Ansible kibana keystore elastic user fails

I'm trying to automate creation of the kibana user for elasticsearch which is stored in the kibana keystore.
I am getting a failure when I do this on an initial create. The setting elasticsearch.username is getting created, but it never completes it seems to be getting variable from my vars file so all this looks great except it times out.

Anyone have any insight as to why this happens and not able to complete the setting on the initial run

- name: Create kibana elasticsearch user
  expect:
    command: /usr/share/kibana/bin/kibana-keystore add elasticsearch.username
    responses:
      "Enter value for elasticsearch.username": "{{ elasticsearch_username }}"

With this I get this response

  : FAILED! => {
"changed": true,
"cmd": "sudo -E /usr/share/kibana/bin/kibana-keystore add elasticsearch.username",
"delta": "0:00:30.615935",
"end": "2019-03-21 23:34:22.904013",
"invocation": {
    "module_args": {
        "chdir": null,
        "command": "sudo -E /usr/share/kibana/bin/kibana-keystore add elasticsearch.username",
        "creates": null,
        "echo": false,
        "removes": null,
        "responses": {
            "username": "kibana"
        },
        "timeout": 30
    }
},
"msg": "command exceeded timeout",
"rc": null,
"start": "2019-03-21 23:33:52.288078",
"stdout": "\u001b[1G\u001b[0JEnter value for elasticsearch.username: \u001b[41Gkibana\r\r\n\u001b[41G",
"stdout_lines": [
    "\u001b[1G\u001b[0JEnter value for elasticsearch.username: \u001b[41Gkibana",
    "",
    "\u001b[41G"
]

}
what is interesting is if I run once it adds the elasticsearch.username and fails
If is add this to the responses it seems to work but fails always on first run
Setting elasticsearch.username already exists. Overwrite? [y/N]

- name: Create kibana elasticsearch user
  expect:
    command: sudo -E /usr/share/kibana/bin/kibana-keystore add elasticsearch.username
    responses:
      'Overwrite\? \[y/N\]': "y"
      'username': "{{ elasticsearch_username }}"

    "changed": true,
"cmd": "sudo -E /usr/share/kibana/bin/kibana-keystore add elasticsearch.username",
"delta": "0:00:00.643477",
"end": "2019-03-21 23:37:13.774434",
"invocation": {
    "module_args": {
        "chdir": null,
        "command": "sudo -E /usr/share/kibana/bin/kibana-keystore add elasticsearch.username",
        "creates": null,
        "echo": false,
        "removes": null,
        "responses": {
            "Overwrite\\? \\[y/N\\]": "y",
            "username": "kibana"
        },
        "timeout": 30
    }
},
"rc": 0,
"start": "2019-03-21 23:37:13.130957",
"stdout": "\u001b[1G\u001b[0JSetting elasticsearch.username already exists. Overwrite? [y/N] \u001b[65Gkibana\r\r\nExiting without modifying keystore.",
"stdout_lines": [
    "\u001b[1G\u001b[0JSetting elasticsearch.username already exists. Overwrite? [y/N] \u001b[65Gkibana",
    "",
    "Exiting without modifying keystore."
]

}

Are you first running kibana-keystore create? Are you able to reproduce outside of Ansible?

The issue only seems to be in or with Ansible I can manually create the key value pair with no issues from command line.

I didn't have to run create for the keystore as the keystore already existed. I may have it in my playbook to crate it on install I dont recall have to look.
During my testing the key value would get created but the ansible command would fail on the first attempt as if it was not getting the value or a return to end the command and it eventually would timeout.

Second attempt it would work and complete if I added the second response to the task. like below
Overwrite? [y/N]
username":

I even tried username": for the first attempt but it would still fail

I also was making sure that the keystore was empty of this keyvalue I was trying to create when running multiple test. I also tried removing keystore. I made sure the keystore was empty. I have not been able to make this work unless run once with out the Overwrite and the add in the second response then it completes as I would expect it to do on the first run.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.