Couldn't read packet: Connection reset by peer

Archives Ansible Project
1

I’m getting the same type of error trying to run the openstack playbook from a mac 10.8 to a company network server running centOS 6.4.

I installed sshpass on both the openstackserver and my mac.
I have ssh-keygen 'd on my mac as kbroughton and then
mac$ ssh-copy-id root@openstackserver

verifying
openstackserver$ cat /root/.ssh/authorized_keys
i see the public key for my kbroughton


mac$ ssh-agent bash
mac$ ssh-add ~/.ssh/authorized_keys
mac$ ansible-playbook -i hosts site.yml

fatal: [10.0.9.170] => failed to transfer file to /setup:

Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
Connection closed

I can do passwordless ssh to root@openstackserver. Trying to skirt the ssh-agent:

ansible-playbook -i hosts site.yml --ask-pass
ansible-playbook -vvv --ask-pass -i hosts site.yml -c ssh

<10.0.9.172> REMOTE_MODULE setup
<10.0.9.170> REMOTE_MODULE setup
<10.0.9.172> PUT /var/folders/t2/h22337c12hn279xwd4s9fk7s8_088c/T/tmpEKNksK TO /setup
<10.0.9.170> PUT /var/folders/t2/h22337c12hn279xwd4s9fk7s8_088c/T/tmpz2Vb82 TO /setup

fatal: [10.0.9.170] => failed to transfer file to /setup:

Permission denied, please try again.

suggestions?

2

try setting ANSIBLE_REMOTE_TEMP=/tmp in your shell before running ansible

3

Actually, don’t do that just yet :slight_smile:

Can you test this from a Ansible 1.3 checkout and share your output? Error handling around this is much better there.

It does sound like the “root” account might not have a homedir, but I’d like to see more.

4

Installed 1.3, and yes, the output is much more descriptive:

fatal: [10.0.9.170] => could not create temporary directory, SSH (mkdir -p $HOME/.ansible/tmp/ansible-1374851276.98-60564789413952 && chmod a+rx $HOME/.ansible/tmp/ansible-1374851276.98-60564789413952 && echo $HOME/.ansible/tmp/ansible-1374851276.98-60564789413952) exited with result 255
fatal: [10.0.9.172] => could not create temporary directory, SSH (mkdir -p $HOME/.ansible/tmp/ansible-1374851276.99-84075906491343 && chmod a+rx $HOME/.ansible/tmp/ansible-1374851276.99-84075906491343 && echo $HOME/.ansible/tmp/ansible-1374851276.99-84075906491343) exited with result 255

kbroughton:ansible-redhat-openstack$ ssh root@10.0.9.172

[root@Linux-OpenStack-Compute1 ~]# ls -ld /home
drwxr-xr-x. 3 root root 4096 Jul 24 08:35 /home
[root@Linux-OpenStack-Compute1 ~]# lsattr -d /home
--------------- /home
[root@Linux-OpenStack-Compute1 ~]# echo $HOME
/root

$HOME is set on the remotes. If I ssh over and execute
mkdir -p $HOME/.ansible/tmp/ansible-1374851276.98-60564789413952 && chmod a+rx $HOME/.ansible/tmp/ansible-1374851276.98-60564789413952 && echo $HOME/.ansible/tmp/ansible-1374851276.98-60564789413952

it succeeds. So i’m guessing some kind of expansion error, but not sure what.

kesten

5

So above the -v -v -v output is only partial, can you please share all of and also the command line you used to launch ansible playbook?

Thanks!

6

here it is:

