I try to run some ansible tasks with the k8s module. Locally this works perfect, but on my Jenkins instance, it fails with the following error message:
...
MaxRetryError(_pool, url, error or ResponseError(cause))\nurllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='xxxxxxxxxxxxxx', port=443): Max retries exceeded with url: /version (Caused by NewConnectionError(': Failed to establish a new connection: [Errno -2] Name or service not known',))\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1 }
I am quite sure this is because the Jenkins requires a proxy to communicate to the outside world. I´ve seen how to set up ansible for using a proxy, but that does not seem to work with the k8s module. Any ideas? Here´s what I´ve tried so far:
- hosts: ansible_server
connection: local
gather_facts: no
environment:
https_proxy: "xxx"
http_proxy: "xxx"
tasks:
- name: Gather facts to check connectivity
k8s_facts:
api_key: "{{api_key}}"
host: "{{cluster_url}}"
kind: Project
register: listed_projectsPS: I added the -vvv flag and can see that it tries to use the proxy somehow:
EXEC /bin/sh -c '/usr/bin/python && sleep 0' Using module file /usr/lib/python2.7/site-packages/ansible/modules/clustering/k8s/k8s_facts.py PUT /root/.ansible/tmp/ansible-local-1fHx5f6/tmpDUhlNa TO /root/.ansible/tmp/ansible-tmp-1570565569.96-190678136757098/AnsiballZ_k8s_facts.py EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1570565569.96-190678136757098/ /root/.ansible/tmp/ansible-tmp-1570565569.96-190678136757098/AnsiballZ_k8s_facts.py && sleep 0' EXEC /bin/sh -c 'https_proxy=xxx http_proxy=xxx /usr/bin/python /root/.ansible/tmp/ansible-tmp-1570565569.96-190678136757098/AnsiballZ_k8s_facts.py && sleep 0' EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1570565569.96-190678136757098/ > /dev/null 2>&1 && sleep 0'
I agree with @ilias-sp but it also appears that k8s/common.py does not support the configuration.proxy attribute, , and as best I can tell urllib3 does not honor those proxy environment variables the way "normal" urllib does, opting instead to use its own ProxyManager that is driven by an explicit constructor kwarg
However, thanks to the "override" mechanism of ansible, I believe you can test this theory:
k8s_facts.py into the library folder of your playbookproxy in the AUTH_ARG_MAP, which I believe the patch below will do (the patch is against v2.8.5 so you may need to fiddle with it if your version is different)Explicitly set your proxy: attribute on your new k8s_facts module and see if it works
- k8s_facts:
host: api-server-whatever
kind: Project
proxy: http://my-proxy:3128Assuming it does, open an issue in ansible to let them know
--- a/library/k8s_facts.py 2019-10-08 22:23:24.000000000 -0700
+++ b/library/k8s_facts.py 2019-10-08 22:24:50.000000000 -0700
@@ -130,13 +130,14 @@
'''
-from ansible.module_utils.k8s.common import KubernetesAnsibleModule, AUTH_ARG_SPEC
+from ansible.module_utils.k8s.common import KubernetesAnsibleModule, AUTH_ARG_SPEC, AUTH_ARG_MAP
import copy
class KubernetesFactsModule(KubernetesAnsibleModule):
def __init__(self, *args, **kwargs):
+ AUTH_ARG_MAP['proxy'] = 'proxy'
KubernetesAnsibleModule.__init__(self, *args,
supports_check_mode=True,
**kwargs)
@@ -163,6 +164,7 @@
namespace=dict(),
label_selectors=dict(type='list', default=[]),
field_selectors=dict(type='list', default=[]),
+ proxy=dict(type='str', required=False),
)
)
return args