Testing connections

Validate remote access between WebSphere Automation and WebSphere Application Server or WebSphere Application Server Liberty servers.

Before you begin

This task requires administrative access to the WebSphere Automation cluster.

Procedure

  1. Run the runcli testConnection command. The runcli testConnection command can be run from a console of the runbook-manager pod. 
    MANAGER_POD=$(oc get pod -l app.kubernetes.io/component=runbook-manager -o name | head -n 1)
oc rsh $MANAGER_POD runcli testConnection <hostname> [operatingSystem]

    Pass the hostname of the managed server as a parameter, or pass the operating system name as a parameter. Refer to the following example.

    oc rsh $MANAGER_POD runcli testConnection myvm linux

    A job starts that attempts to connect to the managed server by using the configured SSH or WinRM parameters. Refer to the following example output.

    Oct 22, 2021 6:47:23 PM com.ibm.ws.automation.core.runbook.manager.RunbookManagerCLI clientMode
INFO: starting
Created job: test-connection-1634928445267
To see job logs run: oc logs --tail=100 -l job-name=test-connection-1634928445267
  2. Examine the job logs for any connection problems.
    The output of a successful connection:
    [11/02/21 19:05:36:746 UTC] 1    com.ibm.ws.automation.core.runbook.runner.RunbookRunnerCLI INFO appMode Runbook Runner Starting
[11/02/21 19:05:38:952 UTC] 1    com.ibm.ws.automation.core.runbook.runner.RunbookRunnerCLI INFO start Request received to execute runbook: test-connection against server: test-server.example.com (correlationId: 1635879932990)
[11/02/21 19:05:39:033 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook Here is the standard output of the command:

[11/02/21 19:05:39:129 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook was:
[11/02/21 19:05:39:129 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook   hosts:
[11/02/21 19:05:39:129 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook     test-server.example.com:
[11/02/21 19:05:39:130 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook       ansible_connection: ssh
[11/02/21 19:05:39:130 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook       ansible_shell_type: powershell
[11/02/21 19:05:39:130 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook       ansible_user: Administrator
[11/02/21 19:05:39:133 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook Agent pid 48
[11/02/21 19:05:39:138 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook The known_hosts file is not present
[11/02/21 19:05:39:138 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook ANSIBLE_HOST_KEY_CHECKING=<notset>
[11/02/21 19:05:40:049 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook No config file found; using defaults
[11/02/21 19:05:40:438 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook 
[11/02/21 19:05:40:438 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook PLAY [Test Connection] *********************************************************
[11/02/21 19:05:40:447 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook 
[11/02/21 19:05:40:447 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook TASK [test : Check PowerShell Version] *****************************************
[11/02/21 19:05:46:192 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook changed: [test-server.example.com] => {"changed": true, "cmd": "Write-Output (\"PowerShell version: \" + $PSVersionTable.PSVersion.Major + \".\" + $PSVersionTable.PSVersion.Minor)\nif ($PSVersionTable.PSVersion.Major -lt 5) {\n  Write-Output \"ERROR: PowerShell version 5 or later is required.\"\n  Exit 25\n}", "delta": "0:00:00.921839", "end": "2021-11-02 07:05:45.760941", "rc": 0, "start": "2021-11-02 07:05:44.839102", "stderr": "", "stderr_lines": [], "stdout": "PowerShell version: 5.1\r\n", "stdout_lines": ["PowerShell version: 5.1"]}
[11/02/21 19:05:46:196 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook 
[11/02/21 19:05:46:196 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook PLAY RECAP *********************************************************************
[11/02/21 19:05:46:196 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook test-server.example.com  : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
[11/02/21 19:05:46:197 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook 
[11/02/21 19:05:46:264 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook Here is the standard error of the command (if any):

[11/02/21 19:05:46:265 UTC] 1    com.ibm.ws.automation.core.runbook.runner.AnsibleRunner INFO runRunbook Identity added: /was/win/ssh_private_key_file (example.user@example.com)
[11/02/21 19:05:46:265 UTC] 1    com.ibm.ws.automation.core.runbook.runner.RunbookRunnerCLI INFO start Ansible return code=0
[11/02/21 19:05:46:265 UTC] 1    com.ibm.ws.automation.core.runbook.runner.RunbookRunnerCLI INFO stop Runbook Runner Stopping

    In the absence of obvious error or completion messages, search for keywords stdout, stdout_lines, stderr and stderr_lines.

    Note: The PowerShell requirement line might appear even if the server meets the PowerShell version requirement. You can disregard this statement.
If you encounter issues when you are testing the connection, refer to the following troubleshooting tips.
Missing wsa-ansible or wsa-ansible-win secret
ERROR: The /was/ssh directory with the Ansible connection
        parameters is empty. Make sure the wsa-ansible secret exists.

The wsa-ansible or wsa-ansible-win secret is missing with SSH or WinRM connection parameters. See Setting up secure remote access.

Unable to resolve hostname
Failed to connect to the host via ssh: ssh: Could not
        resolve hostname <hostname>

Some servers might be configured with hostnames that cannot be resolved by DNS. In such cases, it might be necessary to configure WebSphere Automation with a custom host mapping. Use the .runbookManager.runbookRunner.hostAliases parameter in the WebSphereAutomation custom resource to provide more host or IP mappings. For example,

apiVersion: automation.websphere.ibm.com/v1
kind: WebSphereAutomation
metadata:
  name: wsa
spec:
  runbookManager:
    runbookRunner:
      hostAliases:
      - hostnames:
        - myvm
        ip: 9.46.84.208
Host key verification failed
Failed to connect to the host via ssh: Host key verification
        failed.

WebSphere Automation verifies host keys but the host key of one the servers changed. If the host key change was intentional, update the wsa-ansible-known-hosts configuration with the updated key. See Setting up WebSphere Automation for SSH to Linux or UNIX servers for details.