Closed
Description
ISSUE TYPE
- Bug Report
COMPONENT NAME
WinRM
ANSIBLE VERSION
v2.4
OS / ENVIRONMENT
Control master: RHEL7
Target nodes: Windows 2012R2 (with Powershell 4.0, also tried Powershell 5.1)
SUMMARY
I just experienced again a Connection refused. The task was waiting for 3 VMs to appear (wait_for_connection doing a win_ping test), the last VM to come online then gave me a Connection refused in the next task doing setup.
We are using CredSSP.
I wonder if we could retry longer/delayed on Connection refused to hopefully make it survive such intermittent issues better.
It is not unlikely that during the first boot the WinRM service starts, stops and then starts again, causing the "Connection refused", however we should recover from this situation if it appears.
TASK [Gathering Facts] ********************************************************************************
***************************************************************************
Using module file /home/user/ansible.git/lib/ansible/modules/windows/setup.ps1
<1.2.3.101> ESTABLISH WINRM CONNECTION FOR USER: Administrator on PORT 5986 TO 1.2.3.101
Using module file /home/user/ansible.git/lib/ansible/modules/windows/setup.ps1
<1.2.3.103> ESTABLISH WINRM CONNECTION FOR USER: Administrator on PORT 5986 TO 1.2.3.103
Using module file /home/user/ansible.git/lib/ansible/modules/windows/setup.ps1
<1.2.3.102> ESTABLISH WINRM CONNECTION FOR USER: Administrator on PORT 5986 TO 1.2.3.102
EXEC (via pipeline wrapper)
EXEC (via pipeline wrapper)
EXEC (via pipeline wrapper)
The full traceback is:
Traceback (most recent call last):
File "/home/user/ansible.git/lib/ansible/executor/task_executor.py", line 125, in run
res = self._execute()
File "/home/user/ansible.git/lib/ansible/executor/task_executor.py", line 526, in _ex
ecute
result = self._handler.run(task_vars=variables)
File "/home/user/ansible.git/lib/ansible/plugins/action/normal.py", line 45, in run
results = merge_hash(results, self._execute_module(tmp=tmp, task_vars=task_vars, wrap_async=wrap_as
ync))
File "/home/user/ansible.git/lib/ansible/plugins/action/__init__.py", line 743, in _e
xecute_module
res = self._low_level_execute_command(cmd, sudoable=sudoable, in_data=in_data)
File "/home/user/ansible.git/lib/ansible/plugins/action/__init__.py", line 892, in _l
ow_level_execute_command
rc, stdout, stderr = self._connection.exec_command(cmd, in_data=in_data, sudoable=sudoable)
File "/home/user/ansible.git/lib/ansible/plugins/connection/winrm.py", line 337, in exec_command
result = self._winrm_exec(cmd_parts[0], cmd_parts[1:], from_exec=True, stdin_iterator=self._wrapper_payload_stream(payload))
File "/home/user/ansible.git/lib/ansible/plugins/connection/winrm.py", line 294, in _winrm_exec
self.protocol.cleanup_command(self.shell_id, command_id)
File "/usr/lib/python2.7/site-packages/winrm/protocol.py", line 307, in cleanup_command
res = self.send_message(xmltodict.unparse(req))
File "/usr/lib/python2.7/site-packages/winrm/protocol.py", line 207, in send_message
return self.transport.send_message(message)
File "/usr/lib/python2.7/site-packages/winrm/transport.py", line 184, in send_message
response = self.session.send(prepared_request, timeout=self.read_timeout_sec)
File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 609, in send
r = adapter.send(request, **kwargs)
File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 487, in send
raise ConnectionError(e, request=request)
ConnectionError: HTTPSConnectionPool(host='38.38.12.3', port=5986): Max retries exceeded with url: /wsman (Caused by NewConnectionError('<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x38f9a50>: Failed to establish a new connection: [Errno 111] Connection refused',))
fatal: [VM3]: FAILED! => {
"failed": true,
"msg": "Unexpected failure during module execution.",
"stdout": ""
}
ok: [VM1]
ok: [VM2]
This relates to #23320 (more examples from others there)
The playbook looks like this, and it fails on the setup task.
- name: Clone VM
vmware_guest:
hostname: '{{ vcenter_ipaddress }}'
username: '{{ vcenter_username }}'
password: '{{ vcenter_password }}'
datacenter: '{{ vcenter_datacenter }}'
resource_pool: '{{ vcenter_resource_pool }}'
cluster: '{{ vcenter_cluster }}'
folder: '{{ vcenter_folder }}'
template: '{{ vcenter_template }}'
name: '{{ inventory_hostname_short }}'
state: poweredon
validate_certs: no
networks:
- name: 'VLAN {{ vcenter_portgroup_prefix }}{{ pod_id }}'
ip: '{{ ansible_host }}'
netmask: '{{ vm_netmask }}'
gateway: '{{ gw_ip }}'
domain: '{{ domain }}'
dns_servers: [ '{{ dns_ip }}' ]
customization:
autologon: yes
#fullname: Administrator
hostname: '{{ windows_shortname }}'
orgname: '{{ windows_organization }}'
password: '{{ windows_admin_password }}'
productid: '{{ windows_product_id }}'
runonce:
- powershell.exe -ExecutionPolicy Unrestricted -File C:\Windows\Temp\ConfigureRemotingForAnsible.ps1 -CertValidity
ys 3650 -EnableCredSSP -ForceNewSSLCert
timezone: 105
register: vm
delegate_to: localhost
# Wait for system(s) to become reachable
- name: Wait for VM customizations
wait_for_connection:
delay: 240
sleep: 15
timeout: 900
- setup: