Forum Discussion

JoshBarrow

Cirrus

Feb 14, 2022

Solved

Ansible Error: An exception occurred during task execution

Wondering if anyone has seen this type of error using Ansible.

Any information would be gladly appreciated!

Spoiler

An exception occurred during task execution. To see the full traceback, use -vvv. The error was: TypeError: split() takes no keyword arguments
fatal: [10.8.246.102]: FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "module_stderr": "Trac eback (most recent call last):\n File \"/home/user/.ansible/tmp/ansible-tmp-1644857990.96-17262-103535251865389/AnsiballZ_bigip_virtual_server .py\", line 102, in <module>\n _ansiballz_main()\n File \"/home/user/.ansible/tmp/ansible-tmp-1644857990.96-17262-103535251865389/AnsiballZ _bigip_virtual_server.py\", line 94, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/home/user/.ansib le/tmp/ansible-tmp-1644857990.96-17262-103535251865389/AnsiballZ_bigip_virtual_server.py\", line 40, in invoke_module\n runpy.run_module(mod_na me='ansible_collections.f5networks.f5_modules.plugins.modules.bigip_virtual_server', init_globals=None, run_name='__main__', alter_sys=True)\n Fi le \"/usr/lib64/python2.7/runpy.py\", line 176, in run_module\n fname, loader, pkg_name)\n File \"/usr/lib64/python2.7/runpy.py\", line 82, in _run_module_code\n mod_name, mod_fname, mod_loader, pkg_name)\n File \"/usr/lib64/python2.7/runpy.py\", line 72, in _run_code\n exec code in run_globals\n File \"/tmp/ansible_f5networks.f5_modules.bigip_virtual_server_payload_HFw5OW/ansible_f5networks.f5_modules.bigip_virtual_server _payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_virtual_server.py\", line 3784, in <module>\n File \"/tmp/ansible_f5 networks.f5_modules.bigip_virtual_server_payload_HFw5OW/ansible_f5networks.f5_modules.bigip_virtual_server_payload.zip/ansible_collections/f5netwo rks/f5_modules/plugins/modules/bigip_virtual_server.py\", line 3777, in main\n File \"/tmp/ansible_f5networks.f5_modules.bigip_virtual_server_pay load_HFw5OW/ansible_f5networks.f5_modules.bigip_virtual_server_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_virtual _server.py\", line 3427, in exec_module\n File \"/tmp/ansible_f5networks.f5_modules.bigip_virtual_server_payload_HFw5OW/ansible_f5networks.f5_mod ules.bigip_virtual_server_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_virtual_server.py\", line 3440, in present\n File \"/tmp/ansible_f5networks.f5_modules.bigip_virtual_server_payload_HFw5OW/ansible_f5networks.f5_modules.bigip_virtual_server_payload.zip/ans ible_collections/f5networks/f5_modules/plugins/modules/bigip_virtual_server.py\", line 3463, in update\n File \"/tmp/ansible_f5networks.f5_module s.bigip_virtual_server_payload_HFw5OW/ansible_f5networks.f5_modules.bigip_virtual_server_payload.zip/ansible_collections/f5networks/f5_modules/plu gins/modules/bigip_virtual_server.py\", line 3471, in should_update\n File \"/tmp/ansible_f5networks.f5_modules.bigip_virtual_server_payload_HFw5 OW/ansible_f5networks.f5_modules.bigip_virtual_server_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_virtual_server.p y\", line 3501, in _update_changed_options\n File \"/tmp/ansible_f5networks.f5_modules.bigip_virtual_server_payload_HFw5OW/ansible_f5networks.f5_ modules.bigip_virtual_server_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_virtual_server.py\", line 3078, in compar e\n File \"/tmp/ansible_f5networks.f5_modules.bigip_virtual_server_payload_HFw5OW/ansible_f5networks.f5_modules.bigip_virtual_server_payload.zip/ ansible_collections/f5networks/f5_modules/plugins/modules/bigip_virtual_server.py\", line 3141, in destination\n File \"/tmp/ansible_f5networks.f 5_modules.bigip_virtual_server_payload_HFw5OW/ansible_f5networks.f5_modules.bigip_virtual_server_payload.zip/ansible_collections/f5networks/f5_mod ules/plugins/modules/bigip_virtual_server.py\", line 1920, in destination_tuple\n File \"/tmp/ansible_f5networks.f5_modules.bigip_virtual_server_ payload_HFw5OW/ansible_f5networks.f5_modules.bigip_virtual_server_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/ipadd ress.py\", line 84, in compress_address\n # __lt__ and __eq__\nTypeError: split() takes no keyword arguments\n", "module_stdout": "", "msg": "M ODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}

