Issue with connection established from ansible to windows - ansible

WinRM service is already running on this windows machine, but when I run my playbook against a Windows node I'm getting below error.
error:
fatal: [xx:xx:xx:xxx]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh_exchange_identification: Connection closed by remote host", "unreachable": true}
Could you please let me know if anything is missing or incorrect
Regards,
Priya P

As Zeitounator said:
Add winrm connection details. Ie. if you have an ini inventory with a windows group: (put the credentials in a vault)
[windows:vars]
ansible_user=<from vault>
ansible_password=<from vault>
ansible_connection=winrm
ansible_winrm_server_cert_validation=ignore
ansible_port=5986
#ansible_port=5985
ansible_winrm_transport=ntlm
ansible_winrm_scheme=https
#ansible_winrm_scheme=http

Related

How to connect with ansible to an EC2 instance?

Friends,
I am trying to run some ansible tasks against an EC2 instance and getting the following error:
fatal: [ubuntu]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to
the host via ssh: ssh: connect to host 34.218.130.84 port 22:connection timed out",
"unreachable": true}
I think, the problem is related to Ansible configuration because I tryed connecting with the instance via Putty using the same IP, username and pem-file and it worked just fine.
This is how my inventory file looks like:
[brt]
ubuntu ansible_ssh_host=34.218.130.84
ansible_ssh_private_key_file=/home/mjgoncalves/ansible/chave/aws-ansible.pem
[brt:vars]
ansible_ssh_private_key_file=/home/mjgoncalves/ansible/chave/aws-ansible.pem
ansible_ssh_host=34.218.130.84
ansible_ssh_user=username
ansible_ssh_pass=passowrd
ansible_become=yes
ansible_become_method=sudo
ansible_become_pass=password
ansible_connection=ssh
...
Any idea what I may be missing?
The "ssh" in the variable names has been deprecated. You should use ansible_host instead of ansible_ssh_host (same for username, password etc., but not for the ansible_ssh_private_key_file).
The IP in the message (connect to host 34.228.140.94) is not the same as in your inventory, so it seems that it does not take the IP from the variable, or you are overwriting it somewhere else.

Ansible - ssh error message when deploying a playbook

Here is the error message I get when I launch a playbook?
From the server, the ssh connection is made with the key.
Do you have an idea?
fatal: [xxx.xxx.xxx.xxx]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Connection timed out during banner exchange", "unreachable": true}
ansible v.17

Ansible for Windows

I am trying to set up my ansible host to connect to windows. However ping is failing with the following error:
sudo ansible win -m win_ping
hostname | UNREACHABLE! => {
"changed": false,
"msg": "basic: HTTPConnectionPool(host='hostname', port=5986): Read timed out. (read timeout=30)",
"unreachable": true
}
pywinrm is installed on my linux box and WinRM is installed on the windows box.
Hosts file:
[win]
systemname
[win:vars]
ansible_user=username
ansible_password=passord
ansible_connection=winrm
ansible_winrm_scheme=http
ansible_winrm_server_cert_validation=ignore
ansible_winrm_transport=basic
Appreciate any advice.
Thanks.
Disabling the Windows Firewall (Domain, private and public networks) in the Windows box, fixed the issue for me.
Can you double check the WinRM Listener settings:
winrm enumerate winrm/config/Listener
If the output is what you expect, can you test a command on the local server as shown here:
winrs -r:http://server:5985/wsman -u:Username -p:Password ipconfig
Ansible has a good reference on this topic as well.

Ansible always has SSH error against localhost?

On a CentOS machine, I can ssh into localhost. I can also successfully "sudo ansible -m ping localhost". Port 22 is also open. I can also run a playbook against localhost where "connetion : local".
However, when trying to do anything against localhost via ansible with SSH, I get the following:
localhost | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n",
"unreachable": true
}
As far as I can tell, the other similar SO answer to a similar error here
does not really solve the problem as it basically says "well don't SSH then".

Unable to ping Windows Server using win_ping

When I tried to ping my Windows instance using ansible windows -i hosts.ini -m win_ping , I got the following error :
10.0.72.11 | UNREACHABLE! => {
"changed": false,
"msg": "ssl: HTTPSConnectionPool(host='10.0.72.11', port=5986): Max retries exceeded with url: /wsman (Caused by ConnectTimeoutError(<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x2319990>, 'Connection to 10.0.72.11 timed out. (connect timeout=30)'))",
"unreachable": true
}
My hosts.ini file looks like :
[windows]
10.0.72.11
[windows:vars]
ansible_ssh_user=Administrator
ansible_ssh_pass=MyPassword123!
ansible_ssh_port=5986
ansible_connection=winrm
ansible_winrm_server_cert_validation=ignore
May I know where I am wrong?
I was getting the same error. In my case WinRM was not enabled properly on Windows host. I ran the PowerShell script on my windows host, resolved the errors by setting variables and flags as mentioned in the "ConfigureRemotingForAnsible.ps1" comments section and the error disappeared.

Resources