I'm on a Mac machine.
$ which ansible
/Library/Frameworks/Python.framework/Versions/3.5/bin/ansible
or I guess, ansible can be located at a generic location: /usr/bin/ansible (for ex: on CentOS/Ubuntu).
$ ansible --version
ansible 2.2.0.0
Running the following playbook works fine from my other vagrant / Ubuntu box.
Playbook file looks like:
- hosts: all
become: true
gather_facts: true
roles:
- a_role_which_just_say_hello_world_debug_msg
From my local machine, I can successfully ssh to the target servers/the following server (without any password as I have already added the .pem key file using ssh-add), which is failing in Ansible playbook's [Setup] (gather facts step) in Ansible playbook run.
On Mac machine, I'm getting this error sometimes (not everytime). Error: Failed to connect to the host via ssh: Connection timed out during banner exchange. PS: this issue is not coming all the time.
$ ansible-playbook -i inventory -l tag_cluster_mycluster myplabook.yml
PLAY [all] *********************************************************************
TASK [setup] *******************************************************************
ok: [myclusterSomeServer01_i_07f318688f6339971]
fatal: [myclusterSomeServer02_i_03df6f1f988e665d9]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Connection timed out during banner exchange\r\n", "unreachable": true}
OK, tried couple of times, same behavior, out of 15 servers (that I have in the mycluster cluster), the [SETUP] setup is failing during the gathering facts setup and next time it's working fine.
Retried:
$ ansible-playbook -i inventory -l tag_cluster_mycluster myplabook.yml
PLAY [all] *********************************************************************
TASK [setup] *******************************************************************
ok: [myclusterSomeServer01_i_07f318688f6339971]
ok: [myclusterSomeServer02_i_03df6f1f988e665d9]
ok: [myclusterSomeServer03_i_057dfr56u88e665d9]
...
.....more...this time it worked for all servers.
As you see above, this time the above step worked fine. The same issue (SSH connection timed out) is happening during some task/actions (where I'm trying to install something using Ansible yum module. If I try it again, it works fine for the server which failed last time but then it may fail for another server which was successful last time. Thus, the behavior is random.
My /etc/ansible/ansible.cfg file has:
[ssh_connection]
scp_if_ssh = True
Adding the following timeout setting to /etc/ansible/ansible.cfg config file worked when I increased it to 25. When it was 10 or 15, I still saw the errors in some servers due to connection timeout banner issue.
[defaults]
timeout = 25
[ssh_connection]
scp_if_ssh = True
Apart from the above, I had to use serial: N or serial: N% (where N is a number) to run my playbook on N number or percentage of servers at a time, then it worked fine.
i.e.
- hosts: all
become: true
gather_facts: true
serial: 2
#serial: "10%"
#serial: "{{ serialNumber }}"
#serial: "{{ serialNumber }}%"
vars:
- serialNumber: 5
roles:
- a_role_which_just_say_hello_world_debug_msg
Related
name: reboot
hosts: checkpoint
tasks:
name: reboot checkpoint
command: reboot
register: save_uptime
debug:
msg: "reboot done"
it shows as "remote side unexpectedly closed network connection" it rebooted ansible server not my target server.how to resolve
Since command module runs specified command on all selected remote hosts (https://docs.ansible.com/ansible/latest/modules/command_module.html), I'd suspect that hosts file might be an issue in your case.
Also, you can use module reboot (https://docs.ansible.com/ansible/latest/modules/reboot_module.html) to perform the operation (assuming you are using Ansible 2.7+)
when i execute ansible playbook from one server to other remote server i'm getting an error as
"msg": "Failed to connect to the host via ssh: ssh_askpass: exec(/usr/bin/ssh-askpass): No such file or directory\r\nHost key verification failed.", "unreachable": true"
blow is my play book
- hosts: igwcluster_AM:igwcluster_IS
become: true
become_method: sudo
gather_facts: True
tasks:
- name: Install Oracle Java 8
script:/data2/jenkins/workspace/PreReq_Install_To_Servers/IGW/IGW_Cluster/prereqs_Products/Java.sh
I'm using two host groups and each group has 2 servers.
Error log:
UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh_askpass: exec(/usr/bin/ssh-askpass): No such file or directory\r\nHost key verification failed.", "unreachable": true}
Note : I have tried with
host_key_checking = False
ssh_args = -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no
But still it fails. please advise me on this
First of all you have to put space after "script:" and place script exactly under "name:" so it will look like that.
tasks:
- name: Install Oracle Java 8
script: /data2/jenkins/workspace/PreReq_Install_To_Servers/IGW/IGW_Clust/prereqs_Products/Java.sh
Try to use ssh key for ssh authorization.
On the server that you are execute ansible playbook from, generate ssh key if you didn't already, you can do it with simple command:
ssh-keygen
(press enter till command exit)
Next copy it to remote server by ssh copy id command:
ssh-copy-id <remote server IP/FQDN>
After this your ansible server will be able to connect to remote server without password prompt and this error should not appear.
If this method doesn't work for you please share this information:
hosts file
become user that you are using to run this playbook
This is on an Ubuntu 16.10 Linux VM (host) going to an EC2 Ubuntu instance (client).
I do this command:
sudo ansible-playbook deploy.yml -vvv
And get:
fatal: [web1]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh.", "unreachable": true}
Yet if I do this immediately (seconds) afterward:
ansible all -m ping
The previous command works!
Is it something to do with ControlPersist=60s, like no more commands can be issued? Confusing.
Seems like this may be a known Ansible bug where SSH connections intermittently fail, and give a poor error message. I'm on Ansible 2.1.1, the same version that so many people in this bug report are on too:
https://github.com/ansible/ansible/issues/15706
So upgrading Ansible would probably get around the error. Or use the workaround I discovered of pinging ansible <your hosts> -m ping.
I am trying to copy an SSH public key to a newly created VM:
- hosts: vm1
remote_user: root
tasks:
- name: deploy ssh key to account
authorized_key: user='root' key="{{lookup('file','/root/.ssh/id_rsa.pub')}}"
But getting error:
fatal: [jenkins]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n", "unreachable": true}
So to establish SSH I need first to establish SSH?
How can I establish SSH for newly created KVM automatically, without manual key copy.
(host_key_checking = False in ancible.cfg)
Assuming the target machine allows root-login with password (from the error message it seems it does), you must provide the credentials to your playbook:
ansible-playbook playbook.yml --extra-vars "ansible_ssh_user=root ansible_ssh_pass=password"
Something I tried (and it worked) when I had this same issue:
ansible target-server-name -m command -a "whatever command" -k
The -k prompts you for the ssh password to the target server.
Add below changes to the /etc/ansible/hosts file:
[target-server-name]
target_server_ip
Example:
ansible target-server-name -m ping -k
I have a Rasberry pi which I can connect to via SSH from terminal through an ethernet cable from my Macbook to the pi via the command 'ssh pi#169.254.0.2'
Yet, when I run an ansible playbook to this host
[pis]
169.254.0.2
I get the following error:
PLAY [Ansible Playbook for configuring brand new Raspberry Pi] *****************
TASK [setup] *******************************************************************
<169.254.0.2> ESTABLISH CONNECTION FOR USER: pi on PORT 22 TO 169.254.0.2
CONNECTION: pid 2118 waiting for lock on 10
CONNECTION: pid 2118 acquired lock on 10
fatal: [169.254.0.2]: UNREACHABLE! => {"changed": false, "msg": "ERROR! (25, 'Inappropriate ioctl for device')", "unreachable": true}
PLAY RECAP *********************************************************************
169.254.0.2 : ok=0 changed=0 unreachable=1 failed=0
My ansible version is 2.0.0.2.
How can I configure Ansible so that it connects in the same way as I am successfully able to connect with SSH from the terminal?
Always include Ansible version when reporting issues like this. I had a similar issue when multiple ssh connections were opened by Ansible. Can you set pipelining to False in Ansible config file (/etc/ansible/ansible.cfg) and try again? Check what it is set to now before setting it.
pipelining = False
I received this error when trying to run ansible from inside a docker container and I got this same error. This answer led me to the solution which was that you have to add the -t flag which allocates a pseudo-TTY.
E.g.
sudo docker run -t -v `pwd`:/ansible -w /ansible ansible:latest ansible-playbook -i inventory.yml site.yml