[ansible-project] Using the wait_for module to check ports from one windows host to another windows host
Not sure if i'm using the wait_for module correctly on two windows host. I'm getting the error below when trying to check if a port is open from a source windows host to a target windows host. Wondering if i'm using the module correctly or if this even possible when both hosts are windows. I've tried the same playbook on two unix host and it worked. --- - hosts: win-host1 tasks: - wait_for: host: 192.168.70.13 port: 9443 timeout: 10 ignore_errors: true register: result - debug: var=result PLAY [win-host1] *** TASK [Gathering Facts] *** ok: [win-host1] TASK [wait_for] ** [WARNING]: FATAL ERROR DURING FILE TRANSFER: Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/ansible/plugins/connection/winrm.py", line 276, in _winrm_exec self._winrm_send_input(self.protocol, self.shell_id, command_id, data, eof=is_last) File "/usr/lib/python2.6/site-packages/ansible/plugins/connection/winrm.py", line 256, in _winrm_send_input protocol.send_message(xmltodict.unparse(rq)) File "/usr/lib/python2.6/site-packages/winrm/protocol.py", line 207, in send_message return self.transport.send_message(message) File "/usr/lib/python2.6/site-packages/winrm/transport.py", line 202, in send_message raise WinRMTransportError('http', error_message) WinRMTransportError: (u'http', u'Bad HTTP response returned from server. Code 500') fatal: [win-host1]: FAILED! => {"msg": "winrm send_input failed"} ...ignoring TASK [debug] * ok: [win-host1] => { "result": { "failed": true, "msg": "winrm send_input failed" } } PLAY RECAP *** win-host1: ok=3changed=0unreachable=0failed=0 -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/fcbc0bdf-424b-41ce-a69c-9cfff16c72fd%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Firewall Rules Check with Ansible
I tried your example and getting the following result. Is an inventory file needed since all the hosts being defined in the playbook? [WARNING]: Could not match supplied host pattern, ignoring: all [WARNING]: provided hosts list is empty, only localhost is available [WARNING]: Could not match supplied host pattern, ignoring: HOST1 PLAY [HOST1] skipping: no hosts matched On Thursday, February 22, 2018 at 4:26:38 PM UTC-5, marcalfa1 wrote: > > I have a firewall with about 50 rules and constantly growing. Is there a > way I can create a playbook to test whether a source host can connect to a > destination host on a specific port? > If that is possible I can create a playbook similar to my firewall rules > so next time we make a change to the firewall, I can quickly validate all > the rules using my ansible playbook. > Currently, my environment is Windows and Linux and telnet client is > installed/enabled on every host. > > > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/1ca09225-b469-4beb-b472-44b2e83154fb%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Firewall Rules Check with Ansible
I had a chance to check the wait_for module. Let say my ansible controller is HOST3 and I have two other VMs, let's call them HOST1 and HOST2. From my ansible controller (HOST3), can I create a playbook to check if HOST1 can connect to HOST2 over port 80? If that's possible, is there an example that shows how this playbook should look like. Thanks in advance. -mm On Thursday, February 22, 2018 at 5:00:54 PM UTC-5, Kai Stian Olstad wrote: > > On Thursday, 22 February 2018 22.26.38 CET marcalfa1 wrote: > > I have a firewall with about 50 rules and constantly growing. Is there a > > way I can create a playbook to test whether a source host can connect to > a > > destination host on a specific port? > > If that is possible I can create a playbook similar to my firewall rules > so > > next time we make a change to the firewall, I can quickly validate all > the > > rules using my ansible playbook. > > Currently, my environment is Windows and Linux and telnet client is > > installed/enabled on every host. > > Check out the wait_for module > https://docs.ansible.com/ansible/latest/wait_for_module.html > > -- > Kai Stian Olstad > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/abf7912b-c763-4f9e-a92a-1d58385b3577%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Firewall Rules Check with Ansible
On Thursday, February 22, 2018 at 4:26:38 PM UTC-5, marcalfa1 wrote: > > I have a firewall with about 50 rules and constantly growing. Is there a > way I can create a playbook to test whether a source host can connect to a > destination host on a specific port? > If that is possible I can create a playbook similar to my firewall rules > so next time we make a change to the firewall, I can quickly validate all > the rules using my ansible playbook. > Currently, my environment is Windows and Linux and telnet client is > installed/enabled on every host. > > > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/89b3d728-3914-49c5-80ea-6b5a59fb9b33%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Firewall Rules Check with Ansible
