MacOS - Docker - EEv3: SSH fails with socket path /runner/.ansible/pc/... does not exist

[netopsengineer]

ISSUE TYPE

• Bug Report

SUMMARY

The following error is produced when using a custom EE via Docker on MacOS, the project works fine with ansible-navigator if the EE is disabled, or with one of the two workarounds listed below. This appears to be an issue with persistent connection/control path, and permissions, and possibly ansible-navigator and ansible-builder v3 interoperability.

TASK [Gather l3_interfaces facts from the device using nxos_l3_interfaces] *****
fatal: [nxos-devnet-ao]: FAILED! => {"changed": false, "msg": "socket path /runner/.ansible/pc/46bb01b20e does not exist or cannot be found. See Troubleshooting socket path issues in the Network Debug and Troubleshooting Guide"}

I have found two workarounds:

• Configure a different control_path_dir in ansible.cfg for the socket path.

[persistent_connection]
control_path_dir = /tmp/.ansible/cp

• Set the following options in ansible-navigator.yaml to allow --user=root.

  execution-environment:
    container-engine: docker
    enabled: True
    image: nxos_execution_environment:latest
    pull:
      policy: missing
    container-options:
      - "--user=root"

If I can provide additional information, or if this is a problem with ansible-runner or ansible-builder, do let me know, and I will open an issue as needed, happy to help.

ANSIBLE-NAVIGATOR VERSION

ansible-navigator 3.5.0

CONFIGURATION

LOG FILE

STEPS TO REPRODUCE

I tried several base images, and locking ansible-core and ansible-runner versions pinned back, but the same versions do work locally, which led me to think it was related to a change in how ansible-builder v3 works, or how ansible-navigator and ansible-builder v3 work together. If I install collections locally (cisco.nxos==5.2.1) and pull creator:ee and other images built on v1 syntax, they do appear to work without any modifications or passing the root user option in.

• execution-environment.yml

---
version: 3

images:
  base_image:
    name: quay.io/centos/centos:stream9
    # name: docker.io/redhat/ubi9:latest

dependencies:
  ansible_core:
    package_pip: ansible-core
  ansible_runner:
    package_pip: ansible-runner
  galaxy: requirements.yml
  # python: requirements.txt

additional_build_files:
  - src: ansible.cfg
    dest: configs

additional_build_steps:
  prepend_galaxy:
    - ADD _build/configs/ansible.cfg ~/.ansible.cfg

EXPECTED RESULTS

ACTUAL RESULTS

ADDITIONAL INFORMATION

• site.yml

---
- name: Playbook to gather l3_interfaces
  hosts: all
  strategy: ansible.builtin.linear
  order: sorted
  gather_facts: false
  tasks:
    - name: Gather l3_interfaces facts from the device using nxos_l3_interfaces
      cisco.nxos.nxos_l3_interfaces:
        state: gathered
      register: remote_l3_interfaces

• hosts

---
all:
  vars:
    ansible_python_interpreter: python3
    ansible_network_os: cisco.nxos.nxos
    ansible_become: false
    ansible_become_method: ansible.netcommon.enable
    ansible_connection: ansible.netcommon.network_cli
    ansible_network_cli_ssh_type: libssh

  hosts:
    nxos-devnet-ao:  # cisco always-on nxos
      ansible_host: sbx-nxos-mgmt.cisco.com
      ansible_user: admin
      ansible_password: Admin_1234!