No config file found; using defaults [WARNING]: No inventory was parsed, only implicit localhost is available [WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all' PLAY [Build a centos 9 cloud image suitable for Zuul] ************************** TASK [Gathering Facts] ********************************************************* ok: [localhost] TASK [discover-centos : Fail when release is not set] ************************** skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [discover-centos : Fail when composes is set to Centos 8 stream] ********** skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [discover-centos : tempfile] ********************************************** changed: [localhost] => {"changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/tmp/ansible.56im09rt", "size": 0, "state": "file", "uid": 0} TASK [discover-centos : file] ************************************************** changed: [localhost] => {"changed": true, "path": "/tmp/ansible.56im09rt", "state": "absent"} TASK [discover-centos : Set proper url - stable] ******************************* ok: [localhost] => {"ansible_facts": {"mirror_url": "https://cloud.centos.org/centos/9-stream/x86_64/images"}, "changed": false} TASK [discover-centos : Set proper url - composes] ***************************** skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [discover-centos : Fetch publication page] ******************************** changed: [localhost] => {"changed": true, "checksum_dest": null, "checksum_src": "20c2f02f2794c2fe8d3676a7aed96d8574a83248", "dest": "/tmp/ansible.56im09rt", "elapsed": 0, "gid": 0, "group": "root", "md5sum": "f8f8c8456cb9bbe3ab67a67c99429201", "mode": "0644", "msg": "OK (unknown bytes)", "owner": "root", "size": 151014, "src": "/root/.ansible/tmp/ansible-tmp-1775080605.3527336-2520-131963133279427/tmp480xjnf4", "state": "file", "status_code": 200, "uid": 0, "url": "https://cloud.centos.org/centos/9-stream/x86_64/images"} TASK [discover-centos : Find specified centos image version] ******************* skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [discover-centos : Find centos-9-stream qcow] ***************************** [WARNING]: Consider using the replace, lineinfile or template module rather than running 'sed'. If you need to use command because replace, lineinfile or template is insufficient you can add 'warn: false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid of this message. changed: [localhost] => {"changed": true, "cmd": "sed -n \"/qcow2/ s/.*\\(CentOS-Stream-GenericCloud-9-.*\\)<\\/a>.*/\\1/p\" /tmp/ansible.56im09rt | grep -v 'latest' | sort | grep -vEi 'md5sum|sha1sum|sha256sum' | tail -n1\n", "delta": "0:00:00.015008", "end": "2026-04-01 21:56:46.393754", "rc": 0, "start": "2026-04-01 21:56:46.378746", "stderr": "", "stderr_lines": [], "stdout": "CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "stdout_lines": ["CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2"]} TASK [discover-centos : Find checksum file url] ******************************** changed: [localhost] => {"changed": true, "cmd": "sed -n \"/SHA256SUM/ s/.*\\(CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2.SHA256SUM\\)<\\/a>.*/\\1/p\" /tmp/ansible.56im09rt\n", "delta": "0:00:00.009499", "end": "2026-04-01 21:56:46.646196", "rc": 0, "start": "2026-04-01 21:56:46.636697", "stderr": "", "stderr_lines": [], "stdout": "CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2.SHA256SUM", "stdout_lines": ["CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2.SHA256SUM"]} TASK [discover-centos : set_fact] ********************************************** ok: [localhost] => {"ansible_facts": {"checksums_url": "https://cloud.centos.org/centos/9-stream/x86_64/images/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2.SHA256SUM"}, "changed": false} TASK [discover-centos : file] ************************************************** changed: [localhost] => {"changed": true, "path": "/tmp/ansible.56im09rt", "state": "absent"} TASK [discover-centos : Fetch checksum file] *********************************** changed: [localhost] => {"changed": true, "checksum_dest": null, "checksum_src": "f0474a908a8f5f6352a10000381a5b115c4f273b", "dest": "/tmp/ansible.56im09rt", "elapsed": 0, "gid": 0, "group": "root", "md5sum": "93c4aa31f6c50dce9b3338109dd8e71f", "mode": "0644", "msg": "OK (202 bytes)", "owner": "root", "size": 202, "src": "/root/.ansible/tmp/ansible-tmp-1775080606.9398663-2598-101095038836501/tmp9belizmx", "state": "file", "status_code": 200, "uid": 0, "url": "https://cloud.centos.org/centos/9-stream/x86_64/images/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2.SHA256SUM"} TASK [discover-centos : Find checksum] ***************************************** changed: [localhost] => {"changed": true, "cmd": "tail -n1 /tmp/ansible.56im09rt | awk '{print $4}'\n", "delta": "0:00:00.031210", "end": "2026-04-01 21:56:47.815356", "rc": 0, "start": "2026-04-01 21:56:47.784146", "stderr": "", "stderr_lines": [], "stdout": "a69e8c84ae21af5743b96b23e66760a6ab15f8814b6b6fec6840e4b6e07933c9", "stdout_lines": ["a69e8c84ae21af5743b96b23e66760a6ab15f8814b6b6fec6840e4b6e07933c9"]} TASK [discover-centos : set_fact] ********************************************** ok: [localhost] => {"ansible_facts": {"image": "CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "image_checksum": "sha256:a69e8c84ae21af5743b96b23e66760a6ab15f8814b6b6fec6840e4b6e07933c9", "image_url": "https://cloud.centos.org/centos/9-stream/x86_64/images/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2"}, "changed": false} TASK [discover-centos : debug] ************************************************* ok: [localhost] => { "msg": "Discovered image name: CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2\nDiscovered image_url: https://cloud.centos.org/centos/9-stream/x86_64/images/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2\nDiscovered image_checksum: sha256:a69e8c84ae21af5743b96b23e66760a6ab15f8814b6b6fec6840e4b6e07933c9\n" } TASK [base-appliance : Set appliance_archive] ********************************** ok: [localhost] => {"ansible_facts": {"appliance_archive": "/tmp/appliance-1.54.0.tar.xz"}, "changed": false} TASK [base-appliance : Set appliance_path] ************************************* ok: [localhost] => {"ansible_facts": {"appliance_path": "/tmp//tmp/appliance-1.54.0"}, "changed": false} TASK [base-appliance : Remove existing appliance directory to avoid error: virt-customize: error: libguestfs error: cannot find any suitable libguestfs supermin] *** changed: [localhost] => {"changed": true, "path": "/tmp//tmp/appliance-1.54.0", "state": "absent"} TASK [base-appliance : Ensure appliance_path exists] *************************** changed: [localhost] => {"changed": true, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/tmp//tmp/appliance-1.54.0", "size": 6, "state": "directory", "uid": 0} TASK [base-appliance : Download appliance] ************************************* ok: [localhost] => {"changed": false, "dest": "/tmp/appliance-1.54.0.tar.xz", "elapsed": 0, "gid": 0, "group": "root", "mode": "0644", "msg": "HTTP Error 304: Not Modified", "owner": "root", "size": 197794224, "state": "file", "uid": 0, "url": "https://download.libguestfs.org/binaries/appliance/appliance-1.54.0.tar.xz"} TASK [base-appliance : Unarchive appliance] ************************************ changed: [localhost] => {"changed": true, "dest": "/tmp//tmp/appliance-1.54.0", "extract_results": {"cmd": ["/bin/gtar", "--extract", "-C", "/tmp//tmp/appliance-1.54.0", "-f", "/root/.ansible/tmp/ansible-tmp-1775080609.3018267-2692-209206805182715/source"], "err": "", "out": "", "rc": 0}, "gid": 0, "group": "root", "handler": "TarArchive", "mode": "0755", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1775080609.3018267-2692-209206805182715/source", "state": "directory", "uid": 0} TASK [base-appliance : set_fact] *********************************************** ok: [localhost] => {"ansible_facts": {"virt_customize_env": {"LIBGUESTFS_BACKEND": "direct", "LIBGUESTFS_PATH": "/tmp//tmp/appliance-1.54.0/appliance"}}, "changed": false} TASK [base : assert] *********************************************************** ok: [localhost] => { "changed": false, "msg": "All assertions passed" } TASK [base : Set some runtime facts] ******************************************* ok: [localhost] => {"ansible_facts": {"image_cache_file": "/var/cache/nodepool/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "image_tmp_dir": "/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065"}, "changed": false} TASK [base : Make sure cache directory exist] ********************************** ok: [localhost] => {"changed": false, "gid": 1002, "group": "1002", "mode": "0755", "owner": "1002", "path": "/var/cache/nodepool", "size": 8192, "state": "directory", "uid": 1002} TASK [base : Delete previous image cache] ************************************** skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [base : Check if image is already downloaded] ***************************** ok: [localhost] => {"changed": false, "stat": {"atime": 1775080443.3031244, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 3749120, "charset": "binary", "checksum": "b6e0bc32270a3cebfe6892d745e49bef569f6243", "ctime": 1775080442.3750966, "dev": 64545, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 78, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "application/octet-stream", "mode": "0644", "mtime": 1775080442.3750966, "nlink": 1, "path": "/var/cache/nodepool/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 1919549440, "uid": 0, "version": "2622444503", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [base : Download if checksum doesn't match] ******************************* skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [base : Extract the image if necessary] *********************************** ok: [localhost] => {"changed": false, "cmd": ["xz", "-k", "-d", "/var/cache/nodepool/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2.xz"], "rc": 0, "stdout": "skipped, since /var/cache/nodepool/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2 exists", "stdout_lines": ["skipped, since /var/cache/nodepool/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2 exists"]} TASK [base : Run pre-update command if needed] ********************************* changed: [localhost] => {"changed": true, "cmd": ["virt-customize", "-m", "2048", "-a", "/var/cache/nodepool/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "--run-command", "dnf -y install dnf-plugins-core && dnf config-manager --set-enabled crb --save"], "delta": "0:00:22.296474", "end": "2026-04-01 21:57:51.131098", "rc": 0, "start": "2026-04-01 21:57:28.834624", "stderr": "", "stderr_lines": [], "stdout": "[ 0.0] Examining the guest ...\n[ 16.1] Setting a random seed\n[ 16.1] Running: dnf -y install dnf-plugins-core && dnf config-manager --set-enabled crb --save\n[ 22.1] Finishing off", "stdout_lines": ["[ 0.0] Examining the guest ...", "[ 16.1] Setting a random seed", "[ 16.1] Running: dnf -y install dnf-plugins-core && dnf config-manager --set-enabled crb --save", "[ 22.1] Finishing off"]} TASK [base : Set custom kernel version] **************************************** skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [base : Exclude packages for being updated] ******************************* skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [base : Update the cache] ************************************************* changed: [localhost] => {"changed": true, "cmd": ["virt-customize", "-m", "2048", "-a", "/var/cache/nodepool/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "--update"], "delta": "0:00:25.845113", "end": "2026-04-01 21:58:17.261640", "rc": 0, "start": "2026-04-01 21:57:51.416527", "stderr": "", "stderr_lines": [], "stdout": "[ 0.0] Examining the guest ...\n[ 18.4] Setting a random seed\n[ 18.4] Updating packages\n[ 25.6] Finishing off", "stdout_lines": ["[ 0.0] Examining the guest ...", "[ 18.4] Setting a random seed", "[ 18.4] Updating packages", "[ 25.6] Finishing off"]} TASK [base : Create tmp directory] ********************************************* changed: [localhost] => {"changed": true, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065", "size": 6, "state": "directory", "uid": 0} TASK [base : Set filename copy fact] ******************************************* ok: [localhost] => {"ansible_facts": {"image_file": "/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2"}, "changed": false} TASK [base : Copy the image] *************************************************** changed: [localhost] => {"changed": true, "checksum": "1cc51f4024effd2d4fa49011a9134f80483c1520", "dest": "/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "gid": 0, "group": "root", "md5sum": "a144733672fdcf3ab4d9dd3ddc968d86", "mode": "0644", "owner": "root", "size": 1919549440, "src": "/var/cache/nodepool/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "state": "file", "uid": 0} TASK [Install base package and setup SELINUX] ********************************** ok: [localhost] => {"ansible_facts": {"virt_customize_cmd": ["virt-customize -m 2048 -a /var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "--selinux-relabel", "--install 'traceroute,iproute,git,rsync'", "--run-command 'sed -e s/^SELINUX=.*/SELINUX=enforcing/ -i /etc/selinux/config'"]}, "changed": false} TASK [sshd-config : Prepare sshd_config file] ********************************** changed: [localhost] => {"changed": true, "checksum": "426f750873a82338136ef9ff497829722a2a035c", "dest": "/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/sshd_config", "gid": 0, "group": "root", "md5sum": "0f47734e2af65faf089c7bb0a53ff448", "mode": "0644", "owner": "root", "size": 907, "src": "/root/.ansible/tmp/ansible-tmp-1775080705.216333-2892-174410382729996/source", "state": "file", "uid": 0} TASK [sshd-config : set_fact] ************************************************** ok: [localhost] => {"ansible_facts": {"cmd": ["--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/sshd_config:/etc/ssh/'", "--chmod '0600:/etc/ssh/sshd_config'"]}, "changed": false} TASK [sshd-config : Generate ssh host keys] ************************************ skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [sshd-config : set_fact] ************************************************** ok: [localhost] => {"ansible_facts": {"virt_customize_cmd": ["virt-customize -m 2048 -a /var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "--selinux-relabel", "--install 'traceroute,iproute,git,rsync'", "--run-command 'sed -e s/^SELINUX=.