I have a firewall with about 50 rules and constantly growing. Is there a way I can create a playbook to test whether a source host can connect to a destination host on a specific port? If that is possible I can create a playbook similar to my firewall rules so next time we make a change to the firewall, I can quickly validate all the rules using my ansible playbook. Currently, my environment is Windows and Linux and telnet client is installed/enabled on every host. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2b9fa102-ab84-4b65-975f-0b359d35171f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] winrm or requests is not installed: No module named winrm
Has anyone properly documented the correct packages that needs to be installed to manage a windows host? ansible 2.4.1.0 config file = /etc/ansible/ansible.cfg configured module search path = [u'/home/vagrant/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.6/site-packages/ansible executable location = /usr/bin/ansible python version = 2.6.6 (r266:84292, Aug 18 2016, 15:13:37) [GCC 4.4.7 20120313 (Red Hat 4.4.7-17)] WINHOST1 | FAILED! => { "failed": true, "msg": "winrm or requests is not installed: No module named winrm" } WINHOST2 | FAILED! => { "failed": true, "msg": "winrm or requests is not installed: No module named winrm" } WINHOST3 | FAILED! => { "failed": true, "msg": "winrm or requests is not installed: No module named winrm" } WINHOST4 | FAILED! => { "failed": true, "msg": "winrm or requests is not installed: No module named winrm" } [vagrant@localhost ~]$ sudo pip install paramiko PyYAML Jinja2 httplib2 DEPRECATION: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of pip will drop support for Python 2.6 Requirement already satisfied: paramiko in /usr/lib/python2.6/site-packages Requirement already satisfied: PyYAML in /usr/lib64/python2.6/site-packages Requirement already satisfied: Jinja2 in /usr/lib/python2.6/site-packages/Jinja2-2.6-py2.6.egg Requirement already satisfied: httplib2 in /usr/lib/python2.6/site-packages Requirement already satisfied: pycrypto>=1.9 in /usr/lib64/python2.6/site-packages (from paramiko) [vagrant@localhost ~]$ pip install "pywinrm>=0.1.1" DEPRECATION: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of pip will drop support for Python 2.6 Collecting pywinrm>=0.1.1 /usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:318: SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#snimissingwarning. SNIMissingWarning /usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:122: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#insecureplatformwarning. InsecurePlatformWarning Using cached pywinrm-0.2.2-py2.py3-none-any.whl Requirement already satisfied: requests>=2.9.1 in /usr/lib/python2.6/site-packages (from pywinrm>=0.1.1) Requirement already satisfied: xmltodict in /usr/lib/python2.6/site-packages (from pywinrm>=0.1.1) Requirement already satisfied: six in /usr/lib/python2.6/site-packages (from pywinrm>=0.1.1) Collecting requests-ntlm>=0.3.0 (from pywinrm>=0.1.1) Using cached requests_ntlm-1.1.0-py2.py3-none-any.whl Requirement already satisfied: chardet<3.1.0,>=3.0.2 in /usr/lib/python2.6/site-packages (from requests>=2.9.1->pywinrm>=0.1.1) Requirement already satisfied: certifi>=2017.4.17 in /usr/lib/python2.6/site-packages (from requests>=2.9.1->pywinrm>=0.1.1) Requirement already satisfied: urllib3<1.23,>=1.21.1 in /usr/lib/python2.6/site-packages (from requests>=2.9.1->pywinrm>=0.1.1) Requirement already satisfied: idna<2.7,>=2.5 in /usr/lib/python2.6/site-packages (from requests>=2.9.1->pywinrm>=0.1.1) Collecting cryptography>=1.3 (from requests-ntlm>=0.3.0->pywinrm>=0.1.1) Using cached cryptography-2.1.4.tar.gz Complete output from command python setup.py egg_info: error in cryptography setup command: Invalid environment marker: platform_python_implementation != 'PyPy' Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-U09GmM/cryptography/ [vagrant@localhost ~]$ [vagrant@localhost ~]$ pip install http://github.com/diyan/pywinrm/archive/master.zip#egg=pywinrm DEPRECATION: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of pip will drop support for Python 2.6 Collecting pywinrm from http://github.com/diyan/pywinrm/archive/master.zip#egg=pywinrm /usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:318: SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. You can upgrade to a newer version
[ansible-project] Re: win_shell - What's the proper way to use a command with a flag in ansible playbook or adhoc command.
Jordan, The solutions you've provided worked out fine. I ended up using *win_shell* module simply because I was not able to pass *%computername%* variable in win_find patterns. I'm a beginner and ready to tackle regex :-) I really appreciate your help. Also, by any chance the values in results.stdout_lines can be used in combication with the archive module to tar the files in result? Thanks in advance. *- hosts: all gather_facts: yes tasks: - win_shell: dir /b C:\Temp\*%computername%* args:executable: cmd register: results - debug: var: results.stdout_lines - name: get the files fetch: src: "C:/Temp/{{ item }}" dest: /home/vagrant/win-script-result/ flat: yes with_items: "{{ results.stdout_lines }}"* On Wednesday, October 11, 2017 at 9:13:28 PM UTC-4, Jordan Borean wrote: > > Your indent for with_items is incorrect, it should be set on the task > level and not module level, so > > - name: get the files > fetch: > src: "C:/Temp/{{ item }}" > dest: /home/vagrant/win-script-result/ > flat: yes > with_items: "{{ results.stdout_lines }}" > > I would also highly recommend swapping over to the win_find module instead > of running that command. It gives you more control over what to find as you > can add multiple regex strings to search and gives you room to expand in > the future. This is what it would look like; > > - name: find tar files > win_find: > paths: C:\temp > file_type: file > patterns: '*.tar' > register: tar_files > > > - name: fetch tar files > fetch: > src: '{{ item.path }}' > dest: /home/vagrant/win-script-result/ > flat: yes > with_items: '{{ tar_files.files }}' > > Both paths and patterns can take in a list so you can specify multiple > paths and patterns instead of running separate tasks. It also gives you the > ability to use regex if you really feel like hurting yourself :) > > Thanks > > Jordan > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/20cb9d94-29d3-4a03-a064-d50b7ad065ba%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: win_shell - What's the proper way to use a command with a flag in ansible playbook or adhoc command.
Jordan, Thanks a million. I was able to get the output I'm looking for. Now that have the list of files in my C:\Temp, how do I fetch those files to my ansible controller host? Here's an example I have so far but failing at one section. *- hosts: all gather_facts: yes tasks: - win_shell: dir /b C:\Temp\*.tar args:executable: cmd register: results - debug: var: results.stdout_lines - name: get the files fetch: src: "C:/Temp/{{ item }}" dest: /home/vagrant/win-script-result/ flat: yes with_items: "{{ results.stdout_lines }}"* TASK [Gathering Facts] ** ok: [SV1] ok: [SV2] TASK [win_shell] changed: [SV1] changed: [SV2] TASK [debug] ok: [SV1] => { "results.stdout_lines": [ "1709051418.tar", "1709051525.tar", "1709052115.tar" ] } ok: [SV2] => { "results.stdout_lines": [ "1709051421.tar", "1709051527.tar", "1709052107.tar" ] } TASK [get the files] fatal: [SV1]: FAILED! => {"failed": true, "msg": "the field 'args' has an invalid value, which appears to include a variable that is undefined. The error was: 'item' is undefined\n\nThe error appears to have been in '/home/vagrant/ansible/find-copy-test.yml': line 12, column 6, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n - name: get the files\n ^ here\n"} fatal: [SV2]: FAILED! => {"failed": true, "msg": "the field 'args' has an invalid value, which appears to include a variable that is undefined. The error was: 'item' is undefined\n\nThe error appears to have been in '/home/vagrant/ansible/find-copy-test.yml': line 12, column 6, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n - name: get the files\n ^ here\n"} to retry, use: --limit @/home/vagrant/ansible/find-copy-test.retry On Wednesday, October 11, 2017 at 4:32:06 PM UTC-4, marcalfa1 wrote: > > > Trying to "dir /b c:\Temp" using a playbook or via adhoc and getting the > error message below. It seems to have a problem with "/b" in "Dir /b > C:\Temp" > > > > > > > > *- hosts: all gather_facts: yes tasks: - win_shell: dir /b C:\Temp* > > FAILED! => {"changed": true, "cmd": "dir /b C:\\Temp", "delta": > "0:00:00.839042", "end": "2017-10-11 08:22:02.820065", "failed": true, > "rc": 1, "start": "2017-10-11 08:22:01.981022", "stderr": "dir : Cannot > find path 'C:\\b' because it does not exist.\r\nAt line:1 char:65\r\n+ > [Console]::InputEncoding = New-Object Text.UTF8Encoding $false; dir /b > \r\nC:\\Temp\r\n+ > > \r\n~~\r\n+ CategoryInfo : ObjectNotFound: > (C:\\b:String) [Get-ChildItem], I \r\n temNotFoundException\r\n+ > FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetCh > \r\n ildItemCommand", "stderr_lines": ["dir : Cannot find path 'C:\\b' > because it does not exist.", "At line:1 char:65", "+ > [Console]::InputEncoding = New-Object Text.UTF8Encoding $false; dir /b ", > "C:\\Temp", > "+ ", > "~~", "+ CategoryInfo
[ansible-project] win_shell - What's the proper way to use a command with a flag in ansible playbook or adhoc command.
