New to Ansible but I'm really enjoying working with it so far. I've started
writing a playbook that creates an EC2 instance and then attempts to
connect to it and configure it. For some reason it's failing to connect,
even though it appears to be using the correct key and attempting to
connect as the correct user. It's also using the correct hostname. I turned
verbose output on and I still don't see what the issue is. Can anyone
suggest what the issue might be?
I provisioned an EC2 instance and now I want to connect to it:
Here's my play:
# Configure instances
- include: configure-ireland.yml #This just installs a single package,
httpd, nothing fancy
vars:
ansible_ssh_user: ec2-user
ansible_ssh_private_key_file: keys/eric_eu_west_1.pem
Here's the output of ansible-playbook -vvvvv myplay.yml when it fails to
connect to my instance via ssh:
TASK [setup]
*******************************************************************
<ec2-54-194-134-79.eu-west-1.compute.amazonaws.com> ESTABLISH SSH
CONNECTION FOR USER: ec2-user
<ec2-54-194-77-121.eu-west-1.compute.amazonaws.com> ESTABLISH SSH
CONNECTION FOR USER: ec2-user
<ec2-54-194-134-79.eu-west-1.compute.amazonaws.com> SSH: ansible.cfg
set ssh_args: (-o)(ControlMaster=auto)(-o)(ControlPersist=60s)
<ec2-54-171-76-221.eu-west-1.compute.amazonaws.com> ESTABLISH SSH
CONNECTION FOR USER: ec2-user
<ec2-54-194-134-79.eu-west-1.compute.amazonaws.com> SSH:
ANSIBLE_PRIVATE_KEY_FILE/private_key_file/ansible_ssh_private_key_file set:
(-o)(IdentityFile="keys/eric_eu_west_1.p
em")
<ec2-54-194-134-79.eu-west-1.compute.amazonaws.com> SSH:
ansible_password/ansible_ssh_pass not set:
(-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssapi
-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no)
<ec2-54-194-134-79.eu-west-1.compute.amazonaws.com> SSH:
ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set:
(-o)(User=ec2-user)
<ec2-54-194-134-79.eu-west-1.compute.amazonaws.com> SSH:
ANSIBLE_TIMEOUT/timeout set: (-o)(ConnectTimeout=10)
<ec2-54-194-134-79.eu-west-1.compute.amazonaws.com> SSH: PlayContext
set ssh_common_args: ()
<ec2-54-171-76-221.eu-west-1.compute.amazonaws.com> SSH: ansible.cfg
set ssh_args: (-o)(ControlMaster=auto)(-o)(ControlPersist=60s)
<ec2-54-171-76-221.eu-west-1.compute.amazonaws.com> SSH:
ANSIBLE_PRIVATE_KEY_FILE/private_key_file/ansible_ssh_private_key_file set:
(-o)(IdentityFile="keys/eric_eu_west_1.$
em")
<ec2-54-194-77-121.eu-west-1.compute.amazonaws.com> SSH: ansible.cfg
set ssh_args: (-o)(ControlMaster=auto)(-o)(ControlPersist=60s)
<ec2-54-171-76-221.eu-west-1.compute.amazonaws.com> SSH:
ansible_password/ansible_ssh_pass not set:
(-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssap$
-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no)
<ec2-54-194-77-121.eu-west-1.compute.amazonaws.com> SSH:
ANSIBLE_PRIVATE_KEY_FILE/private_key_file/ansible_ssh_private_key_file set:
(-o)(IdentityFile="keys/eric_eu_west_1.$
em")
<ec2-54-171-76-221.eu-west-1.compute.amazonaws.com> SSH:
ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set:
(-o)(User=ec2-user)
<ec2-54-194-77-121.eu-west-1.compute.amazonaws.com> SSH:
ansible_password/ansible_ssh_pass not set:
(-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssap$
-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no)
<ec2-54-171-76-221.eu-west-1.compute.amazonaws.com> SSH:
ANSIBLE_TIMEOUT/timeout set: (-o)(ConnectTimeout=10)
<ec2-54-194-77-121.eu-west-1.compute.amazonaws.com> SSH:
ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set:
(-o)(User=ec2-user)
<ec2-54-194-77-121.eu-west-1.compute.amazonaws.com> SSH:
ANSIBLE_TIMEOUT/timeout set: (-o)(ConnectTimeout=10)
<ec2-54-194-77-121.eu-west-1.compute.amazonaws.com> SSH: PlayContext
set ssh_common_args: ()
<ec2-54-171-76-221.eu-west-1.compute.amazonaws.com> SSH: PlayContext