*/SELINUX=enforcing/ -i /etc/selinux/config'", "--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/sshd_config:/etc/ssh/'", "--chmod '0600:/etc/ssh/sshd_config'"]}, "changed": false} TASK [zuul-user : Prepare the sudoers file] ************************************ changed: [localhost] => {"changed": true, "checksum": "bf0831556e9f0a8ed0d5520b424f992f590ea2e3", "dest": "/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/zuul", "gid": 0, "group": "root", "md5sum": "4dca5fc5ab85dbdfff30d6dde7c49c65", "mode": "0644", "owner": "root", "size": 87, "src": "/root/.ansible/tmp/ansible-tmp-1775080705.6580482-2923-174583291564335/source", "state": "file", "uid": 0} TASK [zuul-user : Prepare the authorized_keys file] **************************** changed: [localhost] => {"changed": true, "checksum": "8a762e403cc4ed4e8498b801fcf57c967505132e", "dest": "/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/authorized_keys", "gid": 0, "group": "root", "md5sum": "0df0a4d0f345163e88e6dd96d3cb5f35", "mode": "0644", "owner": "root", "size": 395, "src": "/var/lib/nodepool/.ssh/zuul_rsa.pub", "state": "file", "uid": 0} TASK [zuul-user : set_fact] **************************************************** ok: [localhost] => {"ansible_facts": {"cmd": ["--run-command 'if id zuul; then userdel -r -f zuul; fi'"]}, "changed": false} TASK [zuul-user : set_fact] **************************************************** ok: [localhost] => {"ansible_facts": {"virt_customize_cmd": ["virt-customize -m 2048 -a /var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "--selinux-relabel", "--install 'traceroute,iproute,git,rsync'", "--run-command 'sed -e s/^SELINUX=.*/SELINUX=enforcing/ -i /etc/selinux/config'", "--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/sshd_config:/etc/ssh/'", "--chmod '0600:/etc/ssh/sshd_config'", "--run-command 'if id zuul; then userdel -r -f zuul; fi'"]}, "changed": false} TASK [zuul-user : set_fact] **************************************************** ok: [localhost] => {"ansible_facts": {"cmd": ["--run-command 'adduser -m zuul'", "--mkdir '/home/zuul/.ssh'", "--chmod '0700:/home/zuul/.ssh'", "--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/authorized_keys:/home/zuul/.ssh/'", "--chmod '0600:/home/zuul/.ssh/authorized_keys'", "--run-command 'chown -R zuul:zuul /home/zuul/.ssh/'", "--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/zuul:/etc/sudoers.d/'", "--chmod '0440:/etc/sudoers.d/zuul'", "--run-command 'chcon -R -h system_u:object_r:user_home_t:s0 /home/zuul && chcon -R -h system_u:object_r:ssh_home_t:s0 /home/zuul/.ssh'"]}, "changed": false} TASK [zuul-user : set_fact] **************************************************** ok: [localhost] => {"ansible_facts": {"virt_customize_cmd": ["virt-customize -m 2048 -a /var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "--selinux-relabel", "--install 'traceroute,iproute,git,rsync'", "--run-command 'sed -e s/^SELINUX=.*/SELINUX=enforcing/ -i /etc/selinux/config'", "--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/sshd_config:/etc/ssh/'", "--chmod '0600:/etc/ssh/sshd_config'", "--run-command 'if id zuul; then userdel -r -f zuul; fi'", "--run-command 'adduser -m zuul'", "--mkdir '/home/zuul/.ssh'", "--chmod '0700:/home/zuul/.ssh'", "--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/authorized_keys:/home/zuul/.ssh/'", "--chmod '0600:/home/zuul/.ssh/authorized_keys'", "--run-command 'chown -R zuul:zuul /home/zuul/.ssh/'", "--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/zuul:/etc/sudoers.d/'", "--chmod '0440:/etc/sudoers.d/zuul'", "--run-command 'chcon -R -h system_u:object_r:user_home_t:s0 /home/zuul && chcon -R -h system_u:object_r:ssh_home_t:s0 /home/zuul/.ssh'"]}, "changed": false} TASK [base-install-packages : set_fact] **************************************** ok: [localhost] => {"ansible_facts": {"cmd": ["--install 'traceroute,iproute,git,rsync,pigz,wget,unzip,redhat-rpm-config,rpm-build,rpm-sign,rpmlint,createrepo,gnupg2,expect,hostname,gcc,gcc-c++,make,patch,tar,time,python3,python3-PyYAML,python3-devel,python3-libselinux,python3-netifaces,python3-six,libffi-devel,libxml2-devel,libxslt-devel,openldap-devel,openssl-devel,python-devel,readline-devel,ruby-devel,systemd-devel,zlib-devel,iptables-nft,iptables-nft-services,crypto-policies-scripts'"]}, "changed": false} TASK [base-install-packages : set_fact] **************************************** ok: [localhost] => {"ansible_facts": {"virt_customize_cmd": ["virt-customize -m 2048 -a /var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "--selinux-relabel", "--install 'traceroute,iproute,git,rsync'", "--run-command 'sed -e s/^SELINUX=.