Ansible 可以从 localhost 连接到 windows 机器,但不能从 docker 容器连接
[英]Ansible can connect to windows machine from localhost but not from docker container
问题描述
I can successfully ping windows host using Ansible from my localhost terminal but when trying this via a docker container, it fails with the following message:
我可以从我的本地主机终端使用 Ansible 成功 ping windows 主机,但是当通过 docker 容器尝试此操作时,它失败并显示以下消息:
flask | fatal: [eudc2.dea.com]: UNREACHABLE! => {"changed": false, "msg": "basic: HTTPConnectionPool(host='eudc2.dea.com', port=5985): Max retries exceeded with url: /wsman (Caused by ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x7fbc16d50550>, 'Connection to eudc2.dea.com timed out. (connect timeout=30)'))", "unreachable": true}
However, when pinged via localhost:但是,当通过 localhost ping 时:
~/Documents/Projects/user oam !5 ?6 ❯ ansible dc -m win_ping
eudc2.dea.com | SUCCESS => {
"changed": false,
"ping": "pong"
}
I would say this means the problem is in the docker container so that's the dockerfile:我会说这意味着问题出在 docker 容器中,所以这就是 dockerfile:
FROM python
WORKDIR /app
ADD . /app
RUN pip3 install --upgrade pip
RUN pip3 install flask uwsgi requests ansible ansible_runner pywinrm
RUN apt-get update -y && \
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
sshpass
CMD ["uwsgi","app.ini"]
This is the hostvars:这是主机变量:
[dc]
eudc2.dea.com
[dc:vars]
ansible_user='username'
ansible_password='pass'
ansible_connection=winrm
ansible_winrm_server_cert_validation=ignore
ansible_winrm_port=5985
ansible_winrm_transport=basic
Detailed output of win_ping from docker container:来自 docker 容器的 win_ping 的详细输出:
~/Documents/Projects/user oam !5 ?7 ❯ docker exec flask ansible -i /app/ansible/inventory/hosts dc -m win_ping -vvvv ✘ INT
ansible 2.10.2
config file = None
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.9/site-packages/ansible
executable location = /usr/local/bin/ansible
python version = 3.9.0 (default, Oct 13 2020, 20:14:06) [GCC 8.3.0]
No config file found; using defaults
setting up inventory plugins
host_list declined parsing /app/ansible/inventory/hosts as it did not pass its verify_file() method
script declined parsing /app/ansible/inventory/hosts as it did not pass its verify_file() method
auto declined parsing /app/ansible/inventory/hosts as it did not pass its verify_file() method
Set default localhost to localhost
Parsed /app/ansible/inventory/hosts inventory source with ini plugin
Loading callback plugin minimal of type stdout, v2.0 from /usr/local/lib/python3.9/site-packages/ansible/plugins/callback/minimal.py
META: ran handlers
redirecting (type: modules) ansible.builtin.win_ping to ansible.windows.win_ping
Loading collection ansible.windows from /usr/local/lib/python3.9/site-packages/ansible_collections/ansible/windows
Using module file /usr/local/lib/python3.9/site-packages/ansible_collections/ansible/windows/plugins/modules/win_ping.ps1
Pipelining is enabled.
<eudc2.dea.com> ESTABLISH WINRM CONNECTION FOR USER: <username_truncated> on PORT 5985 TO eudc2.dea.com
eudc2.ictv.com | UNREACHABLE! => {
"changed": false,
"msg": "basic: HTTPConnectionPool(host='eudc2.dea.com', port=5985): Max retries exceeded with url: /wsman (Caused by ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x7f628ecd08e0>, 'Connection to eudc2.dea.com timed out. (connect timeout=30)'))",
"unreachable": true
}
~/Documents/Projects/user oam !5 ?7 ❯ docker exec flask curl eudc2.dea.com ✘ INT
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:16 --:--:-- 0
1 个解决方案
解决方案1
0 2020-10-30 02:45:20
It's interesting that the curl run from within the container took 16 seconds to complete.有趣的是,从容器内运行curl需要 16 秒才能完成。 That looks a long time.这看起来很长一段时间。
Ansible's WinRM timeout is 20 seconds for operations: Ansible 的 WinRM 超时操作为 20 秒:
https://docs.ansible.com/ansible/latest/user_guide/windows_winrm.html https://docs.ansible.com/ansible/latest/user_guide/windows_winrm.html
Some suggestions:一些建议:
- Run a few
curlrequest from within and outside the container (I'm considering the container is running on the same box as what you're calling localhost);从容器内部和外部运行一些curl请求(我正在考虑容器与您调用的 localhost 在同一台机器上运行); compare the times to see they differ substantially比较时间,看看它们有很大的不同 - Run
win_pingmultiple times from both container and localhost;从容器和本地主机多次运行win_ping; does container ever work or localhost ever fails?;容器是否曾经工作或本地主机曾经失败?; time the runs ( time ansible dc -m win_ping)运行time ansible dc -m win_ping(time ansible dc -m win_ping) - Change the configurations
ansible_winrm_operation_timeout_secandansible_winrm_read_timeout_secmentioned on the link above, and see if that helps更改上面链接中提到的ansible_winrm_operation_timeout_sec和ansible_winrm_read_timeout_sec配置,看看是否有帮助
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
如何从Docker容器中的python脚本连接到localhost上的mysql数据库 - How to connect to a mysql database on localhost from a python script in a docker container
无法从主机访问 jupyter docker 容器 - Can't reach jupyter docker container from host machine
来自 Docker 容器本地主机的 Jupyter 笔记本不起作用 - Jupyter notebook from Docker container localhost not working
从docker容器内部向localhost发出请求 - making requests to localhost from inside docker container
从本地主机访问AWS中的Docker容器 - Accessing docker container in AWS from localhost
无法从我在 docker 容器下运行的应用程序连接到 localhost:8000 的快速 api 服务器 - Cannot connect to fast api server at localhost:8000 from my application which is running under a docker container
如何从 docker 容器连接到 mongoDB 云集群? - How can I connect to a mongoDB cloud cluster from docker container?
从 docker 容器读取本地机器上的文件 - Reading files on local machine from docker container
从主机上运行的 django 连接到 docker 容器内的 postgres 数据库 - connect to a postgres database inside of a docker container from django running on host machine
从远程计算机在Docker容器上执行命令 - Execute command on docker container from remote machine
相关标签