Sunday, February 24, 2019

Minemeld installation, Part 1

Palo Alto Networks has provided a tool for public use - Minemeld - that will collate threat intelligence feeds and other indicators for a more dynamic security policy enforcement strategy with their firewalls:
https://www.paloaltonetworks.com/products/secure-the-network/subscriptions/minemeld

I have a slightly different use case - I want my lab firewall to be aware of each virtual machine in my lab, and to be able to use it intelligently. Some of this is available via the "VM Information Sources" (more information here) feature, but it doesn't appear to be aware of details like NSX-T security groups, etc. My goal will be to implement these features using Minemeld, with some future uses on the horizon as well.

Getting Started

First I browse to https://live.paloaltonetworks.com/t5/MineMeld/ct-p/MineMeld to download any requisite packages.

Just a note - the provided OVA is based off Ubuntu 14.04 - a pretty old release. Performing a deeper search, I discovered that an ansible playbook is provided for install on recommended systems!
https://github.com/PaloAltoNetworks/minemeld-ansible

I'm going to install this on my ansible host - running openSUSE Tumbleweed:


admin@ansible:~> sudo zypper in wget git gcc python-devel libffi-devel openssl-devel
[sudo] password for root:
Loading repository data...
Reading installed packages...
'openssl-devel' not found in package names. Trying capabilities.
'wget' is already installed.
No update candidate for 'wget-1.20.1-2.1.x86_64'. The highest available version is already installed.
Resolving package dependencies...
3 Problems:
Problem: python-devel-2.7.15-4.3.x86_64 requires glibc-devel, but this requirement cannot be provided
Problem: gcc-8-2.4.x86_64 requires gcc8, but this requirement cannot be provided
Problem: ruby2.5-rubygem-cfa-0.7.0-1.1.x86_64 requires ruby(abi) = 2.5.0, but this requirement cannot be provided