set ssh_common_args: ()
<ec2-54-194-77-121.eu-west-1.compute.amazonaws.com> SSH: PlayContext
set ssh_extra_args: ()
<ec2-54-171-76-221.eu-west-1.compute.amazonaws.com> SSH: PlayContext
set ssh_extra_args: ()
<ec2-54-194-77-121.eu-west-1.compute.amazonaws.com> SSH: found only
ControlPersist; added ControlPath:
(-o)(ControlPath=/home/campee/.ansible/cp/ansible-ssh-%h-%p-%r)
<ec2-54-171-76-221.eu-west-1.compute.amazonaws.com> SSH: found only
ControlPersist; added ControlPath:
(-o)(ControlPath=/home/campee/.ansible/cp/ansible-ssh-%h-%p-%r)
<ec2-54-194-77-121.eu-west-1.compute.amazonaws.com> SSH: EXEC ssh -C
-vvv -o ControlMaster=auto -o ControlPersist=60s -o
'IdentityFile="keys/eric_eu_west_1.pem"' -o KbdInte$
activeAuthentication=no -o
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
-o PasswordAuthentication=no -o User=ec2-user -o ConnectTimeout=10 -o C$
ntrolPath=/home/campee/.ansible/cp/ansible-ssh-%h-%p-%r
ec2-54-194-77-121.eu-west-1.compute.amazonaws.com '/bin/sh -c '"'"'( umask
77 && mkdir -p "` echo $HOME/.ansible/tmp$
ansible-tmp-1477363326.38-254627066289692 `" && echo
ansible-tmp-1477363326.38-254627066289692="` echo
$HOME/.ansible/tmp/ansible-tmp-1477363326.38-254627066289692 `" ) && $sleep
0'"'"''
<ec2-54-171-76-221.eu-west-1.compute.amazonaws.com> SSH: EXEC ssh -C
-vvv -o ControlMaster=auto -o ControlPersist=60s -o
'IdentityFile="keys/eric_eu_west_1.pem"' -o KbdInte$
activeAuthentication=no -o
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
-o PasswordAuthentication=no -o User=ec2-user -o ConnectTimeout=10 -o C$
ntrolPath=/home/campee/.ansible/cp/ansible-ssh-%h-%p-%r
ec2-54-171-76-221.eu-west-1.compute.amazonaws.com '/bin/sh -c '"'"'( umask
77 && mkdir -p "` echo $HOME/.ansible/tmp$
ansible-tmp-1477363326.38-141287772563957 `" && echo
ansible-tmp-1477363326.38-141287772563957="` echo
$HOME/.ansible/tmp/ansible-tmp-1477363326.38-141287772563957 `" ) && s
leep 0'"'"''
<ec2-54-194-134-79.eu-west-1.compute.amazonaws.com> SSH: PlayContext
set ssh_extra_args: ()
<ec2-54-194-134-79.eu-west-1.compute.amazonaws.com> SSH: found only
ControlPersist; added ControlPath:
(-o)(ControlPath=/home/campee/.ansible/cp/ansible-ssh-%h-%p-%r)
<ec2-54-194-134-79.eu-west-1.compute.amazonaws.com> SSH: EXEC ssh -C
-vvv -o ControlMaster=auto -o ControlPersist=60s -o
'IdentityFile="keys/eric_eu_west_1.pem"' -o KbdInter
activeAuthentication=no -o
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
-o PasswordAuthentication=no -o User=ec2-user -o ConnectTimeout=10 -o Co
ntrolPath=/home/campee/.ansible/cp/ansible-ssh-%h-%p-%r
ec2-54-194-134-79.eu-west-1.compute.amazonaws.com '/bin/sh -c '"'"'( umask
77 && mkdir -p "` echo $HOME/.ansible/tmp/
ansible-tmp-1477363326.38-145537136827503 `" && echo
ansible-tmp-1477363326.38-145537136827503="` echo
$HOME/.ansible/tmp/ansible-tmp-1477363326.38-145537136827503 `" ) && s
leep 0'"'"''
fatal: [ec2-54-194-77-121.eu-west-1.compute.amazonaws.com]: UNREACHABLE! =>
{"changed": false, "msg": "Failed to connect to the host via ssh.",
"unreachable": true}
But if I run SSH manually, it works just fine:
$ ssh -i keys/eric_eu_west_1.pem
[email protected]
Warning: Permanently added
'ec2-54-171-76-221.eu-west-1.compute.amazonaws.com,54.171.76.221' (ECDSA)
to the list of known hosts.
__| __|_ )
_| ( / Amazon Linux AMI
___|\___|___|
https://aws.amazon.com/amazon-linux-ami/2016.09-release-notes/
3 package(s) needed for security, out of 10 available
Run "sudo yum update" to apply all updates.
My key is chmod 0700:
$ ls -l keys/eric_eu_west_1.pem
-rwx------ 1 campee campee 1696 Oct 23 21:30 keys/eric_eu_west_1.pem
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/a54a59a1-1832-4a62-8a68-4780309871e5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
