bootstrap windows winrm fails with network error - windows

I am trying to bootstrap a windows winrm using knife command.
I have enabled the tcp port 5985.
But i still get the following error:
ERROR: Network Error: Connection refused - connect(2) (http://:5985)
I am able to remotely login to the machine as well by providing username and password
I could not resolve. Has anyone come across this problem and found a solution?

Check that you can telnet remote_host 5985. This should open a dumb session into which you can enter "quit". If not, look again at how you have enabled winrm and the firewall on the remote host.
I got winrm bootstrap working on Windows VMs which did not have firewall enabled like this:
All the following on the remote Windows machine you want to bootstrap...
Enable winrm:
winrm quickconfig -q
Enable and start the firewall service (so we can successfully config winrm):
sc config mpssvc start= demand
sc start mpssvc
Configure winrm per chef recommendations:
winrm set winrm/config/winrs #{MaxMemoryPerShellMB="300"}
winrm set winrm/config #{MaxTimeoutms="1800000"}
winrm set winrm/config/service #{AllowUnencrypted="true"}
winrm set winrm/config/service/auth #{Basic="true"}
Stop the firewall service again:
sc stop mpssvc
... or configure it to allow to winrm connections from the workstation.
Now, on your workstation, validate the set up:
Validate that remote host is listening on default winrm port
telnet remote_host 5985
(If connection is successful, a blank telnet session will open. You can enter "quit" to exit it.)
Optionally validate that knife winrm can connect to the remote host (e.g. to list the c:\ directory)
knife winrm -m remote_host -x remote_user -P remote_password 'dir c:\'
Bootstrap the node
knife bootstrap windows winrm remote_host -x remote_user -P remote_password
Since you ask for an answer drawing from credible and/or official sources here are the references I found useful when figuring out how to get winrm bootstrap to work:
http://docs.opscode.com/install_windows.html
http://docs.opscode.com/plugin_knife_windows.html
http://developer.rackspace.com/blog/step-by-step-walkthrough-to-using-chef-to-bootstrap-windows-nodes-on-the-rackspace-cloud.html

I have faced the similar issue.One of the reasons for this might be you knife-windows gem is not installed in expected location.
knife-windows resolves target hostname.if its not properly installed winrm knife cant resolve targetname.So to overcome this install knife-windows as below
To install the knife windows plugin using RubyGems, run the following command:
$ /opt/chef/embedded/bin/gem install knife-windows
if properly installed you should be able to find knife-windows at /opt/chef/embedded/lib/ruby/gems/1.9.1/gems/

Related

chef - bootstraping localhost results in refused connection

I'm learning Chef (12.10.24) and am trying to build a cookbook with recipes for provisioning machines that I'll do Ruby development on.
I'm trying to use knife bootstrap to set up my laptop as a node but am getting a connection error that I'm not sure how to get around. Here is the output:
➜ chef-repo$ knife bootstrap localhost -yN my-macbook-pro -p 2200 -x david -P [password]
Creating new client for my-macbook-pro
Creating new node for my-macbook-pro
Connecting to localhost
ERROR: Network Error: Connection refused - connect(2) for 127.0.0.1:2200
Check your knife configuration and network settings
Connecting to chef-server is fine but I can't connecting to localhost. Any suggestions about what I might be doing wrong?
I neglected to mention that I am using OSX El Capitan. It turns out that the ssh daemon isn't on by default in OSX.
Turning it on in System Preferences > Sharing (check Remote Login) fixed the problem.

