Firewall error

[hrishikesh-dahiya]

TASK [Generate ssh key for deploy/keys/gitlab/execution_nodes/enode1] **********
changed: [enode1]

cmd:
ssh-keygen
-t
rsa
-b
4096
-C
load balancer key for enode1@autolabjs
-f
/opt/autolabjs2/deploy/keys/gitlab/execution_nodes/enode1/id_rsa
-N

-q

start:
2019-01-19 15:40:15.006437

end:
2019-01-19 15:40:16.505233

delta:
0:00:01.498796
changed: [enode2]

cmd:
ssh-keygen
-t
rsa
-b
4096
-C
load balancer key for enode2@autolabjs
-f
/opt/autolabjs2/deploy/keys/gitlab/execution_nodes/enode2/id_rsa
-N

-q

start:
2019-01-19 15:40:16.879616

end:
2019-01-19 15:40:18.819054

delta:
0:00:01.939438

TASK [Register public key] *****************************************************
changed: [enode1]

cmd:
cat /opt/autolabjs2/deploy/keys/gitlab/execution_nodes/enode1/id_rsa.pub

start:
2019-01-19 15:40:19.351964

end:
2019-01-19 15:40:19.357711

delta:
0:00:00.005747

stdout:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC00Wt9oiNWKn6Fs9lyjSQ3r/xFODjrXw9Q13rcIpfsp27huCShXJK6mAIdPo0WTJGVqkjJ0NydutEkhwgmpwtZ3ACxbeP259oc1or3qYHWyNgO1FKJmUmqQTpPES7XTHGByq/dRxkxPlVIwANjo5x47dh+NPxWAU+Wz7T+syIES53zxUbkbiyhfrTm555vjYy49HVDLIhOahrIpUu6hqq56R3kNSPAmRmUs2C0TDH7df6aESN2XglMy5+sg+njfuQyVKGVdlOcWim2jYbZPkVig85k2+TZMEXm3kzss4iXWbSm8rROtQMmog3vaUEgzL+ZU56BQRw+eGw0w2mIIzTxIvC89GafNfyaZ1HgzpOcfXm+UtSS0cLZ4jXHMZirfx6zZJfZBQdbls5BSg0bg4OkCgsHdUch+1INn+Wxvfuz7mr6OHWe/2vD8udkZ5NAmfNt8QX3qWYp9bXDYwr5jq9UYymhpdr2+j+Z6yNKNdxsecoollOaP+BASfyozTxQ0yN+ZqFTdXlAeqRU/D9Go810B2vTOWkiL7HJNJrWkv993hFm/xLc/mMJ+KEoT2IK7A34EObDfYrD++L9LZklEifLipfjbgsjsAIsyOaUv11Jv3PO1tAfFCBwcM++Boh5OPeAqbrgFn8ul8LvKnJBgG1FLg4VcH/vSOg9tIR5fIA81Q== load balancer key for enode1@autolabjs
changed: [enode2]

cmd:
cat /opt/autolabjs2/deploy/keys/gitlab/execution_nodes/enode2/id_rsa.pub

start:
2019-01-19 15:40:19.669629

end:
2019-01-19 15:40:19.676334

delta:
0:00:00.006705

stdout:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDU1BlZRBote9uwUNYCvRvMBCFtwTiR+GsiM/792uTpZQBCSRNfQVfT2bw1Ci4D/FW6B/laURWcAIKIxwr6xyV6tJUMQX9NLzCixrzZNOKs6BXzeLUwKl99VH1Ec05V5TqEcjdjPxibYj7SKui6jEnZnfl1EOZ80P8ZNsWjlou1Z2w4qkM9ZO+2vTes0NvnTYCjC/yqXnIlFXtZsOBtpo6mlVa/wHdJ5M5KG8GGbfBISZNr+8lpzN65vCRBSO8ylzbzsHMQ4wGVTOe5C1rN3soDJBBchEugHv8WZN4tPzOHsXvT2x8me5AW3PwDyoKpwo/QkO5VkNEfkg+8/f1pXTQagGS1xWe5RUpe4Siv/BqPTTI29UktTP9tmUkQaacu4T/arfNQ/niroRSvaEPSHDQinDoH4U5uoksoW9FvJ4DCiYcgPVB8hJKPpqVpWbg5JkSHjUgv7ZP/TcyUb/XslHqTGdyFSytBbqftdu8qH/FbaWMHyg0iGoXn5AXt1wiLDW9Vfyow2L5ks+8QPh5tC3D0N4rcZDBZlBKnOaGiBBNOEIKlRYyzK3z/VP4RYUckXAhEAIUzLd0x++F8ZeNpFqJeVoPYQVgn/wVFF+Cs3VhkRv4jxtB7wjyRFaunbfu3w14oBJrl6qX9opP0CLWSvYKDD1nBCqa2gfwOAZfDhG03JQ== load balancer key for enode2@autolabjs

