【发布时间】:2016-10-25 20:03:12
【问题描述】:
我已经在我的 Linux (14.04) 工作站上安装了 Ansible,以及 Python (2.7.6)、ansible (2.3.0)、pywinrm (0.2.1)。我想使用 Ansible 来配置我的 Windows 虚拟机。我在 Azure 中有一个 Windows VM (Win2k12r2)。我已打开 Azure 网络安全组中的所有端口,并且已在 Windows 防火墙中为 WinRM(5985 和 5986)打开端口。
我还在我的 Windows VM 中运行了位于 https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1 的脚本,以确保启用 WinRM。
我能够 RDP 进入 Windows 虚拟机,所以我知道它的公共网络接口正在工作。
根据 ansible 文档 (http://docs.ansible.com/ansible/intro_windows.html),我有一个库存文件 inventory/test1
[windows]
<azure_ip_address>
我有一个文件 group_vars/windows.yml
ansible_user: <my_user_id>
ansible_password: <azure_vm_password>
ansible_port: 5986
ansible_connection: winrm
# The following is necessary for Python 2.7.9+ when using default WinRM self-signed certificates:
ansible_winrm_server_cert_validation: ignore
ansible_winrm_scheme: https
当我运行命令时:
ansible windows -i inventories/test1 -m win_ping --ask-vault-pass -vvvvv
我收到以下回复:
No config file found; using defaults
Vault password:
Loading callback plugin minimal of type stdout, v2.0 from /home/jgodse/ansible/lib/ansible/plugins/callback/__init__.pyc
Using module file /home/jgodse/ansible/lib/ansible/modules/core/windows/win_ping.ps1
<azure_vm_ip_address> ESTABLISH SSH CONNECTION FOR USER: None
<azure_vm_ip_address> SSH: ansible.cfg set ssh_args: (-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s)
<azure_vm_ip_address> SSH: ansible_password/ansible_ssh_pass not set: (-o) (KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no)
<azure_vm_ip_address> SSH: ANSIBLE_TIMEOUT/timeout set: (-o)(ConnectTimeout=10)
<azure_vm_ip_address> SSH: PlayContext set ssh_common_args: ()
<azure_vm_ip_address> SSH: PlayContext set ssh_extra_args: ()
<azure_vm_ip_address> SSH: found only ControlPersist; added ControlPath: (-o)(ControlPath=/home/jgodse/.ansible/cp/ansible-ssh-%h-%p-%r)
<azure_vm_ip_address> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/jgodse/.ansible/cp/ansible-ssh-%h-%p-%r <azure_vm_ip_address> '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1477490434.84-228998637685624 `" && echo ansible-tmp-1477490434.84-228998637685624="` echo $HOME/.ansible/tmp/ansible-tmp-1477490434.84-228998637685624 `" ) && sleep 0'"'"''
<azure_vm_ip_address> | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: Applying options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: Control socket \"/home/jgodse/.ansible/cp/ansible-ssh-<azure_vm_ip_address>-22-jgodse\" does not exist\r\ndebug2: ssh_connect: needpriv 0\r\ndebug1: Connecting to <azure_vm_ip_address> [<azure_vm_ip_address>] port 22.\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: connect to address <azure_vm_ip_address> port 22: Connection timed out\r\nssh: connect to host <azure_vm_ip_address> port 22: Connection timed out\r\n",
"unreachable": true
}
我尝试通过以下方式远程登录到机器:
$ telnet <azure_vm_ip_address> 5986
Trying <azure_vm_ip_address>...
Connected to <azure_vm_ip_address>.
Escape character is '^]'.
这告诉我 telnet 工作到 5986,因此我的防火墙规则没问题。
我是否必须做一些事情来告诉 Ansible 我正在尝试使用 WinRM 连接到 Windows VM?还是我缺少一些东西来帮助我的 Ansible 工作站通过 WinRM 连接到我的 Windows VM?
【问题讨论】:
-
嗯,你按照你链接的文章配置windows了吗?
-
是的。我知道是因为 Windows 远程管理 (WS-Management) 服务已启动并正在运行。
-
尝试psremote进入它?
-
可以连接5986端口开始吗?
-
你写的是你在 Linux 上工作,对吧?最简单:
telnet <azure_ip_address> 5986它将连接或超时。如果它使用转义字符连接退出或完全关闭您的 bash。如果超时,则表示您遇到了与 Ansible 无关的网络连接问题。
标签: windows azure ansible winrm