kbroughton:ansible-redhat-openstack$ ansible-playbook -vvv -i hosts site.yml

PLAY [all] ********************************************************************

GATHERING FACTS ***************************************************************
<10.0.9.170> ESTABLISH CONNECTION FOR USER: kbroughton
<10.0.9.170> EXEC [‘ssh’, ‘-tt’, ‘-q’, ‘-o’, ‘ControlMaster=auto’, ‘-o’, ‘ControlPersist=60s’, ‘-o’, ‘ControlPath=/tmp/ansible-ssh-%h-%p-%r’, ‘-o’, ‘Port=22’, ‘-o’, ‘KbdInteractiveAuthentication=no’, ‘-o’, ‘PasswordAuthentication=no’, ‘-o’, ‘ConnectTimeout=10’, ‘10.0.9.170’, “/bin/sh -c ‘mkdir -p $HOME/.ansible/tmp/ansible-1374852361.71-97030287007971 && chmod a+rx $HOME/.ansible/tmp/ansible-1374852361.71-97030287007971 && echo $HOME/.ansible/tmp/ansible-1374852361.71-97030287007971’”]
<10.0.9.172> ESTABLISH CONNECTION FOR USER: kbroughton
<10.0.9.172> EXEC [‘ssh’, ‘-tt’, ‘-q’, ‘-o’, ‘ControlMaster=auto’, ‘-o’, ‘ControlPersist=60s’, ‘-o’, ‘ControlPath=/tmp/ansible-ssh-%h-%p-%r’, ‘-o’, ‘Port=22’, ‘-o’, ‘KbdInteractiveAuthentication=no’, ‘-o’, ‘PasswordAuthentication=no’, ‘-o’, ‘ConnectTimeout=10’, ‘10.0.9.172’, “/bin/sh -c ‘mkdir -p $HOME/.ansible/tmp/ansible-1374852361.71-43824623726874 && chmod a+rx $HOME/.ansible/tmp/ansible-1374852361.71-43824623726874 && echo $HOME/.ansible/tmp/ansible-1374852361.71-43824623726874’”]
fatal: [10.0.9.170] => could not create temporary directory, SSH (mkdir -p $HOME/.ansible/tmp/ansible-1374852361.71-97030287007971 && chmod a+rx $HOME/.ansible/tmp/ansible-1374852361.71-97030287007971 && echo $HOME/.ansible/tmp/ansible-1374852361.71-97030287007971) exited with result 255
fatal: [10.0.9.172] => could not create temporary directory, SSH (mkdir -p $HOME/.ansible/tmp/ansible-1374852361.71-43824623726874 && chmod a+rx $HOME/.ansible/tmp/ansible-1374852361.71-43824623726874 && echo $HOME/.ansible/tmp/ansible-1374852361.71-43824623726874) exited with result 255

TASK: [copy yum repo files] ***************************************************
FATAL: no hosts matched or all hosts have already failed – aborting

PLAY RECAP ********************************************************************
to retry, use: --limit @/var/tmp/ansible/site.retry

10.0.9.170 : ok=0 changed=0 unreachable=1 failed=0
10.0.9.172 : ok=0 changed=0 unreachable=1 failed=0

7

Ok so it’s logging in remotely as kbroughton, not root, since you didn’t specify -u root and were running as you (which is what it should do, in fact…).

Now, your test on the above via SSH login was as root:

[root@Linux-OpenStack-Compute1 ~]# ls -ld /home
drwxr-xr-x. 3 root root 4096 Jul 24 08:35 /home
[root@Linux-OpenStack-Compute1 ~]# lsattr -d /home
--------------- /home
[root@Linux-OpenStack-Compute1 ~]# echo $HOME
/root

What happens as you?

In the worst case, yes, you can force the remote temp path to always use /tmp as Brian said, but I suspect that’s the problem.

8

Was I mistaken to think that if a playbook lists

user: root

then that playbook would try to connect via ssh as root to the remote host? I also tried the various --ask-pass-sudo which I thought, again, would try and run AND connect as root (by defualt). I don’t currently have a kbroughton account set up on the remote. I will try that and then brian’s suggestion next.

Here is the output when i pass the -u root to commanline:

623 kbroughton:ansible-redhat-openstack$ ansible-playbook -u root -vvv -i hosts site.yml

PLAY [all] ********************************************************************

GATHERING FACTS ***************************************************************
<10.0.9.172> ESTABLISH CONNECTION FOR USER: root
<10.0.9.170> ESTABLISH CONNECTION FOR USER: root
<10.0.9.170> EXEC [‘ssh’, ‘-tt’, ‘-q’, ‘-o’, ‘ControlMaster=auto’, ‘-o’, ‘ControlPersist=60s’, ‘-o’, ‘ControlPath=/tmp/ansible-ssh-%h-%p-%r’, ‘-o’, ‘Port=22’, ‘-o’, ‘KbdInteractiveAuthentication=no’, ‘-o’, ‘PasswordAuthentication=no’, ‘-o’, ‘User=root’, ‘-o’, ‘ConnectTimeout=10’, ‘10.0.9.170’, “/bin/sh -c ‘mkdir -p $HOME/.ansible/tmp/ansible-1374930395.38-278372863854939 && echo $HOME/.ansible/tmp/ansible-1374930395.38-278372863854939’”]
<10.0.9.172> EXEC [‘ssh’, ‘-tt’, ‘-q’, ‘-o’, ‘ControlMaster=auto’, ‘-o’, ‘ControlPersist=60s’, ‘-o’, ‘ControlPath=/tmp/ansible-ssh-%h-%p-%r’, ‘-o’, ‘Port=22’, ‘-o’, ‘KbdInteractiveAuthentication=no’, ‘-o’, ‘PasswordAuthentication=no’, ‘-o’, ‘User=root’, ‘-o’, ‘ConnectTimeout=10’, ‘10.0.9.172’, “/bin/sh -c ‘mkdir -p $HOME/.ansible/tmp/ansible-1374930395.38-95551726821490 && echo $HOME/.ansible/tmp/ansible-1374930395.38-95551726821490’”]
fatal: [10.0.9.172] => could not create temporary directory, SSH (mkdir -p $HOME/.ansible/tmp/ansible-1374930395.38-95551726821490 && echo $HOME/.ansible/tmp/ansible-1374930395.38-95551726821490) exited with result 255
fatal: [10.0.9.170] => could not create temporary directory, SSH (mkdir -p $HOME/.ansible/tmp/ansible-1374930395.38-278372863854939 && echo $HOME/.ansible/tmp/ansible-1374930395.38-278372863854939) exited with result 255

