Hi All, please help me.
Build ec2 instances with attaching multiple tags names :- For example- I have launched one ec2 instance with tag name "websever1" the next builds of ec2 instances should start with tag name webserver2 , webserver3 .... automatically. Note: No two ec2 instances have same tag name. On Mon, Aug 27, 2018 at 12:22 PM Jeremie Levy <[email protected]> wrote: > Hi > In my company we have a forest with multiple domains, EUR / USA ... > I can work without any issue with my domain (EUR) with a EUR user > > Now i'm trying to access a USA server with and got the following failure: > > # ansible-playbook agent.yml --limit tsthost67.usa.company.com -vvvv > ansible-playbook 2.6.2 > config file = /ansible/scripts/ansible.cfg > configured module search path = > [u'/usr/local/lib/python2.7/dist-packages/ara/plugins/modules'] > ansible python module location = /usr/lib/python2.7/dist-packages/ansible > executable location = /usr/bin/ansible-playbook > python version = 2.7.12 (default, Dec 4 2017, 14:50:18) [GCC 5.4.0 > 20160609] > Using /ansible/scripts/ansible.cfg as config file > setting up inventory plugins > Parsed /ansible/scripts/inventory/windows.yml inventory source with yaml > plugin > Loading callback plugin default of type stdout, v2.0 from > /usr/lib/python2.7/dist-packages/ansible/plugins/callback/default.pyc > Loading callback plugin ara of type notification, v2.0 from > /usr/local/lib/python2.7/dist-packages/ara/plugins/callbacks/log_ara.pyc > > PLAYBOOK: agent.yml > ***************************************************************************************************************************************************************************************************************************************************************************************************************************************************************** > 1 plays in agent.yml > > PLAY [fw] > ********************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************* > Trying secret > FileVaultSecret(filename='/nfs/site/disks/home30/ansible/.ssh/ansible_vault.txt') > for vault_id=default > > TASK [Gathering Facts] > ******************************************************************************************************************************************************************************************************************************************************************************************************************************************************************** > task path: /ansible/scripts/agent.yml:2 > Using module file > /usr/lib/python2.7/dist-packages/ansible/modules/windows/setup.ps1 > <tsthost67.usa.company.com> ESTABLISH WINRM CONNECTION FOR USER: > [email protected] on PORT 5986 TO tsthost67.usa.company.com > checking if winrm_host tsthost67.usa.company.com is an IPv6 address > calling kinit with pexpect for principal [email protected] > fatal: [tsthost67.usa.company.com]: UNREACHABLE! => { > "changed": false, > * "msg": "kerberos: authGSSClientStep() failed: (('Unspecified GSS > failure. Minor code may provide more information', 851968), ('Generic > error (see e-text)', -1765328324))",* > "unreachable": true > } > to retry, use: --limit @/ansible/scripts/qb-agent-fw.retry > > PLAY RECAP > ******************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************** > tsthost67.usa.company.com : ok=0 changed=0 unreachable=1 failed=0 > > > > my kerberos file: > > # cat /etc/krb5.conf > > > > [libdefaults] > default_realm = EUR.COMPANY.COM > > ticket_lifetime = 36000 > > renew_lifetime = 2592000 > > default_keytab_name = /etc/krb5.keytab > > forwardable = true > > allow_weak_crypto = true > > dns_lookup_realm = false > > dns_lookup_kdc = false > > default_tgs_enctypes = des-cbc-crc arcfour-hmac-md5 > > default_tkt_enctypes = arcfour-hmac-md5 des-cbc-crc > > preferred_preauth_types = des-cbc-crc > > > > > [domain_realm] > .usa.company.com = USA.COMPANY.COM > .... > > [libvas] > use-dns-srv = true > use-server-referrals = true > > > > [realms] > > USA.COMPANY.COM = { > > default_domain = usa.company.com > ... > } > EUR.COMPANY.COM = { > default_domain = eur.company.com > ... > } > > > My group_vars file: > > ansible_user: [email protected] > ansible_password: SECURED_PASSWORD > ansible_port: 5986 > ansible_connection: winrm > ansible_winrm_transport: kerberos > ansible_winrm_scheme: https > ansible_winrm_server_cert_validation: ignore > ansible_winrm_kerberos_delegation: true > > > > How can i access a computer in the USA domain ? > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/7c0351de-9a01-4f4d-a2cc-f3dd23d1eb51%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/7c0351de-9a01-4f4d-a2cc-f3dd23d1eb51%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CANP%3DzZyRze%2B9kN-kVDYEmD%2B9aii%3DS_K5jMVTxKwzbPo%2B2_emcQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
