Hi Ameya, thanks for your response! I forgot to add that the firewall is already opened in my issue but it still doesnt work. I read somewhere that it has to do with the cipher suite that RHEL7 and Windows default uses.
Do you have any idea about this? On Wed, Feb 27, 2019 at 10:51 AM ameya agashe <[email protected]> wrote: > Run below in PowerShell and it should keep you going: > > netsh advfirewall firewall add rule name="Allow WinRM (Https)" dir=in > localport=5986 protocol=tcp action=allow enable=yes > > Thanks and Regards, > Ameya Agashe > > On Wed, Feb 27, 2019 at 1:38 PM Eric Tan <[email protected]> wrote: > >> ##### SUMMARY >> 1. Using Python 2.7 in RHEL7 >> 2. Executed powershell script in windows machine >> ConfigureRemotingForAnsible.ps1 >> 3. Configured yml file to the below: >> >> * name: hit windows test instance >> hosts: "tag_class_windows_{{ env }}_{{ ec2_class }}" >> vars: >> ansible_user: Administrator >> ansible_password: {{ password }} >> ansible_port: 5986 >> ansible_connection: winrm >> ansible_winrm_server_cert_validation: ignore >> ansible_winrm_operation_timeout_sec: 60 >> ansible_winrm_read_timeout_sec: 70 >> tasks: >> >> * ec2: >> state: 'absent' >> instance_ids: {{ instance_id }}' >> ec2_region: '{{ ec2_region }}' >> delegate_to: localhost >> >> Error encountered: >> fatal: [xxx.xxx.xxx.xxx]: UNREACHABLE! => {"changed": false, "msg": "ssl: >> HTTPSConnectionPool(host='localhost', port=5986): Max retries exceeded with >> url: /wsman (Caused by >> NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at >> 0x7fefb0fdf3d0>: Failed to establish a new connection: [Errno 111] >> Connection refused',))", "unreachable": true} >> >> ##### ISSUE TYPE >> * Bug Report >> >> ##### COMPONENT NAME >> winrm >> >> ##### ANSIBLE VERSION >> ansible 2.4.3.0 >> >> ##### CONFIGURATION >> HOST_KEY_CHECKING(/etc/ansible/ansible.cfg) = False >> >> ##### OS / ENVIRONMENT >> Host: RHEL 7 >> WinRM to Windows 2012 >> >> ##### STEPS TO REPRODUCE >> ansible-playbook -i /etc/ansible/ec2.py hitwin.yml --extra-vars >> "ec2_class=appservers env=test" >> >> * name: hit windows test instance >> hosts: "tag_class_windows_{{ env }}_{{ ec2_class }}" >> vars: >> ansible_user: Administrator >> ansible_password: {{ password }} >> ansible_port: 5986 >> ansible_connection: winrm >> ansible_winrm_server_cert_validation: ignore >> ansible_winrm_operation_timeout_sec: 60 >> ansible_winrm_read_timeout_sec: 70 >> tasks: >> >> * ec2: >> state: 'absent' >> instance_ids: {{ instance_id }}' >> ec2_region: '{{ ec2_region }}' >> delegate_to: localhost >> >> ##### EXPECTED RESULTS >> Expected success to win rm and shutdown server >> >> ##### ACTUAL RESULTS >> PLAY [hit windows test instance] >> *********************************************** >> >> TASK [Gathering Facts] >> ********************************************************* >> ok: [xxx.xxx.xxx.xxx] >> >> TASK [ec2] >> ********************************************************************* >> fatal: [xxx.xxx.xxx.xxx]: UNREACHABLE! => {"changed": false, "msg": "ssl: >> HTTPSConnectionPool(host='localhost', port=5986): Max retries exceeded with >> url: /wsman (Caused by >> NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at >> 0x7fefb0fdf3d0>: Failed to establish a new connection: [Errno 111] >> Connection refused',))", "unreachable": true} >> >> ``` >> to retry, use: --limit @/home/ec2-user/ansible-netenv/hitwin.retry >> ``` >> PLAY RECAP >> ********************************************************************* >> xxx.xxx.xxx.xxx : ok=1 changed=0 unreachable=1 failed=0 >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To post to this group, send email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/d90a7256-11a0-446f-943f-294356831c05%40googlegroups.com >> <https://groups.google.com/d/msgid/ansible-project/d90a7256-11a0-446f-943f-294356831c05%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAG9tf-9YD0wdZq2Y%3DbEuBBZSM%2BiYHemSmJ11M_Ux6vMBJ53O6Q%40mail.gmail.com > <https://groups.google.com/d/msgid/ansible-project/CAG9tf-9YD0wdZq2Y%3DbEuBBZSM%2BiYHemSmJ11M_Ux6vMBJ53O6Q%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- Regards, *Mr Tan Choa Hong, Eric (Mba)* PMP®,CBAP®,CSM® LinkedIn : https://www.linkedin.com/in/er1csg Email : [email protected] AboutMe : https://about.me/er1c_sg *The information contained in this email (including all attachments) is confidential and may also be privileged. It is intended for the use only of the addressee(s) named. If you are not the intended recipient, kindly note that any dissemination, distribution, publication or copying of this email is strictly prohibited. If you have received this email in error, please accept our apologies and notify us immediately. Thereafter, kindly delete all copies from your system. Although reasonable precautions have been taken to ensure the integrity of this email and that it is virus free.* -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CADeC%2B8bhNZh844Hmmm41-KAgU%2B_WpMiRDBG8jnxHMidYOvn3Rg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
