Ansible Playbook running locally but can not be hosted by SSH via AWX

RESUME

I have AW ansible ans ansible AWX installed on the same AWS EC2 instance and I am trying to deploy a version on another AWS EC2 instance of the application. I am able to run the playbook via the ansible-playbook command, but the connection to the host failed via ssh when using AWX

  • The AWX inventory just has this host added with ansible_user:
    nextag who is the user I want to deploy with
  • Ansible / AWX host has the nextag user configuration with password without access to the target host that also has the same user (public keys copied)
  • I've also tried to create this user in the aws_task and aws_web containers and have copied the public keys to the target host.
  • Execution of the ssh AWS command runs if the information collection fails

    ssh -vvv -C -o ControlMaster = auto-ControlPersist = 60s -o StrictHostKeyChecking = no -o KbdInteractiveAuthentication = no -o
    PreferredAuthentications = gssapi-with-mic, gssapi-keyex, host-based, publickey -o PasswordAuthentication = no -o User = nextag -o ConnectTimeout = 10 -o ControlPath = / tmp / awx_108_dKOwxm / cp / 61735cd9d3 hostname & / Bin / sh -d "" & # 39; echo ~ nextag && sleep 0 & # 39; "& # 39;" & # 39; & # 39;

    Exit:

    debug3: muxserver_listen: temporary control path /tmp/awx_72_VGFOPt/cp/61735cd9d3.16cjnTwr0hSE1mXc
    bind: No such file or directory
    unix_listener: unable to connect to path: /tmp/awx_72_VGFOPt/cp/61735cd9d3.16cjnTwr0hSE1mXc

  • Execute the command after exiting some configuration options – ControlPersist, ControlMaster, ssh works –

    ssh -vvv -C -o StrictHostKeyChecking = no -o IdentityFile = "/ home / nextag / .ssh / id_rsa" & # 39; -o KbdInteractiveAuthentication = no -o PreferredAuthentications = gssapi-with-mic, gssapi-keyex, hostbased, publeyey -o PasswordAuthentication = no -o User = nextag -o ConnectTimeout = 10 hostname

Questions

  1. Is it a permission problem when creating ControlPath? The aws_web and aws_task containers both have the / tmp folder with the 777 permission.
  2. Which configuration (ansible.cfg) is selected by AWX – from the aws_task / aws_web containers or from the host on which it is deployed. I've also tried setting ssh_args = -C (removing ControlMaster and ControlPersist controls) at three ansible.cfg slots and restarting AWS containers without any chance.
  3. Why it does not work with the control settings

Additional Inflation

Ansible version

ansible 2.7.1
configuration file = /etc/ansible/ansible.cfg
configured module search path = [u’/root/.ansible/plugins/modules’, u’/usr/share/ansible/plugins/modules’]
ansible module location python = /usr/lib/python2.7/site-packages/ansible
executable location = / bin / ansible
python version = 2.7.5 (default, July 13, 2018, 13:06:57) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]

Configuration

ANSIBLE_SSH_ARGS (/etc/ansible/ansible.cfg) = -C

OS / ENVIRONMENT

Ansible and AWX host operating system -> CentOS Linux version 7.5.1804 (Core)

Target Host Operating System -> CentOS Linux Version 7.5.1804 (Core)

AWX version: 2.1.0

AWX installed via -> https://github.com/ansible/awx/blob/devel/INSTALL.md#docker-or-docker-compose

STEPS TO REPRODUCE

1) Project created in AWX with type SCM git.