Problem: python-devel-2.7.15-4.3.x86_64 requires glibc-devel, but this requirement cannot be provided
  not installable providers: glibc-devel-2.29-1.3.i586[download.opensuse.org-oss]
                   glibc-devel-2.29-1.3.i686[download.opensuse.org-oss]
                   glibc-devel-2.29-1.3.x86_64[download.opensuse.org-oss]
                   glibc-devel-2.29-1.3.i586[openSUSE-20190126-0]
                   glibc-devel-2.29-1.3.i686[openSUSE-20190126-0]
                   glibc-devel-2.29-1.3.x86_64[openSUSE-20190126-0]
 Solution 1: Following actions will be done:
  deinstallation of yast2-ruby-bindings-4.1.2-1.1.x86_64
  deinstallation of yast2-samba-client-4.0.4-1.1.noarch
  deinstallation of yast2-ntp-client-4.1.7-1.1.noarch
  deinstallation of yast2-packager-4.1.24-1.1.x86_64
  deinstallation of yast2-tftp-server-4.1.6-1.1.noarch
  deinstallation of yast2-snapper-4.1.0-1.1.x86_64
  deinstallation of yast2-vpn-4.0.1-1.2.noarch
  deinstallation of yast2-users-4.1.7-1.1.x86_64
  deinstallation of yast2-update-4.1.8-1.1.x86_64
  deinstallation of yast2-tune-4.0.2-1.2.x86_64
  deinstallation of yast2-transfer-4.0.0-1.3.x86_64
  deinstallation of yast2-sysconfig-4.1.2-1.2.noarch
  deinstallation of yast2-support-4.1.0-1.1.noarch
  deinstallation of yast2-sudo-4.0.1-1.2.noarch
  deinstallation of yast2-slp-4.0.0-1.3.x86_64
  deinstallation of yast2-services-manager-4.1.14-1.1.noarch
  deinstallation of yast2-security-4.1.2-1.2.noarch
  deinstallation of yast2-samba-server-4.1.3-1.2.noarch
  deinstallation of yast2-storage-ng-4.1.48-1.1.x86_64
  deinstallation of yast2-proxy-4.1.0-1.1.noarch
  deinstallation of yast2-printer-4.0.3-1.2.x86_64
  deinstallation of yast2-pam-4.0.0-1.2.noarch
  deinstallation of yast2-online-update-4.0.2-1.2.noarch
  deinstallation of yast2-nis-client-4.1.0-1.1.x86_64
  deinstallation of yast2-nfs-client-4.1.4-1.1.noarch
  deinstallation of yast2-metapackage-handler-4.0.0-1.2.noarch
  deinstallation of yast2-mail-4.1.0-1.2.noarch
  deinstallation of yast2-journal-4.1.5-1.1.noarch
  deinstallation of yast2-iscsi-client-4.1.4-1.1.noarch
  deinstallation of yast2-hardware-detection-4.0.0-1.6.x86_64
  deinstallation of yast2-firewall-4.1.10-1.1.noarch
  deinstallation of yast2-country-data-4.1.7-1.2.x86_64
  deinstallation of yast2-auth-server-4.1.0-1.2.noarch
  deinstallation of yast2-auth-client-4.1.0-1.2.noarch
  deinstallation of yast2-apparmor-4.1.7-1.1.noarch
  deinstallation of yast2-add-on-4.1.10-1.1.noarch
  deinstallation of autoyast2-installation-4.1.1-1.1.noarch
  deinstallation of yast2-installation-4.1.34-1.1.noarch
  deinstallation of yast2-online-update-frontend-4.0.2-1.2.noarch
 Solution 2: Following actions will be done:
  deinstallation of ruby2.5-2.5.3-2.1.x86_64
  deinstallation of ruby2.5-rubygem-cfa_grub2-1.0.1-1.1.x86_64
  deinstallation of ruby2.5-rubygem-cheetah-0.5.0-1.10.x86_64
  deinstallation of ruby2.5-rubygem-fast_gettext-2.0.0-1.1.x86_64
  deinstallation of ruby2.5-rubygem-gem2rpm-0.10.1-13.6.x86_64
  deinstallation of ruby2.5-rubygem-ruby-augeas-0.5.0-3.9.x86_64
  deinstallation of ruby2.5-rubygem-ruby-dbus-0.15.0-1.1.x86_64
  deinstallation of ruby2.5-rubygem-simpleidn-0.1.1-1.1.x86_64
  deinstallation of ruby2.5-rubygem-unf-0.1.4-1.9.x86_64
  deinstallation of ruby2.5-rubygem-unf_ext-0.0.7.5-1.2.x86_64
  deinstallation of ruby2.5-stdlib-2.5.3-2.1.x86_64
 Solution 3: do not install python-devel-2.7.15-4.3.x86_64
 Solution 4: break python-devel-2.7.15-4.3.x86_64 by ignoring some of its dependencies

Choose from above solutions by number or skip, retry or cancel [1/2/3/4/s/r/c] (c): 2

