Hi Ameya,
Below is the debug information. By the way, the localhost is RHEL7 OS and
the ec2 we are trying to winrm is Windows Server 2012.
---------------------------------------------
TASK [ec2]
*********************************************************************
task path: /home/ec2-user/ansible-netenv/hitwin.yml:12
Using module file
/usr/local/lib/python2.7/site-packages/ansible/modules/cloud/a
mazon/ec2.py
<localhost> ESTABLISH WINRM CONNECTION FOR USER: Administrator on PORT 5986
TO l ocalhost
Using module file
/usr/local/lib/python2.7/site-packages/ansible/modules/cloud/a
mazon/ec2.py
<localhost> ESTABLISH WINRM CONNECTION FOR USER: Administrator on PORT 5986
TO l ocalhost
fatal: [xxx.xxx.xxx.xxx]: UNREACHABLE! => {
"changed": false,
"msg": "ssl: HTTPSConnectionPool(host='localhost', port=5986): Max
retries e xceeded with url: /wsman (Caused by
NewConnectionError('<urllib3.connection.Veri
fiedHTTPSConnection object at 0x7f78dc5213d0>: Failed to establish a new
connect ion: [Errno 111] Connection refused',))",
"unreachable": true
}
to retry, use: --limit @/home/ec2-user/ansible-netenv/hitwin.retry
---------------------------------------------
On Wednesday, February 27, 2019 at 11:43:45 AM UTC+8, ameya agashe wrote:
>
> Hi Tan,
>
> Not aware of the issue you referring about, under normal circumstances the
> command I gave should work. Have you tried running playbook in debug mode
> to see what is happening under the cover? place "-vvv" at the last of
> command line.
>
> Regards
> Ameya Agashe
>
> On Wed, Feb 27, 2019 at 2:38 PM Eric Tan <[email protected] <javascript:>>
> wrote:
>
>> Hi Ameya,
>>
>> thanks for your response!
>> I forgot to add that the firewall is already opened in my issue but it
>> still doesnt work.
>> I read somewhere that it has to do with the cipher suite that RHEL7 and
>> Windows default uses.
>>
>> Do you have any idea about this?
>>
>> On Wed, Feb 27, 2019 at 10:51 AM ameya agashe <[email protected]
>> <javascript:>> wrote:
>>
>>> Run below in PowerShell and it should keep you going:
>>>
>>> netsh advfirewall firewall add rule name="Allow WinRM (Https)" dir=in
>>> localport=5986 protocol=tcp action=allow enable=yes
>>>
>>> Thanks and Regards,
>>> Ameya Agashe
>>>
>>> On Wed, Feb 27, 2019 at 1:38 PM Eric Tan <[email protected]
>>> <javascript:>> wrote:
>>>
>>>> ##### SUMMARY
>>>> 1. Using Python 2.7 in RHEL7
>>>> 2. Executed powershell script in windows machine
>>>> ConfigureRemotingForAnsible.ps1
>>>> 3. Configured yml file to the below:
>>>>
>>>> * name: hit windows test instance
>>>> hosts: "tag_class_windows_{{ env }}_{{ ec2_class }}"
>>>> vars:
>>>> ansible_user: Administrator
>>>> ansible_password: {{ password }}
>>>> ansible_port: 5986
>>>> ansible_connection: winrm
>>>> ansible_winrm_server_cert_validation: ignore
>>>> ansible_winrm_operation_timeout_sec: 60
>>>> ansible_winrm_read_timeout_sec: 70
>>>> tasks:
>>>>
>>>> * ec2:
>>>> state: 'absent'
>>>> instance_ids: {{ instance_id }}'
>>>> ec2_region: '{{ ec2_region }}'
>>>> delegate_to: localhost
>>>>
>>>> Error encountered:
>>>> fatal: [xxx.xxx.xxx.xxx]: UNREACHABLE! => {"changed": false, "msg":
>>>> "ssl: HTTPSConnectionPool(host='localhost', port=5986): Max retries
>>>> exceeded with url: /wsman (Caused by
>>>> NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at
>>>> 0x7fefb0fdf3d0>: Failed to establish a new connection: [Errno 111]
>>>> Connection refused',))", "unreachable": true}
>>>>
>>>> ##### ISSUE TYPE
>>>> * Bug Report
>>>>
>>>> ##### COMPONENT NAME
>>>> winrm
>>>>
>>>> ##### ANSIBLE VERSION
>>>> ansible 2.4.3.0
>>>>
>>>> ##### CONFIGURATION
>>>> HOST_KEY_CHECKING(/etc/ansible/ansible.cfg) = False
>>>>
>>>> ##### OS / ENVIRONMENT
>>>> Host: RHEL 7
>>>> WinRM to Windows 2012
>>>>
>>>> ##### STEPS TO REPRODUCE
>>>> ansible-playbook -i /etc/ansible/ec2.py hitwin.yml --extra-vars
>>>> "ec2_class=appservers env=test"
>>>>
>>>> * name: hit windows test instance
>>>> hosts: "tag_class_windows_{{ env }}_{{ ec2_class }}"
