dockeransibleansible-awxnutanix

How to troubleshoot API requests sent by Ansible module?


Here's the context:
The following playbook (simplified to one task for this Stack Overflow topic and for ease of use) got different results depends on where I launch it. It uses the nutanix.ncp galaxy collection (tested with version 1.9.0, 1.8.0, 1.7.0...)

The ntnx_subnets_info method is called to retrieve all the list of existing subnet on a prism central instance, and is filtered through the name parameter to retrieve only details of a specific VLAN.

---
- name: test-get-subnet-info
  hosts: localhost

  vars:
    nutanix_host: "{{ XXXXXXX }}"
    nutanix_username: "{{ XXXXXXX }}"
    nutanix_password: "XXXXXXX "

  collections:
    - nutanix.ncp
  module_defaults:
    group/nutanix.ncp.ntnx:
      nutanix_host: "{{ XXXXXXX }}"
      nutanix_username: "{{ XXXXXXX }}"
      nutanix_password: "XXXXXXX "

  tasks:
  - name: Retrieve subnet info
    ntnx_subnets_info:
      filter:
        name: "my-VLAN"

On a Debian 11 server, this task run smoothly as you can see below:

enter image description here

Whereas on my custom AWX EE (tested both with docker then on K8s) I got the following error which isn't too explicit:

Failed to convert API response to json

enter image description here

Troubleshoot steps:

Questions


Solution

  • After many tests and investigations, just found entity.py in nutanix.ncp collection files. It was the file that is responsible of msg "Failed to convert API response to json"

    ā€œ Verify return code: 20 (unable to get local issuer certificate)"

    COPY ./certificate_chain.pem /etc/pki/ca-trust/source/anchors/certificate_chain.pem
    RUN chmod 644 /etc/pki/ca-trust/source/anchors/certificate_chain.pem && update-ca-trust extract
    

    Pretty tough, but it works great ! :)