An exception occurred during task execution. To see the full traceback, use -vvv. The error was: TypeError: split() takes no keyword argumentsfatal: [10.8.246.102]: FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "module_stderr": "Trac eback (most recent call last):\n File \"/home/user/.ansible/tmp/ansible-tmp-1644857990.96-17262-103535251865389/AnsiballZ_bigip_virtual_server .py\", line 102, in <module>\n _ansiballz_main()\n File \"/home/user/.ansible/tmp/ansible-tmp-1644857990.96-17262-103535251865389/AnsiballZ _bigip_virtual_server.py\", line 94, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/home/user/.ansib le/tmp/ansible-tmp-1644857990.96-17262-103535251865389/AnsiballZ_bigip_virtual_server.py\", line 40, in invoke_module\n runpy.run_module(mod_na me='ansible_collections.f5networks.f5_modules.plugins.modules.bigip_virtual_server', init_globals=None, run_name='__main__', alter_sys=True)\n Fi le \"/usr/lib64/python2.7/runpy.py\", line 176, in run_module\n fname, loader, pkg_name)\n File \"/usr/lib64/python2.7/runpy.py\", line 82, in _run_module_code\n mod_name, mod_fname, mod_loader, pkg_name)\n File \"/usr/lib64/python2.7/runpy.py\", line 72, in _run_code\n exec code in run_globals\n File \"/tmp/ansible_f5networks.f5_modules.bigip_virtual_server_payload_HFw5OW/ansible_f5networks.f5_modules.bigip_virtual_server _payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_virtual_server.py\", line 3784, in <module>\n File \"/tmp/ansible_f5 networks.f5_modules.bigip_virtual_server_payload_HFw5OW/ansible_f5networks.f5_modules.bigip_virtual_server_payload.zip/ansible_collections/f5netwo rks/f5_modules/plugins/modules/bigip_virtual_server.py\", line 3777, in main\n File \"/tmp/ansible_f5networks.f5_modules.bigip_virtual_server_pay load_HFw5OW/ansible_f5networks.f5_modules.bigip_virtual_server_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_virtual _server.py\", line 3427, in exec_module\n File \"/tmp/ansible_f5networks.f5_modules.bigip_virtual_server_payload_HFw5OW/ansible_f5networks.f5_mod ules.bigip_virtual_server_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_virtual_server.py\", line 3440, in present\n File \"/tmp/ansible_f5networks.f5_modules.bigip_virtual_server_payload_HFw5OW/ansible_f5networks.f5_modules.bigip_virtual_server_payload.zip/ans ible_collections/f5networks/f5_modules/plugins/modules/bigip_virtual_server.py\", line 3463, in update\n File \"/tmp/ansible_f5networks.f5_module s.bigip_virtual_server_payload_HFw5OW/ansible_f5networks.f5_modules.bigip_virtual_server_payload.zip/ansible_collections/f5networks/f5_modules/plu gins/modules/bigip_virtual_server.py\", line 3471, in should_update\n File \"/tmp/ansible_f5networks.f5_modules.bigip_virtual_server_payload_HFw5 OW/ansible_f5networks.f5_modules.bigip_virtual_server_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_virtual_server.p y\", line 3501, in _update_changed_options\n File \"/tmp/ansible_f5networks.f5_modules.bigip_virtual_server_payload_HFw5OW/ansible_f5networks.f5_ modules.bigip_virtual_server_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_virtual_server.py\", line 3078, in compar e\n File \"/tmp/ansible_f5networks.f5_modules.bigip_virtual_server_payload_HFw5OW/ansible_f5networks.f5_modules.bigip_virtual_server_payload.zip/ ansible_collections/f5networks/f5_modules/plugins/modules/bigip_virtual_server.py\", line 3141, in destination\n File \"/tmp/ansible_f5networks.f 5_modules.bigip_virtual_server_payload_HFw5OW/ansible_f5networks.f5_modules.bigip_virtual_server_payload.zip/ansible_collections/f5networks/f5_mod ules/plugins/modules/bigip_virtual_server.py\", line 1920, in destination_tuple\n File \"/tmp/ansible_f5networks.f5_modules.bigip_virtual_server_ payload_HFw5OW/ansible_f5networks.f5_modules.bigip_virtual_server_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/ipadd ress.py\", line 84, in compress_address\n # __lt__ and __eq__\nTypeError: split() takes no keyword arguments\n", "module_stdout": "", "msg": "M ODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}

