Using ansible in CircleCI : Exception: Error reading SSH protocol banner[Errno 104] Connection reset by peer

Build Environment
1

I’m working on a CircleCi job running a configuration on an EC2 instance. The problem is that the ansible could not run the configuration and is still running in a loop on this error :slight_smile:

PLAY [configuration play]
******************************************************

TASK [wait 600 seconds for target connection to become reachable/usable] *******

Exception: Error reading SSH protocol banner[Errno 104] Connection reset by peer

Traceback (most recent call last):

File "/usr/lib/python3.8/site-packages/paramiko/transport.py", line 2211, in _check_banner

buf = self.packetizer.readline(timeout)

File "/usr/lib/python3.8/site-packages/paramiko/packet.py", line 380, in readline

buf += self._read_timeout(timeout)

File "/usr/lib/python3.8/site-packages/paramiko/packet.py", line 607, in _read_timeout

x = self.__socket.recv(128)

ConnectionResetError: [Errno 104] Connection reset by peer

During handling of the above exception, another exception occurred:

Traceback (most recent call last):

File "/usr/lib/python3.8/site-packages/paramiko/transport.py", line 2039, in run

self._check_banner()

File "/usr/lib/python3.8/site-packages/paramiko/transport.py", line 2215, in _check_banner

raise SSHException(

paramiko.ssh_exception.SSHException: Error reading SSH protocol banner[Errno 104] Connection reset by peer

Exception: Error reading SSH protocol banner

Traceback (most recent call last):

File "/usr/lib/python3.8/site-packages/paramiko/transport.py", line 2211, in _check_banner

buf = self.packetizer.readline(timeout)

File "/usr/lib/python3.8/site-packages/paramiko/packet.py", line 380, in readline

buf += self._read_timeout(timeout)

File "/usr/lib/python3.8/site-packages/paramiko/packet.py", line 609, in _read_timeout

raise EOFError()

EOFError


fatal: [ec2-18-237-14-97.us-west-2.compute.amazonaws.com]: FAILED! => {"changed": false, "elapsed": 600, "msg": "timed out waiting for ping module test success: Error reading SSH protocol banner"}

PLAY RECAP *********************************************************************
ec2-18-237-14-97.us-west-2.compute.amazonaws.com : ok=0    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

Circle-Ci job :

configure-infrastructure:
    docker:
      - image: python:3.7-alpine3.11
    steps:
      - checkout       
      - add_ssh_keys:
          fingerprints: ["bla:bla:bla:bla:bla:bla:bla:bla:bla:bla:bla:bla:bla:bla:bla:bla"]
      - attach_workspace:
          at: ~/

      - run:
          name: Install dependencies
          command: |
              apk add --update tar gzip ansible
              pip install awscli
      - run:
          name: Configure server
          command: |
            cat ./.circleci/ansible/inventory.txt
            export ANSIBLE_HOST_KEY_CHECKING=False
            export RECORD_HOST_KEYS=True
            ansible-playbook -i ./.circleci/ansible/inventory.txt ./.circleci/ansible/configure-server.yml
      - destroy-environment

.circleci/ansible/configure-server.yml

---
- name: configuration play
  hosts: web
  user: ubuntu
  become: true
  become_method: sudo
  become_user: root
  gather_facts: false
  vars:
    - ansible_python_interpreter: /usr/bin/python3
    - ansible_host_key_checking: false
    - ansible_stdout_callback: yaml
  pre_tasks:
    - name: wait 600 seconds for target connection to become reachable/usable
      ansible.builtin.wait_for_connection:
        delay: 0
        timeout: 600
    - name: install python for Ansible.
      become: true
      raw: test -e /usr/bin/python3 || (apt -y update && apt install -y python3)
      changed_when: false
  roles: 
   - configure-server

roles/configure-server/tasks/main.yml

---
- name: "Update apt packages"
  become: true
  apt:
    update_cache: yes

- name: "Remove dependencies that are no longer required"
  become: true
  apt:
    autoremove: yes

- name: "Install npm and nodejs"
  become: true
  apt:
    name: ["npm", "nodejs"]
    state: latest
    update_cache: yes

- name: "Install pm2"
  become: true
  npm:
    name: pm2
    global: yes
    production: yes
    state: present

I have already added my key pair to the Circle project settings, obtained the fingerprints and added it to the job configuration ([bla:bla…]).

I can connect to the Ec2 instance using ssh without any problems.

More details :

ImageId: ami-0d70546e43a941d70 
region: us-west-2

Any help or suggestions would be greatly appreciated.

2

Hello

I can see that you are using Paramiko within your build, I would recommend the following StackOverflow page in regards to the issues you are seeing.

Specifically the section around setting timeouts on banner_timeout, timeout and auth_timeout.

I would also recommend increasing the delay that is set from 0 to a higher value to allow the machine to be ready as this can also cause issues.

Kind Regards
Owen Oliver

3

I have the same exact error as you, and I am really disappointed, I can’t continue my project submission because of this error. :frowning:

4

Hello khalil-Elf441,

I have good new for you, I solved yesterday the issue, the error is in the code itself, so I changed mine and it worked.

You can check my code below in the “config.yml” file, while leaving all your rest code as is:

version: 2.1

commands:

  install_ansible:
    description: Install Ansible
    steps:
      - run:
          name: Install Ansible
          command: |
            sudo apt update
            sudo apt install software-properties-common -y
            sudo add-apt-repository --yes --update ppa:ansible/ansible
            sudo apt install ansible -y

jobs:
 
  insalling_apache_EC2_ansible:
    docker:
        - image: cimg/base:stable

    steps:
      - checkout
      - install_ansible   
      - add_ssh_keys:
             fingerprints: 
              - "7e:21:64:03:08:9d:2b:6d:ab:d3:a0:69:ec:c9:f1:2c"

      - run:
          name: Run Playbook and Configure server
          command: |
            ansible-playbook -i ~/project/.circleci/ansible/inventory.txt -vvv ~/project/.circleci/ansible/main-remote.yml

workflows:
  Insalling_Apache_EC2_Ansible-workflow:
    jobs:
      - insalling_apache_EC2_ansible

Kindly notify if it worked with you as well or not, thanks.

5

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.