Not able to CHEF bootstrap a windows EC2 instance, Winrm error

I am using CHEF 12 and trying to bootstrap an EC2 instance (Win server 2012 R2) from my workstation. However, I am getting the below error.
> Waiting for remote response before
> bootstrap.....................ERROR: No response received from remote
> node after 2.08 minutes, giving up. ERROR: Network Error: No
> connection could be made because the target machine actively refused
> it. - connect(2) (http://52.76.1.57:5985) Check your knife
> configuration and network settings
I have two CHEF servers (Hosted as well as on-premises); I have tried bootstraping the EC2 instance using each of these, but get the same result.
Chef bootstrap command issued via power-shell:
PS ~\chef-repo> knife bootstrap windows winrm 52.76.1.57 --winrm-user Administrator --winrm-password '******' --node-name node_145 --run-list 'recipe[ie::esc],recipe[install_iis]'
As far as I researched, it is because I am not able to establish a WINRM connection from my workstation to the Ec2 instance. I am however able to connect to another Win 2012 server within my office network and bootstrap successfully.
have already logged in remotely to the EC2 instance and run winrm quickconfig from powershell.
have set the Administrator password to a desired one.
Have opened inbound firewall rule for WIndows remote management on ports 5985 and 5986
Set up setcurity group and allowed inbound Custom TCP rule for ports 5985 and 5986 on AWS
you took all the necessary steps for this, would it be possible that you are getting filtered by a firewall (e.g company firewall)?
fyi, I managed to bootstrap a machine with the following steps:
# configure winrm for using knife winrm
winrm set winrm/config/service/auth '#{Basic="true"}'
winrm set winrm/config/service '#{AllowUnencrypted="true"}'
set-item WSMan:\localhost\Client\allowunencrypted $true
#turn off firewall
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False
EDIT: to sum up below comments, the problem was the company firewall that was blocking the traffic
Windows 2012 R2 introcuced changes within WinRM security, which rendered some of old articles / readme examples explaining usage of knife-ec and knife-windows unusable.
This article http://blog.coderinserepeat.com/2015/07/15/chef-knife-ec2-and-knife-windows/ pretty much sums up how to deal with this in recent versions of knife plugins.

Unable to bootstrap with winrm

when i run
knife bootstrap windows winrm <my ec2 fqdn> -x Administrator -P "<password>" -r "role[myrole]"
my instance is inside vpc and i have attached eip In place od i gave both my private ip and public ip
ERROR: Batch render command returned
ERROR: Failed to authenticate to ["10.220.15.254"] as Administrator
Response: Bad HTTP response returned from server (401).
what should be my for windows instance.
You should configure Windows Remote Management in the server as described at http://docs.opscode.com/plugin_knife_windows.html
Your error is due to Basic Authentication not being enabled, you have to run the following command in the Windows machine before attempting the bootstrap:
winrm set winrm/config/service/auth #{Basic="true"}
If running it from PowerShell put the parameter in single quotes '#{Basic="true"}'

knife winrm to windows machine fails with Connection Refused

I am trying to use knife to bootstrap a windows machine.
When running the command 'knife bootstrap windows winrm' i receive the following error:
ERROR: Network Error: Connection refused - connect(2) (http://<server>:5985)
What might be the problem?
Open firewall port 5985 on your windows node. This port is used by WS-management. Click here to find out how to enable this port

"network error: connection refused", putty error

I am trying to run putty on Windows 7.
I need to run some SSH commands to upgrade Magento. Every time putty gives me this fatal error:
network error: connection refused
I have even tried to use it through winSCP. Note that putty is running fine on my client's side, but for me it's giving me that error every time.
I tried using port 22, 23 and a few others without success. I have also tried with Windows Firewall both enabled and disabled.
Thank you.
Install open-ssh or ssh in target Linux machine solved my problem .
Use below commands:
sudo apt install ssh
sudo systemctl status ssh
sudo systemctl enable ssh
The following are the list of possibilities of this error:
1) Common cause is - Your IP is blocked or not whitelisted in the server which can be done by editing the file at /etc/csf/csf.conf
2) Disable the windows firewall settings and check..
The above two things should work in most of the cases
3) This is very unusual and when the above two options fails it is very difficult to find the solution
In this case the traceroute to the server host or IP works usually but putty fails
port 22 looks normal and working but connection fails and restarting SSH (service ssh restart) also does not work
reboot or restart the server but still fails
Adding IP in firewalls or whitelisting the local IP may not workout
This case generally happens when the server is migrated or new server. IP of the old server might be whitelisted locally, but don't have port 22 open, or some other local filtering is occurring for this new IP but not the old server IP..
In this case you need to change the port to some 522 or 530 some unusual port will help in sorting it out.. The same port you have to use for the SFTP connection also .. where as FTP connections works normally..
or you have to whitelist the IP locally or open the TCP in and out to port 22 if you want to use the port 22..

Resources