TASK [Get Private Token] *******************************************************
ok: [enode1]

msg:
OK (708 bytes)
ok: [enode2]

msg:
OK (708 bytes)

TASK [set_fact] ****************************************************************
ok: [enode1]
ok: [enode2]

TASK [Add key to gitlab] *******************************************************
[DEPRECATION WARNING]: Supplying headers via HEADER_* is deprecated. Please use
headers to supply headers for the request. This feature will be removed in
version 2.9. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
ok: [enode1]

msg:
OK (878 bytes)
ok: [enode2]

msg:
OK (878 bytes)

TASK [Build executionnode] *****************************************************
ok: [enode1]
ok: [enode2]

TASK [Start execution_node container] ******************************************
changed: [enode1]
changed: [enode2]

PLAY [machines] ****************************************************************

TASK [Gathering Facts] *********************************************************
ok: [server1]

TASK [Install crontab on all the machines running AutolabJS components] ********
changed: [server1]

TASK [Enable UFW] **************************************************************
ok: [server1]

msg:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip

To Action From

---

2222 ALLOW IN Anywhere # autolabjs
22 ALLOW IN Anywhere # autolabjs
80 ALLOW IN Anywhere # autolabjs
443 ALLOW IN Anywhere # autolabjs
9000 ALLOW IN Anywhere # autolabjs
8081 DENY IN Anywhere (log) # autolabjs
8091 DENY IN Anywhere (log) # autolabjs
8092 DENY IN Anywhere (log) # autolabjs
8093 DENY IN Anywhere (log) # autolabjs
8094 DENY IN Anywhere (log) # autolabjs
8095 DENY IN Anywhere (log) # autolabjs
8096 DENY IN Anywhere (log) # autolabjs
8097 DENY IN Anywhere (log) # autolabjs
8098 DENY IN Anywhere (log) # autolabjs
8099 DENY IN Anywhere (log) # autolabjs
8100 DENY IN Anywhere (log) # autolabjs
2222 (v6) ALLOW IN Anywhere (v6) # autolabjs
22 (v6) ALLOW IN Anywhere (v6) # autolabjs
80 (v6) ALLOW IN Anywhere (v6) # autolabjs
443 (v6) ALLOW IN Anywhere (v6) # autolabjs
9000 (v6) ALLOW IN Anywhere (v6) # autolabjs
8081 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8091 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8092 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8093 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8094 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8095 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8096 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8097 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8098 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8099 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8100 (v6) DENY IN Anywhere (v6) (log) # autolabjs

TASK [Set the default incoming policy of UFW to deny] **************************
ok: [server1]

msg:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip

To Action From

---

2222 ALLOW IN Anywhere # autolabjs
22 ALLOW IN Anywhere # autolabjs
80 ALLOW IN Anywhere # autolabjs
443 ALLOW IN Anywhere # autolabjs
9000 ALLOW IN Anywhere # autolabjs
8081 DENY IN Anywhere (log) # autolabjs
8091 DENY IN Anywhere (log) # autolabjs
8092 DENY IN Anywhere (log) # autolabjs
8093 DENY IN Anywhere (log) # autolabjs
8094 DENY IN Anywhere (log) # autolabjs
8095 DENY IN Anywhere (log) # autolabjs
8096 DENY IN Anywhere (log) # autolabjs
8097 DENY IN Anywhere (log) # autolabjs
8098 DENY IN Anywhere (log) # autolabjs
8099 DENY IN Anywhere (log) # autolabjs
8100 DENY IN Anywhere (log) # autolabjs
2222 (v6) ALLOW IN Anywhere (v6) # autolabjs
22 (v6) ALLOW IN Anywhere (v6) # autolabjs
80 (v6) ALLOW IN Anywhere (v6) # autolabjs
443 (v6) ALLOW IN Anywhere (v6) # autolabjs
9000 (v6) ALLOW IN Anywhere (v6) # autolabjs
8081 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8091 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8092 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8093 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8094 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8095 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8096 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8097 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8098 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8099 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8100 (v6) DENY IN Anywhere (v6) (log) # autolabjs