Problem: gcc-8-2.4.x86_64 requires gcc8, but this requirement cannot be provided
  not installable providers: gcc8-8.2.1+r268506-1.1.i586[download.opensuse.org-oss]
                   gcc8-8.2.1+r268506-1.1.x86_64[download.opensuse.org-oss]
                   gcc8-8.2.1+r268506-1.1.i586[openSUSE-20190126-0]
                   gcc8-8.2.1+r268506-1.1.x86_64[openSUSE-20190126-0]
 Solution 1: Following actions will be done:
  deinstallation of yast2-4.1.53-1.1.x86_64
  deinstallation of yast2-ntp-client-4.1.7-1.1.noarch
  deinstallation of yast2-packager-4.1.24-1.1.x86_64
  deinstallation of yast2-tftp-server-4.1.6-1.1.noarch
  deinstallation of yast2-snapper-4.1.0-1.1.x86_64
  deinstallation of yast2-vpn-4.0.1-1.2.noarch
  deinstallation of yast2-users-4.1.7-1.1.x86_64
  deinstallation of yast2-update-4.1.8-1.1.x86_64
  deinstallation of yast2-tune-4.0.2-1.2.x86_64
  deinstallation of yast2-transfer-4.0.0-1.3.x86_64
  deinstallation of yast2-sysconfig-4.1.2-1.2.noarch
  deinstallation of yast2-support-4.1.0-1.1.noarch
  deinstallation of yast2-sudo-4.0.1-1.2.noarch
  deinstallation of yast2-slp-4.0.0-1.3.x86_64
  deinstallation of yast2-services-manager-4.1.14-1.1.noarch
  deinstallation of yast2-security-4.1.2-1.2.noarch
  deinstallation of yast2-samba-server-4.1.3-1.2.noarch
  deinstallation of yast2-storage-ng-4.1.48-1.1.x86_64
  deinstallation of yast2-proxy-4.1.0-1.1.noarch
  deinstallation of yast2-printer-4.0.3-1.2.x86_64
  deinstallation of yast2-pam-4.0.0-1.2.noarch
  deinstallation of yast2-online-update-4.0.2-1.2.noarch
  deinstallation of yast2-nis-client-4.1.0-1.1.x86_64
  deinstallation of yast2-nfs-client-4.1.4-1.1.noarch
  deinstallation of yast2-metapackage-handler-4.0.0-1.2.noarch
  deinstallation of yast2-mail-4.1.0-1.2.noarch
  deinstallation of yast2-journal-4.1.5-1.1.noarch
  deinstallation of yast2-iscsi-client-4.1.4-1.1.noarch
  deinstallation of yast2-hardware-detection-4.0.0-1.6.x86_64
  deinstallation of yast2-firewall-4.1.10-1.1.noarch
  deinstallation of yast2-country-data-4.1.7-1.2.x86_64
  deinstallation of yast2-auth-server-4.1.0-1.2.noarch
  deinstallation of yast2-auth-client-4.1.0-1.2.noarch
  deinstallation of yast2-apparmor-4.1.7-1.1.noarch
  deinstallation of yast2-add-on-4.1.10-1.1.noarch
  deinstallation of autoyast2-installation-4.1.1-1.1.noarch
  deinstallation of yast2-installation-4.1.34-1.1.noarch
  deinstallation of yast2-ldap-4.0.0-1.5.x86_64
  deinstallation of patterns-yast-yast2_basis-20181130-1.1.x86_64
  deinstallation of yast2-online-update-frontend-4.0.2-1.2.noarch
 Solution 2: Following actions will be done:
  deinstallation of ruby2.5-rubygem-abstract_method-1.2.1-2.10.x86_64
  deinstallation of ruby2.5-rubygem-ruby-augeas-0.5.0-3.9.x86_64
  deinstallation of ruby2.5-rubygem-ruby-dbus-0.15.0-1.1.x86_64
  deinstallation of ruby2.5-rubygem-simpleidn-0.1.1-1.1.x86_64
  deinstallation of ruby2.5-rubygem-unf-0.1.4-1.9.x86_64
  deinstallation of ruby2.5-rubygem-unf_ext-0.0.7.5-1.2.x86_64
  deinstallation of ruby2.5-stdlib-2.5.3-2.1.x86_64
 Solution 3: do not install gcc-8-2.4.x86_64
 Solution 4: break gcc-8-2.4.x86_64 by ignoring some of its dependencies

Choose from above solutions by number or skip, retry or cancel [1/2/3/4/s/r/c] (c): 2

