ansible-playbook [core 2.17.12] config file = None configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.12/site-packages/ansible ansible collection location = /tmp/collections-ROY executable location = /usr/local/bin/ansible-playbook python version = 3.12.10 (main, May 9 2025, 00:00:00) [GCC 11.5.0 20240719 (Red Hat 11.5.0-5)] (/usr/bin/python3.12) jinja version = 3.1.6 libyaml = True No config file found; using defaults running playbook inside collection fedora.linux_system_roles Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'jsonl', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: tests_mesh_cert.yml ************************************************** 1 plays in /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tests_mesh_cert.yml PLAY [Test mesh tunnels with certificates] ************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tests_mesh_cert.yml:3 Sunday 25 May 2025 00:26:54 -0400 (0:00:00.030) 0:00:00.030 ************ [WARNING]: Platform linux on host managed-node2 is using the discovered Python interpreter at /usr/bin/python3.9, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible- core/2.17/reference_appendices/interpreter_discovery.html for more information. ok: [managed-node2] TASK [Set up test environment] ************************************************* task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tests_mesh_cert.yml:16 Sunday 25 May 2025 00:26:55 -0400 (0:00:01.219) 0:00:01.249 ************ included: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml for managed-node2 TASK [Set platform/version specific variables] ********************************* task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:2 Sunday 25 May 2025 00:26:55 -0400 (0:00:00.034) 0:00:01.284 ************ included: fedora.linux_system_roles.vpn for managed-node2 TASK [fedora.linux_system_roles.vpn : Ensure ansible_facts used by role] ******* task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:2 Sunday 25 May 2025 00:26:55 -0400 (0:00:00.033) 0:00:01.317 ************ skipping: [managed-node2] => { "changed": false, "false_condition": "__vpn_required_facts | difference(ansible_facts.keys() | list) | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.vpn : Check if system is ostree] *************** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:10 Sunday 25 May 2025 00:26:55 -0400 (0:00:00.048) 0:00:01.366 ************ ok: [managed-node2] => { "changed": false, "stat": { "exists": false } } TASK [fedora.linux_system_roles.vpn : Set flag to indicate system is ostree] *** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:15 Sunday 25 May 2025 00:26:56 -0400 (0:00:00.445) 0:00:01.811 ************ ok: [managed-node2] => { "ansible_facts": { "__vpn_is_ostree": false }, "changed": false } TASK [fedora.linux_system_roles.vpn : Set platform/version specific variables] *** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:19 Sunday 25 May 2025 00:26:56 -0400 (0:00:00.028) 0:00:01.839 ************ skipping: [managed-node2] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vpn_vars_file is file", "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node2] => (item=CentOS.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vpn_vars_file is file", "item": "CentOS.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node2] => (item=CentOS_9.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vpn_vars_file is file", "item": "CentOS_9.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node2] => (item=CentOS_9.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vpn_vars_file is file", "item": "CentOS_9.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node2] => { "changed": false } MSG: All items skipped TASK [Change inventory_hostname] *********************************************** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:11 Sunday 25 May 2025 00:26:56 -0400 (0:00:00.045) 0:00:01.885 ************ skipping: [managed-node2] => { "changed": false, "false_condition": "not (__vpn_opportunistic | d(false) | bool)", "skip_reason": "Conditional result was False" } TASK [Add sample main host] **************************************************** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:18 Sunday 25 May 2025 00:26:56 -0400 (0:00:00.039) 0:00:01.925 ************ skipping: [managed-node2] => { "changed": false, "false_condition": "not (__vpn_opportunistic | d(false) | bool)", "skip_reason": "Conditional result was False" } TASK [Create nss directory for testing] **************************************** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:22 Sunday 25 May 2025 00:26:56 -0400 (0:00:00.035) 0:00:01.960 ************ ok: [managed-node2] => { "changed": false, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/var/lib/ipsec/nss", "secontext": "unconfined_u:object_r:var_lib_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [Create /etc/ipsec.d directory for testing] ******************************* task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:28 Sunday 25 May 2025 00:26:56 -0400 (0:00:00.442) 0:00:02.402 ************ ok: [managed-node2] => { "changed": false, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/etc/ipsec.d", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [Dynamically add more hosts] ********************************************** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:34 Sunday 25 May 2025 00:26:57 -0400 (0:00:00.340) 0:00:02.743 ************ included: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/add_hosts.yml for managed-node2 TASK [Dynamically add multiple hosts for testing] ****************************** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/add_hosts.yml:2 Sunday 25 May 2025 00:26:57 -0400 (0:00:00.018) 0:00:02.762 ************ creating host via 'add_host': hostname=host01.local creating host via 'add_host': hostname=host02.local changed: [managed-node2] => (item=1) => { "add_host": { "groups": [ "testing" ], "host_name": "host01.local", "host_vars": { "cert_name": "dyn_cert", "current_ip": "169.254.1.1", "current_subnet": "169.254.0.0/16" } }, "ansible_loop_var": "item", "changed": true, "item": 1 } changed: [managed-node2] => (item=2) => { "add_host": { "groups": [ "testing" ], "host_name": "host02.local", "host_vars": { "cert_name": "dyn_cert", "current_ip": "169.254.1.1", "current_subnet": "169.254.0.0/16" } }, "ansible_loop_var": "item", "changed": true, "item": 2 } TASK [Create mock vpn_connections] ********************************************* task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/add_hosts.yml:11 Sunday 25 May 2025 00:26:57 -0400 (0:00:00.045) 0:00:02.807 ************ ok: [managed-node2] => { "ansible_facts": { "vpn_connections": [ { "hosts": { "host01.local": "", "host02.local": "", "managed-node2": "" } } ] }, "changed": false } TASK [Create sample policies directory for testing] **************************** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:40 Sunday 25 May 2025 00:26:57 -0400 (0:00:00.038) 0:00:02.846 ************ changed: [managed-node2] => { "changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/etc/ipsec.d/policies", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [Create sample policy files for testing] ********************************** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:46 Sunday 25 May 2025 00:26:57 -0400 (0:00:00.364) 0:00:03.210 ************ changed: [managed-node2] => { "changed": true, "dest": "/etc/ipsec.d/policies/private", "gid": 0, "group": "root", "mode": "0600", "owner": "root", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 0, "state": "file", "uid": 0 } TASK [Create sample policy files for testing] ********************************** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:52 Sunday 25 May 2025 00:26:57 -0400 (0:00:00.362) 0:00:03.573 ************ changed: [managed-node2] => { "changed": true, "dest": "/etc/ipsec.d/policies/private-or-clear", "gid": 0, "group": "root", "mode": "0600", "owner": "root", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 0, "state": "file", "uid": 0 } TASK [Create sample policy files for testing] ********************************** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:58 Sunday 25 May 2025 00:26:58 -0400 (0:00:00.362) 0:00:03.935 ************ changed: [managed-node2] => { "changed": true, "dest": "/etc/ipsec.d/policies/clear", "gid": 0, "group": "root", "mode": "0600", "owner": "root", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 0, "state": "file", "uid": 0 } TASK [Ensure firewalld not running if not testing firewall] ******************** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:67 Sunday 25 May 2025 00:26:58 -0400 (0:00:00.360) 0:00:04.296 ************ skipping: [managed-node2] => { "changed": false, "false_condition": "not vpn_manage_firewall | d(false)", "skip_reason": "Conditional result was False" } TASK [Add extra options to check] ********************************************** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tests_mesh_cert.yml:21 Sunday 25 May 2025 00:26:58 -0400 (0:00:00.032) 0:00:04.329 ************ ok: [managed-node2] => { "ansible_facts": { "vpn_connections": [ { "auth_method": "cert", "hosts": { "host01.local": "", "host02.local": "", "managed-node2": "" }, "opportunistic": true, "policies": [ { "cidr": "203.0.113.0/24", "policy": "private" }, { "cidr": "198.51.100.0/24", "policy": "clear" } ] } ] }, "changed": false } TASK [Add cert_name fact to controller] **************************************** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tests_mesh_cert.yml:36 Sunday 25 May 2025 00:26:58 -0400 (0:00:00.021) 0:00:04.350 ************ ok: [managed-node2] => { "ansible_facts": { "cert_name": "main_cert" }, "changed": false } TASK [Use vpn role] ************************************************************ task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tests_mesh_cert.yml:40 Sunday 25 May 2025 00:26:58 -0400 (0:00:00.015) 0:00:04.366 ************ included: fedora.linux_system_roles.vpn for managed-node2 TASK [fedora.linux_system_roles.vpn : Set platform/version specific variables] *** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:3 Sunday 25 May 2025 00:26:58 -0400 (0:00:00.056) 0:00:04.423 ************ included: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml for managed-node2 TASK [fedora.linux_system_roles.vpn : Ensure ansible_facts used by role] ******* task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:2 Sunday 25 May 2025 00:26:58 -0400 (0:00:00.020) 0:00:04.443 ************ skipping: [managed-node2] => { "changed": false, "false_condition": "__vpn_required_facts | difference(ansible_facts.keys() | list) | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.vpn : Check if system is ostree] *************** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:10 Sunday 25 May 2025 00:26:58 -0400 (0:00:00.033) 0:00:04.476 ************ skipping: [managed-node2] => { "changed": false, "false_condition": "not __vpn_is_ostree is defined", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.vpn : Set flag to indicate system is ostree] *** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:15 Sunday 25 May 2025 00:26:58 -0400 (0:00:00.017) 0:00:04.494 ************ skipping: [managed-node2] => { "changed": false, "false_condition": "not __vpn_is_ostree is defined", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.vpn : Set platform/version specific variables] *** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:19 Sunday 25 May 2025 00:26:58 -0400 (0:00:00.017) 0:00:04.512 ************ skipping: [managed-node2] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vpn_vars_file is file", "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node2] => (item=CentOS.