Error: No matching host could be found, in AWX provisioning callback

Archives AWX Project
1

Hi Team,

I hope you all are doing good in these trying times !!

Am configuring provisioning callback in job template in AWX, but receives an error on EC2 instance as

{“msg”:“No matching host could be found!”}

Have configured, following setting on AWX as well, as mentioned in official AWX document

Settings → System → Remote Host Headers → HTTP_X_FORWARDED_FOR

But it still doesn’t work. SSH works all ok and can run the playbook as well from AWX.

Please advise.

Regards,
Amkur

2

Adding curl command output, for more visibility :

curl -vv --data “host_config_key=f1061764ae5a” https://XXXX.com:443/api/v2/job_templates/22/callback/

  • Trying 10.3.71.55…
  • TCP_NODELAY set
  • Connected to XXXXX.com (XX.XX.XX.55) port 443 (#0)
  • ALPN, offering h2
  • ALPN, offering http/1.1
  • Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
  • successfully set certificate verify locations:
  • CAfile: /etc/pki/tls/certs/ca-bundle.crt
    CApath: none
  • TLSv1.2 (OUT), TLS header, Certificate Status (22):
  • TLSv1.2 (OUT), TLS handshake, Client hello (1):
  • TLSv1.2 (IN), TLS handshake, Server hello (2):
  • TLSv1.2 (IN), TLS handshake, Certificate (11):
  • TLSv1.2 (IN), TLS handshake, Server key exchange (12):
  • TLSv1.2 (IN), TLS handshake, Server finished (14):
  • TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
  • TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
  • TLSv1.2 (OUT), TLS handshake, Finished (20):
  • TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
  • TLSv1.2 (IN), TLS handshake, Finished (20):
  • SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
  • ALPN, server accepted to use h2
  • Server certificate:
  • start date: Feb 25 00:00:00 2019 GMT
  • expire date: Mar 7 12:00:00 2021 GMT
  • subjectAltName: host “XXXX.com” matched cert’s “*.XXXX.com”
  • issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=GeoTrust RSA CA 2018
  • SSL certificate verify ok.
  • Using HTTP2, server supports multi-use
  • Connection state changed (HTTP/2 confirmed)
  • Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
  • Using Stream ID: 1 (easy handle 0x237dbb0)

POST /api/v2/job_templates/22/callback/ HTTP/2
Host: XXXX.com
User-Agent: curl/7.61.1
Accept: /
Content-Length: 48
Content-Type: application/x-www-form-urlencoded

  • Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
  • We are completely uploaded and fine
    < HTTP/2 400
    < date: Tue, 02 Feb 2021 08:53:36 GMT
    < content-type: application/json
    < content-length: 42
    < vary: Accept, Accept-Language, Origin, Cookie
    < allow: GET, POST, HEAD, OPTIONS
    < x-api-product-version: 15.0.0
    < x-api-product-name: AWX
    < x-api-node: awx-84c4f76d8-5c5nc
    < x-api-time: 0.191s
    < content-language: en
    < x-api-total-time: 0.235s
    < strict-transport-security: max-age=15724800; includeSubDomains
    <
  • Connection #0 to host XXXX.com left intact
    {“msg”:“No matching host could be found!”}
3

Hi Amkur

Is your host in an inventory? As per the docs…
The requesting host must be defined in your inventory for the callback to succeed. If Tower fails to locate the host either by name or IP address in one of your defined inventories, the request is denied. When running a Job Template in this way, the host initiating the playbook run against itself must be in the inventory. If the host is missing from the inventory, the Job Template will fail with a “No Hosts Matched” type error message.

Phil.

4

Thanks Phil for your reply.

Yes I have host in the inventory (added both the ip address as well as fqdn), then too it fails with No Hosts error.

Regards,
Amkur