PowerFlex 업그레이드 실패: ansible.legacy.setup /usr/bin/sudo 크랙: 사용 권한이 거부됨
Summary: -PowerFlex 소프트웨어 양식 4.5.1에서 4.5.2로 업그레이드 - 오류로 인해 노드 중 하나의 업그레이드에 실패했습니다. PowerFlex 업그레이드(XXX) - OS=PowerFlex 실패: ob-f0f65576-c290-4ae1-a398-cde0399284db-0 "Gathering Facts" 작업을 실행하는 동안 ndc-xxxxxxxx이(가) 구성에 실패했습니다. ansible.legacy.setup 모듈을 실행하지 못했습니다. ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
예외 로그를 분석한 결과 오류가 제공되었으며 근본 원인에 해당하는 .yaml 및 .out 파일이 표시되었습니다.
배포 로그:
DEBUG [2024-05-08T10:59:38.422838] 27544: service_deployment.rb:1874:in `process_ansible_errors': Exception while running ansible playbook RuntimeError: Command
failed: env VAULT=****** ANSIBLE_STDOUT_CALLBACK=json ANSIBLE_HOST_KEY_CHECKING=False ANSIBLE_SSH_ARGS="-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no
-o ServerAliveInterval=30" ANSIBLE_PERSISTENT_CONNECT_TIMEOUT=120 ANSIBLE_PERSISTENT_COMMAND_TIMEOUT=120 timeout 1800 sudo -E /usr/local/bin/ansible-playbook -i
/opt/Dell/ASM/deployments/Job-d77631dd-0808-43ee-a152-dd4c4552d384-0/plays/ndc-esdsosp12-inv.yaml /opt/Dell/ASM/deployments/Job-d77631dd-0808-43ee-a152-dd4c4552d384-0/plays/ndc-esdsosp12.yaml
--vault-password-file /opt/asm-deployer/scripts/run_vault_script.py; output in /opt/Dell/ASM/deployments/Job-d77631dd-0808-43ee-a152-dd4c4552d384-0/ndc-esdsosp12.out
ERROR [2024-05-08T10:59:38.433623] 27544: service_deployment.rb:1887:in `process_ansible_errors': Error Message: The following modules failed to execute:
ansible.legacy.setup
DEBUG [2024-05-08T10:59:38.434102] 27544: service_deployment.rb:1897:in `process_ansible_errors': errpr_desc = The following modules failed to execute: ansible.legacy.setup;
additional_error_check = false
예외 로그:
<RuntimeError: Failed to transfer ca-cert on 10.x.x.71: RuntimeError: Error running ansible playbook: : RuntimeError :: Command failed: env VAULT=****** ANSIBLE_STDOUT_CALLBACK=json ANSIBLE_HOST_KEY_CHECKING=False ANSIBLE_SSH_ARGS="-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o ServerAliveInterval=30" ANSIBLE_PERSISTENT_CONNECT_TIMEOUT=120 ANSIBLE_PERSISTENT_COMMAND_TIMEOUT=120 timeout 1800 sudo -E /usr/local/bin/ansible-playbook -i /opt/Dell/ASM/deployments/Job-d77631dd-0808-43ee-a152-dd4c4552d384-0/plays/ndc-esdsosp12-inv___5.yaml /opt/Dell/ASM/deployments/Job-d77631dd-0808-43ee-a152-dd4c4552d384-0/plays/ndc-esdsosp12___5.yaml --vault-password-file /opt/asm-deployer/scripts/run_vault_script.py; output in /opt/Dell/ASM/deployments/Job-d77631dd-0808-43ee-a152-dd4c4552d384-0/ndc-esdsosp12___5.out: Error running ansible playbook: : RuntimeError :: Command failed: env VAULT=****** ANSIBLE_STDOUT_CALLBACK=json ANSIBLE_HOST_KEY_CHECKING=False ANSIBLE_SSH_ARGS="-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o ServerAliveInterval=30" ANSIBLE_PERSISTENT_CONNECT_TIMEOUT=120 ANSIBLE_PERSISTENT_COMMAND_TIMEOUT=120 timeout 1800 sudo -E /usr/local/bin/ansible-playbook -i /opt/Dell/ASM/deployments/Job-d77631dd-0808-43ee-a152-dd4c4552d384-0/plays/ndc-esdsosp12-inv___5.yaml /opt/Dell/ASM/deployments/Job-d77631dd-0808-43ee-a152-dd4c4552d384-0/plays/ndc-esdsosp12___5.yaml --vault-password-file /opt/asm-deployer/scripts/run_vault_script.py; output in /opt/Dell/ASM/deployments/Job-d77631dd-0808-43ee-a152-dd4c4552d384-0/ndc-esdsosp12___5.out>
.yaml 로그:
all: hosts: 10.x.x.71: server: 10.x.x.71 ansible_ssh_user: pflex ansible_ssh_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 33396339316633666565326637633562616561363339646436393530326666616332623233333862 3362356365656433386535666139306337386638626137340a383532623431613734613133366638 39353665653639343661346438343636633937306331333164656666663662373338396536313530 6137636663656637660a363036333663613566373237316637623635623265303434313231653735 3064 ansible_ssh_private_key_file: "/tmp/20240509-5076-oix54r" ansible_become_password: !vault | $ANSIBLE_VAULT;1.1;AES256 33396339316633666565326637633562616561363339646436393530326666616332623233333862 3362356365656433386535666139306337386638626137340a383532623431613734613133366638 39353665653639343661346438343636633937306331333164656666663662373338396536313530 6137636663656637660a363036333663613566373237316637623635623265303434313231653735 3064 source: "/opt/asm-deployer/tls/ca.crt" destination: "/etc/pki/trust/anchors" cert_file: ca.crt is_non_root_user: true
.out 로그:
"hosts": {
"10.x.x.71": {
"_ansible_no_log": false,
"_ansible_verbose_override": true,
"action": "gather_facts",
"ansible_facts": {},
"changed": false,
"failed": true,
"failed_modules": {
"ansible.legacy.setup": {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3.6"
},
"failed": true,
"module_stderr": "Warning: Permanently added '10.x.x.71' (ECDSA) to the list of known hosts.\r\nConnection to 10.x.x.71 closed.\r\n",
"module_stdout": "/bin/sh: /usr/bin/sudo: Permission denied\r\n",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 126, Cause
로그 분석에 따르면 'pflex' 사용자 권한에 문제가 있음을 알 수 있습니다. 사용 권한 문제로 인해 'pflex'가 소스에서 대상으로 인증서를 복사할 수 없습니다.
Resolution
노드에서 pflex 사용자의 권한을 수정하여 문제가 해결되었습니다.
호스트:
usermod -a -G trusted pflex cd /etc/sudoers.d cp -p common-criteria common-criteria.2024-05-10 update: common-criteria %trusted ALL=(ALL) NOPASSWD: ALL
테스트:
sudo su - pflex sudo ls -ltra
Affected Products
PowerFlex rack, ScaleIOArticle Properties
Article Number: 000227009
Article Type: Solution
Last Modified: 03 Feb 2025
Version: 2
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.