Re: [ansible-project] Couldn't read packet: Connection reset by peer
4,588 views
Skip to first unread message
Michael DeHaan
Feb 18, 2013, 7:50:43 AM2/18/13
to ansible...@googlegroups.com
Shouldn't have anything to do with the contents of the playbook.
If you're using -c paramiko, can you try with -c ssh to see if that
makes a difference? Check ports, see if you can SSH in normally,
see if you really want to connect as root, etc?
On Mon, Feb 18, 2013 at 5:56 AM, <kavitha...@gmail.com> wrote:
> Hi
>
> I am trying to find if a package is installed using playbook
> ---
> - hosts: workstations
>
> user: root
>
> tasks:
> - name: ensure xyz is installed
> action: yum pkg=xyz state=installed
>
> But its failing with error
> $ansible-playbook playbook.yml -c ssh
>
> Output : PLAY [workstations] *********************
>
> GATHERING FACTS *********************
> fatal: [127.0.0.1] => failed to transfer file to /setup:
>
> Connecting to 127.0.0.1...
> Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
> Couldn't read packet: Connection reset by peer
>
> TASK: [ensure xyz is installed] *********************
> FATAL: no hosts matched or all hosts have already failed -- aborting
>
>
> Any Clue Why is this?
>
> Thanks and Regards
> Kavitha
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
If you're using -c paramiko, can you try with -c ssh to see if that
makes a difference? Check ports, see if you can SSH in normally,
see if you really want to connect as root, etc?
On Mon, Feb 18, 2013 at 5:56 AM, <kavitha...@gmail.com> wrote:
> Hi
>
> I am trying to find if a package is installed using playbook
> ---
> - hosts: workstations
>
> user: root
>
> tasks:
> - name: ensure xyz is installed
> action: yum pkg=xyz state=installed
>
> But its failing with error
> $ansible-playbook playbook.yml -c ssh
>
> Output : PLAY [workstations] *********************
>
> GATHERING FACTS *********************
> fatal: [127.0.0.1] => failed to transfer file to /setup:
>
> Connecting to 127.0.0.1...
> Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
> Couldn't read packet: Connection reset by peer
>
> TASK: [ensure xyz is installed] *********************
> FATAL: no hosts matched or all hosts have already failed -- aborting
>
>
> Any Clue Why is this?
>
> Thanks and Regards
> Kavitha
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
lars svenson
Jul 16, 2013, 1:55:40 PM7/16/13
to ansible...@googlegroups.com
I had the same problem.
You have to install sshpass first.
And then you should run the playbook with --ask-pass option like:
ansible-playbook --ask-pass playbook.yml -c ssh
You have to install sshpass first.
And then you should run the playbook with --ask-pass option like:
ansible-playbook --ask-pass playbook.yml -c ssh
Michael DeHaan
Jul 16, 2013, 2:08:39 PM7/16/13
to ansible...@googlegroups.com
Can you please file a ticket at github.com/ansible/ansible ?
We should yell about not finding sshpass in this case.
--
lars svenson
Jul 17, 2013, 11:13:53 AM7/17/13
to ansible...@googlegroups.com
kesten broughton
Jul 25, 2013, 4:06:43 PM7/25/13
to ansible...@googlegroups.com
I'm getting the same type of error trying to run the openstack playbook from a mac 10.8 to a company network server running centOS 6.4.
I installed sshpass on both the openstackserver and my mac.
I have ssh-keygen 'd on my mac as kbroughton and then
mac$ ssh-copy-id root@openstackserver
verifying
openstackserver$ cat /root/.ssh/authorized_keys
i see the public key for my kbroughton
fatal: [10.0.9.170] => failed to transfer file to /setup:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
Connection closed
I can do passwordless ssh to root@openstackserver. Trying to skirt the ssh-agent:
fatal: [10.0.9.170] => failed to transfer file to /setup:
Permission denied, please try again.
suggestions?
I installed sshpass on both the openstackserver and my mac.
I have ssh-keygen 'd on my mac as kbroughton and then
mac$ ssh-copy-id root@openstackserver
verifying
openstackserver$ cat /root/.ssh/authorized_keys
i see the public key for my kbroughton
mac$ ssh-agent bash
mac$ ssh-add ~/.ssh/authorized_keys
mac$ ansible-playbook -i hosts site.yml
fatal: [10.0.9.170] => failed to transfer file to /setup:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
Connection closed
I can do passwordless ssh to root@openstackserver. Trying to skirt the ssh-agent:
ansible-playbook -i hosts site.yml --ask-passansible-playbook -vvv --ask-pass -i hosts site.yml -c ssh
<10.0.9.172> REMOTE_MODULE setup
<10.0.9.170> REMOTE_MODULE setup
<10.0.9.172> PUT /var/folders/t2/h22337c12hn279xwd4s9fk7s8_088c/T/tmpEKNksK TO /setup
<10.0.9.170> PUT /var/folders/t2/h22337c12hn279xwd4s9fk7s8_088c/T/tmpz2Vb82 TO /setup
<10.0.9.170> REMOTE_MODULE setup
<10.0.9.172> PUT /var/folders/t2/h22337c12hn279xwd4s9fk7s8_088c/T/tmpEKNksK TO /setup
<10.0.9.170> PUT /var/folders/t2/h22337c12hn279xwd4s9fk7s8_088c/T/tmpz2Vb82 TO /setup
fatal: [10.0.9.170] => failed to transfer file to /setup:
Permission denied, please try again.
suggestions?
