ansible_fqdn has been removed from the ansible-role-lunasa-hsm role and has been replace by a correct alternative - ansible_facts['fqdn'] .. the role don't fail on the mentioned error anymore. ansible-role-lunasa-hsm-1.0.0-1.20210609143309.1f79d94.el8ost build (Fixed in version) contains the fix. The build is part of RHOS-16.1-RHEL-8-20210722.n.3 puddle plus the puddles after that (most latest one is RHOS-16.1-RHEL-8-20210804.n.0). VERIFIED
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Red Hat OpenStack Platform 16.1.7 (Train) bug fix and enhancement advisory), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:3762