[ansible-project] Using the wait_for module to check ports from one windows host to another windows host
Not sure if i'm using the wait_for module correctly on two windows host.
I'm getting the error below when trying to check if a port is open from a
source windows host to a target windows host.
Wondering if i'm using the module correctly or if this even possible when
both hosts are windows. I've tried the same playbook on two unix host and
it worked.
---
- hosts: win-host1
tasks:
- wait_for:
host: 192.168.70.13
port: 9443
timeout: 10
ignore_errors: true
register: result
- debug: var=result
PLAY [win-host1]
***
TASK [Gathering Facts]
***
ok: [win-host1]
TASK [wait_for]
**
[WARNING]: FATAL ERROR DURING FILE TRANSFER: Traceback (most recent call
last): File
"/usr/lib/python2.6/site-packages/ansible/plugins/connection/winrm.py",
line 276, in _winrm_exec
self._winrm_send_input(self.protocol, self.shell_id, command_id, data,
eof=is_last) File
"/usr/lib/python2.6/site-packages/ansible/plugins/connection/winrm.py",
line 256, in _winrm_send_input
protocol.send_message(xmltodict.unparse(rq)) File
"/usr/lib/python2.6/site-packages/winrm/protocol.py", line 207, in
send_message return self.transport.send_message(message) File
"/usr/lib/python2.6/site-packages/winrm/transport.py", line 202, in
send_message raise WinRMTransportError('http', error_message)
WinRMTransportError: (u'http', u'Bad HTTP response returned
from server. Code 500')
fatal: [win-host1]: FAILED! => {"msg": "winrm send_input failed"}
...ignoring
TASK [debug]
*
ok: [win-host1] => {
"result": {
"failed": true,
"msg": "winrm send_input failed"
}
}
PLAY RECAP
***
win-host1: ok=3changed=0unreachable=0failed=0
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/fcbc0bdf-424b-41ce-a69c-9cfff16c72fd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Firewall Rules Check with Ansible
I tried your example and getting the following result. Is an inventory file needed since all the hosts being defined in the playbook? [WARNING]: Could not match supplied host pattern, ignoring: all [WARNING]: provided hosts list is empty, only localhost is available [WARNING]: Could not match supplied host pattern, ignoring: HOST1 PLAY [HOST1] skipping: no hosts matched On Thursday, February 22, 2018 at 4:26:38 PM UTC-5, marcalfa1 wrote: > > I have a firewall with about 50 rules and constantly growing. Is there a > way I can create a playbook to test whether a source host can connect to a > destination host on a specific port? > If that is possible I can create a playbook similar to my firewall rules > so next time we make a change to the firewall, I can quickly validate all > the rules using my ansible playbook. > Currently, my environment is Windows and Linux and telnet client is > installed/enabled on every host. > > > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/1ca09225-b469-4beb-b472-44b2e83154fb%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Firewall Rules Check with Ansible
I had a chance to check the wait_for module. Let say my ansible controller is HOST3 and I have two other VMs, let's call them HOST1 and HOST2. From my ansible controller (HOST3), can I create a playbook to check if HOST1 can connect to HOST2 over port 80? If that's possible, is there an example that shows how this playbook should look like. Thanks in advance. -mm On Thursday, February 22, 2018 at 5:00:54 PM UTC-5, Kai Stian Olstad wrote: > > On Thursday, 22 February 2018 22.26.38 CET marcalfa1 wrote: > > I have a firewall with about 50 rules and constantly growing. Is there a > > way I can create a playbook to test whether a source host can connect to > a > > destination host on a specific port? > > If that is possible I can create a playbook similar to my firewall rules > so > > next time we make a change to the firewall, I can quickly validate all > the > > rules using my ansible playbook. > > Currently, my environment is Windows and Linux and telnet client is > > installed/enabled on every host. > > Check out the wait_for module > https://docs.ansible.com/ansible/latest/wait_for_module.html > > -- > Kai Stian Olstad > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/abf7912b-c763-4f9e-a92a-1d58385b3577%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Firewall Rules Check with Ansible
On Thursday, February 22, 2018 at 4:26:38 PM UTC-5, marcalfa1 wrote: > > I have a firewall with about 50 rules and constantly growing. Is there a > way I can create a playbook to test whether a source host can connect to a > destination host on a specific port? > If that is possible I can create a playbook similar to my firewall rules > so next time we make a change to the firewall, I can quickly validate all > the rules using my ansible playbook. > Currently, my environment is Windows and Linux and telnet client is > installed/enabled on every host. > > > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/89b3d728-3914-49c5-80ea-6b5a59fb9b33%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Firewall Rules Check with Ansible
I have a firewall with about 50 rules and constantly growing. Is there a way I can create a playbook to test whether a source host can connect to a destination host on a specific port? If that is possible I can create a playbook similar to my firewall rules so next time we make a change to the firewall, I can quickly validate all the rules using my ansible playbook. Currently, my environment is Windows and Linux and telnet client is installed/enabled on every host. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2b9fa102-ab84-4b65-975f-0b359d35171f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] winrm or requests is not installed: No module named winrm
Has anyone properly documented the correct packages that needs to be
installed to manage a windows host?
