Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ansible azure_rm_deployment module returns error but deployment in Azure was successful #969

Closed
mlacko64 opened this issue Sep 8, 2022 · 14 comments · Fixed by #986
Closed

Ansible azure_rm_deployment module returns error but deployment in Azure was successful #969

mlacko64 opened this issue Sep 8, 2022 · 14 comments · Fixed by #986
Labels
bug Something isn't working has_pr PR fixes have been made medium_priority Medium priority work in In trying to solve, or in working with contributors

Comments

@mlacko64
Copy link

mlacko64 commented Sep 8, 2022

SUMMARY

Ansible azure_rm_deployment module returns error but deployment in Azure was successful.
When deploying this ARM template via az cli or Azure portal, it ends successfully. No errors.
When deploying using azure_rm_deployment, it deploys resources, no error in deployments in Azure portal. But task itself has failed.

Seems somehow related to conditions in ARM template, but it appears only when I used NICs. Tried with storage account resources, but did not occured.

ISSUE TYPE
  • Bug Report
COMPONENT NAME

azure_rm_deployment

ANSIBLE VERSION
ansible [core 2.12.2]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/ocpadmin/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/ocpadmin/ansible/lib/python3.9/site-packages/ansible
  ansible collection location = /home/ocpadmin/.ansible/collections:/usr/share/ansible/collections
  executable location = /home/ocpadmin/ansible/bin/ansible
  python version = 3.9.10 (main, Feb  9 2022, 00:00:00) [GCC 11.2.1 20220127 (Red Hat 11.2.1-9)]
  jinja version = 3.1.2
  libyaml = True
COLLECTION VERSION
Collection         Version
------------------ -------
ansible.posix      1.4.0
azure.azcollection 1.13.0
community.crypto   2.5.0
community.general  5.5.0
kubernetes.core    2.3.2
CONFIGURATION
(ansible) [admin@bastion ~]$ ansible-config dump --only-changed
(ansible) [admin@bastion ~]$
OS / ENVIRONMENT

Red Hat Enterprise Linux release 9.0 (Plow)

STEPS TO REPRODUCE
-------------playbook-------------------
- name: This is a test
  hosts: localhost

  tasks:
    - name: test deployment
      azure_rm_deployment:
        state: present
        resource_group_name: testrg
        name: test_deploy
        template: "{{ lookup('file', 'test.json') }}"
        location: francecentral
        parameters:
          selector:
            value: first
-------------------------------------------

-------------test.json---------------------
{
  "$schema" : "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion" : "1.0.0.0",
  "parameters" : {
    "selector": {
      "type": "string",
      "allowedValues": [
        "first",
        "second"
      ]
    },
    "subscriptionId": {
      "type": "securestring",
      "defaultValue": "[subscription().subscriptionId]",   
      "metadata": {
        "description": "Specifies the subscription ID for deployment"
      }
    }
  },
  "variables" : {     
    "location" : "[resourceGroup().location]"  
  },
  "resources" : [
    {
        "type": "Microsoft.Network/virtualNetworks",
        "apiVersion": "2020-05-01",
        "name": "mynetwork",
        "location": "[variables('location')]",
        "properties": {
          "addressSpace": {
            "addressPrefixes": [
              "10.0.0.0/16"
            ]
          },
          "subnets": [
            {
              "name": "mysubnet",
              "properties": {
                "addressPrefix": "10.0.0.0/24"
              }
            }
          ]
        }
      },

    {
      "condition": "[equals(parameters('selector'), 'first')]",
      "apiVersion" : "2018-06-01",    
      "type" : "Microsoft.Network/networkInterfaces",
      "name" : "nicname",
      "location" : "[variables('location')]",
      "dependsOn" : [
        "mynetwork"
      ],      
      "properties" : {
        "ipConfigurations" : [
          {
            "name" : "pipConfig",
            "properties" : {
              "privateIPAddress": "10.0.0.10",
              "privateIPAllocationMethod": "Static",
               "subnet" : {
                "id" : "[concat('/subscriptions/',parameters('subscriptionId'),'/resourceGroups/',resourceGroup().name,'/providers/Microsoft.Network/virtualNetworks/mynetwork/subnets/mysubnet')]"
              }             
            }
          }
        ]
      }
    },
    {
      "condition": "[equals(parameters('selector'), 'second')]",
      "apiVersion" : "2018-06-01",    
      "type" : "Microsoft.Network/networkInterfaces",
      "name" : "nicname2",
      "dependsOn" : [
        "mynetwork"
      ],      
      "location" : "[variables('location')]",
      "properties" : {
        "ipConfigurations" : [
          {
            "name" : "pipConfig",
            "properties" : {
              "privateIPAddress": "10.0.0.20",
              "privateIPAllocationMethod": "Static",
               "subnet" : {
                "id" : "[concat('/subscriptions/',parameters('subscriptionId'),'/resourceGroups/',resourceGroup().name,'/providers/Microsoft.Network/virtualNetworks/mynetwork/subnets/mysubnet')]"
              }               
            }
          }
        ]
      }
    },     
    {
      "apiVersion" : "2018-06-01",
      "type" : "Microsoft.Compute/virtualMachines",
      "name" : "myvm",
      "location" : "[variables('location')]",
      "dependsOn" : [
        "nicname",
        "nicname2"
      ],    
      "properties" : {
        "hardwareProfile" : {
          "vmSize" : "Standard_D2s_v3"
        },
        "osProfile" : {
            "computerName": "myvm",
            "adminUsername": "myadmin",
            "adminPassword": "myPassword12345678"
        },
        "storageProfile": {
            "osDisk": {
              "createOption": "FromImage",
              "managedDisk": {
                "storageAccountType": "Standard_LRS"
              }
            },
            "imageReference": {
              "publisher": "Canonical",
              "offer": "UbuntuServer",
              "sku": "18.04-LTS",
              "version": "latest"
            }
          },
        "networkProfile" : {
          "networkInterfaces" : [
            {
              "id" : "[if(equals(parameters('selector'), 'first'),concat('/subscriptions/',parameters('subscriptionId'),'/resourceGroups/',resourceGroup().name,'/providers/Microsoft.Network/networkInterfaces/nicname'),concat('/subscriptions/',parameters('subscriptionId'),'/resourceGroups/',resourceGroup().name,'/providers/Microsoft.Network/networkInterfaces/nicname2'))]"
            }
          ]
        }       
      }
    }
  ]
}
-------------------------------------------
EXPECTED RESULTS

task should return success

ACTUAL RESULTS
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [This is a test] *********************************************************************************************************************************************

TASK [Gathering Facts] ********************************************************************************************************************************************
ok: [localhost]

TASK [test deployment] ********************************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: Message: The Resource 'Microsoft.Network/networkInterfaces/nicname2' under resource group 'testrg' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix
fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n  File \"/home/ocpadmin/.ansible/tmp/ansible-tmp-1662643080.2688594-5245-199867779526221/AnsiballZ_azure_rm_deployment.py\", line 107, in <module>\n    _ansiballz_main()\n  File \"/home/ocpadmin/.ansible/tmp/ansible-tmp-1662643080.2688594-5245-199867779526221/AnsiballZ_azure_rm_deployment.py\", line 99, in _ansiballz_main\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n  File \"/home/ocpadmin/.ansible/tmp/ansible-tmp-1662643080.2688594-5245-199867779526221/AnsiballZ_azure_rm_deployment.py\", line 47, in invoke_module\n    runpy.run_module(mod_name='ansible_collections.azure.azcollection.plugins.modules.azure_rm_deployment', init_globals=dict(_module_fqn='ansible_collections.azure.azcollection.plugins.modules.azure_rm_deployment', _modlib_path=modlib_path),\n  File \"/usr/lib64/python3.9/runpy.py\", line 210, in run_module\n    return _run_module_code(code, init_globals, run_name, mod_spec)\n  File \"/usr/lib64/python3.9/runpy.py\", line 97, in _run_module_code\n    _run_code(code, mod_globals, init_globals,\n  File \"/usr/lib64/python3.9/runpy.py\", line 87, in _run_code\n    exec(code, run_globals)\n  File \"/tmp/ansible_azure_rm_deployment_payload_j8hh1yfv/ansible_azure_rm_deployment_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_deployment.py\", line 706, in <module>\n  File \"/tmp/ansible_azure_rm_deployment_payload_j8hh1yfv/ansible_azure_rm_deployment_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_deployment.py\", line 702, in main\n  File \"/tmp/ansible_azure_rm_deployment_payload_j8hh1yfv/ansible_azure_rm_deployment_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_deployment.py\", line 465, in __init__\n  File \"/tmp/ansible_azure_rm_deployment_payload_j8hh1yfv/ansible_azure_rm_deployment_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py\", line 469, in __init__\n  File \"/tmp/ansible_azure_rm_deployment_payload_j8hh1yfv/ansible_azure_rm_deployment_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_deployment.py\", line 490, in exec_module\n  File \"/tmp/ansible_azure_rm_deployment_payload_j8hh1yfv/ansible_azure_rm_deployment_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_deployment.py\", line 641, in _get_instances\n  File \"/tmp/ansible_azure_rm_deployment_payload_j8hh1yfv/ansible_azure_rm_deployment_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_deployment.py\", line 641, in <listcomp>\n  File \"/tmp/ansible_azure_rm_deployment_payload_j8hh1yfv/ansible_azure_rm_deployment_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_deployment.py\", line 684, in _nic_to_public_ips_instance\n  File \"/tmp/ansible_azure_rm_deployment_payload_j8hh1yfv/ansible_azure_rm_deployment_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_deployment.py\", line 684, in <listcomp>\n  File \"/tmp/ansible_azure_rm_deployment_payload_j8hh1yfv/ansible_azure_rm_deployment_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_deployment.py\", line 685, in <genexpr>\n  File \"/home/ocpadmin/ansible/lib/python3.9/site-packages/azure/mgmt/network/v2021_03_01/operations/_network_interfaces_operations.py\", line 439, in get\n    map_error(status_code=response.status_code, response=response, error_map=error_map)\n  File \"/home/ocpadmin/ansible/lib/python3.9/site-packages/azure/core/exceptions.py\", line 107, in map_error\n    raise error\nazure.core.exceptions.ResourceNotFoundError: (ResourceNotFound) The Resource 'Microsoft.Network/networkInterfaces/nicname2' under resource group 'testrg' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix\nCode: ResourceNotFound\nMessage: The Resource 'Microsoft.Network/networkInterfaces/nicname2' under resource group 'testrg' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}

PLAY RECAP ********************************************************************************************************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0
@Fred-sun
Copy link
Collaborator

@mlacko64 Thank you for following Ansible! Two nics are created in your template, but only one of your parameters is defined, so the second NIC is not created. "He led to the error Resource 'Microsoft.Net work/networkInterfaces/nicname2' under the Resource group 'testrg' was not found." Thanks!

@Fred-sun Fred-sun added medium_priority Medium priority not a bug Not a bug work in In trying to solve, or in working with contributors labels Sep 20, 2022
@mlacko64
Copy link
Author

@Fred-sun
Hello, yes, that's true and that is just an simple example.

Problem is that when you run it from portal or az cli, template ends with success. When I run it using ansible, it ends with failure (but there is no failure at all visible in azure for that deployment). And I believe there should be no error reported, because only one NIC should be deployed based on inputs. So in short, I believe that returned error is a bug.

Moreover, this is somehow related just to NICs, I tried something similar with storage account (simple condition, where just one of two is deployed) and there was no problem at all.

@Fred-sun
Copy link
Collaborator

@mlacko64 Ansible is deployed through the API interface. There are two nics in the template, but you only configure one, which is not reasonable?

@Fred-sun
Copy link
Collaborator

@mlacko64 Alternatively, you can simply delete line 101 from the template, and the deployment will create a network interface, which is successfully created. Thank you very much!

@mlacko64
Copy link
Author

@Fred-sun
deleting line 101 will help only in case nicname will be deployed based on input parameter "selector" .If it set to deploy nicname2 deployment will fail because Azure will try to deploy nic and VM in paralel.
As I said, this was just example to demonstrate, my original issue came from other bigger template, but I was able to reduce issue on this info I provided.

I would say either module is doing some "over work" and verifing if all nics were deployed, but ignoring fact there can be condition for deployment in ARM template.
Or, other option is that Azure API is returning this error , but then it is strange that Azure portal/AZ CLI does not report it.

@Fred-sun
Copy link
Collaborator

@mlacko64 Ansible calls the API interface to complete the deployment and returns the result. The deployment task is done by the Service according to the template. The error is caused by an incorrect template. Azure Portal/AZ CLI does not report errors, what is the relevance of this module?

@mlacko64
Copy link
Author

Hello,
I tried to deploy this template via Azure API and then verify its status also via API, but there were no errors at all. Response from status verify can be seen below.

{
"id": "/subscriptions//resourceGroups/pokus/providers/Microsoft.Resources/deployments/testing",
"name": "testing",
"type": "Microsoft.Resources/deployments",
"properties": {
"templateHash": "1580322081792750218",
"parameters": {
"selector": {
"type": "String",
"value": "first"
},
"subscriptionId": {
"type": "SecureString"
}
},
"mode": "Incremental",
"provisioningState": "Succeeded",
"timestamp": "2022-09-23T08:11:32.8198143Z",
"duration": "PT34.6933018S",
"correlationId": "ad1ad7cc-3958-41b4-994e-301b4a5c7521",
"providers": [
{
"namespace": "Microsoft.Network",
"resourceTypes": [
{
"resourceType": "virtualNetworks",
"locations": [
"francecentral"
]
},
{
"resourceType": "networkInterfaces",
"locations": [
"francecentral"
]
}
]
},
{
"namespace": "Microsoft.Compute",
"resourceTypes": [
{
"resourceType": "virtualMachines",
"locations": [
"francecentral"
]
}
]
}
],
"dependencies": [
{
"dependsOn": [
{
"id": "/subscriptions//resourceGroups/pokus/providers/Microsoft.Network/virtualNetworks/mynetwork",
"resourceType": "Microsoft.Network/virtualNetworks",
"resourceName": "mynetwork"
}
],
"id": "/subscriptions//resourceGroups/pokus/providers/Microsoft.Network/networkInterfaces/nicname",
"resourceType": "Microsoft.Network/networkInterfaces",
"resourceName": "nicname"
},
{
"dependsOn": [
{
"id": "/subscriptions//resourceGroups/pokus/providers/Microsoft.Network/virtualNetworks/mynetwork",
"resourceType": "Microsoft.Network/virtualNetworks",
"resourceName": "mynetwork"
}
],
"id": "/subscriptions//resourceGroups/pokus/providers/Microsoft.Network/networkInterfaces/nicname2",
"resourceType": "Microsoft.Network/networkInterfaces",
"resourceName": "nicname2"
},
{
"dependsOn": [
{
"id": "/subscriptions//resourceGroups/pokus/providers/Microsoft.Network/networkInterfaces/nicname",
"resourceType": "Microsoft.Network/networkInterfaces",
"resourceName": "nicname"
},
{
"id": "/subscriptions//resourceGroups/pokus/providers/Microsoft.Network/networkInterfaces/nicname2",
"resourceType": "Microsoft.Network/networkInterfaces",
"resourceName": "nicname2"
}
],
"id": "/subscriptions//resourceGroups/pokus/providers/Microsoft.Compute/virtualMachines/myvm",
"resourceType": "Microsoft.Compute/virtualMachines",
"resourceName": "myvm"
}
],
"outputResources": [
{
"id": "/subscriptions//resourceGroups/pokus/providers/Microsoft.Compute/virtualMachines/myvm"
},
{
"id": "/subscriptions//resourceGroups/pokus/providers/Microsoft.Network/networkInterfaces/nicname"
},
{
"id": "/subscriptions//resourceGroups/pokus/providers/Microsoft.Network/virtualNetworks/mynetwork"
}
]
}
}

@Fred-sun
Copy link
Collaborator

@mlacko64 Is your template exactly the same as above? Or can you provide your template? Thank you very much!

@mlacko64
Copy link
Author

yes, I used same template as is mentioned in this conversation at top

@Fred-sun
Copy link
Collaborator

Two nics?

@mlacko64
Copy link
Author

yes, two nics , only one will be deployed based on input parameter , like mentioned in "STEPS TO REPRODUCE" section

@Fred-sun
Copy link
Collaborator

@mlacko64 It doesn't make sense that the VM in the template will have two nics attached, but only one will be created here and one will be attached. So the template should look something like this?

old template:
......
      "apiVersion" : "2018-06-01",
      "type" : "Microsoft.Compute/virtualMachines",
      "name" : "myvm",
      "location" : "[variables('location')]",
      "dependsOn" : [
        "nicname",
        "nicname2"
      ],    
......

Change to

......
      "apiVersion" : "2018-06-01",
      "type" : "Microsoft.Compute/virtualMachines",
      "name" : "myvm",
      "location" : "[variables('location')]",
      "dependsOn" : [
        "nicname",
      ],    
......

@mlacko64
Copy link
Author

Essential goal of that template is that it allows user to choose between two nics based on parameter input.

If there will be dependency only on first NIC and user provides input parameter "second", then deployment of NIC and VM will start in parallel which will result in failure.

I still do not think problem is template as it is valid for Azure.

@Fred-sun Fred-sun mentioned this issue Sep 23, 2022
Merged
@Fred-sun Fred-sun added bug Something isn't working has_pr PR fixes have been made and removed not a bug Not a bug labels Sep 23, 2022
@Fred-sun
Copy link
Collaborator

fixes by #986

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working has_pr PR fixes have been made medium_priority Medium priority work in In trying to solve, or in working with contributors
Projects
None yet
Milestone
No milestone
2 participants
@Fred-sun @mlacko64