Problem: ruby2.5-rubygem-cfa-0.7.0-1.1.x86_64 requires ruby(abi) = 2.5.0, but this requirement cannot be provided
  deleted providers: ruby2.5-2.5.3-2.1.x86_64
 Solution 1: Following actions will be done:
  deinstallation of yast2-country-4.1.7-1.1.x86_64
  deinstallation of yast2-packager-4.1.24-1.1.x86_64
  deinstallation of yast2-ntp-client-4.1.7-1.1.noarch
  deinstallation of yast2-network-4.1.34-1.1.noarch
  deinstallation of yast2-snapper-4.1.0-1.1.x86_64
  deinstallation of yast2-installation-4.1.34-1.1.noarch
  deinstallation of autoyast2-installation-4.1.1-1.1.noarch
  deinstallation of yast2-storage-ng-4.1.48-1.1.x86_64
  deinstallation of yast2-add-on-4.1.10-1.1.noarch
  deinstallation of yast2-apparmor-4.1.7-1.1.noarch
  deinstallation of yast2-auth-client-4.1.0-1.2.noarch
  deinstallation of yast2-auth-server-4.1.0-1.2.noarch
  deinstallation of yast2-country-data-4.1.7-1.2.x86_64
  deinstallation of yast2-firewall-4.1.10-1.1.noarch
  deinstallation of yast2-hardware-detection-4.0.0-1.6.x86_64
  deinstallation of yast2-iscsi-client-4.1.4-1.1.noarch
  deinstallation of yast2-journal-4.1.5-1.1.noarch
  deinstallation of yast2-mail-4.1.0-1.2.noarch
  deinstallation of yast2-metapackage-handler-4.0.0-1.2.noarch
  deinstallation of yast2-nfs-client-4.1.4-1.1.noarch
  deinstallation of yast2-nis-client-4.1.0-1.1.x86_64
  deinstallation of yast2-online-update-4.0.2-1.2.noarch
  deinstallation of yast2-pam-4.0.0-1.2.noarch
  deinstallation of yast2-printer-4.0.3-1.2.x86_64
  deinstallation of yast2-proxy-4.1.0-1.1.noarch
  deinstallation of yast2-samba-server-4.1.3-1.2.noarch
  deinstallation of yast2-security-4.1.2-1.2.noarch
  deinstallation of yast2-services-manager-4.1.14-1.1.noarch
  deinstallation of yast2-slp-4.0.0-1.3.x86_64
  deinstallation of yast2-sudo-4.0.1-1.2.noarch
  deinstallation of yast2-support-4.1.0-1.1.noarch
  deinstallation of yast2-sysconfig-4.1.2-1.2.noarch
  deinstallation of yast2-transfer-4.0.0-1.3.x86_64
  deinstallation of yast2-tune-4.0.2-1.2.x86_64
  deinstallation of yast2-update-4.1.8-1.1.x86_64
  deinstallation of yast2-users-4.1.7-1.1.x86_64
  deinstallation of yast2-vpn-4.0.1-1.2.noarch
  deinstallation of patterns-yast-yast2_basis-20181130-1.1.x86_64
  deinstallation of yast2-online-update-frontend-4.0.2-1.2.noarch
 Solution 2: Following actions will be done:
  deinstallation of ruby2.5-rubygem-cfa-0.7.0-1.1.x86_64
  deinstallation of ruby2.5-rubygem-cheetah-0.5.0-1.10.x86_64
  deinstallation of ruby2.5-rubygem-fast_gettext-2.0.0-1.1.x86_64
  deinstallation of ruby2.5-rubygem-gem2rpm-0.10.1-13.6.x86_64
  deinstallation of ruby2.5-rubygem-ruby-augeas-0.5.0-3.9.x86_64
  deinstallation of ruby2.5-rubygem-ruby-dbus-0.15.0-1.1.x86_64
  deinstallation of ruby2.5-rubygem-simpleidn-0.1.1-1.1.x86_64
  deinstallation of ruby2.5-rubygem-unf-0.1.4-1.9.x86_64
  deinstallation of ruby2.5-rubygem-unf_ext-0.0.7.5-1.2.x86_64
  deinstallation of ruby2.5-stdlib-2.5.3-2.1.x86_64
 Solution 3: do not ask to install a solvable providing openssl-devel
 Solution 4: break ruby2.5-rubygem-cfa-0.7.0-1.1.x86_64 by ignoring some of its dependencies

Choose from above solutions by number or skip, retry or cancel [1/2/3/4/s/r/c] (c): 2
Resolving dependencies...
Resolving package dependencies...

