1

In my Ansible playbook I've been running into intermittent failures with apt tasks due to failures to obtain a lock.

I'm thinking of using some retry logic as described in this answer. e.g.

- name: install packages
  apt:
    name:
      - nginx
      - git
  register: result
  until: result is not failed
  retries: 7
  delay: 9

The playbook includes multiple apt tasks so I'm wondering if there's a way that I can avoid repeating the register, retries, until for each apt task i.e. some way to make these defaults, or to define my own apt-with-retries?

My playbook is for provisioning DigitalOcean droplets. I've got several apt tasks due to:

  • Breaking down the playbook into logic steps i.e. apt install a few things, followed by a few other steps, followed by apt installing another group of packages...

  • I've extracted a couple of roles into their own self-contained files e.g. a postgres_server role.

The goals here are the usual reasons for wanting to avoid duplication/repetition. e.g. avoid having to make changes in multiple places, avoid having to remember to copy and paste when adding another apt task in the future.

I looked into using module_defaults, but these properties are on the task itself rather than the apt module so I don't think they can be used for this scenario.

mikej
  • 65,295
  • 17
  • 152
  • 131
  • 1
    Would be more informative if you could explain better what you have and what are your goals. For example for grouping all the apt taks maybe you should consider the use of [blocks](https://docs.ansible.com/ansible/latest/user_guide/playbooks_blocks.html) where you can set register, until, retries, delay in one same place for all of them. – malpanez Sep 04 '22 at 19:17
  • 1
    Consider addressing `failed to obtain lock` issue – P.... Sep 04 '22 at 19:30
  • 1
    @P...., it's a well-known problem for apt. There are tons of sources of lock issues (unattended updates, etc), so retries is the most robust solution for ansible-apt failures. – George Shuklin Sep 05 '22 at 09:15
  • Hi @malpanez. Thanks for taking a look at my question. I've updated the question with a bit more background context. Blocks sound interesting, and certainly something that it's useful to know about, but I don't think they would help here due to the `apt` tasks being spread out. – mikej Sep 05 '22 at 13:04
  • @P.... you're right of course. Ideally I would address the underlying issue if I could, but I found [this GitHub issue](https://github.com/ansible/ansible/issues/51663) and it seems to be an ongoing discuss with various folks posting ideas and workarounds. As George Shuklin mentioned there are multiple causes of lock issues. e.g. One of the things I'd tried is adding a task that disabled unattended updates at the start of the playbook. I think that helped a bit, but there must still be other causes I haven't got to the bottom of yet. – mikej Sep 05 '22 at 13:07
  • Thanks @GeorgeShuklin. It's at least reassuring to know that this is a well known problem and that I'm on a reasonable track. – mikej Sep 05 '22 at 13:08

1 Answers1

0

Newer version of apt module has support for retries at module level:

https://docs.ansible.com/ansible/latest/collections/ansible/builtin/apt_module.html#parameter-lock_timeout

Default is 60.

George Shuklin
  • 6,952
  • 10
  • 39
  • 80
  • 1
    In detail, as of v2.12. – U880D Sep 05 '22 at 09:15
  • Thanks, George. I'm on 2.13.3 so should have this. If the default is 60 then I must be already hitting that limit. Will give it a go with a higher value and see if it helps. – mikej Sep 05 '22 at 13:12