Today I ran into a rather odd issue attempting to patch a base image using Ansible and Packer. Randomly and sporadically, my playbook would fail with the error of:
Could not get lock /var/lib/dpkg/lock-frontend
If you ever try to run Ansible on Ubuntu 16.10 and later, be aware that Unattended Upgrades is enabled by default. On boot of new Packer bake instances, I noticed that it would sometimes lock apt to do security updates by default. I spent a good part of my day tracking this down as to why sometimes it would work and other times it would not; turns out it was a race condition (could apt finish faster then next step). Seeing as it’s 2018 and we should not be afraid of security fixes, I didn’t want to disable this because this is useful for security and such.
To get around this, I created a role called prerun, which does the following task:
# Check for unattended-upgrades - name: Wait for automatic system updates to complete shell: while pgrep unattended; do sleep 10; done;
After including this in roles that used apt, my error went away. One of my builds took almost 30 seconds to get past this; which would have otherwise failed. Hope this helps another poor soul out there. 🙂
Source: https://github.com/ansible/ansible/issues/25414#issuecomment-401212950
EDIT:
Another way as I was shown with Packer (to avoid adding additional Ansible roles) is to run a pre and post script in between your Ansible run!
In your base Packer JSON provisioners section, you would do:
{ "script": "scripts/startup.sh", "type": "shell" }, { "extra_arguments": [ "-vv" ], "playbook_dir": "playbooks", "playbook_file": "playbooks/example.yml", "type": "ansible-local" }, { "script": "scripts/postrun.sh", "type": "shell" }
In startup.sh, you would need a section to do whatever you need (most likely install ansible and such):
# Ensure to disable u-u to prevent breaking later sudo systemctl mask unattended-upgrades.service sudo systemctl stop unattended-upgrades.service
# Ensure process is in fact off: echo "Ensuring unattended-upgrades are in fact disabled" while systemctl is-active --quiet unattended-upgrades.service; do sleep 1; done
Finally, in postrun.sh (and whatever else you need, like delete ansible dir and such):
sudo systemctl unmask unattended-upgrades.service
sudo systemctl start unattended-upgrades.service
EDIT 2:
Another solution could be to add this in you Ansible roles before package installation:
- name: Wait for /var/lib/dpkg/lock-frontend to be released
shell: while lsof /var/lib/dpkg/lock-frontend ; do sleep 10; done;
Thanks Gordon Kirkland for the additional solution!
Hope one of these many solutions helps others stuck with the same problem!
oh hey, thank you for saving my life on page six of google results! 😀
Hello, I am Kyran a professional in report writing.
I enjoy solving people’s problems and make them happy. That is what I have been doing for decades now.
I have been writing since I was 12 years old and never knew it would turn out to be a full-time career. I have also been able to manage several assignments that involves writing. And I worked in three organizations as a volunteer to assist people.My passion has always been to help people succeed. And I go the extra mile to make that happen.
I enjoy writing books and have helped people from countries like Mexico.
I work with a service provider whose mission is to provide quality writing and make people happy. In fact, many clients come to me for professional help on a daily basis because they know I always deliver. And I will continue to provide nothing but quality to build trust like I have been doing for the past few years.
Expert academic writer – Kyran – http://www.asovep.org Corp
My name is Nannie Morris. And I am a professional academic writer with many years of experience in writing.
My interest is to solve problems related to writing. And I have been doing it for many years. I have been with several organizations as a volunteer and have assisted in many ways.
My love for writing has no end. It is like the air we breathe, something I cherish with all my being. I am a full-time writer who started at an early age.
I’m happy that I`ve already sold several copies of my poems in different countries like England and others too numerous to mention.
I also work in a company that provides assistance to many students from different parts of the world. People always come to me because I work no matter how difficult their projects are. I help them to save time, because I feel happy when people come to me for professional help.
Academic Writer – Nannie Morris – elearninag.com Band
Thank you for posting this, it was driving me crazy 🙂
Edit 1 works great. Using just Packer and shell provisioners in my case.
FYI that unattended-upgrades.service script doesn’t do what you think it does. It just seems to be a helper script to prevent OS shutdown when unattended-upgrades are running.
Confirm that you are not a robot, and Here is nicepremium pay for victory. http://bit.ly/2EPXdoM
Thanks!
The end of my headache 😉
Thanks man.
Thanks. Saved my day.
Thanks !
Thank you for saving my time!