The following 68 NEW packages are going to be installed:
  cpp cpp8 cvs cvsps gcc gcc8 git git-core git-cvs git-email git-gui gitk git-svn glibc-devel glibc-locale-base
  libapr1 libapr-util1 libasan5 libatomic1 libcrypt1 libffi-devel libgomp1 libisl19 libitm1 liblsan0 libmpc3 libmpfr6
  libmpx2 libmpxwrappers2 libopenssl-1_1-devel libopenssl-devel libruby2_6-2_6 libserf-1-1 libsha1detectcoll1
  libtsan0 libubsan1 libutf8proc2 libxcrypt-devel libXss1 linux-glibc-devel perl-Authen-SASL perl-DBD-SQLite perl-DBI
  perl-Digest-HMAC perl-Error perl-MailTools perl-Net-SMTP-SSL python python-devel ruby2.6
  ruby2.6-rubygem-abstract_method ruby2.6-rubygem-cfa ruby2.6-rubygem-cfa_grub2 ruby2.6-rubygem-cheetah
  ruby2.6-rubygem-fast_gettext ruby2.6-rubygem-gem2rpm ruby2.6-rubygem-ruby-augeas ruby2.6-rubygem-ruby-dbus
  ruby2.6-rubygem-simpleidn ruby2.6-rubygem-unf ruby2.6-rubygem-unf_ext subversion subversion-bash-completion
  subversion-perl tcl tk xhost zlib-devel

The following 13 packages are going to be REMOVED:
  ruby2.5 ruby2.5-rubygem-abstract_method ruby2.5-rubygem-cfa ruby2.5-rubygem-cfa_grub2 ruby2.5-rubygem-cheetah
  ruby2.5-rubygem-fast_gettext ruby2.5-rubygem-gem2rpm ruby2.5-rubygem-ruby-augeas ruby2.5-rubygem-ruby-dbus
  ruby2.5-rubygem-simpleidn ruby2.5-rubygem-unf ruby2.5-rubygem-unf_ext ruby2.5-stdlib

The following 15 packages are going to be upgraded:
  glibc glibc-extra glibc-locale nscd ruby yast2 yast2-bootloader yast2-core yast2-country yast2-network
  yast2-ntp-client yast2-packager yast2-ruby-bindings yast2-snapper yast2-tftp-server

The following 6 recommended packages were automatically selected:
  git-cvs git-email git-gui gitk git-svn subversion-bash-completion

The following 2 packages are suggested, but will not be installed:
  git-daemon git-web

15 packages to upgrade, 68 new, 13 to remove.
Overall download size: 81.4 MiB. Already cached: 0 B. After the operation, additional 319.4 MiB will be used.
Continue? [y/n/...? shows all options] (y): y

Looks like this conflicts with Ruby somewhat - a non-issue for me. Time to run pip and install ansible:

admin@ansible:~> sudo -H python get-pip.py
[sudo] password for root:
Traceback (most recent call last):
  File "get-pip.py", line 21361, in <module>
    main()
  File "get-pip.py", line 197, in main
    bootstrap(tmpdir=tmpdir)
  File "get-pip.py", line 82, in bootstrap
    import pip._internal
  File "/tmp/tmpqrZ_FD/pip.zip/pip/_internal/__init__.py", line 40, in <module>
  File "/tmp/tmpqrZ_FD/pip.zip/pip/_internal/cli/autocompletion.py", line 8, in <module>
  File "/tmp/tmpqrZ_FD/pip.zip/pip/_internal/cli/main_parser.py", line 12, in <module>
  File "/tmp/tmpqrZ_FD/pip.zip/pip/_internal/commands/__init__.py", line 6, in <module>
  File "/tmp/tmpqrZ_FD/pip.zip/pip/_internal/commands/completion.py", line 6, in <module>
  File "/tmp/tmpqrZ_FD/pip.zip/pip/_internal/cli/base_command.py", line 25, in <module>
  File "/tmp/tmpqrZ_FD/pip.zip/pip/_internal/index.py", line 14, in <module>
  File "/tmp/tmpqrZ_FD/pip.zip/pip/_vendor/html5lib/__init__.py", line 25, in <module>
  File "/tmp/tmpqrZ_FD/pip.zip/pip/_vendor/html5lib/html5parser.py", line 7, in <module>
  File "/tmp/tmpqrZ_FD/pip.zip/pip/_vendor/html5lib/_inputstream.py", line 13, in <module>
  File "/tmp/tmpqrZ_FD/pip.zip/pip/_vendor/html5lib/_utils.py", line 10, in <module>
ImportError: No module named xml.etree.ElementTree

And it seems the pip install step is not necessary, as openSUSE handles this through the package manager. We're going to need to go a bit off-script here:

admin@ansible:~> zypper se pip
Loading repository data...
Reading installed packages...