*/SELINUX=enforcing/ -i /etc/selinux/config'", "--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/sshd_config:/etc/ssh/'", "--chmod '0600:/etc/ssh/sshd_config'", "--run-command 'if id zuul; then userdel -r -f zuul; fi'", "--run-command 'adduser -m zuul'", "--mkdir '/home/zuul/.ssh'", "--chmod '0700:/home/zuul/.ssh'", "--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/authorized_keys:/home/zuul/.ssh/'", "--chmod '0600:/home/zuul/.ssh/authorized_keys'", "--run-command 'chown -R zuul:zuul /home/zuul/.ssh/'", "--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/zuul:/etc/sudoers.d/'", "--chmod '0440:/etc/sudoers.d/zuul'", "--run-command 'chcon -R -h system_u:object_r:user_home_t:s0 /home/zuul && chcon -R -h system_u:object_r:ssh_home_t:s0 /home/zuul/.ssh'", "--install 'traceroute,iproute,git,rsync,pigz,wget,unzip,redhat-rpm-config,rpm-build,rpm-sign,rpmlint,createrepo,gnupg2,expect,hostname,gcc,gcc-c++,make,patch,tar,time,python3,python3-PyYAML,python3-devel,python3-libselinux,python3-netifaces,python3-six,libffi-devel,libxml2-devel,libxslt-devel,openldap-devel,openssl-devel,python-devel,readline-devel,ruby-devel,systemd-devel,zlib-devel,iptables-nft,iptables-nft-services,crypto-policies-scripts'"]}, "changed": false} TASK [network-config : set_fact] *********************************************** skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [network-config : set_fact] *********************************************** ok: [localhost] => {"ansible_facts": {"network_command": ["--install iptables", "--run-command 'iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 19885 -j ACCEPT'", "--run-command 'iptables -I INPUT -p tcp -m tcp --dport 22 -j ACCEPT'", "--run-command 'iptables-save > /etc/sysconfig/iptables'", "--run-command 'systemctl enable iptables.service'"]}, "changed": false} TASK [network-config : set_fact] *********************************************** ok: [localhost] => {"ansible_facts": {"virt_customize_cmd": ["virt-customize -m 2048 -a /var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "--selinux-relabel", "--install 'traceroute,iproute,git,rsync'", "--run-command 'sed -e s/^SELINUX=.*/SELINUX=enforcing/ -i /etc/selinux/config'", "--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/sshd_config:/etc/ssh/'", "--chmod '0600:/etc/ssh/sshd_config'", "--run-command 'if id zuul; then userdel -r -f zuul; fi'", "--run-command 'adduser -m zuul'", "--mkdir '/home/zuul/.ssh'", "--chmod '0700:/home/zuul/.ssh'", "--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/authorized_keys:/home/zuul/.ssh/'", "--chmod '0600:/home/zuul/.ssh/authorized_keys'", "--run-command 'chown -R zuul:zuul /home/zuul/.ssh/'", "--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/zuul:/etc/sudoers.d/'", "--chmod '0440:/etc/sudoers.d/zuul'", "--run-command 'chcon -R -h system_u:object_r:user_home_t:s0 /home/zuul && chcon -R -h system_u:object_r:ssh_home_t:s0 /home/zuul/.ssh'", "--install 'traceroute,iproute,git,rsync,pigz,wget,unzip,redhat-rpm-config,rpm-build,rpm-sign,rpmlint,createrepo,gnupg2,expect,hostname,gcc,gcc-c++,make,patch,tar,time,python3,python3-PyYAML,python3-devel,python3-libselinux,python3-netifaces,python3-six,libffi-devel,libxml2-devel,libxslt-devel,openldap-devel,openssl-devel,python-devel,readline-devel,ruby-devel,systemd-devel,zlib-devel,iptables-nft,iptables-nft-services,crypto-policies-scripts'", "--install 'traceroute,iproute,git,rsync,pigz,wget,unzip,redhat-rpm-config,rpm-build,rpm-sign,rpmlint,createrepo,gnupg2,expect,hostname,gcc,gcc-c++,make,patch,tar,time,python3,python3-PyYAML,python3-devel,python3-libselinux,python3-netifaces,python3-six,libffi-devel,libxml2-devel,libxslt-devel,openldap-devel,openssl-devel,python-devel,readline-devel,ruby-devel,systemd-devel,zlib-devel,iptables-nft,iptables-nft-services,crypto-policies-scripts'", "--install iptables", "--run-command 'iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 19885 -j ACCEPT'", "--run-command 'iptables -I INPUT -p tcp -m tcp --dport 22 -j ACCEPT'", "--run-command 'iptables-save > /etc/sysconfig/iptables'", "--run-command 'systemctl enable iptables.service'"]}, "changed": false} TASK [enable-fips : set_fact] ************************************************** ok: [localhost] => {"ansible_facts": {"cmd": ["--run-command 'fips-mode-setup --enable'"]}, "changed": false} TASK [enable-fips : set_fact] ************************************************** ok: [localhost] => {"ansible_facts": {"virt_customize_cmd": ["virt-customize -m 2048 -a /var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "--selinux-relabel", "--install 'traceroute,iproute,git,rsync'", "--run-command 'sed -e s/^SELINUX=.