TASK: [copy yum repo files] ***************************************************
FATAL: no hosts matched or all hosts have already failed – aborting

9

user: root in the playbook will indeed make it use root, if you are NOT seeing that, I’d like to see the playbook as you probably have it in some weird spot :slight_smile:

I’m a little confused as to what’s up with root’s homedir there.

10

The playbook is a very minally modified version of the openstack playbook recently posted

https://github.com/ansible/ansible-redhat-openstack/issues/6#issuecomment-21384265

The playbook’s author, Benno Joy, had told me,
“The playbook has user root set in it and sudo in enabled in the playbook, so you would have to tweak the playboo a bit to make sudo work.”

So i presumed user: root was set somewhere.
I didn’t see it when I went to double check, so i added it to the three host targets in site.yml.

This didn’t change the errors i received previously. Other than that, the only change i made was to rename the hosts and put in my ip address. I’ve tried the playbook on both a single basic centOS 6.4 instance at rackspace, and a two-node version hosted by company servers (again centOS 6.4).

Here is the root-level diff of the project:

679 kbroughton:ansible-redhat-openstack$ git diff
diff --git a/hosts b/hosts
index a20e1fc…360856d 100644
— a/hosts
+++ b/hosts
@@ -1,7 +1,9 @@
-[openstack_controller]
-openstack-controller
+[local_openstack_controller]
+166.78.180.192
+#openstack-controller

-[openstack_compute]
-openstack-compute
+[local_openstack_compute]
+166.78.180.192
+#openstack-compute

diff --git a/site.yml b/site.yml
index 246ac96…0702298 100644
— a/site.yml
+++ b/site.yml
@@ -2,14 +2,17 @@

The main openstack site deployment playbook

  • hosts: all
  • user: root
    roles:

  • common

  • hosts: openstack_controller

  • user: root
    roles:

  • controller

  • hosts: openstack_compute

  • user: root
    roles:
  • compute

I’m still getting:

$ kbroughton:ansible-redhat-openstack$ ansible-playbook -i hosts site.yml

PLAY [all] ********************************************************************

GATHERING FACTS ***************************************************************
fatal: [166.78.180.192] => could not create temporary directory, SSH (mkdir -p /tmp/ansible-1375066315.04-89253282885227 && echo /tmp/ansible-1375066315.04-89253282885227) exited with result 255

TASK: [copy yum repo files] ***************************************************
FATAL: no hosts matched or all hosts have already failed – aborting

PLAY RECAP ********************************************************************
to retry, use: --limit @/var/tmp/ansible/site.retry

166.78.180.192 : ok=0 changed=0 unreachable=1 failed=0

11

Hi Kesten,

The reason the task at 25 is failing is because it expects the hostname in inventory, so couple of options are

in your inventory add somthing like

[openstack-controller]
huebertus ansible_ssh_host=166.78.180.192
[openstack-compute]

huebertus ansible_ssh_host=166.78.180.192

or another option in the template

CONTROLLER_PUBLIC_ADDRESS={{ hostvars[ansible_hostname][‘ansible_’+iface].ipv4.address }}

CONTROLLER_ADMIN_ADDRESS={{ hostvars[ansible_hostname][‘ansible_’+iface].ipv4.address }}

CONTROLLER_INTERNAL_ADDRESS={{ hostvars[ansible_hostname][‘ansible_’+iface].ipv4.address }}

replace anible_hostname with inventory_hostname

As for the problem of not able to copy files into temp directory, can you try disabling selinux manually and see if it helps.

Thanks,
Benno

12

Thanks benno.
SOLVED and SOLVED

I chose solution 1 for the hostname issue.