Appendix#

Logs#

Before opening a support ticket, capture the output of the problematic Ansible playbook by:

  1. Setting the ANSIBLE_LOG_PATH environment variable, and

  2. Running ansible-playbook with the -v flag.

For example, to log to ./ansible.log:

ANSIBLE_LOG_PATH=./ansible.log ansible-playbook -v -i <inventory_file> <playbook_name.yml>

For more information, see Ansible: Logging Ansible output .

Caution

Running ansible-playbook with the verbose (-v) flag can cause Ansible to emit credentials. See Ansible: Logging Ansible output .

sudo password#

These playbooks need to run with elevated access to managed nodes. To do this, you may need to provide a sudo password when running the ansible-playbook command.

For example, to load a file .my-password, run:

ansible-playbook --become-password-file=.my-password -i inventories/<inventory_file.yml> <playbook_file.yml>

For more information, see Ansible: Understanding privilege escalation.

SSH: Password-protected SSH keys#

To use password-protected SSH keys on your control node, use ssh-agent.

On your control node:

  1. Start the SSH agent:

    eval `ssh-agent`
    
  2. Add your SSH private key:

    ssh-add ~/.ssh/your-ssh-private-key
    

    This prompts you to enter your private key password.

Cannot download repodata/repomd.xml#

When playbooks fail with a “cannot download repodata/repomd.xml” error, it’s possible that the managed nodes cannot access the EclecticIQ package registries.

Check the following

  1. Check that all managed nodes can access https://downloads.eclecticiq.com.

  2. Check the control node:

    • That the correct credentials for https://downloads.eclecticiq.com are set in the .env file.

    • That the .env file has been loaded correctly:

      source .env
      
  3. Check the managed node:

    • Managed node must be able to access https://downloads.eclecticiq.com.

    • That credentials for https://downloads.eclecticiq.com have been correctly written to /etc/yum.repos.d/eclecticiq-ic.repo on all managed nodes.

    • If the /etc/yum.repos.d/eclecticiq-ic.repo on any managed node does not contain the correct credentials, you must manually remove /etc/yum.repos.d/eclecticiq-ic.repo, and re-run the install_intelligence_center.yml playbook.

RHEL/CentOS 7.9 and Python 3.8#

If your control node needs to run on RHEL/CentOS 7.9, you must install Python 3.8 on it to be able to run the playbooks in this package.

However, the latest Python version available on yum for RHEL/CentOS 7.9 is 3.6.8.

EclecticIQ provides a Python 3.8 package for RHEL/CentOS 7.9. To install this package:

  1. Set the EIQ_REPO_USERNAME and EIQ_REPO_PASSWORD environment variables with credentials to access https://downloads.eclecticiq.com.

    If you have already set this in .env, run:

    source .env
    
  2. As root, create a new .repo file by running:

    cat << EOF > /etc/yum.repos.d/platform-dependencies-centos-python38.repo
    [platform-dependencies-centos-python38]
    name=platform-dependencies-centos-python38
    baseurl=https://downloads.eclecticiq.com/intelligence-center-dependencies-rpm/centos/7/x86_64/python/3.8
    enabled=1
    priority=1
    username=${EIQ_REPO_USERNAME}
    password=${EIQ_REPO_PASSWORD}
    gpgkey=https://downloads.eclecticiq.com/public/GPG-KEY-eclecticiq
    EOF
    
  3. Run yum make-cache

  4. Install the python38 package:

    sudo yum install python38
    

Python 3.8 is now available as the python3.8 command.

Caution

If your control node is also a managed node (not recommended), you must remove platform-dependencies-centos-python38.repo from this control node before running the pb-install_intelligence_center.yml playbook.

Run only tagged tasks#

Some playbooks in this package contain tasks with “tags” in order to group them. If you want only run tasks with a given tag, run:

ansible-playbook -i <inventory> playbook_name.yml --tag=run_only_this_tag

 Runs only tasks with the tag "run_only_this_tag"
 in the playbook_name.yml playbook.