Strange, running out of ideas, anyone can think of anything else? Kind Regards, Ameya Agashe
On Wed, Feb 27, 2019 at 4:50 PM Eric Tan <[email protected]> wrote: > Hi Ameya, > > To verify if i can reach the server, i used win_ping > ----------------------- > xxx.xxx.xxx.xxx | SUCCESS => { > "changed": false, > "ping": "pong" > } > ----------------------- > > > On the windows server side i also checked firewall is opened > [image: Capture.PNG] > > > > Is there any particular firewall i need to open on RHEL7 OS side? > > > On Wednesday, February 27, 2019 at 12:02:55 PM UTC+8, ameya agashe wrote: >> >> Hi Tran, >> >> Still, think it is Firewall only, can you double check? >> >> Thanks >> Ameya >> >> On Wed, Feb 27, 2019 at 2:49 PM Eric Tan <[email protected]> wrote: >> >>> Hi Ameya, >>> >>> Below is the debug information. By the way, the localhost is RHEL7 OS >>> and the ec2 we are trying to winrm is Windows Server 2012. >>> --------------------------------------------- >>> >>> TASK [ec2] >>> ********************************************************************* >>> task path: /home/ec2-user/ansible-netenv/hitwin.yml:12 >>> Using module file >>> /usr/local/lib/python2.7/site-packages/ansible/modules/cloud/a >>> mazon/ec2.py >>> <localhost> ESTABLISH WINRM CONNECTION FOR USER: Administrator on PORT >>> 5986 TO l ocalhost >>> Using module file >>> /usr/local/lib/python2.7/site-packages/ansible/modules/cloud/a >>> mazon/ec2.py >>> <localhost> ESTABLISH WINRM CONNECTION FOR USER: Administrator on PORT >>> 5986 TO l ocalhost >>> fatal: [xxx.xxx.xxx.xxx]: UNREACHABLE! => { >>> "changed": false, >>> "msg": "ssl: HTTPSConnectionPool(host='localhost', port=5986): Max >>> retries e xceeded with url: /wsman (Caused by >>> NewConnectionError('<urllib3.connection.Veri >>> fiedHTTPSConnection object at 0x7f78dc5213d0>: Failed to establish a new >>> connect ion: [Errno 111] Connection refused',))", >>> "unreachable": true >>> } >>> >>> to retry, use: --limit >>> @/home/ec2-user/ansible-netenv/hitwin.retry >>> >>> >>> --------------------------------------------- >>> >>> On Wednesday, February 27, 2019 at 11:43:45 AM UTC+8, ameya agashe wrote: >>>> >>>> Hi Tan, >>>> >>>> Not aware of the issue you referring about, under normal >>>> circumstances the command I gave should work. Have you tried running >>>> playbook in debug mode to see what is happening under the cover? place >>>> "-vvv" at the last of command line. >>>> >>>> Regards >>>> Ameya Agashe >>>> >>>> On Wed, Feb 27, 2019 at 2:38 PM Eric Tan <[email protected]> wrote: >>>> >>>>> Hi Ameya, >>>>> >>>>> thanks for your response! >>>>> I forgot to add that the firewall is already opened in my issue but it >>>>> still doesnt work. >>>>> I read somewhere that it has to do with the cipher suite that RHEL7 >>>>> and Windows default uses. >>>>> >>>>> Do you have any idea about this? >>>>> >>>>> On Wed, Feb 27, 2019 at 10:51 AM ameya agashe <[email protected]> >>>>> wrote: >>>>> >>>>>> Run below in PowerShell and it should keep you going: >>>>>> >>>>>> netsh advfirewall firewall add rule name="Allow WinRM (Https)" >>>>>> dir=in localport=5986 protocol=tcp action=allow enable=yes >>>>>> >>>>>> Thanks and Regards, >>>>>> Ameya Agashe >>>>>> >>>>>> On Wed, Feb 27, 2019 at 1:38 PM Eric Tan <[email protected]> wrote: >>>>>> >>>>>>> ##### SUMMARY >>>>>>> 1. Using Python 2.7 in RHEL7 >>>>>>> 2. Executed powershell script in windows machine >>>>>>> ConfigureRemotingForAnsible.ps1 >>>>>>> 3. Configured