>>>> vars:
>>>> ansible_user: Administrator
>>>> ansible_password: {{ password }}
>>>> ansible_port: 5986
>>>> ansible_connection: winrm
>>>> ansible_winrm_server_cert_validation: ignore
>>>> ansible_winrm_operation_timeout_sec: 60
>>>> ansible_winrm_read_timeout_sec: 70
>>>> tasks:
>>>>
>>>> * ec2:
>>>> state: 'absent'
>>>> instance_ids: {{ instance_id }}'
>>>> ec2_region: '{{ ec2_region }}'
>>>> delegate_to: localhost
>>>>
>>>> ##### EXPECTED RESULTS
>>>> Expected success to win rm and shutdown server
>>>>
>>>> ##### ACTUAL RESULTS
>>>> PLAY [hit windows test instance]
>>>> ***********************************************
>>>>
>>>> TASK [Gathering Facts]
>>>> *********************************************************
>>>> ok: [xxx.xxx.xxx.xxx]
>>>>
>>>> TASK [ec2]
>>>> *********************************************************************
>>>> fatal: [xxx.xxx.xxx.xxx]: UNREACHABLE! => {"changed": false, "msg":
>>>> "ssl: HTTPSConnectionPool(host='localhost', port=5986): Max retries
>>>> exceeded with url: /wsman (Caused by
>>>> NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at
>>>> 0x7fefb0fdf3d0>: Failed to establish a new connection: [Errno 111]
>>>> Connection refused',))", "unreachable": true}
>>>>
>>>> ```
>>>> to retry, use: --limit @/home/ec2-user/ansible-netenv/hitwin.retry
>>>> ```
>>>> PLAY RECAP
>>>> *********************************************************************
>>>> xxx.xxx.xxx.xxx : ok=1 changed=0 unreachable=1 failed=0
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Ansible Project" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to [email protected] <javascript:>.
>>>> To post to this group, send email to [email protected]
>>>> <javascript:>.
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/d/msgid/ansible-project/d90a7256-11a0-446f-943f-294356831c05%40googlegroups.com
>>>>
>>>> <https://groups.google.com/d/msgid/ansible-project/d90a7256-11a0-446f-943f-294356831c05%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>> .
>>>> For more options, visit https://groups.google.com/d/optout.
>>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to [email protected] <javascript:>.
>>> To post to this group, send email to [email protected]
>>> <javascript:>.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/CAG9tf-9YD0wdZq2Y%3DbEuBBZSM%2BiYHemSmJ11M_Ux6vMBJ53O6Q%40mail.gmail.com
>>>
>>> <https://groups.google.com/d/msgid/ansible-project/CAG9tf-9YD0wdZq2Y%3DbEuBBZSM%2BiYHemSmJ11M_Ux6vMBJ53O6Q%40mail.gmail.com?utm_medium=email&utm_source=footer>
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>
>> --
>>
>> Regards,
>>
>> *Mr Tan Choa Hong, Eric (Mba)*
>> PMP®,CBAP®,CSM®
>>
>>
>>
>>
>>
>> LinkedIn : https://www.linkedin.com/in/er1csg
>>
>> Email : [email protected] <javascript:>
>>
>> AboutMe : https://about.me/er1c_sg
>>
>>
>> *The information contained in this email (including all attachments) is
>> confidential and may also be privileged. It is intended for the use only of
>> the addressee(s) named. If you are not the intended recipient, kindly note
>> that any dissemination, distribution, publication or copying of this email
>> is strictly prohibited. If you have received this email in error, please
>> accept our apologies and notify us immediately. Thereafter, kindly delete
>> all copies from your system. Although reasonable precautions have been
>> taken to ensure the integrity of this email and that it is virus free.*
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected] <javascript:>.
>> To post to this group, send email to [email protected]
>> <javascript:>.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CADeC%2B8bhNZh844Hmmm41-KAgU%2B_WpMiRDBG8jnxHMidYOvn3Rg%40mail.gmail.com
>>
>> <https://groups.google.com/d/msgid/ansible-project/CADeC%2B8bhNZh844Hmmm41-KAgU%2B_WpMiRDBG8jnxHMidYOvn3Rg%40mail.gmail.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/fd7d8e96-1f66-4efd-a1f1-9e5a90ce8646%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