TASK [Set the default outgoing policy of UFW to allow] *************************
ok: [server1]

msg:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip

To Action From

---

2222 ALLOW IN Anywhere # autolabjs
22 ALLOW IN Anywhere # autolabjs
80 ALLOW IN Anywhere # autolabjs
443 ALLOW IN Anywhere # autolabjs
9000 ALLOW IN Anywhere # autolabjs
8081 DENY IN Anywhere (log) # autolabjs
8091 DENY IN Anywhere (log) # autolabjs
8092 DENY IN Anywhere (log) # autolabjs
8093 DENY IN Anywhere (log) # autolabjs
8094 DENY IN Anywhere (log) # autolabjs
8095 DENY IN Anywhere (log) # autolabjs
8096 DENY IN Anywhere (log) # autolabjs
8097 DENY IN Anywhere (log) # autolabjs
8098 DENY IN Anywhere (log) # autolabjs
8099 DENY IN Anywhere (log) # autolabjs
8100 DENY IN Anywhere (log) # autolabjs
2222 (v6) ALLOW IN Anywhere (v6) # autolabjs
22 (v6) ALLOW IN Anywhere (v6) # autolabjs
80 (v6) ALLOW IN Anywhere (v6) # autolabjs
443 (v6) ALLOW IN Anywhere (v6) # autolabjs
9000 (v6) ALLOW IN Anywhere (v6) # autolabjs
8081 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8091 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8092 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8093 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8094 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8095 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8096 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8097 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8098 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8099 (v6) DENY IN Anywhere (v6) (log) # autolabjs
8100 (v6) DENY IN Anywhere (v6) (log) # autolabjs

TASK [Allow traffic for execution nodes from load balancer] ********************
failed: [server1] (item=enode1) => {
"changed": false,
"item": "enode1"
}

MSG:

ERROR: Bad source address

failed: [server1] (item=enode2) => {
"changed": false,
"item": "enode2"
}

MSG:

ERROR: Bad source address

msg:
All items completed

results:
[
{
"_ansible_item_label": "enode1",
"_ansible_item_result": true,
"_ansible_no_log": false,
"_ansible_parsed": true,
"changed": false,
"failed": "True",
"invocation": {
"module_args": {
"app": null,
"comment": "autolabjs",
"default": null,
"delete": false,
"direction": null,
"from_ip": "localhost",
"from_port": null,
"insert": null,
"interface": null,
"log": true,
"logging": null,
"port": "9091",
"proto": "tcp",
"route": false,
"rule": "allow",
"src": "localhost",
"state": null,
"to_ip": "any",
"to_port": "9091"
}
},
"item": "enode1",
"msg": "ERROR: Bad source address
"
},
{
"_ansible_item_label": "enode2",
"_ansible_item_result": true,
"_ansible_no_log": false,
"_ansible_parsed": true,
"changed": false,
"failed": "True",
"invocation": {
"module_args": {
"app": null,
"comment": "autolabjs",
"default": null,
"delete": false,
"direction": null,
"from_ip": "localhost",
"from_port": null,
"insert": null,
"interface": null,
"log": true,
"logging": null,
"port": "9092",
"proto": "tcp",
"route": false,
"rule": "allow",
"src": "localhost",
"state": null,
"to_ip": "any",
"to_port": "9092"
}
},
"item": "enode2",
"msg": "ERROR: Bad source address
"
}
]
to retry, use: --limit @/home/detonator/enodes/deploy/playbook.retry

PLAY RECAP *********************************************************************
enode1 : ok=29 changed=15 unreachable=0 failed=0
enode2 : ok=29 changed=15 unreachable=0 failed=0
server1 : ok=24 changed=16 unreachable=0 failed=1