I am new to Ansible and trying to connect to windows machine using Ansible.
I am getting following error
xxx.xxx.xxx.com | UNREACHABLE! => {
"changed": false,
"msg": "plaintext: HTTPConnectionPool(host='xxx.xxx.xxx.com', port=5985): Max retries exceeded with url: /wsman (Caused by NewConnectionError('<requests.packages.urllib3.connection.HTTPConnection object at 0x3d76050>: Failed to establish a new connection: [Errno 111] Connection refused',))",
"unreachable": true
}
I have made changes in these three files.
Inventory:
[windows]
xxx.xxx.xxx.com
Krb5.conf
[realms]
XXX.XXX.COM = {
kdc = xxx.xxx.xxx.com
admin_server = xxx.xxx.xxx.com
}
[domain_realm]
.xxx.xxx.com = XXX.XXX.COM
group_vars/windows.yml
ansible_ssh_user: user
ansible_ssh_pass: password
ansible_ssh_port: 5985
ansible_connection: winrm
I am new to this and may have made mistake in the process of connectivity.
Any help would be appreciated. Thanks in advance.
The msg key says "plaintext", you need to enable winrm over ssl on the windows hosts with this PowerShell script provided by ansible:
https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1
Since that will add a self signed certificate be sure to add ansible_winrm_server_cert_validation: ignore to your group_vars/windows.yml
Related
172.31.52.50 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Warning: Permanently added '172.31.52.50' (ECDSA) to the list of known hosts.\r\nroot#172.31.52.50: Permission denied (publickey,password).",
"unreachable": true
}
172.31.56.245 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Host key verification failed.",
"unreachable": true
}
Can you anyone solve the issues
Given the hosts file:
[deveopshint]
172.31.52.50
172.31.56.245
I cant connect the slaves or managed nodes
I have an issue when I run my playbook.yaml with -vvvv during Gathering Facts. I have the following error message :
fatal: [HOST.DOMAIN.COM]: FAILED! => {
"ansible_facts": {},
"changed": false,
"failed_modules": {
"ansible.legacy.setup": {
"failed": true,
"module_stderr": "#< CLIXML\r\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
},
"msg": "The following modules failed to execute: ansible.legacy.setup\n"
I search on internet and I try different things like change the size of max memory per shell but it changes nothing.
Do you know how to resolve it or a way that i can explore for solve it pls ? If I need to change my config ?
Playbook.yaml :
- name: Who am I
hosts: win
tasks:
- name: Check my user name
ansible.windows.win_whoami:
win.yaml (variables) :
ansible_user: admin#DOMAIN.COM
ansible_password: Password
ansible_connection: winrm
ansible_winrm_transport: kerberos
ansible_winrm_server_cert_validation: ignore
ansible_winrm_port: 5986
My Windows host :
OS : Microsoft Windows Server 2016 Standard
Powershell Version : 5.1.14393.5127
I'm trying to use Ansible but I have a problem with some Windows hosts. When I start my playbook, I have the following message on this hosts but I don't understand why.
Error Message :
fatal: [XXXXXXX.DOMAIN.COM]: FAILED! => {"ansible_facts": {}, "changed": false,
"failed_modules": {"ansible.legacy.setup": {"failed": true, "module_stderr": "",
"module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}},
"msg": "The following modules failed to execute: ansible.legacy.setup\n"}
Variables ansible :
ansible_user: admin#DOMAIN.COM
ansible_password: Password
ansible_connection: winrm
ansible_winrm_transport: kerberos
ansible_winrm_server_cert_validation: ignore
ansible_winrm_port: 5986
I checked if my config WINRM was good. My listener HTTPS is configured and I have the rule WINRM HTTPS for port 5986 activate
I created a Custom Credential in Ansible Tower and need to use it in a role.
The credential name is custom_cred -> this has 2 keys custom username and custom password.
I've tried hostvars[inventory_hostname][custom_cred]['custom username'] but its not working.
To debug your Custom Credential Types you could use
- hosts: localhost
gather_facts: yes
tasks:
- name: Get environment
debug:
msg: "{{ ansible_env }}"
resulting into an output of
TASK [Get environment] *********************************************************
ok: [localhost] => {
"msg": [
{
...
"custom_username": "username",
"custom_password": "********",
...
}
...
if such Custom Test Credentials are configured. This is working for AWX/Tower. You can then follow up with
Ansible Tower - How to pass credentials as an extra vars to the job template?
I can use my Ansible inventory file to ping all hosts if I specify it explicity:
ansible -i mmp_default/mmp_static_default all -m ping
mmp-websockets002.prod01.company.com | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
mmp-staticweb001.prod01.company.com | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
But setting it up as a default inventory in my config doesn't work:
ansible all -m ping
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
This is my config:
sudo cat /etc/ansible/ansible.cfg
[defaults]
ansible_managed = This file is managed by Merlin. Do not edit directly.
deprecation_warnings = False
timeout=30
remote_user = centos
private_key_file = /home/centos/AWS.pem
[privilege_escalation]
become=True
become_user=root
[inventory]
## enable inventory plugins, default: 'host_list', 'script', 'yaml', 'ini'
enable_plugins = auto, ini
inventory = /home/centos/R2.4.1/merlin/mmp_default/mmp_static_default
I have my inventory listed as: inventory = /home/centos/R2.4.1/merlin/mmp_default/mmp_static_default
Why doesn't ansible recognize the inventory file I setup in the config?
From the doc, inventory setting should be in defaults section:
[defaults]
...
inventory = /home/centos/R2.4.1/merlin/mmp_default/mmp_static_default
...
[privilege_escalation]
....