mkratochvil
Feb 24, 2022
Problem solved! At least for us. In short, the module in our playbook needs to be executed on the Big-IP itself which uses Python 2.7 and causes the "split()" error. In most cases this can be resolved with "connection: local" or "delegate_to: localhost", as it is with all the F5 Ansible modules. In our case the solution was a bit different, you can check the GitHub issue for explanation.

11 Replies

Kevin_Stewart
Employee
Jul 27, 2013
Report
Have you tried simply disabling pipelining in the HTTP profile?

nitass

Employee

Jul 27, 2013

as Kevin suggested, when pipelining is disabled, bigip will terminate a connection after responding 1st request.

e.g.

[root@ve10:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.19.252:80
   ip protocol 6
   profiles {
      myhttp {}
      tcp {}
   }
}
[root@ve10:Active] config  b pool foo list
pool foo {
   members 200.200.200.101:80 {}
}
[root@ve10:Active] config  b profile myhttp list
profile http myhttp {
   pipelining disable
}

 client sends http pipelining

[root@centos17 ~] echo -en "HEAD /frist HTTP/1.1\r\nHost: \r\n\r\nHEAD /second HTTP/1.1\r\nHost: \r\n\r\n" | nc 172.28.19.252 80
HTTP/1.1 404 Not Found
Date: Sat, 27 Jul 2013 10:46:47 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=iso-8859-1

 packet trace

[root@ve10:Active] config  ssldump -Aed -nni 0.0 port 80
New TCP connection 1: 172.28.20.17(47892) <-> 172.28.19.252(80)
1374921376.8812 (0.0011)  C>S
---------------------------------------------------------------
HEAD /frist HTTP/1.1
Host:

HEAD /second HTTP/1.1
Host:

---------------------------------------------------------------

1    1374921376.8813 (0.0000)  C>S  TCP FIN
New TCP connection 2: 200.200.200.10(47892) <-> 200.200.200.101(80)
1374921376.8842 (0.0029)  C>S
---------------------------------------------------------------
HEAD /frist HTTP/1.1
Host:

---------------------------------------------------------------

1374921376.8853 (0.0010)  S>C
---------------------------------------------------------------
HTTP/1.1 404 Not Found
Date: Sat, 27 Jul 2013 10:46:47 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=iso-8859-1

---------------------------------------------------------------

1374921376.8853 (0.0040)  S>C
---------------------------------------------------------------
HTTP/1.1 404 Not Found
Date: Sat, 27 Jul 2013 10:46:47 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=iso-8859-1

---------------------------------------------------------------

2    1374921376.8853 (0.0000)  C>S  TCP FIN
1    1374921376.8853 (0.0000)  S>C  TCP FIN
2    1374921376.8864 (0.0010)  S>C  TCP FIN

nitass

Employee

Jul 27, 2013

this is when pipelining is enabled (default).

[root@ve10:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.19.252:80
   ip protocol 6
   profiles {
      http {}
      tcp {}
   }
}
[root@ve10:Active] config  b pool foo list
pool foo {
   members 200.200.200.101:80 {}
}

 client sends http pipelining

[root@centos17 ~] echo -en "HEAD /frist HTTP/1.1\r\nHost: \r\n\r\nHEAD /second HTTP/1.1\r\nHost: \r\n\r\n" | nc 172.28.19.252 80
HTTP/1.1 404 Not Found
Date: Sat, 27 Jul 2013 10:48:26 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=iso-8859-1

HTTP/1.1 404 Not Found
Date: Sat, 27 Jul 2013 10:48:26 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=iso-8859-1

 packet trace

[root@ve10:Active] config  ssldump -Aed -nni 0.0 port 80
New TCP connection 1: 172.28.20.17(47893) <-> 172.28.19.252(80)
1374921475.9033 (0.0011)  C>S
---------------------------------------------------------------
HEAD /frist HTTP/1.1
Host:

