I am trying to run playbooks on my Windows Servers. Some work but others give me the following errors:
UNREACHABLE! => {"changed": false, "msg": "kerberos: authGSSClientStep() failed: (('Unspecified GSS failure. Minor code may provide more information', 851968), ('Server not found in Kerberos database', -1765328377))", "unreachable": true}
Or
UNREACHABLE! => {"changed": false, "msg": "kerberos: ('Connection aborted.', ConnectionResetError(104, 'Connexion ré-initialisée par le correspondant'))", "unreachable": true}
Thank you !
My conf file krb5.conf on my PC is OK
I looked about the SPN and my different Windows servers have the same conf
Related
I am getting below error while sending the mail to the server owner via ansible tool.
I am using ansible awx and defined all the variables inside the role. and role is calling via a playbook. playbook is attached to awx console.
email module is used in handlers inside the role.
SSH password:
PLAY [this playbook is used to start the services on windows server] ***********
TASK [Gathering Facts] *********************************************************
ok: [CSBPUITSM1.CSB.DOM]
TASK [/var/lib/awx/projects/roles/WINDOWS_CSB_APP_START : start the services on ITSM UAT] ***
changed: [CSBPUITSM1.CSB.DOM]
TASK [/var/lib/awx/projects/roles/WINDOWS_CSB_APP_START : debug] ***************
ok: [CSBPUITSM1.CSB.DOM] => {
"msg": "'ManageEngine ServiceDesk Plus' is started successfully on CSBPUITSM1"
}
RUNNING HANDLER [/var/lib/awx/projects/roles/WINDOWS_CSB_APP_START : send mail] ***
fatal: [CSBPUITSM1.CSB.DOM]: UNREACHABLE! => {"changed": false, "msg": "kerberos: authGSSClientStep() failed: (('Unspecified GSS failure. Minor code may provide more information', 851968), ('Server not found in Kerberos database', -1765328377))", "unreachable": true}
PLAY RECAP *********************************************************************
CSBPUITSM1.CSB.DOM : ok=3 changed=1 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
I have tried all the possible method like using variable inside the role playbook.
I want to send the notificaton mail to the server owner.
I want to extend my Kubernetes cluster by one node.
So I run the scale.yaml Ansible playbook:
ansible-playbook -i inventory/local/hosts.ini --become --become-user=root scale.yml
But I am getting the error message when uploading the control plane certificates happens:
TASK [Upload control plane certificates] ***************************************************************************************************************************************************
ok: [jay]
fatal: [sam]: FAILED! => {"changed": false, "cmd": ["/usr/local/bin/kubeadm", "init", "phase", "--config", "/etc/kubernetes/kubeadm-config.yaml", "upload-certs", "--upload-certs"], "delta": "0:00:00.039489", "end": "2022-01-08 11:31:37.708540", "msg": "non-zero return code", "rc": 1, "start": "2022-01-08 11:31:37.669051", "stderr": "error execution phase upload-certs: failed to load admin kubeconfig: open /etc/kubernetes/admin.conf: no such file or directory\nTo see the stack trace of this error execute with --v=5 or higher", "stderr_lines": ["error execution phase upload-certs: failed to load admin kubeconfig: open /etc/kubernetes/admin.conf: no such file or directory", "To see the stack trace of this error execute with --v=5 or higher"], "stdout": "", "stdout_lines": []}
Anyone has an idea what the problem could be?
Thanks in advance.
I solved it myself.
I copied the /etc/kubernetes/admin.conf and /etc/kubernetes/ssl/ca.* to the new node and now the scale playbook works. Maybe this is not the right way, but it worked...
I'm trying to add microprofile opentracing subsystem to Wildfly23 using thins guide: https://github.com/wildfly/wildfly/blob/main/docs/src/main/asciidoc/_admin-guide/subsystem-configuration/MicroProfile_OpenTracing_SmallRye.adoc
However, the second step fails:
[standalone#localhost:9990 /] /subsystem=microprofile-opentracing-smallrye:add
ERROR [org.jboss.as.cli.CommandContext] {
"outcome" => "failed",
"failure-description" => "WFLYCTL0369: Required capabilities are not available:
org.wildfly.microprofile.config; There are no known registration points which can provide this capability.",
"rolled-back" => true
}
I tried adding microprofile config using this model as a reference: https://docs.wildfly.org/23/wildscribe/subsystem/microprofile-config-smallrye/index.html however i get this error
[standalone#localhost:9990 /] /subsystem=microprofile-config-smallrye:add
ERROR [org.jboss.as.cli.CommandContext] {
"outcome" => "failed",
"failure-description" => "WFLYCTL0030: No resource definition is registered for address [(\"subsystem\" => \"microprofile-config-smallrye\")]",
"rolled-back" => true
}
What am i missing? The doc seems fresh enough, last updated in March on 2021...
You also need to install the extensions "org.wildfly.extension.microprofile.config-smallrye" and "org.wildfly.extension.microprofile.opentracing-smallrye" before adding the subsystems.
Also wildfly provides a standalone-microprofile.xml that can server as example.
A have test kubernetes on-premise cluster on centos 7.4. Current kubernetes version is 1.10.4. I am trying to upgrade to 1.11.5 using kubespray
The command is:
ansible-playbook upgrade-cluster.yml -b -i inventory/k8s-test/hosts.ini -e kube_version=v1.11.5
Masters are upgraded successfully, but nodes are not.
The error is:
fatal: [kubernodetst1]: FAILED! => {"changed": true, "cmd":
["/usr/local/bin/kubeadm", "join", "--config",
"/etc/kubernetes/kubeadm-client.conf",
"--ignore-preflight-errors=all",
"--discovery-token-unsafe-skip-ca-verification"], "delta":
"0:00:00.040038", "end": "2018-12-13 15:55:56.162387", "msg":
"non-zero return code", "rc": 3, "start": "2018-12-13
15:55:56.122349", "stderr": "discovery: Invalid value: \"\": using
token-based discovery without discoveryTokenCACertHashes can be
unsafe. set --discovery-token-unsafe-skip-ca-verification to
continue", "stderr_lines": ["discovery: Invalid value: \"\": using
token-based discovery without discoveryTokenCACertHashes can be
unsafe. set --discovery-token-unsafe-skip-ca-verification to
continue"], "stdout": "", "stdout_lines": []}
You have a incorrect CA for nodes, regenerate all and try again
I am trying to copy over the "resolve.conf" file from one machine to another and overwrite the old one. This operation works on all but 4 of the 40+ servers... I get an error it could not replace the file because it is not permitted. I have pasted the contents of the Playbook related to the failure of the operation below.
- hosts: all
remote_user: root
...
- name: Copy over the updated DNS configuration file
copy: src=/etc/resolv.conf dest=/etc/resolv.conf
It gives me the following error message for all 4 servers.
fatal: [server-name]: FAILED! => {"changed": false, "checksum": "9925f1a81f849f373f860c3156d19edcd1c002f2", "failed": true, "msg": "Could not replace file: /root/.ansible/tmp/ansible-tmp-1469481567.72-275811900408782/source to /etc/resolv.conf: [Errno 1] Operation not permitted"}
I just don't understand what the problem could be since I am accessing the machines as the root user and the Playbook succeeds on the majority of the servers - many with the exact same configuration and settings. For example, it succeeds on the server "server-analytical1" but fails on the server "server-analytical2". So, does anyone have any insight into why the Playbook would fail for only a few servers even though they're similar to or the same as other servers that succeeded?
Is the immutable bit set on the target file? Try lsattr /etc/resolv.conf and chattr -i /etc/resolv.conf to unset if it is.