Ansible Windows Deployment - 'Connection aborted.', error(104, 'Connection reset by peer')

Question

I am facing an issue with deployment on Windows 2008 server using Ansible. I have a jenkins pipeline which has an Ansible Deployment stage wherein I drop the files on to the target servers from inventory. I have been able to do this successfully for quite a few servers. However for some servers, I see the above error message.

Here is the output from jenkins pipeline

TASK [debug] *******************************************************************
ok: [ch3dw026394.mydomain.com] => {
    "msg": "Hello world!"
}

TASK [Testing connection to windows] *******************************************
fatal: [ch3dw026394.mydomain.com]: UNREACHABLE! => {"changed": false, "msg": "ntlm: ('Connection aborted.', error(104, 'Connection reset by peer'))", "unreachable": true}

Here is the Ansible playbook module for win_ping

  #Testing connection with Target
  - debug: 
    msg: "Testing connection to windows {{ inventory_hostname }}"

  - name: Testing connection to windows
    win_ping: null
    any_errors_fatal: true

I did quite a bit of research on this and none of the following options worked

1. Turned off UAC on the Windows 2008 server.

2. Did not work Some posts online said that this error happens because the inventory file does not contain FQDN, but contains IP. My inventory file contains FQDN (Fully Qualified domain name) and still does not work Another post said that the port number(5986) in the vars.yml should be commented out and instead have hostname:5986 in the inventory file. Still did not work

3. I tried deleting the listeners on the server and ran the powershell script to enable WinRM (https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1). This also did not work. Deleted the listeners using

   winrm delete winrm/config/Listener?Address=*+Transport=HTTP
   winrm delete winrm/config/Listener?Address=*+Transport=HTTS
   

4. Set WinRM to have basic Auth = true and also AllowUncrypted = true (see below) and still did not work. (Please note I did not have to do any of this in my other Windows 2008 servers and it worked absolutely fine).

   winrm set winrm/config/service '@{AllowUnencrypted= "true"}'
   Set-Item -Path "WSMan:\localhost\Service\Auth\Basic" -Value $true
   

Please can you help me get past this error.

Thanks in advance for your assistance! Warm Regards

Answer 1

i had similar problem when trying to ping-pong the windows 10 node:

examplenode | UNREACHABLE! => {
    "changed": false, 
    "msg": "ssl: ('Connection aborted.', error(104, 'Connection reset by peer'))", 
    "unreachable": true 

re issuing certificate helped with option -ForceNewSSLCert on ConfigureRemotingforAnsible.ps1 script. (on target node)

this happened to two nodes in my collection, what i noticed is that both nodes were on 1607 version of windows 10

( if someone wants to track down the problem)