HEAD /second HTTP/1.1
Host:

---------------------------------------------------------------

1    1374921475.9034 (0.0000)  C>S  TCP FIN
New TCP connection 2: 200.200.200.10(47893) <-> 200.200.200.101(80)
1374921475.9064 (0.0010)  C>S
---------------------------------------------------------------
HEAD /frist HTTP/1.1
Host:

---------------------------------------------------------------

1374921475.9082 (0.0018)  S>C
---------------------------------------------------------------
HTTP/1.1 404 Not Found
Date: Sat, 27 Jul 2013 10:48:26 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=iso-8859-1

---------------------------------------------------------------

1374921475.9083 (0.0048)  S>C
---------------------------------------------------------------
HTTP/1.1 404 Not Found
Date: Sat, 27 Jul 2013 10:48:26 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=iso-8859-1

---------------------------------------------------------------

1374921475.9083 (0.0000)  C>S
---------------------------------------------------------------
HEAD /second HTTP/1.1
Host:

---------------------------------------------------------------

2    1374921475.9083 (0.0000)  C>S  TCP FIN
1374921475.9094 (0.0010)  S>C
---------------------------------------------------------------
HTTP/1.1 404 Not Found
Date: Sat, 27 Jul 2013 10:48:26 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=iso-8859-1

---------------------------------------------------------------

1374921475.9094 (0.0010)  S>C
---------------------------------------------------------------
HTTP/1.1 404 Not Found
Date: Sat, 27 Jul 2013 10:48:26 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=iso-8859-1

---------------------------------------------------------------

2    1374921475.9094 (0.0000)  S>C  TCP FIN
1    1374921475.9094 (0.0000)  S>C  TCP FIN

nitass

Employee

Jul 27, 2013

But the first request, in which the method saved on httpmethodprev variable, is not rejected.

Only the subsequent request successfully being rejected.can we count number of keyword (e.g. GET, HEAD) and reject when it occurs more than 1?

e.g.

[root@ve10:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.19.252:80
   ip protocol 6
   rules myrule
   profiles {
      http {}
      tcp {}
   }
}
[root@ve10:Active] config  b rule myrule list
rule myrule {
   when CLIENT_ACCEPTED {
  TCP::collect
}
when CLIENT_DATA {
  if { [llength [lsearch -all [TCP::payload] HEAD]] > 1 } {
    reject
    return
  }
  TCP::release
  TCP::collect
}
}

[root@ve10:Active] config  ssldump -Aed -nni 0.0 port 80
New TCP connection 1: 172.28.20.17(47909) <-> 172.28.19.252(80)
1374923550.5707 (0.0007)  C>S
---------------------------------------------------------------
HEAD /frist HTTP/1.1
Host:

HEAD /second HTTP/1.1
Host:

---------------------------------------------------------------

1    1374923550.5708 (0.0000)  S>C  TCP RST

doddy
Nimbostratus
Jul 27, 2013
Report
Hi Kevin & Nitass,,many thanks for helping me with disabling pipelining idea. But I still need to ensure the behavior.

You said that "when pipelining is disabled, bigip will terminate a connection after responding 1st request". Does this mean bigip will close the socket created before to handle the first request? Or does it mean that bigip simply ignore the subsequent request in which delimited with "\r\n" character?

Let me add more info regarding my case. So there was HTTP pipeline request that is suspected being used for this purpose:

1. The first request is the legitimate HTTP request, in which requesting the web page that the client truly want to visit

2. The second request (or the third, fourth, and so forth if exist) is used to trick the DPI system, in which read for certain pattern and in fact cannot detect if pipeline is being used.

So the bigip is located behind the DPI system on the client perspective.

That is why I need the bigip to detect if the request is in pipeline form or not, and reject the request totally (first and subsequent) if so.

But I cannot implement the CLIENT_ACCEPTED and CLIENT_DATA event as you suggest, since the same VS used currently need to run another HTTP inspection using HTTP_REQUEST event.

I will also test the disable pipelining on my network and let you know if the behavior meets my expectation.

Thanks again :)
nitass
Employee
Jul 27, 2013
Report
Does this mean bigip will close the socket created before to handle the first request? Or does it mean that bigip simply ignore the subsequent request in which delimited with "\r\n" character?based on packet trace, bigip sends FIN to both client and server after forwarding 1st response from server to client.

