I've written a seemingly simple ansible task to connect to an ec2 instance and configure the timezone. The ansible task is as follows
---
- name: Set Time Zone variables
copy: content='Etc/UTC' dest=/etc/timezone owner=root group=root mode=0644 backup=yes
and the command used to run the task is
ansible-playbook nectar.yml --extra-vars "ansible_python_interpreter=/usr/local/bin/python env=DEVELOPMENT" -vvvv
my ansible.cfg looks like
[defaults]
inventory = hosts
[ssh_connection]
ssh_args = -o ControlMaster=auto -o ControlPersist=60s
But I keep getting the error message
<54.237.211.85> ESTABLISH SSH CONNECTION FOR USER: ubuntu
<54.237.211.85> SSH: EXEC ssh -vvv -o ControlMaster=auto -o ControlPersist=60s -o Port=22 -o 'IdentityFile="./nectar-web.pem"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ubuntu -o ConnectTimeout=10 -o StrictHostKeyChecking=no -o ControlPath=/Users/reagan/.ansible/cp/5113bdcc33 -tt 54.237.211.85 '/bin/sh -c '"'"'/usr/local/bin/python /home/ubuntu/.ansible/tmp/ansible-tmp-1522003225.61-27057727697133/command.py; rm -rf "/home/ubuntu/.ansible/tmp/ansible-tmp-1522003225.61-27057727697133/" > /dev/null 2>&1 && sleep 0'"'"''
<54.237.211.85> (0, '/bin/sh: 1: /usr/local/bin/python: not found\r\n', 'OpenSSH_7.4p1, LibreSSL 2.5.0\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 98004\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\nShared connection to 54.237.211.85 closed.\r\n')
fatal: [54.237.211.85]: FAILED! => {
"changed": false,
"module_stderr": "OpenSSH_7.4p1, LibreSSL 2.5.0\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 98004\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\nShared connection to 54.237.211.85 closed.\r\n",
"module_stdout": "/bin/sh: 1: /usr/local/bin/python: not found\r\n",
"msg": "MODULE FAILURE",
"rc":
Any ideas on why ansible keeps getting this error when reusing the master connection?
Have done something like this on top of playbook, if I've to run something on vanilla ubuntu AMI.
---
- hosts: all
remote_user: someuser
gather_facts: False
pre_tasks:
- name: Install python for Ansible
raw: test -f /usr/bin/python || (apt -y update && apt install -y python-minimal)
become: true
```
- setup: # aka gather_facts
Try to install on target machine python.
I have same error:
dworker-01 | FAILED! => {
"changed": false,
"module_stderr": "Shared connection to dworker-01 closed.\r\n",
"module_stdout": "/bin/sh: 1: /usr/local/bin/python: not found\r\n",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 127
}
target machine:
apt-get update && apt-get install python
after that all ok.
Related
Ansible 2.9.27. Target is Linux CentOs7
'become sudo' always fails with the error Timeout (12s) waiting for privilege escalation prompt
When I try manually, sudo su takes about 60 seconds to return a prompt. I don't know why, but I'd like to know how to change the timeout so that Ansible waits more time for become.
I've tried different solutions I found in StackOverflow, such as running with -c paramiko, but they didn't work.
<myhostname.com> ESTABLISH SSH CONNECTION FOR USER: myuserid
<myhostname.com> SSH: EXEC sshpass -d8 ssh -C -o ControlMaster=auto -o ControlPersist=60s -o 'User="myuserid"' -o ConnectTimeout=10 -o StrictHostKeyChecking=no -o ControlPath=/home/myuserid/.ansible/xx/e123e1234e myhostname.com '/bin/sh -c '"'"'rm -f -r /tmp/myuserid/ansible/ansible-tmp-12334567890/ > /dev/null 2>&1 && sleep 0'"'"''
<myhostname.com> (0, '', '')
fatal: [myhostname.com]: FAILED! => {"msg": "Timeout (12s) waiting for privilege escalation prompt: \r\n"
There are multiple ways, one way is to set environment variable as below
export ANSIBLE_TIMEOUT=120;
Run the playbook on same terminal where environment variable is set.