S | Name                                     | Summary                                                                  | Type
--+------------------------------------------+--------------------------------------------------------------------------+--------
i | python3-pip                              | Pip installs packages. Python packages. An easy_install replacement      | package
ansible:/home/admin # pip install ansible
Collecting ansible
  Downloading https://files.pythonhosted.org/packages/e4/22/4325212e609071cd93b8142722d770f5defab34a95511f183e262f8de983/ansible-2.7.8.tar.gz (11.8MB)
    100% |████████████████████████████████| 11.8MB 3.4MB/s
Collecting jinja2 (from ansible)
  Downloading https://files.pythonhosted.org/packages/7f/ff/ae64bacdfc95f27a016a7bed8e8686763ba4d277a78ca76f32659220a731/Jinja2-2.10-py2.py3-none-any.whl (126kB)
    100% |████████████████████████████████| 133kB 20.5MB/s
Collecting PyYAML (from ansible)
  Downloading https://files.pythonhosted.org/packages/9e/a3/1d13970c3f36777c583f136c136f804d70f500168edc1edea6daa7200769/PyYAML-3.13.tar.gz (270kB)
    100% |████████████████████████████████| 276kB 2.3MB/s
Collecting paramiko (from ansible)
  Downloading https://files.pythonhosted.org/packages/cf/ae/94e70d49044ccc234bfdba20114fa947d7ba6eb68a2e452d89b920e62227/paramiko-2.4.2-py2.py3-none-any.whl (193kB)
    100% |████████████████████████████████| 194kB 19.3MB/s
Collecting cryptography (from ansible)
  Downloading https://files.pythonhosted.org/packages/98/71/e632e222f34632e0527dd41799f7847305e701f38f512d81bdf96009bca4/cryptography-2.5-cp34-abi3-manylinux1_x86_64.whl (2.4MB)
    100% |████████████████████████████████| 2.4MB 6.4MB/s
Requirement already satisfied: setuptools in /usr/lib/python3.6/site-packages (from ansible) (40.6.3)
Collecting MarkupSafe>=0.23 (from jinja2->ansible)
  Downloading https://files.pythonhosted.org/packages/b2/5f/23e0023be6bb885d00ffbefad2942bc51a620328ee910f64abe5a8d18dd1/MarkupSafe-1.1.1-cp36-cp36m-manylinux1_x86_64.whl
Collecting bcrypt>=3.1.3 (from paramiko->ansible)
  Downloading https://files.pythonhosted.org/packages/d0/79/79a4d167a31cc206117d9b396926615fa9c1fdbd52017bcced80937ac501/bcrypt-3.1.6-cp34-abi3-manylinux1_x86_64.whl (55kB)
    100% |████████████████████████████████| 61kB 17.2MB/s
Collecting pyasn1>=0.1.7 (from paramiko->ansible)
  Downloading https://files.pythonhosted.org/packages/7b/7c/c9386b82a25115cccf1903441bba3cbadcfae7b678a20167347fa8ded34c/pyasn1-0.4.5-py2.py3-none-any.whl (73kB)
    100% |████████████████████████████████| 81kB 20.0MB/s
Collecting pynacl>=1.0.1 (from paramiko->ansible)
  Downloading https://files.pythonhosted.org/packages/27/15/2cd0a203f318c2240b42cd9dd13c931ddd61067809fee3479f44f086103e/PyNaCl-1.3.0-cp34-abi3-manylinux1_x86_64.whl (759kB)
    100% |████████████████████████████████| 768kB 20.3MB/s
Collecting cffi!=1.11.3,>=1.8 (from cryptography->ansible)
  Downloading https://files.pythonhosted.org/packages/be/99/3a088b41d93aa46f07cf7fd4da1b3287e6899ad7b2b75f1a177edf025e1a/cffi-1.12.1-cp36-cp36m-manylinux1_x86_64.whl (428kB)
    100% |████████████████████████████████| 430kB 20.8MB/s
Requirement already satisfied: six>=1.4.1 in /usr/lib/python3.6/site-packages (from cryptography->ansible) (1.12.0)
Collecting asn1crypto>=0.21.0 (from cryptography->ansible)
  Downloading https://files.pythonhosted.org/packages/ea/cd/35485615f45f30a510576f1a56d1e0a7ad7bd8ab5ed7cdc600ef7cd06222/asn1crypto-0.24.0-py2.py3-none-any.whl (101kB)
    100% |████████████████████████████████| 102kB 14.4MB/s
Collecting pycparser (from cffi!=1.11.3,>=1.8->cryptography->ansible)
  Downloading https://files.pythonhosted.org/packages/68/9e/49196946aee219aead1290e00d1e7fdeab8567783e83e1b9ab5585e6206a/pycparser-2.19.tar.gz (158kB)
    100% |████████████████████████████████| 163kB 18.0MB/s
Installing collected packages: MarkupSafe, jinja2, PyYAML, pycparser, cffi, bcrypt, asn1crypto, cryptography, pyasn1, pynacl, paramiko, ansible
  Running setup.py install for PyYAML ... done
  Running setup.py install for pycparser ... done
  Running setup.py install for ansible ... done
Successfully installed MarkupSafe-1.1.1 PyYAML-3.13 ansible-2.7.8 asn1crypto-0.24.0 bcrypt-3.1.6 cffi-1.12.1 cryptography-2.5 jinja2-2.10 paramiko-2.4.2 pyasn1-0.4.5 pycparser-2.19 pynacl-1.3.0