ansible 2.4.1.0
config file = /etc/ansible/ansible.cfg
configured module search path =
[u'/home/vagrant/.ansible/plugins/modules',
u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.6/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.6.6 (r266:84292, Aug 18 2016, 15:13:37) [GCC 4.4.7
20120313 (Red Hat 4.4.7-17)]
WINHOST1 | FAILED! => {
"failed": true,
"msg": "winrm or requests is not installed: No module named winrm"
}
WINHOST2 | FAILED! => {
"failed": true,
"msg": "winrm or requests is not installed: No module named winrm"
}
WINHOST3 | FAILED! => {
"failed": true,
"msg": "winrm or requests is not installed: No module named winrm"
}
WINHOST4 | FAILED! => {
"failed": true,
"msg": "winrm or requests is not installed: No module named winrm"
}
[vagrant@localhost ~]$ sudo pip install paramiko PyYAML Jinja2 httplib2
DEPRECATION: Python 2.6 is no longer supported by the Python core team,
please upgrade your Python. A future version of pip will drop support for
Python 2.6
Requirement already satisfied: paramiko in /usr/lib/python2.6/site-packages
Requirement already satisfied: PyYAML in /usr/lib64/python2.6/site-packages
Requirement already satisfied: Jinja2 in
/usr/lib/python2.6/site-packages/Jinja2-2.6-py2.6.egg
Requirement already satisfied: httplib2 in /usr/lib/python2.6/site-packages
Requirement already satisfied: pycrypto>=1.9 in
/usr/lib64/python2.6/site-packages (from paramiko)
[vagrant@localhost ~]$ pip install "pywinrm>=0.1.1"
DEPRECATION: Python 2.6 is no longer supported by the Python core team,
please upgrade your Python. A future version of pip will drop support for
Python 2.6
Collecting pywinrm>=0.1.1
/usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:318:
SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject
Name Indication)
extension to TLS is not available on this platform. This may cause the
server to present an incorrect TLS certificate, which can cause validation
failures. You can upgrade to a
newer version of Python to solve this. For more information, see
https://urllib3.readthedocs.io/en/latest/security.html#snimissingwarning.
SNIMissingWarning
/usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:122:
InsecurePlatformWarning: A true SSLContext object is not available. This
prevents
urllib3 from configuring SSL appropriately and may cause certain SSL
connections to fail. You can upgrade to a newer version of Python to solve
this. For more information, see
https://urllib3.readthedocs.io/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
Using cached pywinrm-0.2.2-py2.py3-none-any.whl
Requirement already satisfied: requests>=2.9.1 in
/usr/lib/python2.6/site-packages (from pywinrm>=0.1.1)
Requirement already satisfied: xmltodict in
/usr/lib/python2.6/site-packages (from pywinrm>=0.1.1)
Requirement already satisfied: six in /usr/lib/python2.6/site-packages
(from pywinrm>=0.1.1)
Collecting requests-ntlm>=0.3.0 (from pywinrm>=0.1.1)
Using cached requests_ntlm-1.1.0-py2.py3-none-any.whl
Requirement already satisfied: chardet<3.1.0,>=3.0.2 in
/usr/lib/python2.6/site-packages (from requests>=2.9.1->pywinrm>=0.1.1)
Requirement already satisfied: certifi>=2017.4.17 in
/usr/lib/python2.6/site-packages (from requests>=2.9.1->pywinrm>=0.1.1)
Requirement already satisfied: urllib3<1.23,>=1.21.1 in
/usr/lib/python2.6/site-packages (from requests>=2.9.1->pywinrm>=0.1.1)
Requirement already satisfied: idna<2.7,>=2.5 in
/usr/lib/python2.6/site-packages (from requests>=2.9.1->pywinrm>=0.1.1)
Collecting cryptography>=1.3 (from requests-ntlm>=0.3.0->pywinrm>=0.1.1)
Using cached cryptography-2.1.4.tar.gz
Complete output from command python setup.py egg_info:
error in cryptography setup command: Invalid environment marker:
platform_python_implementation != 'PyPy'
Command "python setup.py egg_info" failed with error code 1 in
/tmp/pip-build-U09GmM/cryptography/
[vagrant@localhost ~]$
[vagrant@localhost ~]$ pip install
http://github.com/diyan/pywinrm/archive/master.zip#egg=pywinrm
DEPRECATION: Python 2.6 is no longer supported by the Python core team,
please upgrade your Python. A future version of pip will drop support for
Python 2.6
Collecting pywinrm from
http://github.com/diyan/pywinrm/archive/master.zip#egg=pywinrm
/usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:318:
SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject
Name Indication)
extension to TLS is not available on this platform. This may cause the
server to present an incorrect TLS certificate, which can cause validation
failures. You can upgrade to a
newer version
[ansible-project] Re: win_shell - What's the proper way to use a command with a flag in ansible playbook or adhoc command.
Jordan,
The solutions you've provided worked out fine. I ended up using *win_shell*
module simply because I was not able to pass *%computername%* variable in
win_find patterns. I'm a beginner and ready to tackle regex :-)
I really appreciate your help. Also, by any chance the values in
results.stdout_lines can be used in combication with the archive module to
tar the files in result?
Thanks in advance.
*- hosts: all gather_facts: yes tasks: - win_shell: dir /b
C:\Temp\*%computername%* args:executable: cmd register:
results - debug: var: results.stdout_lines - name: get the
files fetch: src: "C:/Temp/{{ item }}" dest:
/home/vagrant/win-script-result/ flat: yes with_items: "{{
results.stdout_lines }}"*
On Wednesday, October 11, 2017 at 9:13:28 PM UTC-4, Jordan Borean wrote:
>
> Your indent for with_items is incorrect, it should be set on the task
> level and not module level, so
>
> - name: get the files
> fetch:
> src: "C:/Temp/{{ item }}"
> dest: /home/vagrant/win-script-result/
> flat: yes
> with_items: "{{ results.stdout_lines }}"
>
> I would also highly recommend swapping over to the win_find module instead
> of running that command. It gives you more control over what to find as you
> can add multiple regex strings to search and gives you room to expand in
> the future. This is what it would look like;
>
> - name: find tar files
> win_find:
> paths: C:\temp
> file_type: file
> patterns: '*.tar'
> register: tar_files
>
>
> - name: fetch tar files
> fetch:
> src: '{{ item.path }}'
> dest: /home/vagrant/win-script-result/
> flat: yes
> with_items: '{{ tar_files.files }}'
>
> Both paths and patterns can take in a list so you can specify multiple
> paths and patterns instead of running separate tasks. It also gives you the
> ability to use regex if you really feel like hurting yourself :)
>
> Thanks
>
> Jordan
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/20cb9d94-29d3-4a03-a064-d50b7ad065ba%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: win_shell - What's the proper way to use a command with a flag in ansible playbook or adhoc command.
Jordan,
Thanks a million. I was able to get the output I'm looking for. Now that
have the list of files in my C:\Temp, how do I fetch those files to my
ansible controller host? Here's an example I have so far but failing at
one section.
