Skip to content

Solutions to problems you may encounter

nickjj edited this page Sep 8, 2014 · 2 revisions

Solutions to problems you may encounter

General

Role specific

General

Tasks are skipped when you're positive they shouldn't be skipped

Chances are you forgot to add the host to the inventory for the role that's being skipped. For example if you want to deploy a rails application and it gets skipped then you would add this to your inventory file:

[debops_rails_deploy]
yourhostname
Error when gathering facts while running Ansible

Run the command with -vvvv and you will see that is likely due to SSH warning you that it may have detected a DNS spoofing attempt.

This occurs when you use the same container name as one that was previously deleted. The fix requires you to run this:

ssh-keygen -f "~/.ssh/known_hosts" -R YOURCONTAINERNAME

Randomly locked out of SSH with an SSH exchange error

The ferm role will block ssh connections after you attempt to connect too many times in a row. This is a security precaution to prevent brute force attacks.

If you are testing things locally you may want to add this to:
inventory/group_vars/all.yml file:

# White list your local network from ever being blocked.
sshd_allow: ['192.168.0.0/16']

Then re-run Ansible on all hosts: debops -t sshd.

Containers are unable to ping external hosts

The local IP address of your controller likely changed. You should turn on nat masquerading by adding this to your controller's inventory:

nat_masquerade: True

Then re-run Ansible on your controller: debops -l ansible_controllers -t nat,debops_lxc.

Role specific

debops.gitlab

The default login credentials

Gitlab creates a default root account for you when it gets setup, the credentials are:

Username: root
Password: 5iveL!fe

You should immediately change the password to something secure.

debops.postgresql

Unable to connect to the postgresql database

This is likely due to 1 of 2 things:

  • Your IP address is not set in the allowed list for that pg cluster.
  • The network interface is incorrect (it defaults to using br2).

Open your inventory and make sure your pg cluster settings look similar to this:

postgresql_default_cluster:
  - name: 'main'
    port: '5432'

    # Allow everyone to potentially connect to postgresql.
    listen_addresses: '0.0.0.0'
    # Let postgresql accept connections from this IP range.
    # You can pass in either a single address, IP range, or a group of hosts.
    hba:
      - address: '192.168.0.0/16'
        # Uncomment the line below if you're not using br2.
        #interface: 'eth0'
    # Only allow this range of IPs to connect through the firewall.
    # Feel free to add individual hosts here as well.
    allow:
      - '192.168.0.0/16'
Clone this wiki locally