0

trying to add epel and then do a yum update via ansible on a amazon-linux-2 server. The URL im using based on : https://aws.amazon.com/premiumsupport/knowledge-center/ec2-enable-epel/

My ansible script is: 

---
- hosts: all
  remote_user: cloud_user

  tasks:

  - name: 01 add epel
    yum_repository:
      name: epel
      description: EPEL YUM repo
      baseurl: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
    become: yes

  - name: 02 yum update 
    yum: name=* state=latest
    become: yes

and my error is on task 02 is (task 01 has a "changed" notice): 

     FAILED! => {"changed": false, "msg": "https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm/repodata/repomd.xml: 
[Errno 14] HTTPS Error 404 - Not Found\nTrying other mirror.\n\n\n One of the configured repositories failed (EPEL YUM repo),\n and yum doesn't have enough cached data to continue. At this point the only\n safe thing yum can do is fail. There are a few ways to work \"fix\" this:\n\n     
1. Contact the upstream for the repository and get them to fix the problem.\n\n     
2. Reconfigure the baseurl/etc. for the repository, to point to a working\n        upstream. This is most often useful if you are using a newer\n        distribution release than is supported by the repository (and the\n        packages for the previous distribution release still work).\n\n     
3. Run the command with the repository temporarily disabled\n            yum --disablerepo=epel ...\n\n     
4. Disable the repository permanently, so yum won't use it by default. Yum\n        
will then just ignore the repository until you permanently enable it\n        again or use --enablerepo for temporary usage:\n\n            
yum-config-manager --disable epel\n        
or\n            
subscription-manager repos --disable=epel\n\n     
5. Configure the failing repository to be skipped, if it is unavailable.\n        Note that yum will try to contact the repo. when it runs most commands,\n        
so will have to try and fail each time (and thus. yum will be be much\n        
slower). If it is a very temporary problem though, this is often a nice\n        
compromise:\n\n            yum-config-manager --save --setopt=epel.skip_if_unavailable=true\n\nfailure: repodata/repomd.xml from epel:
 [Errno 256] No more mirrors to try.\nhttps://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm/repodata/repomd.xml: 
[Errno 14] HTTPS Error 404 - Not Found\n", "rc": 1, "results": []}

Any guidance,or help would be great.

Staggerlee011
  • 847
  • 2
  • 13
  • 23

3 Answers3

1

https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm is not a yum repository, it is a yum package.

As you can see it in the documentation you are linking, they do a yum install of it:

sudo yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

Then they enable it via the command yum-config-manager

sudo yum-config-manager --enable epel

On the other hand, https://dl.fedoraproject.org/pub/epel/$releasever/$basearch/ is a yum repository URL.

So your first task should be

- name: 01 add epel
    yum_repository:
      name: epel
      description: EPEL YUM repo
      baseurl: https://dl.fedoraproject.org/pub/epel/$releasever/$basearch/
    become: yes

Your error actually shows it:

https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm/repodata/repomd.xml

See how it is trying to fetch a folder repodata and a file repomd.xml?

Now if you browse https://dl.fedoraproject.org/pub/epel/ and you look under the folder 7 for example, and then under any subfolder, you will find that exact repodata folder and that exact repomd.xml file.

Note: extra info on the variables $releasever and $basearch can be found: following this link

Also since your knowledge article instruct you to use the version 7 (see the 7 in epel-release-latest-7.noarch.rpm), what you can do is to pass it as an attribute to your yum task. 

- name: 02 yum update 
  yum: 
    name: '*' 
    state: latest
    releasever: 7
  become: yes

Note: I also changed your syntax, I would say it is a bad idea to mix the attribute=value and the YAML syntax in the same playbook.

β.εηοιτ.βε
  • 33,893
  • 13
  • 69
  • 83
  • hi, thanks, updated to your example but still get the same error on step 2. :(, how does it know the variables for $release and $basearch? "changed": false, "msg": "https://dl.fedoraproject.org/pub/epel/2/x86_64/repodata/repomd.xml: [Errno 14] HTTPS Error 404 - Not Found\nTrying other mirror.\n\n\n One of the configured repositories failed (EPEL YUM repo) – Staggerlee011 May 24 '20 at 19:31
  • You don't have a know them, keep them as is, ansible will that care of those (also look at the examples in the doc: https://docs.ansible.com/ansible/latest/modules/yum_repository_module.html#examples) – β.εηοιτ.βε May 24 '20 at 19:35
  • You can also have a look at https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/sec-using_yum_variables – β.εηοιτ.βε May 24 '20 at 19:42
  • And if you really do want a specific version of the repo to be used, you can add the attribute `releasever` in your `yum` task. See the updated version of the answer. – β.εηοιτ.βε May 24 '20 at 19:50
  • thanks, will read up, still cant get it run. Ive just tried migrating to the geerlingguy epel-repo but it also times out with error FAILED! => {"attempts": 5, "changed": false, "msg": "Failure downloading https://dl.fedoraproject.org/pub/epel/epel-release-latest-2.noarch.rpm, HTTP Error 404: Not Found"} if i run the below it works! sudo wget -r --no-parent -A 'epel-release-*.rpm' http://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/ sudo rpm-Uvh dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/ epel-release-*.rpm sudo yum-config-manager --enable epel* and it works – Staggerlee011 May 24 '20 at 21:03
0

To have EPEL installed it is enough to just install the epel-release package from the base repo. Also, considering it is recommended not to use shell or command modules wherever possible, we may enable the repo through a direct update of its config file. So I would suggest the following:

- name: Install EPEL repository
  yum:
    name: epel-release
    state: present

- name: Ensure EPEL repo is enabled
  ini_file:
    dest: /etc/yum.repos.d/epel.repo
    section: epel
    option: enabled
    value: '1'

- name: Conduct yum update 
  yum: 
    name: * 
    state: latest
    become: True
    update_cache: True
miwa
  • 407
  • 6
  • 13
0

Thanks for all the input. Not sure if its a amazon-linux-2 thing but the only one i got working was to use a galaxy role, code is below: 

  roles:
    - role: geerlingguy.repo-epel
      vars:
        epel_repo_url: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm"
        epel_repo_gpg_key_url: "/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7"
      become: yes
Staggerlee011
  • 847
  • 2
  • 13
  • 23