我正在尝试使用带有定义的yaml配置的Kitchen create来启动AWS EC2 Windows 2016 / 2012R2服务器,但是在此过程中它正在等待使用wsman连接到该远程EC2机器(http://:5985 / wsman并且在超时后失败。
请在kitchen.local.yml文件中找到以下代码 -
<dependency>
<groupId>org.glassfish.jersey.media</groupId>
<artifactId>jersey-media-json-jackson</artifactId>
<version>${jersey.version}</version>
</dependency>
错误讯息 -
---
driver:
name: ec2
security_group_ids: ["sg-1234jh21"]
region: us-east-1
require_chef_omnibus: true
instance_type: t2.micro
aws_ssh_key_id: chef
subnet_id: subnet-1234jsg
retryable_sleep: 5
retryable_tries: 360
shared_credentials_profile: saml
associate_public_ip: false
tags: {
Name: "windows2016",
Owner: "ABC",
Account Code: "ABC",
Dept: "ABC"
}
transport:
#name: winrm
#ssh_key: C:\Users\username\.ssh\chef.pem
#retryable_tries: 200
#retryable_sleep: 8
#connection_timeout: 90
# elevated: true
username: testkitchen
password: xxxxxxxx
verifier:
name: inspec
provisioner:
name: chef_zero
platforms:
- name: windows-2016
driver:
image_id: ami-******
user_data: |
<powershell>
$logfile="C:\Users\testkitchen\kitchen-ec2.log"
# Allow script execution
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force
#PS Remoting and & winrm.cmd basic config
Enable-PSRemoting -Force -SkipNetworkProfileCheck
& winrm.cmd set winrm/config '@{MaxTimeoutms="1800000"}' >> $logfile
& winrm.cmd set winrm/config/winrs '@{MaxMemoryPerShellMB="1024"}' >> $logfile
& winrm.cmd set winrm/config/winrs '@{MaxShellsPerUser="50"}' >> $logfile
#Server settings - support username/password login
& winrm.cmd set winrm/config/service/auth '@{Basic="true"}' >> $logfile
& winrm.cmd set winrm/config/service '@{AllowUnencrypted="true"}' >> $logfile
& winrm.cmd set winrm/config/winrs '@{MaxMemoryPerShellMB="1024"}' >> $logfile
#Firewall Config
& netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" profile=public protocol=tcp localport=5985 remoteip=localsubnet new remoteip=any >> $logfile
"Disabling Complex Passwords" >> $logfile
$seccfg = [IO.Path]::GetTempFileName()
& secedit.exe /export /cfg $seccfg >> $logfile
(Get-Content $seccfg) | Foreach-Object {$_ -replace "PasswordComplexity\s*=\s*1", "PasswordComplexity = 0"} | Set-Content $seccfg
& secedit.exe /configure /db $env:windir\security\new.sdb /cfg $seccfg /areas SECURITYPOLICY >> $logfile
& cp $seccfg "c:\"
& del $seccfg
$username="testkitchen"
$password="xxxxxxxxx"
"Creating static user: $username" >> $logfile
& net.exe user /y /add $username $password >> $logfile
"Adding $username to Administrators" >> $logfile
& net.exe localgroup Administrators /add $username >> $logfile
Set-ItemProperty -Name LocalAccountTokenFilterPolicy -Path HKLM:\software\Microsoft\Windows\CurrentVersion\Policies\system -Value 1
</powershell>
driver_config:
log_level: debug
guest: windows
communicator: 'winrm'
suites:
- name: default
run_list:
- recipe[windows::default]
attributes:
答案 0 :(得分:0)
从Chef方面来看,您似乎有某种拒绝Chef的HTTP请求的企业Internet代理。 UA标头是不可配置的,因此您必须在网关上修复此问题(但老实说,您可能不会)。