添加链接
link管理
链接快照平台
  • 输入网页链接,自动生成快照
  • 标签化管理网页链接

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement . We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Recently added this to a project, appears the default config may no longer be valid? I get the following error:

fatal: [127.0.0.1]: FAILED! => changed=false 
  attempts: 5
  msg: 'failed to fetch key at https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-2 , error was: HTTP Error 404: Not Found'

Looking at https://dl.fedoraproject.org/pub/epel/ it appears there is a GPG key for 4-7, but nothing for 1-3.

Looking more at this, think this might be an issue specific to Amazon Linux. It is RHEL based with yum but I am running AL2 and I imagine this thinks 2 is the RHEL release, when its just the Amazon Linux version. I assumed EPEL could be used here but maybe this is ill advised? Will need to dig a bit deeper.

PRETTY_NAME="Amazon Linux 2" ANSI_COLOR="0;33" CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2:-:internal" HOME_URL="https://amazonlinux.com/" VARIANT="internal"

Looks like epel is recommended to be installed differently for AL2

sudo amazon-linux-extras install epel -y

https://aws.amazon.com/premiumsupport/knowledge-center/ec2-enable-epel/

Any interest in a PR adding support for AL2? Just need some rough guidance on how you'd like to achieve that if so. Probably just guards on the main tasks, or maybe separate task files, one for AL2 and one for everyone else?

changed the title failed to fetch key at https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-2 , error was: HTTP Error 404: Not Found' Fails to install EPEL when using Amazon Linux 2 Dec 22, 2022

also see recommendations to use rhel 7

https://sysadminxpert.com/install-epel-repository-on-linux/#EPEL_Repository_for_Amazon_Linux

On my AL2 machine, epel is missing from amazon-linux-extras, might be better to take this approach

$ sudo amazon-linux-extras install epel -y
Topic epel is not found.
          

Have done some more tinkering, I now have:

    - name: gather os specific variables
      include_vars: "{{ item }}"
      with_first_found:
        - "os_vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version}}.yml"
        - "os_vars/{{ ansible_distribution }}.yml"
      tags: ["always"]

as a pretask, and I made a file in os_vars/Amazon-2.yml that contains:

epel_repo_url: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm"
epel_repo_gpg_key_url: "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7"

and then I import the role as:

    - name: enable epel on RHEL systems
      import_role:
        name: geerlingguy.repo-epel
      become: yes 
      when: configure_epel and ansible_os_family == "RedHat"
      tags: ["epel"]

However, this gives me the following error:

TASK [geerlingguy.repo-epel : Check if EPEL repo is already configured.] *************************************************************************************************************************************************************
fatal: [127.0.0.1]: FAILED! => changed=false 
  module_stderr: ''
  module_stdout: ''
  msg: |-
    MODULE FAILURE
    See stdout/stderr for the exact error
  rc: 1

If i run the role with become: no I get the following error:

TASK [geerlingguy.repo-epel : Import EPEL GPG key.] *************************************************************************************************************************************************************************************
fatal: [127.0.0.1]: FAILED! => changed=false 
  attempts: 5
  msg: |-
    error: cannot open Packages index using db5 - Permission denied (13)
    error: cannot open Packages database in /var/lib/rpm
    error: /tmp/tmpDJkiX8: key 1 import failed.

Interesting note is that the stat succeeds with become: no, but not with become: yes

The module failure stuff when using become is due to locked down sudo permissions, ended up having to set ANSIBLE_EXECUTABLE, and it appears that after doing that, the role ran successfully.

With that fixed, that just leaves configuring the role to use the right EPEL URL for AL2.

This issue has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution!

Please read this blog post to see the reasons why I mark issues as stale.