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vpn_vars_file is file", "item": "CentOS.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node2] => (item=CentOS_9.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vpn_vars_file is file", "item": "CentOS_9.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node2] => (item=CentOS_9.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vpn_vars_file is file", "item": "CentOS_9.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node2] => { "changed": false } MSG: All items skipped TASK [fedora.linux_system_roles.vpn : Ensure required packages are installed] *** task path: /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:6 Sunday 25 May 2025 00:26:58 -0400 (0:00:00.033) 0:00:04.545 ************ fatal: [managed-node2]: FAILED! => { "changed": false, "rc": 1, "results": [] } MSG: Failed to download metadata for repo 'highavailability': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried PLAY RECAP ********************************************************************* managed-node2 : ok=18 changed=5 unreachable=0 failed=1 skipped=9 rescued=0 ignored=0 SYSTEM ROLES ERRORS BEGIN v1 [ { "ansible_version": "2.17.12", "end_time": "2025-05-25T04:27:02.847934+00:00Z", "host": "managed-node2", "message": "Failed to download metadata for repo 'highavailability': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried", "rc": 1, "start_time": "2025-05-25T04:26:58.971799+00:00Z", "task_name": "Ensure required packages are installed", "task_path": "/tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:6" } ] SYSTEM ROLES ERRORS END v1 TASKS RECAP ******************************************************************** Sunday 25 May 2025 00:27:02 -0400 (0:00:03.877) 0:00:08.423 ************ =============================================================================== fedora.linux_system_roles.vpn : Ensure required packages are installed --- 3.88s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:6 Gathering Facts --------------------------------------------------------- 1.22s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tests_mesh_cert.yml:3 fedora.linux_system_roles.vpn : Check if system is ostree --------------- 0.45s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:10 Create nss directory for testing ---------------------------------------- 0.44s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:22 Create sample policies directory for testing ---------------------------- 0.36s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:40 Create sample policy files for testing ---------------------------------- 0.36s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:52 Create sample policy files for testing ---------------------------------- 0.36s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:46 Create sample policy files for testing ---------------------------------- 0.36s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:58 Create /etc/ipsec.d directory for testing ------------------------------- 0.34s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:28 Use vpn role ------------------------------------------------------------ 0.06s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tests_mesh_cert.yml:40 fedora.linux_system_roles.vpn : Ensure ansible_facts used by role ------- 0.05s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:2 Dynamically add multiple hosts for testing ------------------------------ 0.05s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/add_hosts.yml:2 fedora.linux_system_roles.vpn : Set platform/version specific variables --- 0.05s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:19 Change inventory_hostname ----------------------------------------------- 0.04s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:11 Create mock vpn_connections --------------------------------------------- 0.04s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/add_hosts.yml:11 Add sample main host ---------------------------------------------------- 0.04s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:18 Set up test environment ------------------------------------------------- 0.03s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tests_mesh_cert.yml:16 Set platform/version specific variables --------------------------------- 0.03s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/tests/vpn/tasks/setup_test.yml:2 fedora.linux_system_roles.vpn : Set platform/version specific variables --- 0.03s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:19 fedora.linux_system_roles.vpn : Ensure ansible_facts used by role ------- 0.03s /tmp/collections-ROY/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:2