Below is my playbook
- name: Play 1.5 - Check each target
hosts: all_hosts
ignore_unreachable: yes
ignore_errors: yes
gather_facts: true
tasks:
- raw: "echo {{ inventory_hostname }} is UNREACHABLE"
delegate_to: localhost
when: <Need help with the when condition here>
I need help with the when condition in the above playbook.
When i run the play against unreachable hosts the debug output clearly shows that the output is in JSON format and there must a variable that captures inventory_host connection status
Please see the output below:
TASK [Gathering Facts] *************************************************************************************************************************************************
task path: /app/Ansible/playbook/check/check.yml:55
<10.9.80.111> Attempting python interpreter discovery
<10.9.80.111> ESTABLISH SSH CONNECTION FOR USER: root
<10.9.80.111> SSH: EXEC ssh -o 'IdentityFile="/app/automation/ssh_keys/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o StrictHostKeyChecking=no 10.9.80.111 '/bin/sh -c '"'"'echo PLATFORM; uname; echo FOUND; command -v '"'"'"'"'"'"'"'"'/usr/bin/python'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3.7'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3.6'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3.5'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python2.7'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python2.6'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'/usr/libexec/platform-python'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'/usr/bin/python3'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python'"'"'"'"'"'"'"'"'; echo ENDFOUND && sleep 0'"'"''
<10.9.80.111> (255, '', 'ssh: connect to host 10.9.80.111 port 22: Connection timed out\r\n')
[WARNING]: Unhandled error in Python interpreter discovery for host 10.9.80.111: Failed to connect to the host via ssh: ssh: connect to host 10.9.80.111 port 22:
Connection timed out
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/setup.py
Pipelining is enabled.
<10.9.80.111> ESTABLISH SSH CONNECTION FOR USER: root
<10.9.80.111> SSH: EXEC ssh -o 'IdentityFile="/app/axmw/misc_automation/ssh_keys/axmw_id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o StrictHostKeyChecking=no 10.9.80.111 '/bin/sh -c '"'"'/usr/bin/python && sleep 0'"'"''
fatal: [10.9.80.111]: UNREACHABLE! => {
"changed": false,
"msg": "Data could not be sent to remote host \"10.9.80.111\". Make sure this host can be reached over ssh: ssh: connect to host 10.9.80.111 port 22: Connection timed out\r\n",
"skip_reason": "Host 10.9.80.111 is unreachable",
"unreachable": true
}
META: ran handlers
From the output above i want to get the variable that has the below values:
fatal: [10.9.80.111]: UNREACHABLE! => {
"changed": false,
"msg": "Data could not be sent to remote host \"10.9.80.111\". Make sure this host can be reached over ssh: ssh: connect to host 10.9.80.111 port 22: Connection timed out\r\n",
"skip_reason": "Host 10.9.80.111 is unreachable",
"unreachable": true
Thus, I wish to capture the unreachable": true status from there.
Can someone please guide ?
you can use changed_when , when the changed is false, get the unreachable host
- name: Test connection and gather facts
hosts: all
serial: 1
gather_facts: true
ignore_unreachable: yes
become: false
tasks:
- name: Test connection
shell: hostname
register: connection_output
ignore_unreachable: yes
- debug: var=connection_output.changed
ignore_errors: yes
- name: print the list of unreachable servers
lineinfile:
line: "{{ connection_output.msg }}"
dest: "/tmp/AnsibleConnectionCheck.txt"
insertafter: EOF
become: false
delegate_to: 127.0.0.1
run_once: true
ignore_errors: yes
changed_when: False
Today I just finished this playbook :) Hope it will helpful for you!
