Authentication or Permissions issue while running ansible-container build

[Manigunner]

ISSUE TYPE

• Bug Report

container.yml

es: {}

version: '2'
settings:
conductor_base: centos:7
services:
ansible.play_container:
from: "nginx_base"
roles:

• nginx_container
  ports:
• "xxx"
  user: root
  command: ['app/xxx/docker-entrypoint.sh']
  registries: {}```

##### OS / ENVIRONMENT
<!--- Paste output from `ansible-container --debug version` between the quotes below -->

Ansible Container, version 0.9.2
Linux, 3.10.0-327.13.1.el7.x86_64, #1 SMP Mon Feb 29 13:22:02 EST 2016, x86_64
2.7.5 (default, May 3 2017, 07:55:04)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-14)] /usr/bin/python

Client:
Version: 1.13.0
API version: 1.25
Go version: go1.7.3
Git commit: 49bf474
Built: Tue Jan 17 09:55:28 2017
OS/Arch: linux/amd64

Server:
Version: 1.13.0
API version: 1.25 (minimum version 1.12)
Go version: go1.7.3
Git commit: 49bf474
Built: Tue Jan 17 09:55:28 2017
OS/Arch: linux/amd64
Experimental: false

roles/nginx_container/tasks/main.yml 
- name: Create dir and ownership
  shell: mkdir -p /app/tmp && mkdir -p /app/log && chown -R nginx:nginx /app
- shell: mkdir -p /tmp/nginx && chown -R nginx:nginx /tmp/nginx
- shell: chown -R nginx:nginx /usr/share/wurfl/
- name: Ensure /app/tmp/nginx/html exists
  file:
    path: /app/tmp/nginx/html
    state: directory
- copy:
    src: /templates/Dockerfile
    dest: /app/tmp/nginx/html/Dockerfile
- name: Ensure /app/tmp/nginx/html exists
  file:
    path: /app/tmp/nginx/html
    state: directory
- copy:
    src: /templates/docker-entrypoint.sh
    dest: /app/tmp/nginx/html/docker-entrypoint.sh
- name: Ensure /app/tmp/nginx exists
  file:
    path: /app/tmp/nginx
    state: directory
- shell: chown -R nginx:nginx /app/tmp/nginx/html
- shell: chmod +x /app/tmp/nginx/html/docker-entrypoint.sh
  remote_user: nginx
- shell: tar -xzf *.tgz
  remote_user: nginx
  args:
    chdir: /app/tmp/nginx/html
- shell: rm *.tgz
  remote_user: nginx
  args:
    chdir: /app/tmp/nginx/html


##### SUMMARY
Im building nginx container and while executing build am facing issue with authentications and permissions.

##### STEPS TO REPRODUCE
Sudo ansible-container --debug build

##### EXPECTED RESULTS
Image should be created successfully

##### ACTUAL RESULTS
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/setup.py
<c94048b2a046a9077fbff0558919ce55704e6b8634af611abe6ec2d58a2ccd18> ESTABLISH DOCKER CONNECTION FOR USER: root
<c94048b2a046a9077fbff0558919ce55704e6b8634af611abe6ec2d58a2ccd18> EXEC ['/usr/local/bin/docker', 'exec', '-i', u'c94048b2a046a9077fbff0558919ce55704e6b8634af611abe6ec2d58a2ccd18', u'/bin/sh', '-c', u"/bin/sh -c 'echo ~ && sleep 0'"]
<c94048b2a046a9077fbff0558919ce55704e6b8634af611abe6ec2d58a2ccd18> EXEC ['/usr/local/bin/docker', 'exec', '-i', u'c94048b2a046a9077fbff0558919ce55704e6b8634af611abe6ec2d58a2ccd18', u'/bin/sh', '-c', u'/bin/sh -c \'( umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1512122910.09-221104636739910 `" && echo ansible-tmp-1512122910.09-221104636739910="` echo ~/.ansible/tmp/ansible-tmp-1512122910.09-221104636739910 `" ) && sleep 0\'']
fatal: [ansible.nginx-container]: UNREACHABLE! => {
    "changed": false,
    "msg": "Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote temp path in ansible.cfg to a path rooted in \"/tmp\". Failed command was: ( umask 77 && mkdir -p \"` echo ~/.ansible/tmp/ansible-tmp-1512122910.09-221104636739910 `\" && echo ansible-tmp-1512122910.09-221104636739910=\"` echo ~/.ansible/tmp/ansible-tmp-1512122910.09-221104636739910 `\" ), exited with result 1, stderr output: Error response from daemon: Container c94048b2a046a9077fbff0558919ce55704e6b8634af611abe6ec2d58a2ccd18 is not running\n",
    "unreachable": true
}
        to retry, use: --limit @/tmp/tmpz1vgBz/playbook.retry
PLAY RECAP *********************************************************************
ansible.nginx-container    : ok=0    changed=0    unreachable=1    failed=0
ERROR   Error applying role!    engine=<container.docker.engine.Engine object at 0x7fa92bc59e90> exit_code=4 playbook=[{'hosts': u'ansible.nginx-container', 'roles': ['nginx_container'], 'vars': {}}]
Traceback (most recent call last):
  File "/usr/bin/conductor", line 11, in <module>
    load_entry_point('ansible-container', 'console_scripts', 'conductor')()
  File "/_ansible/container/__init__.py", line 19, in __wrapped__
    return fn(*args, **kwargs)
  File "/_ansible/container/cli.py", line 406, in conductor_commandline
    **params)
  File "/_ansible/container/__init__.py", line 19, in __wrapped__
    return fn(*args, **kwargs)
  File "/_ansible/container/core.py", line 833, in conductorcmd_build
    raise RuntimeError('Build failed.')
RuntimeError: Build failed.
Conductor terminated. Cleaning up.      command_rc=1 conductor_id=84bf92b8be79b06b8801a53f4a0b786d583fbf9eab3c5b3c389c7224454d8745 save_container=False
ERROR   Conductor exited with status 1

[chouseknecht]

@Manigunner

I can get this to work, mostly, in my environment by setting the from image to centos:7. I at least don't run into an Authentication or permission failure error.

