Ansible SSL Error

Rajeshunix13 · April 4, 2021, 12:28pm

Team,

I’m trying to execute a task with vmware_tools but facing a strange SSL Error: Certificate verification failed. This issue occurs when executing a job from the foreman but the same code executed from CLI ( from where we have Vcenter communication with ansible-playbook).

My play has involved 3 steps:
1). List the registered virtual machines from Vcenter. - Output success
2). Find the guest name/UUID which is matched with job schedule ansible_host and trying find the VM folder path. Output success.
3). Now I will load custom variables like ansible_connection to vmware_tools and trying to execute ansible modules to execute jobs. Here we are facing issues and throwing errors like SL Error: Certificate verification failed.
Even enabled the verbosity level to 4 but it is not showing any further debugging information.
Here I’m attaching the test playbook, due to extension limitation we renamed yml with log here

.vmwaretoolslinuxansible_playbook_testing.log (1.4 KB) main_vars.log (171 Bytes) custom_vars.log (416 Bytes)

Rajeshunix13 · April 4, 2021, 12:39pm

attaching error log.Error_logs.log (2.1 KB)

Rajeshunix13 · April 6, 2021, 4:00pm

Team,

Can anyone have the solution to execute the foreman jobs over the vmware_tools connection?

https://docs.ansible.com/ansible/latest/collections/community/vmware/vmware_tools_connection.html

ezr-ondrej · April 6, 2021, 6:00pm

Hi,

I’d guess that you’re using self-signed certificates for vcenter in which case you’ll need to disable validate_certs while using the module

Rajeshunix13 · April 7, 2021, 4:48am

@ezr-ondrej thanks for your response.

we already specified that parameter in the playbook. same we can find in attached logs.

I’m suspecting something wrong in foreman generated job inventory, because when I’m trying to run the same job with plain inventory from CLI which is executing without any issue.

Playbook:

hosts: all
gather_facts: no
vars_files:
- /etc/ansible/remote_code/main_vars.yml
- /etc/ansible/remote_code/{{ansible_host}}.facts
- /etc/ansible/remote_code/custom_vars.yml
  tasks:
- shell: >
  ls -ltr
  register: out
- debug:
  var: out.stdout

main_vars.yml:

vcenter_hostname: “10.10.11.11”
vcenter_user: “vcuser”
vcenter_password: “vcuserpassword”
vm_username: “linuxuser”
vm_password: “linuxuserpassword”

custom_vars.yml

ansible_connection: vmware_tools
ansible_vmware_host: “{{vcenter_hostname}}”
ansible_vmware_user: “{{vcenter_user}}”
ansible_vmware_password: “{{vcenter_password}}”
ansible_vmware_validate_certs: no
ansible_vmware_tools_user: “{{vm_username}}”
ansible_vmware_tools_password: “{{vm_password}}”
#ansible_vmware_guest_path: “{{vm_folder.folders[0]}}/{{icmp_guestname}}”
ansible_vmware_guest_path: “{{guest_hw_folder}}”
ansible_command_timeout: 900
ansible_user: “{{vm_username}}”
ansible_become: yes
ansible_become_method: sudo

10.10.11.25.facts

guest_hw_folder: /TESTVC/vm/Discovered virtual machine/TESTVM

above is my complete play, please validate and let us know.

Rajeshunix13 · April 7, 2021, 4:31pm

Team,

It will be very helpful if anyone replicates the above problem and provide the cause.

Rajeshunix13 · April 15, 2021, 10:11am

Issue solved.