We have 2 environments, both showing the same problem.
ENV 1. Jenkins worker is in a Docker Container, running on a linux server
ENV 2. Jenkins worker is a K8s pod.
The `container` the work is being ran from is the same in each env. This
is the same container I am using locally to test.
We have tons of jobs that all use this same `ssh through a bastion` setup,
but for some reason, just this one is having problem, even though other
jobs, targeting the same servers are working fine.
We generate a ssh.cfg, which specifies the bastion and its configurations.
The exact commands below, run just fine on everyone laptops, fail in the
Jenkins pipeline.
```
[defaults]
stdout_callback = debug
ansible_connection = ssh
ansible_port = 22
retry_files_enabled = False
callbacks_enabled = timer, profile_tasks
gathering = smart
timeout = 60
forks = 1
serial = 1
[ssh_connection]
ssh_args = '-F ./ssh.cfg -o ControlMaster=auto -o ControlPersist=30m -o
StrictHostKeyChecking=no -o ForwardAgent=yes -o ServerAliveInterval=30 -o
UserKnownHostsFile=/dev/null'
pipelining = True
```
no_proxy=’*’ ANSIBLE_CONFIG=ansible-private.cfg ansible -i
inventory/private_linux_aws_ec2.yaml
'tag_DeploymentID_${DEPLOYMENT_ID}:!tag_Role_SSH_Bastion_Host' -m ping -e
'ansible_python_interpreter=/usr/bin/python2'
no_proxy=’*’ ANSIBLE_CONFIG=ansible-private.cfg ansible-playbook -i
inventory/private_linux_aws_ec2.yaml playbooks/single_private_linux.yml -e
"deployment_id=${DEPLOYMENT_ID} env=${ENV}"
no_proxy=’*’ ANSIBLE_CONFIG=ansible-private.cfg ansible -i
inventory/private_windows_aws_ec2.yaml
'tag_DeploymentID_${DEPLOYMENT_ID}:!tag_Role_RDP_Bastion_Host' -m win_ping
no_proxy=’*’ ANSIBLE_CONFIG=ansible-private.cfg ansible-playbook -i
inventory/private_windows_aws_ec2.yaml playbooks/single_windows.yml -e
"deployment_id=${DEPLOYMENT_ID} env=${ENV}"
When running `-vvv` you can copy/paste the SSH command it connects just
fine.
Errors look like this, someones its all servers, sometime a few.
TASK [Set Fact - Public key]
***************************************************
Tuesday 07 December 2021 19:56:53 +0000 (0:00:00.018) 0:00:04.729 ******
ok: [ip-172-16-0-10.us-gov-west-1.compute.internal]
ok: [ip-172-16-1-5.us-gov-west-1.compute.internal]
ok: [ip-172-16-1-10.us-gov-west-1.compute.internal]
ok: [ip-172-16-0-5.us-gov-west-1.compute.internal]
TASK [Remove New Authorized Keys file if exists]
******************************
Tuesday 07 December 2021 19:56:54 +0000 (0:00:00.054) 0:00:04.784 ******
changed: [ip-172-16-0-10.us-gov-west-1.compute.internal]
fatal: [ip-172-16-1-5.us-gov-west-1.compute.internal]: UNREACHABLE! => {
"changed": false,
"unreachable": true
}
MSG:
Data could not be sent to remote host "172.16.1.5". Make sure this host can
be reached over ssh: Connection timed out during banner exchange
ok: [ip-172-16-1-10.us-gov-west-1.compute.internal]
fatal: [ip-172-16-0-5.us-gov-west-1.compute.internal]: UNREACHABLE! => {
"changed": false,
"unreachable": true
}TASK [Set Fact - Public key]
***************************************************
Tuesday 07 December 2021 19:56:53 +0000 (0:00:00.018) 0:00:04.729 ******
ok: [ip-172-16-0-10.us-gov-west-1.compute.internal]
ok: [ip-172-16-1-5.us-gov-west-1.compute.internal]
ok: [ip-172-16-1-10.us-gov-west-1.compute.internal]
ok: [ip-172-16-0-5.us-gov-west-1.compute.internal]
TASK [Remove New Authorized Keys file if exists]
******************************
Tuesday 07 December 2021 19:56:54 +0000 (0:00:00.054) 0:00:04.784 ******
changed: [ip-172-16-0-10.us-gov-west-1.compute.internal]
fatal: [ip-172-16-1-5.us-gov-west-1.compute.internal]: UNREACHABLE! => {
"changed": false,
"unreachable": true
}
MSG:
Data could not be sent to remote host "172.16.1.5". Make sure this host can
be reached over ssh: Connection timed out during banner exchange
ok: [ip-172-16-1-10.us-gov-west-1.compute.internal]
fatal: [ip-172-16-0-5.us-gov-west-1.compute.internal]: UNREACHABLE! => {
"changed": false,
"unreachable": true
}
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/d37ef691-0aa9-4afb-85e6-a7f3bf19ededn%40googlegroups.com.
