We're trying to upgrade our dev gateway clusters currently in 9.4 to the new version 10.
We're following the documentation https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-0/install-configure-upgrade/upgrade-the-gateway/upgrade-an-appliance-gateway/automated-expedited-upgrade/automating-with-ansible.html
and following the approach Create New and Migrate .We have configured all the necessary pre-requites mentioned in https://github.com/CAAPIM/gateway-ansible-playbook .
We ran the gateway_preupgrade_analyzer and it ran without giving any error, the report is attached here with the case and the next playbook gateway_export_database .
However when we're trying to the next playbook mentioned in the documentation we are getting an error:
[[email protected] gateway-ansible-playbook]# ansible-playbook -i inventories/dev/hosts.yml playbooks/gateway-basic-backup.yml --vault-password-file vault_pass
PLAY [run gateway backup against provided list of gateways] *************************************************************************************************
TASK [gateway_basic_backup : Check requirement node.properties exists.] *************************************************************************************
fatal: [gwserv13-d.am.edited.com]: FAILED! => {"msg": "Missing sudo password"}
PLAY RECAP **************************************************************************************************************************************************
gwserv13-d.am.edited.com : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
We're running the ansible playbooks as root, and we've correctly updated all the relevant passwords in the vault file.Could you let us know what we might be missing here , and why it is complaining of missing sudo password?
Known Ansible procedure but does not appears on playbook documentation.
Release : 9.4
Component : API GATEWAY
1. On this case it was necessary to revert a workaround that customer did on /inventories/dev/group_vars/all/vars file to avoid the original "Missing sudo password"
he added the following :
ansible_become: yes
ansible_become_user: root
ansible_become_password: "{{vault_gateway_root_password}}"
ansible_become_method : enable
they resolved "Missing sudo password" error, but new error appeared when run the command from home directory :
[[email protected] gateway-ansible-playbook]# ansible-playbook -i inventories/dev/hosts.yml playbooks/gateway-basic-backup.yml
but got a new Error :
TASK [gateway_basic_backup : check requirement node.properties exists.]*********************************************************
FAILED!==> {”msg”: “The conditional check ‘not file_status.stat.exists’ failed. The error was:
Error while evaluating conditional [not file_status.stat.exists): ‘dict object’ has no attribute ‘stat’”}
2. To Resolve , reverted back the initial workaround, leaving this way on /inventories/dev/group_vars/all/vars file
#ansible_become: yes
#ansible_become_user: root
#ansible_become_password: "{{vault_gateway_root_password}}"
#ansible_become_method : enable
3. edited from target node (gw10) the /etc/sudoers file and add the following in ssgconfig section bottom the file.
ssgconfig ALL=(ALL) NOPASSWD:ALL
save and run the script again with success.
4. Please delete the added line in /etc/sudoers when finished all upgrade process.