Thank you so much Yvette Lau! I've been looking for this everywhere. Here is my implementation of the same logic with win_ping:
---
- hosts: all
gather_facts: no
become: yes
tasks:
- name: Win_Ping
win_ping:
register: WinPingResult
ignore_unreachable: yes
- debug: var=WinPingResult.changed
ignore_errors: yes
- name: Printing errors
debug:
msg: "{{ WinPingResult.msg }}"
run_once: yes
changed_when: False
I am trying to use Ansible with several CoreOS virtual machines. I've installed ActivePython, and the binaries are recognized by the system. When I try to use a builtin Ansible module (ping) to test, it throws the following error:
deploy#kube-bh:~$ ansible dhcp-coreos155 -m ping
dhcp-coreos155 | FAILED! => {
"changed": false,
"failed": true,
"module_stderr": "Shared connection to dhcp-coreos155 closed.\r\n",
"module_stdout": "/bin/sh: -c: line 0: unexpected EOF while looking for matching `\"'\r\n/bin/sh: -c: line 1: syntax error: unexpected end of file\r\n",
"msg": "MODULE FAILURE",
"rc": 1
}
Interestingly enough, if I run an Ansible command with -m raw, it succeeds:
deploy#kube-bh:~$ ansible dhcp-coreos155 -m raw -a 'uptime'
dhcp-coreos155 | SUCCESS | rc=0 >>
20:02:21 up 1 day, 22:11, 2 users, load average: 0.00, 0.00, 0.00
Shared connection to dhcp-coreos155 closed.
I used the -vvvv flag on the failing command to see the connection state, and it appears SSH is connecting properly to the CoreOS node. I do glean a bit more information, but why the error is occurring is not clear.
<dhcp-coreos155> ESTABLISH SSH CONNECTION FOR USER: deploy
<dhcp-coreos155> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o 'IdentityFile="/home/deploy/.ssh/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=deploy -o ConnectTimeout=10 -o ControlPath=/home/deploy/.ansible/cp/6852b73873 -tt dhcp-coreos155 '/bin/sh -c '"'"'sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-fisdfsesqopuqybnmnfhfdijsvkmxvoh; /home/deploy/bin/python" /home/deploy/.ansible/tmp/ansible-tmp-1510602904.61-255211842882017/ping.py; rm -rf "/home/deploy/.ansible/tmp/ansible-tmp-1510602904.61-255211842882017/" > /dev/null 2>&1'"'"'"'"'"'"'"'"' && sleep 0'"'"''
<dhcp-coreos155> (1, '/bin/sh: -c: line 0: unexpected EOF while looking for matching `"\'\r\n/bin/sh: -c: line 1: syntax error: unexpected end of file\r\n', 'Shared connection to dhcp-coreos155 closed.\r\n')
To me it looks like you have messed with Python executable definition somewhere (you don't show the config, it's likely the Ansible inventory or ansible.cfg) -- there is an unbalanced quotation mark in the command Ansible executes:
/home/deploy/bin/python"
Shell opens a quote, but before it finds matching closing quotation mark, the whole command ends, so it throws an unexpected EOF-found exception.
raw module doesn't call Python, so there is no error.
This is my hosts file :
[openstack]
ec2-54-152-162-0.compute-1.amazonaws.com
I am trying to ping it using the following command :
ansible openstack -u redhat -m ping -vvvv
I got the following response :
Loaded callback minimal of type stdout, v2.0
Using module file /usr/lib/python2.7/site-packages/ansible-2.2.0-py2.7.egg/ansible/modules/core/system/ping.py
<ec2-54-152-162-0.compute-1.amazonaws.com> ESTABLISH SSH CONNECTION FOR USER: redhat
<ec2-54-152-162-0.compute-1.amazonaws.com> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o Port=22 -o 'IdentityFile="/home/centos/AnsibleKeyPair.pem"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=redhat -o ConnectTimeout=10 -o ControlPath=/home/centos/.ansible/cp/ansible-ssh-%h-%p-%r ec2-54-152-162-0.compute-1.amazonaws.com '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1480529571.83-128837972481874 `" && echo ansible-tmp-1480529571.83-128837972481874="` echo $HOME/.ansible/tmp/ansible-tmp-1480529571.83-128837972481874 `" ) && sleep 0'"'"''
ec2-54-152-162-0.compute-1.amazonaws.com | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh.",
"unreachable": true
}
NOTE : I am able to connect to centos machines properly. But, I can't ping Ubuntu and Redhat machines. My controller machine is Centos. What might the problem be?
