皆様のお知恵をお借りしたいと思います。
VPC内にAnsibleサーバを構築、playbookでWin2012r2のec2を作成しましたが、そのWin2012 サーバに接続できず、困っております。
ansible 2.6.1
Ansibleインスタンス:Centos7.5
管理対象インスタンス:Win2012R2
→上記2インスタンスのセキュリティグループはインバウンドに、
ポート22,80,443,3389,5985,5986を0.0.0.0/0を開けてます。
$ cat hosts localhost ansible_host=127.0.0.1 ansible_connection=local [windows] 11.222.333.444 [windows:vars] ansible_user=Administrator ansible_password=xxxxxxxxxxxxx ansible_port=5986 ansible_connection=winrm ansible_winrm_server_cert_validation=ignore $ sudo ansible windows -m win_ping -vvvvv ansible 2.6.1 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /bin/ansible python version = 2.7.5 (default, Jul 13 2018, 13:06:57) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)] Using /etc/ansible/ansible.cfg as config file setting up inventory plugins Set default localhost to localhost Parsed /etc/ansible/hosts inventory source with ini plugin Loading callback plugin minimal of type stdout, v2.0 from /usr/lib/python2.7/site-packages/ansible/plugins/callback/minimal.pyc META: ran handlers Using module file /usr/lib/python2.7/site-packages/ansible/modules/windows/win_ping.ps1 <11.222.333.444> ESTABLISH WINRM CONNECTION FOR USER: Administrator on PORT 5986 TO 11.222.333.444 checking if winrm_host 11.222.333.444 is an IPv6 address <11.222.333.444> WINRM CONNECT: transport=ssl endpoint=https://11.222.333.444:5986/wsman <11.222.333.444> WINRM CONNECTION ERROR: the specified credentials were rejected by the server Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ansible/plugins/connection/winrm.py", line 387, in _winrm_connect self.shell_id = protocol.open_shell(codepage=65001) # UTF-8 File "/usr/lib/python2.7/site-packages/winrm/protocol.py", line 157, in open_shell res = self.send_message(xmltodict.unparse(req)) File "/usr/lib/python2.7/site-packages/winrm/protocol.py", line 234, in send_message resp = self.transport.send_message(message) File "/usr/lib/python2.7/site-packages/winrm/transport.py", line 256, in send_message response = self._send_message_request(prepared_request, message) File "/usr/lib/python2.7/site-packages/winrm/transport.py", line 266, in _send_message_request raise InvalidCredentialsError("the specified credentials were rejected by the server") InvalidCredentialsError: the specified credentials were rejected by the server 11.222.333.444 | UNREACHABLE! => { "changed": false, "msg": "ssl: the specified credentials were rejected by the server", "unreachable": true }
.
EC2を作成したplaybookは ↓ です。
$ cat ec2_create_win2012r2.yml --- - name: Create an Windows 2012 SV with winrm on Amazon EC2 hosts: localhost vars: ec2_ami_id: ami-011270ec ec2_region: ap-northeast-1 ec2_instance_type: t2.micro ec2_key_name: xxxx-test ec2_subnet_id: subnet-xxxxxxxx ec2_role_name: xxxx-ec2-role ec2_secgrp_name: xxxx-SeqGrp tasks: - name: ec2 instance create ec2: image: "{{ec2_ami_id}}" region: "{{ec2_region}}" instance_type: "{{ec2_instance_type}}" key_name: "{{ec2_key_name}}" group: "{{ec2_secgrp_name}}" exact_count: 1 count_tag: { Name: winrm } vpc_subnet_id: "{{ec2_subnet_id}}" instance_profile_name: "{{ec2_role_name}}" assign_public_ip: yes volumes: - device_name: /dev/xvda volume_type: gp2 volume_size: 30 delete_on_termination: true instance_tags: Name: tkhs-win2012r2-test case: ansible_test termination_protection: yes ebs_optimized: false
作成後、Win2012にリモートデスクトップログインして ↓ のWinRM設定を実施しています。
0. 「ConfigureRemotingForAnsible.ps1」のDL→実行
0. ネットワークプロファイル設定「NetworkCategory : Private」に変更
0. WinRM有効化 PS > winrm qc を実行
0. Ansible側でpywinrmインストール
# yum install python-pip # pip install pywinrm
上記まで実施しましたが「$ sudo ansible windows -m win_ping -vvvvv」でエラーになってしまいました。
このエラーを解消させたいです。
足りない情報は追記していきますので、よろしくお願いします。
回答2件
あなたの回答
tips
プレビュー
バッドをするには、ログインかつ
こちらの条件を満たす必要があります。