I have an Ubuntu 16.04 virtuell machine and a two MS Windows Server 2008 R 2 virtuell machine.
I follow this instructions until "Once we have these two files setup, we can look to test connectivity". Now I want to ping the windows VMs. I get after the comman an error, but I dont know wy.
Execution:
stefan#ansible-server:~/ansible_test$ ansible windows -i host -m win_ping
Answer:
[IP-ADRESS] | FAILED! => {
"failed": true,
"msg": "ERROR! ssl: 500 WinRMTransport. [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:"
}
[IP-ADRESS] | FAILED! => {
"failed": true,
"msg": "ERROR! ssl: 500 WinRMTransport. [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:"
}
Do u know wy it didn't work?
I get the solution, but i am not satisfied, because it's for me not the proper solution, but it works.
Create in the folder ansible_test:
mkdir callback_plugins
nano callback_plugins/fix-ssl.py
Write in the file:
import ssl
if hasattr(ssl, '_create_default_https_context') and hasattr(ssl, '_create_unverified_context'):
ssl._create_default_https_context = ssl._create_unverified_context
class CallbackModule(object):
pass
Run:
ansible windows -i host -m win_ping -vvvvv
Result:
10.92.0.38 | SUCCESS => {
"changed": false,
"invocation": {
"module_name": "win_ping"
},
"ping": "pong"
}
To be able to provision windows Machines you need to run this power shell in windows machines, first to generate cert files for winrm.
https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1
Related
I'm new to Ansible and I'm running into errors. My goal is to be able to manage Fortigate/Cisco devices.
I created a Ubuntu VM(22.04) with all the necessary packages needed to run Ansible. I've created a very basic hosts file with a firewall group:
[firewalls]
10.23.60.120
10.23.60.122
I've been successful at pinging each of the firewalls as well as using SSH to connect to the firewalls. But once I attempt to ping the firewalls using the -m ping module I get the following errors:
ansible -i hosts firewalls -m ping
[WARNING]: Platform unknown on host 10.23.60.120 is using the discovered Python
interpreter at /usr/bin/python, but future installation of another Python
interpreter could change the meaning of that path. See
https://docs.ansible.com/ansible-
core/2.13/reference_appendices/interpreter_discovery.html for more information.
10.23.60.120 | FAILED! => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
}
"changed": false,
"module_stderr": "Shared connection to 10.23.60.120 closed.\r\n",
"module_stdout": "TR1-SDWAN-LAB-01 # 8415: Unknown action 0\r\nCommand fail. Return code
-1\r\n\r\n TR1-SDWAN-LAB-01 # ",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 0
}
Any help is appreciated.
According the information provided it seems that you try to establish a SSH connection to a switch. Such devices may not have all capabilities for Python scripts.
Because of ping module – Try to connect to host, verify a usable python and return pong on success it
"is NOT ICMP ping, ... just a trivial test module that requires Python on the remote-node"
is a "... test module, this module always returns pong on successful contact. It does not make sense in playbooks, but it is useful from /usr/bin/ansible to verify the ability to login and that a usable Python is configured."
The Most Significant Information is the error message Unknown action 0 and which is according Fortigate Documentation - Command syntax just an unknown command
"If you do not enter a known command, the CLI will return an error message such as: Unknown action 0"
Further Background Information
Fortinet Ansible Issue #72 "Unknown Action 0 when running modules"
Similar Q&A
Ansible: How to check SSH access
Ansible: Error "Line has invalid autocommand"
i want use ansible-playbook (ansible-core 2.11.4 installed from pip3 install) but reply error
fatal: [172.17.12.16]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Shared connection to 172.17.12.16 closed.",
"unreachable": true
}
i have checked Password free login and use shell mode modular everything is ok
shell reply success
enter image description here
I am using Ansible (2.9.6) to connect Windows server using WinRM CredSSP. for win ping command its giving server did not response with CredSSP token. CredSSP enabled on the clinet machine
ansible windows -i hosts -m win_ping
| UNREACHABLE! => {
"changed": false,
"msg": "credssp: Server did not response with a CredSSP token after step Step 5. Delegate Credentials - actual 'Negotiate, Kerberos, CredSSP'",
"unreachable": true
}
Any help to resolve this error message?
Thanks
I was getting the below error
msg: 'credssp: Server did not response with a CredSSP token after step Step 5. Delegate Credentials - actual '''''
after updating pywinrm to 0.4.2 the issue was resolved
I'm using PSRP to a Windows 2012R2 server and I have the same issue on a win_copy task, but win_ping works. That didn't make any sense, then I disabled the Antivirus (McAfee) and the issue is gone.
On the Windows server set the Credssp to true. Open powershell as administrator and paste the below commands:
winrm set winrm/config/service/auth '#{CredSSP="true"}'
winrm set winrm/config/client/auth '#{CredSSP="true"}'
Enable-WSManCredSSP -Role Server
Then you will be able to get:
SUCCESS => {
"changed": false,
"ping": "pong"
for the ansible windows -i hosts -m win_ping command.
On a CentOS machine, I can ssh into localhost. I can also successfully "sudo ansible -m ping localhost". Port 22 is also open. I can also run a playbook against localhost where "connetion : local".
However, when trying to do anything against localhost via ansible with SSH, I get the following:
localhost | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n",
"unreachable": true
}
As far as I can tell, the other similar SO answer to a similar error here
does not really solve the problem as it basically says "well don't SSH then".
When I tried to ping my Windows instance using ansible windows -i hosts.ini -m win_ping , I got the following error :
10.0.72.11 | UNREACHABLE! => {
"changed": false,
"msg": "ssl: HTTPSConnectionPool(host='10.0.72.11', port=5986): Max retries exceeded with url: /wsman (Caused by ConnectTimeoutError(<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x2319990>, 'Connection to 10.0.72.11 timed out. (connect timeout=30)'))",
"unreachable": true
}
My hosts.ini file looks like :
[windows]
10.0.72.11
[windows:vars]
ansible_ssh_user=Administrator
ansible_ssh_pass=MyPassword123!
ansible_ssh_port=5986
ansible_connection=winrm
ansible_winrm_server_cert_validation=ignore
May I know where I am wrong?
I was getting the same error. In my case WinRM was not enabled properly on Windows host. I ran the PowerShell script on my windows host, resolved the errors by setting variables and flags as mentioned in the "ConfigureRemotingForAnsible.ps1" comments section and the error disappeared.