Brian Coca
Jul 26, 2013, 9:46:04 AM7/26/13
to ansible...@googlegroups.com
try setting ANSIBLE_REMOTE_TEMP=/tmp in your shell before running ansible
--
Brian Coca
Stultorum infinitus est numerus
0110000101110010011001010110111000100111011101000010000001111001011011110111010100100000011100110110110101100001011100100111010000100001
Brian Coca
Stultorum infinitus est numerus
0110000101110010011001010110111000100111011101000010000001111001011011110111010100100000011100110110110101100001011100100111010000100001
Pedo mellon a minno
Michael DeHaan
Jul 26, 2013, 9:49:43 AM7/26/13
to ansible...@googlegroups.com
Actually, don't do that just yet :)
Can you test this from a Ansible 1.3 checkout and share your output? Error handling around this is much better there.
It does sound like the "root" account might not have a homedir, but I'd like to see more.
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
kesten broughton
Jul 26, 2013, 11:25:32 AM7/26/13
to ansible...@googlegroups.com
Installed 1.3, and yes, the output is much more descriptive:
fatal: [10.0.9.170] => could not create temporary directory, SSH (mkdir -p $HOME/.ansible/tmp/ansible-1374851276.98-60564789413952 && chmod a+rx $HOME/.ansible/tmp/ansible-1374851276.98-60564789413952 && echo $HOME/.ansible/tmp/ansible-1374851276.98-60564789413952) exited with result 255
fatal: [10.0.9.172] => could not create temporary directory, SSH (mkdir -p $HOME/.ansible/tmp/ansible-1374851276.99-84075906491343 && chmod a+rx $HOME/.ansible/tmp/ansible-1374851276.99-84075906491343 && echo $HOME/.ansible/tmp/ansible-1374851276.99-84075906491343) exited with result 255
kbroughton:ansible-redhat-openstack$ ssh ro...@10.0.9.172
[root@Linux-OpenStack-Compute1 ~]# ls -ld /home
drwxr-xr-x. 3 root root 4096 Jul 24 08:35 /home
[root@Linux-OpenStack-Compute1 ~]# lsattr -d /home
--------------- /home
[root@Linux-OpenStack-Compute1 ~]# echo $HOME
/root
$HOME is set on the remotes. If I ssh over and execute
mkdir -p $HOME/.ansible/tmp/ansible-1374851276.98-60564789413952 && chmod a+rx $HOME/.ansible/tmp/ansible-1374851276.98-60564789413952 && echo $HOME/.ansible/tmp/ansible-1374851276.98-60564789413952
it succeeds. So i'm guessing some kind of expansion error, but not sure what.
kesten
--
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/yyUXKMFD6Jg/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com.
Michael DeHaan
Jul 26, 2013, 4:34:35 PM7/26/13
to ansible...@googlegroups.com
So above the -v -v -v output is only partial, can you please share all of and also the command line you used to launch ansible playbook?
Thanks!