*/SELINUX=enforcing/ -i /etc/selinux/config'", "--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/sshd_config:/etc/ssh/'", "--chmod '0600:/etc/ssh/sshd_config'", "--run-command 'if id zuul; then userdel -r -f zuul; fi'", "--run-command 'adduser -m zuul'", "--mkdir '/home/zuul/.ssh'", "--chmod '0700:/home/zuul/.ssh'", "--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/authorized_keys:/home/zuul/.ssh/'", "--chmod '0600:/home/zuul/.ssh/authorized_keys'", "--run-command 'chown -R zuul:zuul /home/zuul/.ssh/'", "--copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/zuul:/etc/sudoers.d/'", "--chmod '0440:/etc/sudoers.d/zuul'", "--run-command 'chcon -R -h system_u:object_r:user_home_t:s0 /home/zuul && chcon -R -h system_u:object_r:ssh_home_t:s0 /home/zuul/.ssh'", "--install 'traceroute,iproute,git,rsync,pigz,wget,unzip,redhat-rpm-config,rpm-build,rpm-sign,rpmlint,createrepo,gnupg2,expect,hostname,gcc,gcc-c++,make,patch,tar,time,python3,python3-PyYAML,python3-devel,python3-libselinux,python3-netifaces,python3-six,libffi-devel,libxml2-devel,libxslt-devel,openldap-devel,openssl-devel,python-devel,readline-devel,ruby-devel,systemd-devel,zlib-devel,iptables-nft,iptables-nft-services,crypto-policies-scripts'", "--install 'traceroute,iproute,git,rsync,pigz,wget,unzip,redhat-rpm-config,rpm-build,rpm-sign,rpmlint,createrepo,gnupg2,expect,hostname,gcc,gcc-c++,make,patch,tar,time,python3,python3-PyYAML,python3-devel,python3-libselinux,python3-netifaces,python3-six,libffi-devel,libxml2-devel,libxslt-devel,openldap-devel,openssl-devel,python-devel,readline-devel,ruby-devel,systemd-devel,zlib-devel,iptables-nft,iptables-nft-services,crypto-policies-scripts'", "--install iptables", "--run-command 'iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 19885 -j ACCEPT'", "--run-command 'iptables -I INPUT -p tcp -m tcp --dport 22 -j ACCEPT'", "--run-command 'iptables-save > /etc/sysconfig/iptables'", "--run-command 'systemctl enable iptables.service'", "--run-command 'fips-mode-setup --enable'"]}, "changed": false} TASK [base-customize : debug] ************************************************** ok: [localhost] => { "msg": "Running: virt-customize -m 2048 -a /var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2 --selinux-relabel --install 'traceroute,iproute,git,rsync' --run-command 'sed -e s/^SELINUX=.*/SELINUX=enforcing/ -i /etc/selinux/config' --copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/sshd_config:/etc/ssh/' --chmod '0600:/etc/ssh/sshd_config' --run-command 'if id zuul; then userdel -r -f zuul; fi' --run-command 'adduser -m zuul' --mkdir '/home/zuul/.ssh' --chmod '0700:/home/zuul/.ssh' --copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/authorized_keys:/home/zuul/.ssh/' --chmod '0600:/home/zuul/.ssh/authorized_keys' --run-command 'chown -R zuul:zuul /home/zuul/.ssh/' --copy-in '/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/zuul:/etc/sudoers.d/' --chmod '0440:/etc/sudoers.d/zuul' --run-command 'chcon -R -h system_u:object_r:user_home_t:s0 /home/zuul && chcon -R -h system_u:object_r:ssh_home_t:s0 /home/zuul/.ssh' --install 'traceroute,iproute,git,rsync,pigz,wget,unzip,redhat-rpm-config,rpm-build,rpm-sign,rpmlint,createrepo,gnupg2,expect,hostname,gcc,gcc-c++,make,patch,tar,time,python3,python3-PyYAML,python3-devel,python3-libselinux,python3-netifaces,python3-six,libffi-devel,libxml2-devel,libxslt-devel,openldap-devel,openssl-devel,python-devel,readline-devel,ruby-devel,systemd-devel,zlib-devel,iptables-nft,iptables-nft-services,crypto-policies-scripts' --install 'traceroute,iproute,git,rsync,pigz,wget,unzip,redhat-rpm-config,rpm-build,rpm-sign,rpmlint,createrepo,gnupg2,expect,hostname,gcc,gcc-c++,make,patch,tar,time,python3,python3-PyYAML,python3-devel,python3-libselinux,python3-netifaces,python3-six,libffi-devel,libxml2-devel,libxslt-devel,openldap-devel,openssl-devel,python-devel,readline-devel,ruby-devel,systemd-devel,zlib-devel,iptables-nft,iptables-nft-services,crypto-policies-scripts' --install iptables --run-command 'iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 19885 -j ACCEPT' --run-command 'iptables -I INPUT -p tcp -m tcp --dport 22 -j ACCEPT' --run-command 'iptables-save > /etc/sysconfig/iptables' --run-command 'systemctl enable iptables.service' --run-command 'fips-mode-setup --enable'" } TASK [base-customize : Run virt-customize] ************************************* changed: [localhost] => {"changed": true, "cmd": ["virt-customize", "-m", "2048", "-a", "/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "--selinux-relabel", "--install", "traceroute,iproute,git,rsync", "--run-command", "sed -e s/^SELINUX=.