2) Inventory created in AWX by adding the host with the variable ansible_user: nextag

3) Job template created by specifying the type of job executed and selecting the project and inventory created in 1 and 2. Provided with additional variable construction: in the template as required in the book of reading

PlayBook

https://github.com/sandeepdharembra/playbooks/blob/master/installnodejs.yml

REAL RESULTS when running the work pattern

ansible-playbook 2.7.1
configuration file = /etc/ansible/ansible.cfg
configured module search path = [u’/var/lib/awx/.ansible/plugins/modules’, u’/usr/share/ansible/plugins/modules’]
ansible module location python = /usr/lib/python2.7/site-packages/ansible
executable location = / usr / bin / ansible-playbook
python version = 2.7.5 (default, July 13, 2018, 13:06:57) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
Use /etc/ansible/ansible.cfg as the configuration file
set up inventory plugins
Inventory analysis / tmp / awx_108_dKOwxm / tmpo_yCMg with script plug-in
Loading the awx_display plug-in of type stdout, v2.0 from /usr/lib/python2.7/site-packages/awx/lib/awx_display_callback/module.pyc
1 pieces in installnodejs.yml
TO PLAY [all] ************************************************** *******************
META: Material Handlers
TASK [Created new build directory] *********************************************
task path: /var/lib/awx/projects/_6__festaging/installnodejs.yml:10
ESTABLISH THE SSH CONNECTION FOR THE USER: nextag
SSH: EXEC ssh -vvv -C -o ControlMaster = auto-controlPersist = 60s -o StrictHostKeyChecking = no -o KbdInteractiveAuthentication = no -o PreferredAuthentications = gssapi-with-mic, gssapi-keyex, hosted, host-based, publickey -o PasswordAuthentication = no -o User = nextag -o ConnectTimeout = 10 -o ControlPath = / tmp / awx_108_dKOwxm / cp / 61735cd9d3 hostname & # 39; / bin / sh -c & # 39; "Echo ~ nextag && sleep 0" & # 39; & # 39; & # 39; & # 39; & # 39; & # 39; & # 39; & # 39; & # 39;
(255, & # 39; & # 39; OpenSSH_7.4p1, OpenSSL 1.0.2k-fips January 26, 2017 rdebug1: read configuration data / etc / ssh / ssh_config r ndebug1: / etc / ssh / ssh_config line 58: deposit options for * debug1: auto-mux: attempt of the existing master debug1: the control socket "/ tmp / awx_108_dKOwxm / cp / 61735cd9d3" does not exist r ndebug2: port resolution "hostname" 22 debug2: ssh_connect_direct: needpriv 0debug1: Connecting to the host [hostname] port 22. r ndebug2: fd parameter 3 O_NONBLOCK r ndebug1: fd 3 remove O_NONBLOCK r ndebug1: connection established. debug3: timeout: 9997 ms after login debug1: nnr_bug_shop: 0 debug1: public_key_key: No such file or directory r ndebug1: id file / root / .ssh / id_rsa type -1 r ndebug1: public_load_key: No such file or directory r ndebug1: identity file / root / .ssh / id_rsa-cert type -1 r ndebug1: key_load_public : No file or directory of this type r ndebug1: identity file /root/.ssh/id_dsa type -1 r ndeb …
fatal: [hostname]: UNBELIEVABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: OpenSSH_7.4p1, OpenSSL 1.0.2k-fips from January 26, 2017 r ndebug1: read configuration data / etc / ssh / ssh_config r ndebug1: / etc / ssh / ssh_config line 58: Applying options for * debug1: auto-mux: existing master attempt debug1: control socket "/ tmp / awx_108_dKOwxm / cp / 61735cd9d3 "does not exist from debug2: resolution " hostname "port 22 debug2: ssh_connect_direct: needpriv 0 debug1: connection to the hostname [172.16.5.91] port 22. r ndebug2: fd parameter 3 O_NONBLOCK r ndebug1: fd 3 remove O_NONBLOCK r ndebug1: connection established. debug3: timeout: 9997 ms after login debug1: nnr_bug_shop: 0 debug1: public_key_key: No such file or directory r ndebug1: id file / root / .ssh / id_rsa type -1 r ndebug1: public_load_key: No such file or directory r ndebug1: identity file / root / .ssh / id_rsa-cert ty …
PLAY RECAP *********************************************** * *********************
hostname: ok = 0 changed = 0 inaccessible = 1 failed = 0