Posted on Leave a comment

Bad HTTP response returned from server Code 500 – Ansible authentication

When you try to connect through kerberos with a domain account on Ansible windows hosts, you may encounter the error that is shown below:

The configuration for the kerberos connection. is listed below, and you can find the steps on my previous article.

[all:vars]

ansible_connection = winrm
ansible_winrm_server_cert_validation = ignore
ansible_port =  5985
ansible_user = domainUser
ansible_password = password
ansible_become_method= runas
ansible_winrm_transport = kerberos

The problem occur while trying to connect with port 5985 unencrypted on the remote machine. To bypass the problem you could run on PowerShell the below command which allows an unencrypted connection through winrm protocol.

Set-Item -Path WSMan:\localhost\Service\AllowUnencrypted -Value true

Lastly you could try a test connection to verify the result.

Posted on Leave a comment

How to create a hello world Ansible module with Documentation

If you cannot locate a plugin that suits your needs by using Ansible, you can easily extend the default functionality by creating your own python module. In this article I will explain the procedure for the creation of a module.

First of all you should create a python code and use Ansible SDK. A detailed description for the creation of the development environment can be found on official documentation.

The example module is a hello world, that gets as an input your name, surname and prints a hello message.

Copy your hello.py on ansible modules location. On my working machine this is the path /usr/local/lib/python3.9/site-packages/ansible/modules

When you include your documentation on the python file, you can explore it with:

ansible-doc hello
Documentation for module

If you try a module run without the required parameters, it will fail as shown below:

Plugin run without required parameters

Run your custom module by using the below playbook:

Input with only name as parameter:

---
- name: test playbook using custom code
  hosts: localhost
  tasks:
    - name: using my custom module
      hello:
        name: Gerasimos
      register: result
      
    - name: show output
      debug:
        var: result

Input with name and surname as parameters:

---
- name: test playbook using custom code
  hosts: localhost
  tasks:
    - name: using my custom module
      hello:
        name: Gerasimos
        surname: Alexiou
      register: result
      
    - name: show output
      debug:
        var: result

Code for the example module can be found on my github repo.

Posted on Leave a comment

Automate your deployments with .gitlab-ci.yml and Openshift – Gitlab Devops

This article describes how to create a Gitlab CI/CD pipeline using gitlab-runner and docker as the build strategy in order to deploy microservices on Openshift.

On my previous articles I have explained how to create your own hosted gitlab instance and deploy a single CI/CD pipeline using gitlab-runner. The whole setup was based on containers, as a result the infrastructure needed can be deployed on Openshift as well.

The pipeline consists of three steps, housekeeping, staging and cleaning. It is based on the default example that gitlab provides and uses oc commands to communicate with Openshift. It is configured to be triggered only for develop branch and every time a new commit is added the build starts.

  • The housekeeping step will remove every resource that has been created from a previous build.
  • The staging step will build the microservices based on your Dockerfile instructions as the build strategy is set to docker.
  • The cleaning task will remove the building pods that have been created from Openshift.

The housekeeping step is allowed to fail so that if no resources are found, the building step will continue its work.

You can see below a simple run of the pipeline.

You can find the code of the pipeline in the below repository:

https://github.com/geralexgr/gitlab-cicd-openshift-deploy/blob/main/gitlab-ci.yml

Posted on Leave a comment

CI/CD operations – /usr/bin/oc permission denied

When you get a failure from your CI/CD pipeline regarding permission denied reasons, you should change them accordingly so that all users could access the oc tool.

The resolution is to provide 751 permissions or any other needed, but make some that user that executes the pipeline will be able to run the oc tool. Personally I added execute for others and I could bypass the error.