Again, I suspect there is some incompatibility between our cento:7 conductor and the nginx_base image.

[Manigunner]

Hi @chouseknecht , any other way how to resolve this incompatibility issues. We knew that centos;7 is our right conductor_base to work on this to setup nginx:container. Any inputs on this from your side would be highly appreciated.

[j00bar]

The error message states the "authentication or permission failure" is that the target container isn't running.

There's an unusual trend in many of your bug reports, @Manigunner, that seem to be highly correlated to your particular Docker environment. Images disappearing. Containers disappearing. The daemon disappearing. Can you possibly provide some insight into what you execution environment is, whether it's shared, whether it's local or hosted elsewhere, how your Docker daemon is configured, etc?

[yeungs]

I am experiencing the same error. I am trying to build a custom docker image based on ubuntu 14.04 docker image so I can install Java on top of it.

Here is my container.yml file;

version: "2"
settings:

  conductor:
    base: ubuntu:precise

  project_name: ansible-ubuntu-java

services: 
  ubuntu:
    from: ubuntu:14.04
    roles:
      - install-java

registries: {}

It creates the conductor container but can't talk it to it. I am running from Mac OS X High Sierra with Docker version 17.12.0-ce, build c97c6d6. I get the following error from running ansible-container --debug build:

2018-02-12T19:29:44.622965 Running Ansible Playbook       [container.core] caller_file=/_ansible/container/core.py caller_func=run_playbook caller_line=631 command=ansible-playbook -vvvv  -i /src/hosts-LIK_K7 -c docker  /src/tmpi0EXv2.yml  cwd=/src
ansible-playbook 2.4.3.0
  config file = /src/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python2.7/dist-packages/ansible
  executable location = /usr/local/bin/ansible-playbook
  python version = 2.7.3 (default, Oct 26 2016, 21:01:49) [GCC 4.6.3]
Using /src/ansible.cfg as config file
setting up inventory plugins
Parsed /src/hosts-LIK_K7 inventory source with ini plugin
Loading callback plugin default of type stdout, v2.0 from /usr/local/lib/python2.7/dist-packages/ansible/plugins/callback/default.pyc

PLAYBOOK: tmpi0EXv2.yml ********************************************************
1 plays in /src/tmpi0EXv2.yml

PLAY [ubuntu] ******************************************************************

TASK [Gathering Facts] *********************************************************
Using module file /usr/local/lib/python2.7/dist-packages/ansible/modules/system/setup.py
<c63d9eddf01e3e32fe5ead5aefd77b2f072848837305ae846c3b5b560ea81cd6> ESTABLISH DOCKER CONNECTION FOR USER: root
<c63d9eddf01e3e32fe5ead5aefd77b2f072848837305ae846c3b5b560ea81cd6> EXEC ['/usr/local/bin/docker', 'exec', '-i', u'c63d9eddf01e3e32fe5ead5aefd77b2f072848837305ae846c3b5b560ea81cd6', u'/bin/sh', '-c', u"/bin/sh -c 'echo ~ && sleep 0'"]
<c63d9eddf01e3e32fe5ead5aefd77b2f072848837305ae846c3b5b560ea81cd6> EXEC ['/usr/local/bin/docker', 'exec', '-i', u'c63d9eddf01e3e32fe5ead5aefd77b2f072848837305ae846c3b5b560ea81cd6', u'/bin/sh', '-c', u'/bin/sh -c \'( umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1518463785.86-114693223772406 `" && echo ansible-tmp-1518463785.86-114693223772406="` echo ~/.ansible/tmp/ansible-tmp-1518463785.86-114693223772406 `" ) && sleep 0\'']
fatal: [ubuntu]: UNREACHABLE! => {
    "changed": false,
    "msg": "Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote temp path in ansible.cfg to a path rooted in \"/tmp\". Failed command was: ( umask 77 && mkdir -p \"` echo ~/.ansible/tmp/ansible-tmp-1518463785.86-114693223772406 `\" && echo ansible-tmp-1518463785.86-114693223772406=\"` echo ~/.ansible/tmp/ansible-tmp-1518463785.86-114693223772406 `\" ), exited with result 1, stderr output: Error response from daemon: Container c63d9eddf01e3e32fe5ead5aefd77b2f072848837305ae846c3b5b560ea81cd6 is not running\n",
    "unreachable": true
}
	to retry, use: --limit @/src/tmpi0EXv2.retry

PLAY RECAP *********************************************************************
ubuntu                     : ok=0    changed=0    unreachable=1    failed=0

[j00bar]

Hi @yeungs -

Thanks for your feedback. First off, precise is 12.04 - trusty is 14.04 - so your conductor and your target have a mismatch. But consistent with my advice to @Manigunner, check docker logs on the target container to see why it's exiting, please.