Trying to "dir /b c:\Temp" using a playbook or via adhoc and getting the error message below. It seems to have a problem with "/b" in "Dir /b C:\Temp" *- hosts: all gather_facts: yes tasks: - win_shell: dir /b C:\Temp* FAILED! => {"changed": true, "cmd": "dir /b C:\\Temp", "delta": "0:00:00.839042", "end": "2017-10-11 08:22:02.820065", "failed": true, "rc": 1, "start": "2017-10-11 08:22:01.981022", "stderr": "dir : Cannot find path 'C:\\b' because it does not exist.\r\nAt line:1 char:65\r\n+ [Console]::InputEncoding = New-Object Text.UTF8Encoding $false; dir /b \r\nC:\\Temp\r\n+ \r\n~~\r\n+ CategoryInfo : ObjectNotFound: (C:\\b:String) [Get-ChildItem], I \r\n temNotFoundException\r\n+ FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetCh \r\n ildItemCommand", "stderr_lines": ["dir : Cannot find path 'C:\\b' because it does not exist.", "At line:1 char:65", "+ [Console]::InputEncoding = New-Object Text.UTF8Encoding $false; dir /b ", "C:\\Temp", "+ ", "~~", "+ CategoryInfo : ObjectNotFound: (C:\\b:String) [Get-ChildItem], I ", " temNotFoundException", "+ FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetCh ", " ildItemCommand"], "stdout": "", "stdout_lines": []} *ansible -i poc-win all -m raw -a "dir /b C:\Temp"* | FAILED | rc=1 >> *dir : Cannot find path 'C:\b' because it does not exist*. At line:1 char:1 + dir /b C:\Temp + ~~ + CategoryInfo : ObjectNotFound: (C:\b:String) [Get-ChildItem], I temNotFoundException + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetCh ildItemCommand *ansible -i poc-win all -m win_shell -a "dir /b C:\Temp"* | FAILED | rc=1 >> dir : Cannot find path 'C:\b' because it does not exist. At line:1 char:65 + [Console]::InputEncoding = New-Object Text.UTF8Encoding $false; dir /b C:\Temp + ~~ + CategoryInfo : ObjectNotFound: (C:\b:String) [Get-ChildItem], I temNotFoundException + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetCh ildItemCommand -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/90ce07ed-a116-4d9d-a138-600d6dc8ba0c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Find and Fetch Files on Windows Hosts to Ansible Controller
I'm trying to find a few file patterns from a few windows hosts and copy those files to my ansible controller. Can some help me with the error message below. I can't seem to figure out what I'm doing wrong. ERROR! Syntax Error while loading YAML. The error appears to have been in '/home/vagrant/ansible/test-win-find.yml': line 14, column 6, but may be elsewhere in the file depending on the exact syntax problem. The offending line appears to be: flat: yes with_items: ^ here --- - hosts: all tasks: - win_find: paths: C:\Temp patterns: ['*.log', '*.out', '*.tar', '*.scmd'] register: files_to_copy - fetch: src: C:\Temp\{{ item }} dest: /home/testuser1/remote-files/ flat: yes with_items: - "{{ files_to_copy.stdout_lines }}" ansible 2.3.1.0 config file = /etc/ansible/ansible.cfg configured module search path = Default w/o overrides python version = 2.6.6 (r266:84292, Aug 18 2016, 15:13:37) [GCC 4.4.7 20120313 (Red Hat 4.4.7-17)] -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/71af4ed5-f336-4415-b500-ae5e716470bc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] win_find: What am I doing wrong here? I'm following the exact syntax from ansible document
*ERROR! 'paths' is not a valid attribute for a Task* *The error appears to have been in '/home/vagrant/ansible/win-find.yml': line 6, column 5, but maybe elsewhere in the file depending on the exact syntax problem.* *The offending line appears to be:* * - win_find:^ here* [vm1 ansible]$ ansible --version ansible 2.3.1.0 config file = /etc/ansible/ansible.cfg configured module search path = Default w/o overrides python version = 2.6.6 (r266:84292, Aug 18 2016, 15:13:37) [GCC 4.4.7 20120313 (Red Hat 4.4.7-17)] [vm1 ansible]$ cat win-find.yml --- - hosts: all tasks: - win_find: paths: C:\Temp patterns: ['*.log', '*.out'] [vm1 ansible]$ -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/092831f5-13cd-4901-8f09-b97888270515%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.