*/SELINUX=enforcing/ -i /etc/selinux/config", "--copy-in", "/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/sshd_config:/etc/ssh/", "--chmod", "0600:/etc/ssh/sshd_config", "--run-command", "if id zuul; then userdel -r -f zuul; fi", "--run-command", "adduser -m zuul", "--mkdir", "/home/zuul/.ssh", "--chmod", "0700:/home/zuul/.ssh", "--copy-in", "/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/authorized_keys:/home/zuul/.ssh/", "--chmod", "0600:/home/zuul/.ssh/authorized_keys", "--run-command", "chown -R zuul:zuul /home/zuul/.ssh/", "--copy-in", "/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/zuul:/etc/sudoers.d/", "--chmod", "0440:/etc/sudoers.d/zuul", "--run-command", "chcon -R -h system_u:object_r:user_home_t:s0 /home/zuul && chcon -R -h system_u:object_r:ssh_home_t:s0 /home/zuul/.ssh", "--install", "traceroute,iproute,git,rsync,pigz,wget,unzip,redhat-rpm-config,rpm-build,rpm-sign,rpmlint,createrepo,gnupg2,expect,hostname,gcc,gcc-c++,make,patch,tar,time,python3,python3-PyYAML,python3-devel,python3-libselinux,python3-netifaces,python3-six,libffi-devel,libxml2-devel,libxslt-devel,openldap-devel,openssl-devel,python-devel,readline-devel,ruby-devel,systemd-devel,zlib-devel,iptables-nft,iptables-nft-services,crypto-policies-scripts", "--install", "traceroute,iproute,git,rsync,pigz,wget,unzip,redhat-rpm-config,rpm-build,rpm-sign,rpmlint,createrepo,gnupg2,expect,hostname,gcc,gcc-c++,make,patch,tar,time,python3,python3-PyYAML,python3-devel,python3-libselinux,python3-netifaces,python3-six,libffi-devel,libxml2-devel,libxslt-devel,openldap-devel,openssl-devel,python-devel,readline-devel,ruby-devel,systemd-devel,zlib-devel,iptables-nft,iptables-nft-services,crypto-policies-scripts", "--install", "iptables", "--run-command", "iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 19885 -j ACCEPT", "--run-command", "iptables -I INPUT -p tcp -m tcp --dport 22 -j ACCEPT", "--run-command", "iptables-save > /etc/sysconfig/iptables", "--run-command", "systemctl enable iptables.service", "--run-command", "fips-mode-setup --enable"], "delta": "0:03:56.555624", "end": "2026-04-01 22:02:23.358116", "rc": 0, "start": "2026-04-01 21:58:26.802492", "stderr": "", "stderr_lines": [], "stdout": "[ 0.0] Examining the guest ...\n[ 16.3] Setting a random seed\n[ 16.3] Installing packages: traceroute iproute git rsync\n[ 38.3] Running: sed -e s/^SELINUX=.*/SELINUX=enforcing/ -i /etc/selinux/config\n[ 38.4] Copying: /var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/sshd_config to /etc/ssh/\n[ 38.5] Changing permissions of /etc/ssh/sshd_config to 0600\n[ 38.5] Running: if id zuul; then userdel -r -f zuul; fi\n[ 38.6] Running: adduser -m zuul\n[ 38.8] Making directory: /home/zuul/.ssh\n[ 38.8] Changing permissions of /home/zuul/.ssh to 0700\n[ 38.8] Copying: /var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/authorized_keys to /home/zuul/.ssh/\n[ 38.9] Changing permissions of /home/zuul/.ssh/authorized_keys to 0600\n[ 38.9] Running: chown -R zuul:zuul /home/zuul/.ssh/\n[ 39.0] Copying: /var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/zuul to /etc/sudoers.d/\n[ 39.0] Changing permissions of /etc/sudoers.d/zuul to 0440\n[ 39.0] Running: chcon -R -h system_u:object_r:user_home_t:s0 /home/zuul && chcon -R -h system_u:object_r:ssh_home_t:s0 /home/zuul/.ssh\n[ 39.1] Installing packages: traceroute iproute git rsync pigz wget unzip redhat-rpm-config rpm-build rpm-sign rpmlint createrepo gnupg2 expect hostname gcc gcc-c++ make patch tar time python3 python3-PyYAML python3-devel python3-libselinux python3-netifaces python3-six libffi-devel libxml2-devel libxslt-devel openldap-devel openssl-devel python-devel readline-devel ruby-devel systemd-devel zlib-devel iptables-nft iptables-nft-services crypto-policies-scripts\n[ 125.4] Installing packages: traceroute iproute git rsync pigz wget unzip redhat-rpm-config rpm-build rpm-sign rpmlint createrepo gnupg2 expect hostname gcc gcc-c++ make patch tar time python3 python3-PyYAML python3-devel python3-libselinux python3-netifaces python3-six libffi-devel libxml2-devel libxslt-devel openldap-devel openssl-devel