*- hosts: all gather_facts: yes tasks: - win_shell: dir /b
C:\Temp\*.tar args:executable: cmd register: results -
debug: var: results.stdout_lines - name: get the files
fetch: src: "C:/Temp/{{ item }}" dest:
/home/vagrant/win-script-result/ flat: yes with_items: "{{
results.stdout_lines }}"*
TASK [Gathering Facts]
**
ok: [SV1]
ok: [SV2]
TASK [win_shell]
changed: [SV1]
changed: [SV2]
TASK [debug]
ok: [SV1] => {
"results.stdout_lines": [
"1709051418.tar",
"1709051525.tar",
"1709052115.tar"
]
}
ok: [SV2] => {
"results.stdout_lines": [
"1709051421.tar",
"1709051527.tar",
"1709052107.tar"
]
}
TASK [get the files]
fatal: [SV1]: FAILED! => {"failed": true, "msg": "the field 'args' has an
invalid value, which appears to include a variable that is undefined. The
error was: 'item' is undefined\n\nThe error appears to have been in
'/home/vagrant/ansible/find-copy-test.yml': line 12, column 6, but may\nbe
elsewhere in the file depending on the exact syntax problem.\n\nThe
offending line appears to be:\n\n\n - name: get the files\n ^ here\n"}
fatal: [SV2]: FAILED! => {"failed": true, "msg": "the field 'args' has an
invalid value, which appears to include a variable that is undefined. The
error was: 'item' is undefined\n\nThe error appears to have been in
'/home/vagrant/ansible/find-copy-test.yml': line 12, column 6, but may\nbe
elsewhere in the file depending on the exact syntax problem.\n\nThe
offending line appears to be:\n\n\n - name: get the files\n ^ here\n"}
to retry, use: --limit @/home/vagrant/ansible/find-copy-test.retry
On Wednesday, October 11, 2017 at 4:32:06 PM UTC-4, marcalfa1 wrote:
>
>
> Trying to "dir /b c:\Temp" using a playbook or via adhoc and getting the
> error message below. It seems to have a problem with "/b" in "Dir /b
> C:\Temp"
>
>
>
>
>
>
>
> *- hosts: all gather_facts: yes tasks: - win_shell: dir /b C:\Temp*
>
> FAILED! => {"changed": true, "cmd": "dir /b C:\\Temp", "delta":
> "0:00:00.839042", "end": "2017-10-11 08:22:02.820065", "failed": true,
> "rc": 1, "start": "2017-10-11 08:22:01.981022", "stderr": "dir : Cannot
> find path 'C:\\b' because it does not exist.\r\nAt line:1 char:65\r\n+
> [Console]::InputEncoding = New-Object Text.UTF8Encoding $false; dir /b
> \r\nC:\\Temp\r\n+
>
> \r\n~~\r\n+ CategoryInfo : ObjectNotFound:
> (C:\\b:String) [Get-ChildItem], I \r\n temNotFoundException\r\n+
> FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetCh
> \r\n ildItemCommand", "stderr_lines": ["dir : Cannot find path 'C:\\b'
> because it does not exist.", "At line:1 char:65", "+
> [Console]::InputEncoding = New-Object Text.UTF8Encoding $false; dir /b ",
> "C:\\Temp",
> "+ ",
> "~~", "+ CategoryInfo
[ansible-project] win_shell - What's the proper way to use a command with a flag in ansible playbook or adhoc command.