I solved it finally by using the following command :
ansible openstack -u ec2-user -m ping
I have been typing -u redhat but AWS has already given a name to it automatically ec2-user
"ESTABLISH SSH CONNECTION FOR USER: None" - this means that it is trying to ssh this host using a blank username which will not work.
Two solutions:
Edit the hosts file to include ansible_user=ubuntu (or whatever user your flavor uses, i.e. ec2-user for amazon linux)
[openstack]
ec2-54-204-230-203.compute-1.amazonaws.com ansibler_user=ubuntu
Just call it with the -u ubuntu when calling the playbook (or again whatever your flavor uses).
ansible openstack -u ubuntu -m ping -vvvv
Hope this helps!
--Edit--
(this is what helped me do it)
1.) Add your ssh key to the ~/.ssh directory
touch ~/.ssh/mykey.pem
2.) Enter ssh-agent bash mode
ssh-agent bash
3.) Ehange its permissionschmod
chmod 600 ~/.ssh/mykey.pem
4.) Make a path for ansible to use the permission
ssh-add ~/.ssh/mykey.pem
In your command line, use argument -k to ask ssh passwork:
ansible openstack -u redhat -m ping -k
I am trying to learn ansible, and am following the o'riley Ansible Up and running book.
In the getting started section of the book, it asks me to install ansible, virtualbox and vagrant and then via CLI run:
vagrant init ubuntu/trusty64
vagrant up
Afterwards I can ssh into the VM via vagrant ssh or via:
ssh vagrant#127.0.0.1 -p 2222 -i /Users/XXX/playbooks/.vagrant/machines/default/virtualbox/private_key
Next is creating the hosts file which looks like this:
testserver ansible_ssh_host=127.0.0.1 ansible_ssh_port=2222 \ ansible_ssh_user=vagrant \ ansible_ssh_private_key_file=.vagrant/machines/default/virtualbox/private_key
Lastly is running this command:
ansible testserver -i hosts -m ping
Which gets me:
testserver | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh.",
"unreachable": true
}
Adding -vvv gets me:
No config file found; using defaults
<127.0.0.1> ESTABLISH SSH CONNECTION FOR USER: None
<127.0.0.1> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o Port=2222 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/Users/XXX/.ansible/cp/ansible-ssh-%h-%p-%r 127.0.0.1 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1468541275.7-255802522359895 `" && echo ansible-tmp-1468541275.7-255802522359895="` echo $HOME/.ansible/tmp/ansible-tmp-1468541275.7-255802522359895 `" ) && sleep 0'"'"''
testserver | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh.",
"unreachable": true
}
I tried modifying ansible_ssh_private_key_file in the hosts file to point to the full path of the private key, but that still didn't work:
ansible testserver -i hosts -m ping -vvv
No config file found; using defaults
<127.0.0.1> ESTABLISH SSH CONNECTION FOR USER: None
<127.0.0.1> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o Port=2222 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/Users/XXX/.ansible/cp/ansible-ssh-%h-%p-%r 127.0.0.1 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1468541370.61-137685863794569 `" && echo ansible-tmp-1468541370.61-137685863794569="` echo $HOME/.ansible/tmp/ansible-tmp-1468541370.61-137685863794569 `" ) && sleep 0'"'"''
testserver | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh.",
"unreachable": true
}
This is my Ansible version:
ansible --version
ansible 2.1.0.0
config file =
configured module search path = Default w/o override
Anyone have any ideas why ansible isn't connecting to my vagrant VM?
I don't see any of your inventory variables past the first one taking effect in the ssh command. Does your inventory file really look like this?
testserver ansible_ssh_host=127.0.0.1 ansible_ssh_port=2222 \ ansible_ssh_user=vagrant \ ansible_ssh_private_key_file=.vagrant/machines/default/virtualbox/private_key
You shouldn't have backslashes in there. The direct reformatting is
testserver ansible_ssh_host=127.0.0.1 ansible_ssh_port=2222 ansible_ssh_user=vagrant ansible_ssh_private_key_file=.vagrant/machines/default/virtualbox/private_key
However, in the long run you probably want to split these out into separate host_vars files.