kesten broughton
Jul 26, 2013, 7:07:02 PM7/26/13
to ansible...@googlegroups.com
here it is:
kbroughton:ansible-redhat-openstack$ ansible-playbook -vvv -i hosts site.yml
PLAY [all] ********************************************************************
GATHERING FACTS ***************************************************************
<10.0.9.170> ESTABLISH CONNECTION FOR USER: kbroughton
<10.0.9.170> EXEC ['ssh', '-tt', '-q', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o', 'ControlPath=/tmp/ansible-ssh-%h-%p-%r', '-o', 'Port=22', '-o', 'KbdInteractiveAuthentication=no', '-o', 'PasswordAuthentication=no', '-o', 'ConnectTimeout=10', '10.0.9.170', "/bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-1374852361.71-97030287007971 && chmod a+rx $HOME/.ansible/tmp/ansible-1374852361.71-97030287007971 && echo $HOME/.ansible/tmp/ansible-1374852361.71-97030287007971'"]
<10.0.9.172> ESTABLISH CONNECTION FOR USER: kbroughton
<10.0.9.172> EXEC ['ssh', '-tt', '-q', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o', 'ControlPath=/tmp/ansible-ssh-%h-%p-%r', '-o', 'Port=22', '-o', 'KbdInteractiveAuthentication=no', '-o', 'PasswordAuthentication=no', '-o', 'ConnectTimeout=10', '10.0.9.172', "/bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-1374852361.71-43824623726874 && chmod a+rx $HOME/.ansible/tmp/ansible-1374852361.71-43824623726874 && echo $HOME/.ansible/tmp/ansible-1374852361.71-43824623726874'"]
fatal: [10.0.9.170] => could not create temporary directory, SSH (mkdir -p $HOME/.ansible/tmp/ansible-1374852361.71-97030287007971 && chmod a+rx $HOME/.ansible/tmp/ansible-1374852361.71-97030287007971 && echo $HOME/.ansible/tmp/ansible-1374852361.71-97030287007971) exited with result 255
fatal: [10.0.9.172] => could not create temporary directory, SSH (mkdir -p $HOME/.ansible/tmp/ansible-1374852361.71-43824623726874 && chmod a+rx $HOME/.ansible/tmp/ansible-1374852361.71-43824623726874 && echo $HOME/.ansible/tmp/ansible-1374852361.71-43824623726874) exited with result 255
TASK: [copy yum repo files] ***************************************************
FATAL: no hosts matched or all hosts have already failed -- aborting
PLAY RECAP ********************************************************************
to retry, use: --limit @/var/tmp/ansible/site.retry
10.0.9.170 : ok=0 changed=0 unreachable=1 failed=0
10.0.9.172 : ok=0 changed=0 unreachable=1 failed=0
Michael DeHaan
Jul 26, 2013, 10:55:07 PM7/26/13
to ansible...@googlegroups.com
Ok so it's logging in remotely as kbroughton, not root, since you didn't specify -u root and were running as you (which is what it should do, in fact...).
Now, your test on the above via SSH login was as root:
[root@Linux-OpenStack-Compute1 ~]# ls -ld /home
drwxr-xr-x. 3 root root 4096 Jul 24 08:35 /home
[root@Linux-OpenStack-Compute1 ~]# lsattr -d /home
--------------- /home
[root@Linux-OpenStack-Compute1 ~]# echo $HOME
/root
What happens as you?
In the worst case, yes, you can force the remote temp path to always use /tmp as Brian said, but I suspect that's the problem.
kesten broughton
Jul 27, 2013, 9:16:47 AM7/27/13
to ansible...@googlegroups.com
Was I mistaken to think that if a playbook lists
user: root
then that playbook would try to connect via ssh as root to the remote host? I also tried the various --ask-pass-sudo which I thought, again, would try and run AND connect as root (by defualt). I don't currently have a kbroughton account set up on the remote. I will try that and then brian's suggestion next.
Here is the output when i pass the -u root to commanline:
623 kbroughton:ansible-redhat-openstack$ ansible-playbook -u root -vvv -i hosts site.yml
PLAY [all] ********************************************************************
GATHERING FACTS ***************************************************************
<10.0.9.172> ESTABLISH CONNECTION FOR USER: root
<10.0.9.170> ESTABLISH CONNECTION FOR USER: root
<10.0.9.170> EXEC ['ssh', '-tt', '-q', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o', 'ControlPath=/tmp/ansible-ssh-%h-%p-%r', '-o', 'Port=22', '-o', 'KbdInteractiveAuthentication=no', '-o', 'PasswordAuthentication=no', '-o', 'User=root', '-o', 'ConnectTimeout=10', '10.0.9.170', "/bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-1374930395.38-278372863854939 && echo $HOME/.ansible/tmp/ansible-1374930395.38-278372863854939'"]
<10.0.9.172> EXEC ['ssh', '-tt', '-q', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o', 'ControlPath=/tmp/ansible-ssh-%h-%p-%r', '-o', 'Port=22', '-o', 'KbdInteractiveAuthentication=no', '-o', 'PasswordAuthentication=no', '-o', 'User=root', '-o', 'ConnectTimeout=10', '10.0.9.172', "/bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-1374930395.38-95551726821490 && echo $HOME/.ansible/tmp/ansible-1374930395.38-95551726821490'"]
fatal: [10.0.9.172] => could not create temporary directory, SSH (mkdir -p $HOME/.ansible/tmp/ansible-1374930395.38-95551726821490 && echo $HOME/.ansible/tmp/ansible-1374930395.38-95551726821490) exited with result 255
fatal: [10.0.9.170] => could not create temporary directory, SSH (mkdir -p $HOME/.ansible/tmp/ansible-1374930395.38-278372863854939 && echo $HOME/.ansible/tmp/ansible-1374930395.38-278372863854939) exited with result 255
TASK: [copy yum repo files] ***************************************************
FATAL: no hosts matched or all hosts have already failed -- aborting
Michael DeHaan
Jul 28, 2013, 5:22:32 PM7/28/13
to ansible...@googlegroups.com
user: root in the playbook will indeed make it use root, if you are NOT seeing that, I'd like to see the playbook as you probably have it in some weird spot :)
I'm a little confused as to what's up with root's homedir there.
kesten broughton
Jul 28, 2013, 11:03:41 PM7/28/13
to ansible...@googlegroups.com
The playbook is a very minally modified version of the openstack playbook recently posted
The playbook's author, Benno Joy, had told me,
"The playbook has user root set in it and sudo in enabled in the playbook, so you would have to tweak the playboo a bit to make sudo work."
