我想在 Ansible 中使用 Microsoft AD 插件,因此根据先决条件,我尝试将 Python 从 3.6.8 升级到更高版本,即 Python 3.11.6 并安装了主要先决条件,如下所示
我相信上述软件包破坏了 WINRM 连接。我必须通过删除此目录中已安装的文件来删除 python 3.11.6 版本
winrm 还是不行,所以我不得不删除之前安装的必备包,例如
不过,当我尝试测试 winrm 连接时,它抛出如下
calling kinit with subprocess for principal [email protected]
kinit succeeded for principal [email protected]
<TargetHost001.domain.com> WINRM CONNECT: transport=kerberos endpoint=http://TargetHost001.domain.com:5985/wsman
<TargetHost001.domain.com> WINRM CONNECTION ERROR: Bad HTTP response returned from server. Code 403
Traceback (most recent call last):
File "/usr/local/lib/python3.6/site-packages/winrm/protocol.py", line 248, in send_message
root = ET.fromstring(ex.response_text)
File "/usr/lib64/python3.6/xml/etree/ElementTree.py", line 1314, in XML
parser.feed(text)
File "<string>", line None
xml.etree.ElementTree.ParseError: mismatched tag: line 118, column 2
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.6/site-packages/ansible/plugins/connection/winrm.py", line 426, in _winrm_connect
self.shell_id = protocol.open_shell(codepage=65001) # UTF-8
File "/usr/local/lib/python3.6/site-packages/winrm/protocol.py", line 166, in open_shell
res = self.send_message(xmltodict.unparse(req))
File "/usr/local/lib/python3.6/site-packages/winrm/protocol.py", line 251, in send_message
raise ex
File "/usr/local/lib/python3.6/site-packages/winrm/protocol.py", line 243, in send_message
resp = self.transport.send_message(message)
File "/usr/local/lib/python3.6/site-packages/winrm/transport.py", line 309, in send_message
self.build_session()
File "/usr/local/lib/python3.6/site-packages/winrm/transport.py", line 292, in build_session
self.setup_encryption()
File "/usr/local/lib/python3.6/site-packages/winrm/transport.py", line 298, in setup_encryption
self._send_message_request(prepared_request, '')
File "/usr/local/lib/python3.6/site-packages/winrm/transport.py", line 338, in _send_message_request
raise WinRMTransportError('http', ex.response.status_code, response_text)
winrm.exceptions.WinRMTransportError: Bad HTTP response returned from server. Code 403
TargetHost001.domain.com | UNREACHABLE! => {
"changed": false,
"msg": "kerberos: Bad HTTP response returned from server. Code 403",
"unreachable": true
}
Ansible.cfg 文件具有以下内容
[defaults]
force_color = true
nocows = 0
inventory = hosts
roles_path = /etc/ansible/roles:/usr/share/ansible/roles
action_warnings = true
collections_paths = ~/.ansible/collections:/usr/share/ansible/plugins/modules:/usr/lib/python2.7/site-packages/ansible/modules
collections_scan_sys_path = True
interpreter_python = /usr/bin/python3
deprecation_warnings=False
callbacks_enabled= ansible.posix.profile_tasks,ansible.posix.timer,ansible.posix.profile_roles
我尝试删除 Python 3.11 并通过 pip 卸载 pyspnego 和 dnspython 模块,但仍然无法从 Ansible 与 WINRM 连接
我发现这个问题与Python包或其版本无关,但不知何故安装和手动删除Python3.11的目录搞砸了bashrc配置文件,我在其中提到了代理详细信息如下
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
export no_proxy=localhost,127.0.0.0/8,127.0.1.1
export NO_PROXY=localhost,127.0.0.0/8,127.0.1.1
export HTTPS_PROXY=http://xxx.domain.com:8080
export https_proxy=http://xxx.domain.com:8080
export http_proxy=http://xxx.domain.com:8080
export HTTP_PROXY=http://xxx.domain.com:8080
我必须评论并修改个人资料如下
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
export no_proxy=localhost,127.0.0.0/8,127.0.1.1
export NO_PROXY=localhost,127.0.0.0/8,127.0.1.1
export https_proxy=http://xxx.domain.com:8080
上述修改使Ansible和WinRM再次开始工作。