AWS AMI:从仿生配置 AMI 时需要显式删除 apt 锁
AWS AMI: Need to explicitly remove apt locks when provisioning AMI from bionic
我正在尝试通过 packer 及其 ansible 供应商提供自定义 AMI,该 AMI 基于 AWS 提供的官方 Ubuntu 18.04 ami。
我搜索合适的 base ami 的加壳程序配置如下:
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "*{{user `ami-os`}}*",
"root-device-type": "ebs",
"architecture": "x86_64"
},
"owners": ["amazon"],
"most_recent": true
},
我在其中动态传递变量:
-var "ami-os=ubuntu-bionic-18.04-amd64-server"
由于 ami 没有安装 python2,我想使用 ansible 进行配置,我必须通过 raw:
执行
- name: pre_tasks --> Install python2 for Ansible
raw: bash -c "test -e /usr/bin/python || (apt -qqy update && apt install -qqy python-minimal)"
become: yes
register: output
changed_when: output.stdout != ""
when: ansible_isbionic
但是,在大多数情况下,上述操作会失败并显示进程 apt 已锁定的消息:
amazon-ebs: fatal: [default]: FAILED! => {"changed": true, "msg": "non-zero return code", "rc": 100, "stderr": "\nWARNING: apt does not have a stable CLI interface. Use with caution in scripts.\n\n\nWARNING: apt does not have a stable CLI interface. Use with caution in scripts.\n\nE: Could not get lock /var/lib/dpkg/lock - open (11: Resource temporarily unavailable)\nE: Unable to lock the administration directory (/var/lib/dpkg/), is another process using it?\nShared connection to 127.0.0.1 closed.\r\n", "stderr_lines": ["", "WARNING: apt does not have a stable CLI interface. Use with caution in scripts.", "", "", "WARNING: apt does not have a stable CLI interface. Use with caution in scripts.", "", "E: Could not get lock /var/lib/dpkg/lock - open (11: Resource temporarily unavailable)", "E: Unable to lock the administration directory (/var/lib/dpkg/), is another process using it?", "Shared connection to 127.0.0.1 closed."], "stdout": "190 packages can be upgraded. Run 'apt list --upgradable' to see them.\n", "stdout_lines": ["190 packages can be upgraded. Run 'apt list --upgradable' to see them."]}
为了克服这个问题,我明确地执行:
- name: pre_tasks.yml --> Kill any apt commnds running
raw: bash -c "killall apt apt-get || echo 'no apt-related processes found'"
become: yes
when: ansible_isbionic
- name: pre_tasks.yml --> Remove apt lock files
raw: bash -c "rm -f /var/lib/apt/lists/lock"
become: yes
when: ansible_isbionic
- name: pre_tasks.yml --> Remove apt cache lock files
raw: bash -c "rm -f /var/cache/apt/archives/lock"
become: yes
when: ansible_isbionic
- name: pre_tasks.yml --> Remove apt cache lock files
raw: bash -c "rm -f /var/lib/dpkg/lock"
become: yes
when: ansible_isbionic
知道为什么 apt 进程被锁定了吗?
我可以建议您等待 boot/update 完成但不要终止锁定文件。
我们在云配置脚本中使用了这些技巧:
while [ ! -f /var/lib/cloud/instance/boot-finished ]; do
# wait...
done
while fuser /var/lib/apt/lists/lock >/dev/null 2>&1 ; do
# wait...
done
使用 Ansible 时,您可以将此指令打包到 bash 脚本中并使用 script 模块而不是许多 raw 执行。 script 模块也不需要 Python 出现在托管主机上。
我认为这可能是一个更现代的答案,尽管我不确定它是否更正确
cloud-init status -w
我正在尝试通过 packer 及其 ansible 供应商提供自定义 AMI,该 AMI 基于 AWS 提供的官方 Ubuntu 18.04 ami。
我搜索合适的 base ami 的加壳程序配置如下:
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "*{{user `ami-os`}}*",
"root-device-type": "ebs",
"architecture": "x86_64"
},
"owners": ["amazon"],
"most_recent": true
},
我在其中动态传递变量:
-var "ami-os=ubuntu-bionic-18.04-amd64-server"
由于 ami 没有安装 python2,我想使用 ansible 进行配置,我必须通过 raw:
- name: pre_tasks --> Install python2 for Ansible
raw: bash -c "test -e /usr/bin/python || (apt -qqy update && apt install -qqy python-minimal)"
become: yes
register: output
changed_when: output.stdout != ""
when: ansible_isbionic
但是,在大多数情况下,上述操作会失败并显示进程 apt 已锁定的消息:
amazon-ebs: fatal: [default]: FAILED! => {"changed": true, "msg": "non-zero return code", "rc": 100, "stderr": "\nWARNING: apt does not have a stable CLI interface. Use with caution in scripts.\n\n\nWARNING: apt does not have a stable CLI interface. Use with caution in scripts.\n\nE: Could not get lock /var/lib/dpkg/lock - open (11: Resource temporarily unavailable)\nE: Unable to lock the administration directory (/var/lib/dpkg/), is another process using it?\nShared connection to 127.0.0.1 closed.\r\n", "stderr_lines": ["", "WARNING: apt does not have a stable CLI interface. Use with caution in scripts.", "", "", "WARNING: apt does not have a stable CLI interface. Use with caution in scripts.", "", "E: Could not get lock /var/lib/dpkg/lock - open (11: Resource temporarily unavailable)", "E: Unable to lock the administration directory (/var/lib/dpkg/), is another process using it?", "Shared connection to 127.0.0.1 closed."], "stdout": "190 packages can be upgraded. Run 'apt list --upgradable' to see them.\n", "stdout_lines": ["190 packages can be upgraded. Run 'apt list --upgradable' to see them."]}
为了克服这个问题,我明确地执行:
- name: pre_tasks.yml --> Kill any apt commnds running
raw: bash -c "killall apt apt-get || echo 'no apt-related processes found'"
become: yes
when: ansible_isbionic
- name: pre_tasks.yml --> Remove apt lock files
raw: bash -c "rm -f /var/lib/apt/lists/lock"
become: yes
when: ansible_isbionic
- name: pre_tasks.yml --> Remove apt cache lock files
raw: bash -c "rm -f /var/cache/apt/archives/lock"
become: yes
when: ansible_isbionic
- name: pre_tasks.yml --> Remove apt cache lock files
raw: bash -c "rm -f /var/lib/dpkg/lock"
become: yes
when: ansible_isbionic
知道为什么 apt 进程被锁定了吗?
我可以建议您等待 boot/update 完成但不要终止锁定文件。
我们在云配置脚本中使用了这些技巧:
while [ ! -f /var/lib/cloud/instance/boot-finished ]; do
# wait...
done
while fuser /var/lib/apt/lists/lock >/dev/null 2>&1 ; do
# wait...
done
使用 Ansible 时,您可以将此指令打包到 bash 脚本中并使用 script 模块而不是许多 raw 执行。 script 模块也不需要 Python 出现在托管主机上。
我认为这可能是一个更现代的答案,尽管我不确定它是否更正确
cloud-init status -w