So i presumed user: root was set somewhere.
I didn't see it when I went to double check, so i added it to the three host targets in site.yml.
This didn't change the errors i received previously. Other than that, the only change i made was to rename the hosts and put in my ip address. I've tried the playbook on both a single basic centOS 6.4 instance at rackspace, and a two-node version hosted by company servers (again centOS 6.4).
Here is the root-level diff of the project:
679 kbroughton:ansible-redhat-openstack$ git diff
diff --git a/hosts b/hosts
index a20e1fc..360856d 100644
--- a/hosts
+++ b/hosts
@@ -1,7 +1,9 @@
-[openstack_controller]
-openstack-controller
+[local_openstack_controller]
+166.78.180.192
+#openstack-controller
-[openstack_compute]
-openstack-compute
+[local_openstack_compute]
+166.78.180.192
+#openstack-compute
diff --git a/site.yml b/site.yml
index 246ac96..0702298 100644
--- a/site.yml
+++ b/site.yml
@@ -2,14 +2,17 @@
# The main openstack site deployment playbook
- hosts: all
+ user: root
roles:
- common
- hosts: openstack_controller
+ user: root
roles:
- controller
- hosts: openstack_compute
+ user: root
roles:
- compute
I'm still getting:
$ kbroughton:ansible-redhat-openstack$ ansible-playbook -i hosts site.yml
PLAY [all] ********************************************************************
GATHERING FACTS ***************************************************************
fatal: [166.78.180.192] => could not create temporary directory, SSH (mkdir -p /tmp/ansible-1375066315.04-89253282885227 && echo /tmp/ansible-1375066315.04-89253282885227) exited with result 255
TASK: [copy yum repo files] ***************************************************
FATAL: no hosts matched or all hosts have already failed -- aborting
PLAY RECAP ********************************************************************
to retry, use: --limit @/var/tmp/ansible/site.retry
166.78.180.192 : ok=0 changed=0 unreachable=1 failed=0
----------------------------------------------------------------------------
If I ssh to the rackspace.com instance, I can run the play and it completes 24 tasks before failing because the hostname "hubertus" that I chose for the instance is not recognized. All attempts to run the playbook locally on my mac to provision the centOS nodes have failed.
I did also try brian's suggestion
$ export ANSIBLE_REMOTE_TEMP=/tmp
but the error remained the same as above.
------------------------------------------------------------------------------
I also noticed that i can add --ask-pass, and --ask-sudo-pass and i get the same result. If i put garbage in for the password prompt, i receive no error about the password not being correct, just the usual error about /tmp directory.
kesten
benno joy
Jul 29, 2013, 11:19:07 AM7/29/13
to ansible...@googlegroups.com
Hi Kesten,
The reason the task at 25 is failing is because it expects the hostname in inventory, so couple of options are
in your inventory add somthing like
[openstack-controller]
huebertus ansible_ssh_host=166.78.180.192
[openstack-compute]
huebertus ansible_ssh_host=166.78.180.192
or another option in the template
CONTROLLER_PUBLIC_ADDRESS={{ hostvars[ansible_hostname]['ansible_'+iface].ipv4.address }}
CONTROLLER_ADMIN_ADDRESS={{ hostvars[ansible_hostname]['ansible_'+iface].ipv4.address }}
CONTROLLER_INTERNAL_ADDRESS={{ hostvars[ansible_hostname]['ansible_'+iface].ipv4.address }}
replace anible_hostname with inventory_hostname
As for the problem of not able to copy files into temp directory, can you try disabling selinux manually and see if it helps.
Thanks,
Benno
kesten broughton
Jul 29, 2013, 6:33:40 PM7/29/13
to ansible...@googlegroups.com
Thanks benno.
SOLVED and SOLVED
I chose solution 1 for the hostname issue.
--------
For the "could not create temporary directory, SSH (mkdir -p /tmp/ansible-1375136691.66-81428641339179..."
ssh into remote openstack server
[root@Linux-OpenStack-Admin ~]# cat /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
Changed SELINUX=enforcing to disabled.
$ shutdown -r now
wait a minute for reboot.
run playbook from mac
creating /tmp files now successful.
Reply all
Reply to author
Forward
0 new messages