Hi Tan, Not aware of the issue you referring about, under normal circumstances the command I gave should work. Have you tried running playbook in debug mode to see what is happening under the cover? place "-vvv" at the last of command line.
Regards Ameya Agashe On Wed, Feb 27, 2019 at 2:38 PM Eric Tan <[email protected]> wrote: > Hi Ameya, > > thanks for your response! > I forgot to add that the firewall is already opened in my issue but it > still doesnt work. > I read somewhere that it has to do with the cipher suite that RHEL7 and > Windows default uses. > > Do you have any idea about this? > > On Wed, Feb 27, 2019 at 10:51 AM ameya agashe <[email protected]> > wrote: > >> Run below in PowerShell and it should keep you going: >> >> netsh advfirewall firewall add rule name="Allow WinRM (Https)" dir=in >> localport=5986 protocol=tcp action=allow enable=yes >> >> Thanks and Regards, >> Ameya Agashe >> >> On Wed, Feb 27, 2019 at 1:38 PM Eric Tan <[email protected]> wrote: >> >>> ##### SUMMARY >>> 1. Using Python 2.7 in RHEL7 >>> 2. Executed powershell script in windows machine >>> ConfigureRemotingForAnsible.ps1 >>> 3. Configured yml file to the below: >>> >>> * name: hit windows test instance >>> hosts: "tag_class_windows_{{ env }}_{{ ec2_class }}" >>> vars: >>> ansible_user: Administrator >>> ansible_password: {{ password }} >>> ansible_port: 5986 >>> ansible_connection: winrm >>> ansible_winrm_server_cert_validation: ignore >>> ansible_winrm_operation_timeout_sec: 60 >>> ansible_winrm_read_timeout_sec: 70 >>> tasks: >>> >>> * ec2: >>> state: 'absent' >>> instance_ids: {{ instance_id }}' >>> ec2_region: '{{ ec2_region }}' >>> delegate_to: localhost >>> >>> Error encountered: >>> fatal: [xxx.xxx.xxx.xxx]: UNREACHABLE! => {"changed": false, "msg": >>> "ssl: HTTPSConnectionPool(host='localhost', port=5986): Max retries >>> exceeded with url: /wsman (Caused by >>> NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at >>> 0x7fefb0fdf3d0>: Failed to establish a new connection: [Errno 111] >>> Connection refused',))", "unreachable": true} >>> >>> ##### ISSUE TYPE >>> * Bug Report >>> >>> ##### COMPONENT NAME >>> winrm >>> >>> ##### ANSIBLE VERSION >>> ansible 2.4.3.0 >>> >>> ##### CONFIGURATION >>> HOST_KEY_CHECKING(/etc/ansible/ansible.cfg) = False >>> >>> ##### OS / ENVIRONMENT >>> Host: RHEL 7 >>> WinRM to Windows 2012 >>> >>> ##### STEPS TO REPRODUCE >>> ansible-playbook -i /etc/ansible/ec2.py hitwin.yml --extra-vars >>> "ec2_class=appservers env=test" >>> >>> * name: hit windows test instance >>> hosts: "tag_class_windows_{{ env }}_{{ ec2_class }}" >>> vars: >>> ansible_user: Administrator >>> ansible_password: {{ password }} >>> ansible_port: 5986 >>> ansible_connection: winrm >>> ansible_winrm_server_cert_validation: ignore >>> ansible_winrm_operation_timeout_sec: 60 >>> ansible_winrm_read_timeout_sec: 70 >>> tasks: >>> >>> * ec2: >>> state: 'absent' >>> instance_ids: {{ instance_id }}' >>> ec2_region: '{{ ec2_region }}' >>> delegate_to: localhost >>> >>> ##### EXPECTED RESULTS >>> Expected success to win rm and shutdown server >>> >>> ##### ACTUAL RESULTS >>> PLAY [hit windows test instance] >>> *********************************************** >>> >>> TASK [Gathering Facts] >>> ********************************************************* >>> ok: [xxx.xxx.xxx.xxx] >>> >>> TASK [ec2] >>> ********************************************************************* >>> fatal: [xxx.xxx.xxx.xxx]: UNREACHABLE! => {"changed": false, "msg": >>> "ssl: HTTPSConnectionPool(host='localhost', port=5986): Max retries >>> exceeded with url: /wsman (Caused by >>> NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at >>> 0x7fefb0fdf3d0>: Failed to establish a new connection: [Errno 111] >>> Connection refused',))", "unreachable": true} >>> >>> ``` >>> to retry, use: --limit @/home/ec2-user/ansible-netenv/hitwin.retry >>> ``` >>> PLAY RECAP >>> ********************************************************************* >>> xxx.xxx.xxx.xxx : ok=1 changed=0 unreachable=1 failed=0 >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Ansible Project" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To post to this group, send email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/ansible-project/d90a7256-11a0-446f-943f-294356831c05%40googlegroups.com >>> <https://groups.google.com/d/msgid/ansible-project/d90a7256-11a0-446f-943f-294356831c05%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/d/optout. >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To post to this group, send email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/CAG9tf-9YD0wdZq2Y%3DbEuBBZSM%2BiYHemSmJ11M_Ux6vMBJ53O6Q%40mail.gmail.com >> <https://groups.google.com/d/msgid/ansible-project/CAG9tf-9YD0wdZq2Y%3DbEuBBZSM%2BiYHemSmJ11M_Ux6vMBJ53O6Q%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > > -- > > Regards, > > *Mr Tan Choa Hong, Eric (Mba)* > PMP®,CBAP®,CSM® > > > > > > LinkedIn : https://www.linkedin.com/in/er1csg > > Email : [email protected] > > AboutMe : https://about.me/er1c_sg > > > *The information contained in this email (including all attachments) is > confidential and may also be privileged. It is intended for the use only of > the addressee(s) named. If you are not the intended recipient, kindly note > that any dissemination, distribution, publication or copying of this email > is strictly prohibited. If you have received this email in error, please > accept our apologies and notify us immediately. Thereafter, kindly delete > all copies from your system. Although reasonable precautions have been > taken to ensure the integrity of this email and that it is virus free.* > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CADeC%2B8bhNZh844Hmmm41-KAgU%2B_WpMiRDBG8jnxHMidYOvn3Rg%40mail.gmail.com > <https://groups.google.com/d/msgid/ansible-project/CADeC%2B8bhNZh844Hmmm41-KAgU%2B_WpMiRDBG8jnxHMidYOvn3Rg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAG9tf-_tgLjTd_sfdSZ42xS4HMtKGm%2BPAgH%2Bd%3Dvas-F7BcnZWA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