Trying to "dir /b c:\Temp" using a playbook or via adhoc and getting the
error message below. It seems to have a problem with "/b" in "Dir /b
C:\Temp"
*- hosts: all gather_facts: yes tasks: - win_shell: dir /b C:\Temp*
FAILED! => {"changed": true, "cmd": "dir /b C:\\Temp", "delta":
"0:00:00.839042", "end": "2017-10-11 08:22:02.820065", "failed": true,
"rc": 1, "start": "2017-10-11 08:22:01.981022", "stderr": "dir : Cannot
find path 'C:\\b' because it does not exist.\r\nAt line:1 char:65\r\n+
[Console]::InputEncoding = New-Object Text.UTF8Encoding $false; dir /b
\r\nC:\\Temp\r\n+
\r\n~~\r\n+ CategoryInfo : ObjectNotFound:
(C:\\b:String) [Get-ChildItem], I \r\n temNotFoundException\r\n+
FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetCh
\r\n ildItemCommand", "stderr_lines": ["dir : Cannot find path 'C:\\b'
because it does not exist.", "At line:1 char:65", "+
[Console]::InputEncoding = New-Object Text.UTF8Encoding $false; dir /b ",
"C:\\Temp",
"+ ",
"~~", "+ CategoryInfo : ObjectNotFound:
(C:\\b:String) [Get-ChildItem], I ", " temNotFoundException", "+
FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetCh ",
" ildItemCommand"], "stdout": "", "stdout_lines": []}
*ansible -i poc-win all -m raw -a "dir /b C:\Temp"*
| FAILED | rc=1 >>
*dir : Cannot find path 'C:\b' because it does not exist*.
At line:1 char:1
+ dir /b C:\Temp
+ ~~
+ CategoryInfo : ObjectNotFound: (C:\b:String)
[Get-ChildItem], I
temNotFoundException
+ FullyQualifiedErrorId :
PathNotFound,Microsoft.PowerShell.Commands.GetCh
ildItemCommand
*ansible -i poc-win all -m win_shell -a "dir /b C:\Temp"*
| FAILED | rc=1 >>
dir : Cannot find path 'C:\b' because it does not exist.
At line:1 char:65
+ [Console]::InputEncoding = New-Object Text.UTF8Encoding $false; dir /b
C:\Temp
+
~~
+ CategoryInfo : ObjectNotFound: (C:\b:String)
[Get-ChildItem], I
temNotFoundException
+ FullyQualifiedErrorId :
PathNotFound,Microsoft.PowerShell.Commands.GetCh
ildItemCommand
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/90ce07ed-a116-4d9d-a138-600d6dc8ba0c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Find and Fetch Files on Windows Hosts to Ansible Controller
I'm trying to find a few file patterns from a few windows hosts and copy
those files to my ansible controller. Can some help me with the error
message below. I can't seem to figure out what I'm doing wrong.
ERROR! Syntax Error while loading YAML.
The error appears to have been in
'/home/vagrant/ansible/test-win-find.yml': line 14, column 6, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
flat: yes
with_items:
^ here
---
- hosts: all
tasks:
- win_find:
paths: C:\Temp
patterns: ['*.log', '*.out', '*.tar', '*.scmd']
register: files_to_copy
- fetch:
src: C:\Temp\{{ item }}
dest: /home/testuser1/remote-files/
flat: yes
with_items:
- "{{ files_to_copy.stdout_lines }}"
ansible 2.3.1.0
config file = /etc/ansible/ansible.cfg
configured module search path = Default w/o overrides
python version = 2.6.6 (r266:84292, Aug 18 2016, 15:13:37) [GCC 4.4.7
20120313 (Red Hat 4.4.7-17)]
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/71af4ed5-f336-4415-b500-ae5e716470bc%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] win_find: What am I doing wrong here? I'm following the exact syntax from ansible document
*ERROR! 'paths' is not a valid attribute for a Task* *The error appears to have been in '/home/vagrant/ansible/win-find.yml': line 6, column 5, but maybe elsewhere in the file depending on the exact syntax problem.* *The offending line appears to be:* * - win_find:^ here* [vm1 ansible]$ ansible --version ansible 2.3.1.0 config file = /etc/ansible/ansible.cfg configured module search path = Default w/o overrides python version = 2.6.6 (r266:84292, Aug 18 2016, 15:13:37) [GCC 4.4.7 20120313 (Red Hat 4.4.7-17)] [vm1 ansible]$ cat win-find.yml --- - hosts: all tasks: - win_find: paths: C:\Temp patterns: ['*.log', '*.out'] [vm1 ansible]$ -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/092831f5-13cd-4901-8f09-b97888270515%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