ansible:/home/admin # git clone https://github.com/PaloAltoNetworks/minemeld-ansible.git
Cloning into 'minemeld-ansible'...
remote: Enumerating objects: 170, done.
remote: Counting objects: 100% (170/170), done.
remote: Compressing objects: 100% (121/121), done.
remote: Total 1042 (delta 89), reused 110 (delta 46), pack-reused 872
Receiving objects: 100% (1042/1042), 140.92 KiB | 1.35 MiB/s, done.
Resolving deltas: 100% (450/450), done.
ansible:/home/admin # cd minemeld-ansible/
admin@ansible:~/minemeld-ansible> ansible-playbook -K -i 127.0.0.1, local.yml
SUDO password:

PLAY [minemeld playbook] *******************************************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *********************************************************************************************************************************************************************************************************************************************************
ok: [127.0.0.1]

TASK [infrastructure : debug] **************************************************************************************************************************************************************************************************************************************************
ok: [127.0.0.1] => {
    "msg": "Loading vars for openSUSE Tumbleweed 20190219"
}

TASK [infrastructure : include_vars] *******************************************************************************************************************************************************************************************************************************************
fatal: [127.0.0.1]: FAILED! => {"msg": "No file was found when using with_first_found. Use the 'skip: true' option to allow this task to be skipped if no files are found"}
        to retry, use: --limit @/home/admin/minemeld-ansible/local.retry

PLAY RECAP *********************************************************************************************************************************************************************************************************************************************************************
127.0.0.1                  : ok=2    changed=0    unreachable=0    failed=1

Looks like we need to find out where in the playbook with_first_found is defined.

admin@ansible:~/minemeld-ansible> grep first_found */*/*/*
roles/infrastructure/tasks/main.yml:  with_first_found:
roles/minemeld/tasks/main.yml:  with_first_found:

With either location, the following YAML reference is made. I'll do some more research on what that does in another blog entry:

# from http://serverfault.com/questions/587727/how-to-unify-package-installation-tasks-in-ansible
- include_vars: "{{ item }}"
  with_first_found:
    - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml"
    - "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
    - "{{ ansible_distribution }}.yml"

No comments:

Post a Comment

Why Automate, Part 2: RESTFul APIs and why they aren't as hard as you think

Let's be realistic about the API craze - it seems everything has one, and everybody is talking about API consumption in their environmen...