yml file to the below: >>>>>>> >>>>>>> * name: hit windows test instance >>>>>>> hosts: "tag_class_windows_{{ env }}_{{ ec2_class }}" >>>>>>> vars: >>>>>>> ansible_user: Administrator >>>>>>> ansible_password: {{ password }} >>>>>>> ansible_port: 5986 >>>>>>> ansible_connection: winrm >>>>>>> ansible_winrm_server_cert_validation: ignore >>>>>>> ansible_winrm_operation_timeout_sec: 60 >>>>>>> ansible_winrm_read_timeout_sec: 70 >>>>>>> tasks: >>>>>>> >>>>>>> * ec2: >>>>>>> state: 'absent' >>>>>>> instance_ids: {{ instance_id }}' >>>>>>> ec2_region: '{{ ec2_region }}' >>>>>>> delegate_to: localhost >>>>>>> >>>>>>> Error encountered: >>>>>>> fatal: [xxx.xxx.xxx.xxx]: UNREACHABLE! => {"changed": false, "msg": >>>>>>> "ssl: HTTPSConnectionPool(host='localhost', port=5986): Max retries >>>>>>> exceeded with url: /wsman (Caused by >>>>>>> NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object >>>>>>> at >>>>>>> 0x7fefb0fdf3d0>: Failed to establish a new connection: [Errno 111] >>>>>>> Connection refused',))", "unreachable": true} >>>>>>> >>>>>>> ##### ISSUE TYPE >>>>>>> * Bug Report >>>>>>> >>>>>>> ##### COMPONENT NAME >>>>>>> winrm >>>>>>> >>>>>>> ##### ANSIBLE VERSION >>>>>>> ansible 2.4.3.0 >>>>>>> >>>>>>> ##### CONFIGURATION >>>>>>> HOST_KEY_CHECKING(/etc/ansible/ansible.cfg) = False >>>>>>> >>>>>>> ##### OS / ENVIRONMENT >>>>>>> Host: RHEL 7 >>>>>>> WinRM to Windows 2012 >>>>>>> >>>>>>> ##### STEPS TO REPRODUCE >>>>>>> ansible-playbook -i /etc/ansible/ec2.py hitwin.yml --extra-vars >>>>>>> "ec2_class=appservers env=test" >>>>>>> >>>>>>> * name: hit windows test instance >>>>>>> hosts: "tag_class_windows_{{ env }}_{{ ec2_class }}" >>>>>>> vars: >>>>>>> ansible_user: Administrator >>>>>>> ansible_password: {{ password }} >>>>>>> ansible_port: 5986 >>>>>>> ansible_connection: winrm >>>>>>> ansible_winrm_server_cert_validation: ignore >>>>>>> ansible_winrm_operation_timeout_sec: 60 >>>>>>> ansible_winrm_read_timeout_sec: 70 >>>>>>> tasks: >>>>>>> >>>>>>> * ec2: >>>>>>> state: 'absent' >>>>>>> instance_ids: {{ instance_id }}' >>>>>>> ec2_region: '{{ ec2_region }}' >>>>>>> delegate_to: localhost >>>>>>> >>>>>>> ##### EXPECTED RESULTS >>>>>>> Expected success to win rm and shutdown server >>>>>>> >>>>>>> ##### ACTUAL RESULTS >>>>>>> PLAY [hit windows test instance] >>>>>>> *********************************************** >>>>>>> >>>>>>> TASK [Gathering Facts] >>>>>>> ********************************************************* >>>>>>> ok: [xxx.xxx.xxx.xxx] >>>>>>> >>>>>>> TASK [ec2] >>>>>>> ********************************************************************* >>>>>>> fatal: [xxx.xxx.xxx.xxx]: UNREACHABLE! => {"changed": false, "msg": >>>>>>> "ssl: HTTPSConnectionPool(host='localhost', port=5986): Max retries >>>>>>> exceeded with url: /wsman (Caused by >>>>>>> NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object >>>>>>> at >>>>>>> 0x7fefb0fdf3d0>: Failed to establish a new connection: [Errno 111] >>>>>>> Connection refused',))", "unreachable": true} >>>>>>> >>>>>>> ``` >>>>>>> to retry, use: --limit >>>>>>> @/home/ec2-user/ansible-netenv/hitwin.retry >>>>>>> ``` >>>>>>> PLAY RECAP >>>>>>> ********************************************************************* >>>>>>> xxx.xxx.xxx.xxx : ok=1 changed=0 unreachable=1 failed=0 >>>>>>> >>>>>>> -- >>>>>>> You received this message because you are subscribed to the Google >>>>>>> Groups "Ansible Project" group. >>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>> send an email to [email protected]. >>>>>>> To post to this group, send email to [email protected]. >>>>>>> To view this discussion on the web visit >>>>>>> https://groups.google.com/d/msgid/ansible-project/d90a7256-11a0-446f-943f-294356831c05%40googlegroups.com >>>>>>> <https://groups.google.com/d/msgid/ansible-project/d90a7256-11a0-446f-943f-294356831c05%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>>>> . >>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>> >>>>>> -- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "Ansible Project" group. >>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>> send an email to [email protected]. >>>>>> To post to this group, send email to [email protected]. >>>>>> To view this discussion on the web visit >>>>>> https://groups.google.com/d/msgid/ansible-project/CAG9tf-9YD0wdZq2Y%3DbEuBBZSM%2BiYHemSmJ11M_Ux6vMBJ53O6Q%40mail.gmail.com >>>>>> <https://groups.google.com/d/msgid/ansible-project/CAG9tf-9YD0wdZq2Y%3DbEuBBZSM%2BiYHemSmJ11M_Ux6vMBJ53O6Q%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>>> . >>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>> >>>>> >>>>> >>>>> -- >>>>> >>>>> Regards, >>>>> >>>>> *Mr Tan Choa Hong, Eric (Mba)* >>>>> PMP®,CBAP®,CSM® >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> LinkedIn : https://www.linkedin.com/in/er1csg >>>>> >>>>> Email : [email protected] >>>>> >>>>> AboutMe : https://about.me/er1c_sg >>>>> >>>>> >>>>> *The information contained in this email (including all attachments) >>>>> is confidential and may also be privileged. It is intended for the use >>>>> only >>>>> of the addressee(s) named. If you are not the intended recipient, kindly >>>>> note that any dissemination, distribution, publication or copying of this >>>>> email is strictly prohibited. If you have received this email in error, >>>>> please accept our apologies and notify us immediately. Thereafter, kindly >>>>> delete all copies from your system. Although reasonable precautions have >>>>> been taken to ensure the integrity of this email and that it is virus >>>>> free.* >>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "Ansible Project" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> To post to this group, send email to [email protected]. >>>>> To view this discussion on the web visit >>>>> https://groups.google.com/d/msgid/ansible-project/CADeC%2B8bhNZh844Hmmm41-KAgU%2B_WpMiRDBG8jnxHMidYOvn3Rg%40mail.gmail.com >>>>> <https://groups.google.com/d/msgid/ansible-project/CADeC%2B8bhNZh844Hmmm41-KAgU%2B_WpMiRDBG8jnxHMidYOvn3Rg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>> . >>>>> For more options, visit https://groups.google.com/d/optout. >>>>> >>>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Ansible Project" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To post to this group, send email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/ansible-project/fd7d8e96-1f66-4efd-a1f1-9e5a90ce8646%40googlegroups.com >>> <https://groups.google.com/d/msgid/ansible-project/fd7d8e96-1f66-4efd-a1f1-9e5a90ce8646%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/d/optout. >>> >> -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/5b046865-f4ff-4877-a22a-9b4defa2209b%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/5b046865-f4ff-4877-a22a-9b4defa2209b%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAG9tf-_s4ztYptZcQaX%3DMoM-%3Dm9Q2tS%2BNAPQLuztX2y0HAjZyg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