python-devel readline-devel ruby-devel systemd-devel zlib-devel iptables-nft iptables-nft-services crypto-policies-scripts\n[ 126.8] Installing packages: iptables\n[ 127.8] Running: iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 19885 -j ACCEPT\n[ 128.0] Running: iptables -I INPUT -p tcp -m tcp --dport 22 -j ACCEPT\n[ 128.1] Running: iptables-save > /etc/sysconfig/iptables\n[ 128.2] Running: systemctl enable iptables.service\n[ 128.3] Running: fips-mode-setup --enable\n[ 213.6] SELinux relabelling\n[ 236.2] Finishing off", "stdout_lines": ["[ 0.0] Examining the guest ...", "[ 16.3] Setting a random seed", "[ 16.3] Installing packages: traceroute iproute git rsync", "[ 38.3] Running: sed -e s/^SELINUX=.*/SELINUX=enforcing/ -i /etc/selinux/config", "[ 38.4] Copying: /var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/sshd_config to /etc/ssh/", "[ 38.5] Changing permissions of /etc/ssh/sshd_config to 0600", "[ 38.5] Running: if id zuul; then userdel -r -f zuul; fi", "[ 38.6] Running: adduser -m zuul", "[ 38.8] Making directory: /home/zuul/.ssh", "[ 38.8] Changing permissions of /home/zuul/.ssh to 0700", "[ 38.8] Copying: /var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/authorized_keys to /home/zuul/.ssh/", "[ 38.9] Changing permissions of /home/zuul/.ssh/authorized_keys to 0600", "[ 38.9] Running: chown -R zuul:zuul /home/zuul/.ssh/", "[ 39.0] Copying: /var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/zuul to /etc/sudoers.d/", "[ 39.0] Changing permissions of /etc/sudoers.d/zuul to 0440", "[ 39.0] Running: chcon -R -h system_u:object_r:user_home_t:s0 /home/zuul && chcon -R -h system_u:object_r:ssh_home_t:s0 /home/zuul/.ssh", "[ 39.1] Installing packages: traceroute iproute git rsync pigz wget unzip redhat-rpm-config rpm-build rpm-sign rpmlint createrepo gnupg2 expect hostname gcc gcc-c++ make patch tar time python3 python3-PyYAML python3-devel python3-libselinux python3-netifaces python3-six libffi-devel libxml2-devel libxslt-devel openldap-devel openssl-devel python-devel readline-devel ruby-devel systemd-devel zlib-devel iptables-nft iptables-nft-services crypto-policies-scripts", "[ 125.4] Installing packages: traceroute iproute git rsync pigz wget unzip redhat-rpm-config rpm-build rpm-sign rpmlint createrepo gnupg2 expect hostname gcc gcc-c++ make patch tar time python3 python3-PyYAML python3-devel python3-libselinux python3-netifaces python3-six libffi-devel libxml2-devel libxslt-devel openldap-devel openssl-devel python-devel readline-devel ruby-devel systemd-devel zlib-devel iptables-nft iptables-nft-services crypto-policies-scripts", "[ 126.8] Installing packages: iptables", "[ 127.8] Running: iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 19885 -j ACCEPT", "[ 128.0] Running: iptables -I INPUT -p tcp -m tcp --dport 22 -j ACCEPT", "[ 128.1] Running: iptables-save > /etc/sysconfig/iptables", "[ 128.2] Running: systemctl enable iptables.service", "[ 128.3] Running: fips-mode-setup --enable", "[ 213.6] SELinux relabelling", "[ 236.2] Finishing off"]} TASK [base-finalize : Create raw file] ***************************************** changed: [localhost] => {"changed": true, "cmd": ["qemu-img", "convert", "-O", "raw", "/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "/var/lib/nodepool/dib/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065.raw"], "delta": "0:00:14.251522", "end": "2026-04-01 22:02:37.827526", "rc": 0, "start": "2026-04-01 22:02:23.576004", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []} TASK [base-finalize : Create qcow file] **************************************** changed: [localhost] => {"changed": true, "cmd": ["mv", "/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065/CentOS-Stream-GenericCloud-9-20260331.0.x86_64.qcow2", "/var/lib/nodepool/dib/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065.qcow2"], "delta": "0:00:04.525938", "end": "2026-04-01 22:02:42.588222", "rc": 0, "start": "2026-04-01 22:02:38.062284", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []} TASK [base-cleanup : Remove tmp directory] ************************************* changed: [localhost] => {"changed": true, "path": "/var/tmp/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065", "state": "absent"} PLAY RECAP ********************************************************************* localhost : ok=51 changed=22 unreachable=0 failed=0 skipped=10 rescued=0 ignored=0 Running: sudo /usr/local/bin/ansible-playbook -v /etc/nodepool/virt_images/cloud-centos-9-stream-tripleo-fips.yaml -e image_output=/var/lib/nodepool/dib/cloud-centos-9-stream-tripleo-fips-1abb8373b3a84b048d801f9390d22065 -e raw_type=True -e qcow2_type=True Exit code: 0