Ansible Tower stuck on "Host verification"

[Andres Ivanov]

Hello,

I'm trying to learn Ansible and started with installing Ansible with Tower UI.

Tried simple "Helloworld" echo task that fails on Tower but works manually through ansible-playbook.

I need to connect to Host through ProxyCommand so my playbook configuration looks like this:

• Helloworld
• ansible.cfg
• ssh.config
• helloworld.yml

In ansible.cfg:

"[ssh_connection]

ssh_args = -F ssh.config -o ControlPersist=15m -o ControlMaster=auto -o UserKnownHostsFile=/dev/null

control_path = %(directory)s/%%h-%%r

[defaults]

system_errors = false

hostfile = /etc/ansible/hosts

library = /usr/share/ansible

host_key_checking = False

ask_sudo_pass = False

pattern = *

timeout = 10

poll_interval = 15"

In ssh.config:

"Host x.x.x.50

        User user

        ProxyCommand ssh us...@x.x.x.60 nc %h %p

        StrictHostKeyChecking no

        UserKnownHostsFile=/dev/null

Host x.x.x.60

        User user

        ProxyCommand none

        StrictHostKeyChecking no

        UserKnownHostsFile=/dev/null"

Playbook is a simple echo with a user "user". Running manually ansible-playbook or ansible ping works fine on both hosts and it successfully hops to x.x.x.50. However on Tower it works on single x.60 server but gets stuck on x.50.

Stuck on x.50:

"<x.x.x.50> REMOTE_MODULE setup

<x.x.x.50> EXEC ssh -C -tt -v -F ssh.config -o ControlPersist=15m -o ControlMaster=auto -o UserKnownHostsFile=/dev/null -o ControlPath="/tmp/ansible_tower_5VA1fm/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=user -o ConnectTimeout=10 x.x.x.50 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1432108998.93-90931163714921 && chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1432108998.93-90931163714921 && echo $HOME/.ansible/tmp/ansible-tmp-1432108998.93-90931163714921' EXEC previous known host file not found for x.x.x.50 The authenticity of host 'x.x.x.60 (x.x.x.60)' can't be established.. Are you sure you want to continue connecting (yes/no)?"

Only difference i see is that manually running ansible-playbook uses different ControlPath. I've also tried putting custom ControlPaths even setting it in ssh_args manually and it changes fine when running ansible-playbook manually, but in Tower the path always stays the same tmp/.. path.

Can anyone help me figure out what could be the problem? Is the problem that Tower is using tmp/ for ControlPath and it's not persistant before running ProxyCommand? Any ideas how to fix it?

[Timothy Gerla]

Hi Andres,

Can you email sup...@ansible.com with your issue? We'll be happy to help. This mailing list is primarily for Ansible open source support only, but we can help you with Tower questions directly. Thanks!

-Tim

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/d34462d0-cc9b-43dd-9b01-bc2534c08980%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Aaron Zuehlke]

I had a similar issue.  Make sure you have exec rights in tmp

[Aaron Zuehlke]

I had a similar issue.  Make sure you have exec rights in tmp