But I cannot implement the CLIENT_ACCEPTED and CLIENT_DATA event as you suggest, since the same VS used currently need to run another HTTP inspection using HTTP_REQUEST event.only pipelining request is rejected. HTTP_REQUEST is still triggered by non-pipelining request.
doddy
Nimbostratus
Jul 27, 2013
Report
Hi Nitass, did you mean I can combine TCP level with HTTP level events like this?

when CLIENT_ACCEPTED {

TCP::collect

}

when CLIENT_DATA {

TCP::payload parsing and reject command

}

when HTTP_REQUEST {

some existing command

}

I didn't know this before, so if it is possible then I think I found what I'm looking for.

Thanks :)

nitass

Employee

Jul 28, 2013

did you mean I can combine TCP level with HTTP level events like this? yes

e.g.

[root@ve10:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.19.252:80
   ip protocol 6
   rules myrule
   profiles {
      http {}
      tcp {}
   }
}
[root@ve10:Active] config  b rule myrule list
rule myrule {
   when CLIENT_ACCEPTED {
  log local0. "CLIENT_ACCEPTED - client [IP::client_addr]:[TCP::client_port]"
  TCP::collect
}
when CLIENT_DATA {
  log local0. "CLIENT_DATA - client [IP::client_addr]:[TCP::client_port] payload [TCP::payload]"
  if { [llength [lsearch -all [TCP::payload] HEAD]] > 1 } {
    log local0. "CLIENT_DATA - client [IP::client_addr]:[TCP::client_port] reject"
    reject
    return
  }
  TCP::release
  TCP::collect
}
when HTTP_REQUEST {
  log local0. "HTTP_REQUEST - client [IP::client_addr]:[TCP::client_port] request [HTTP::request]"
}
}

[root@ve10:Active] config  tail -f /var/log/ltm
Jul 28 09:09:38 local/tmm info tmm[22008]: Rule myrule : CLIENT_ACCEPTED - client 172.28.20.17:47963
Jul 28 09:09:38 local/tmm info tmm[22008]: Rule myrule : CLIENT_DATA - client 172.28.20.17:47963 payload HEAD /frist HTTP/1.1  Host:     HEAD /second HTTP/1.1  Host:
Jul 28 09:09:38 local/tmm info tmm[22008]: Rule myrule : CLIENT_DATA - client 172.28.20.17:47963 reject

Jul 28 09:10:05 local/tmm info tmm[22008]: Rule myrule : CLIENT_ACCEPTED - client 172.28.20.17:47964
Jul 28 09:10:05 local/tmm info tmm[22008]: Rule myrule : CLIENT_DATA - client 172.28.20.17:47964 payload HEAD /normal HTTP/1.1  User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5  Host: 172.28.19.252  Accept: */*
Jul 28 09:10:05 local/tmm info tmm[22008]: Rule myrule : HTTP_REQUEST - client 172.28.20.17:47964 request HEAD /normal HTTP/1.1  User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5  Host: 172.28.19.252  Accept: */*

doddy
Nimbostratus
Jul 28, 2013
Report
Hi Nitass, glad to hear these events combination works :)

I'm not touching my network to try disabling pipeline yet since it still weekend days, but I think the event combination is exactly what meet my expectations.

Thanks a lot for your help, really appreciate that :)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

when HTTP_REQUEST {\n if { [HTTP::header exists \"Header name\"] } {\n set VALUE [HTTP::header \"Header name\"]\n HTTP::header remove \"Header name\"\n log local0. \"Empty header value is $VALUE\"\n }\n }

Forum Discussion

Ansible Error: An exception occurred during task execution

11 Replies

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

F5 Academies Are Back – And We’re Coming to a City Near You

Recent Discussions

Extract info from client ssl profile

BIG-IP AFM Module

GTM Synchronization Group Modify Self-IP Resynchronization

F5 401 and 402

Load balancing NTP Servers

Related Content

ImageTragick - ImageMagick Remote Code Execution Vulnerability

Oracle WebLogic Deserialization Remote Code Execution

ThinkPHP 5.x Remote Code Execution Vulnerability

An error has occurred in the script on this page

Logging/Audit Binary Execution?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS