Just a try!
Can you enable enable-credssp -force on those failed machine and give a try
On Wednesday, December 26, 2018 at 7:13:36 PM UTC+5:30, Justin Seiser wrote:
>
> TASK [roles/ansible-role-dc : Copy Schema File 2]
> ****************************** fatal: [10.254.64.5]: UNREACHABLE! =>
> {"changed": false, "msg": "credssp: HTTPSConnectionPool(host='10.254.64.5',
> port=5986): Read timed out. (read timeout=200)", "unreachable": true} to
> retry, use: --limit
> @/home/ubuntu/workspace/sales-demo/demo-idauto-salesdemo-prd-inf/ansible_dc.retry
>
>
>
> I have 2 environments in AWS, each environment contains 2 Windows servers
> that I am running a playbook against. Ansible itself is running in a docker
> container and connecting to the instances over VPC Peering. So The Docker
> Server and Ansible Container are in 1 VPC, using winrm/credssp to connect to
> windows servers in another VPC.
>
>
> The playbook keeps randomly failing with the above errors. It will happen at
> different places in the playbook, so I cant narrow it down to any one
> specific section. That file copy above is for a 1.8K file, so its not like
> it was too large.
>
>
> I run this same setup, for thousands of linux servers and have no issue, so I
> assume its something with winrm, and VPC peering that it just doesnt like.
>
>
> Here is winrm confg.
>
>
> ansible_port: 5986 ansible_connection: winrm
> ansible_winrm_server_cert_validation: ignore ansible_winrm_transport: credssp
> ansible_winrm_operation_timeout_sec: 150 ansible_winrm_read_timeout_sec: 200
>
> I know the best solution would be to run ansible inside the same VPC but
> its not an option, so is there anything that can be done? These ansible
> failures are putting a halt to the project, and my fear is that winrm is
> not going to allow this to work.
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-devel+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
