Ansible sudo hangs after 5 tasks

ansiblessh

Setup Requirements: local user=goagent1 (ansible kicked off from GoCD), remote user=myadmin. myadmin is a sudoer which requires a password. We enabled sudo at the playbook level.

Problem: The playbook seems to stop after ~5 tasks have been executed. Happens very consistently.

Details: I created a simple playbook to demonstrate this. We are using 'become' which seems to work for the first several tasks, then stalls and timeouts. We are using ansible-vault for encrypting important data in our real playbook, but that wasn't needed for this example.

Also, I can run the following playbook with my remote user in the remote sudoers with NOPASSWD and it runs successfully as expected.

I did try to commment out the requiretty in the sudoers and setting pipelining=True in the ansible.cfg. Still fails. We didn't change any other default settings in the ansible.cfg. This happens in Ansible 1.9.4 and we recently upgraded to 2.0.0.2 and it's still occurring. What am I missing? Ugh.

Thanks. 

$ ansible-playbook -i inventory test.yml

inventory.yml

[servers]
172.99.999.99

[all:vars]
ansible_become_pass=bees

test.yml

---
- hosts: all
  become: yes
  remote_user: myadmin

  tasks:
    - name: Install Docker-py 1
      pip: name=docker-py version=1.7.2

    - name: Install Docker-py 2
      pip: name=docker-py version=1.7.2

    - name: Install Docker-py 3
      pip: name=docker-py version=1.7.2

    - name: Install Docker-py 4
      pip: name=docker-py version=1.7.2

    - name: Install Docker-py 5
      pip: name=docker-py version=1.7.2

    - name: Install Docker-py 6
      pip: name=docker-py version=1.7.2

Results

bash-4.2$ ansible-playbook -vvv -i inventory test.yml
Using /etc/ansible/ansible.cfg as config file
1 plays in test.yml

PLAY ***************************************************************************

TASK [setup] *******************************************************************
<172.99.999.99> ESTABLISH SSH CONNECTION FOR USER: myadmin
<172.99.999.99> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r -tt 172.99.999.99 '( umask 22 && mkdir -p "$( echo $HOME/.ansible/tmp/ansible-tmp-1456359119.58-95918451006382 )" && echo "$( echo $HOME/.ansible/tmp/ansible-tmp-1456359119.58-95918451006382 )" )'
<172.99.999.99> PUT /tmp/tmpJco0an TO /home/myadmin/.ansible/tmp/ansible-tmp-1456359119.58-95918451006382/setup
<172.99.999.99> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r '[172.99.999.99]'
<172.99.999.99> ESTABLISH SSH CONNECTION FOR USER: myadmin
<172.99.999.99> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r -tt 172.99.999.99 '/bin/sh -c '"'"'sudo -H -S  -p "[sudo via ansible, key=douxqzlrhzbmddrngwhkzzkllhwikott] password: " -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-douxqzlrhzbmddrngwhkzzkllhwikott; LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 LC_MESSAGES=en_US.UTF-8 /usr/bin/python /home/myadmin/.ansible/tmp/ansible-tmp-1456359119.58-95918451006382/setup; rm -rf "/home/myadmin/.ansible/tmp/ansible-tmp-1456359119.58-95918451006382/" > /dev/null 2>&1'"'"'"'"'"'"'"'"''"'"''
ok: [172.99.999.99]

TASK [Install Docker-py 1] *****************************************************
task path: /var/go/goagent1/test.yml:7
<172.99.999.99> ESTABLISH SSH CONNECTION FOR USER: myadmin
<172.99.999.99> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r -tt 172.99.999.99 '( umask 22 && mkdir -p "$( echo $HOME/.ansible/tmp/ansible-tmp-1456359120.37-190856866525263 )" && echo "$( echo $HOME/.ansible/tmp/ansible-tmp-1456359120.37-190856866525263 )" )'
<172.99.999.99> PUT /tmp/tmpvfLqbm TO /home/myadmin/.ansible/tmp/ansible-tmp-1456359120.37-190856866525263/pip
<172.99.999.99> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r '[172.99.999.99]'
<172.99.999.99> ESTABLISH SSH CONNECTION FOR USER: myadmin
<172.99.999.99> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r -tt 172.99.999.99 '/bin/sh -c '"'"'sudo -H -S  -p "[sudo via ansible, key=chqigwnearrswbewrqnifzjswhxzomvl] password: " -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-chqigwnearrswbewrqnifzjswhxzomvl; LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 LC_MESSAGES=en_US.UTF-8 /usr/bin/python /home/myadmin/.ansible/tmp/ansible-tmp-1456359120.37-190856866525263/pip; rm -rf "/home/myadmin/.ansible/tmp/ansible-tmp-1456359120.37-190856866525263/" > /dev/null 2>&1'"'"'"'"'"'"'"'"''"'"''
changed: [172.99.999.99] => {"changed": true, "cmd": "/bin/pip install docker-py==1.7.2", "invocation": {"module_args": {"chdir": null, "editable": true, "executable": null, "extra_args": null, "name": "docker-py", "requirements": null, "state": "present", "use_mirrors": true, "version": "1.7.2", "virtualenv": null, "virtualenv_command": "virtualenv", "virtualenv_python": null, "virtualenv_site_packages": false}, "module_name": "pip"}, "name": "docker-py", "requirements": null, "state": "present", "stderr": "", "stdout": "Collecting docker-py==1.7.2\n  Using cached docker-py-1.7.2.tar.gz\nRequirement already satisfied (use --upgrade to upgrade): requests>=2.5.2 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)\nRequirement already satisfied (use --upgrade to upgrade): six>=1.4.0 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)\nRequirement already satisfied (use --upgrade to upgrade): websocket-client>=0.32.0 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)\nRequirement already satisfied (use --upgrade to upgrade): backports.ssl-match-hostname in /usr/lib/python2.7/site-packages (from websocket-client>=0.32.0->docker-py==1.7.2)\nInstalling collected packages: docker-py\n  Running setup.py install for docker-py: started\n\u001b[?25l    Running setup.py install for docker-py: finished with status 'done'\n\u001b[?25hSuccessfully installed docker-py-1.7.2\n", "stdout_lines": ["Collecting docker-py==1.7.2", "  Using cached docker-py-1.7.2.tar.gz", "Requirement already satisfied (use --upgrade to upgrade): requests>=2.5.2 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)", "Requirement already satisfied (use --upgrade to upgrade): six>=1.4.0 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)", "Requirement already satisfied (use --upgrade to upgrade): websocket-client>=0.32.0 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)", "Requirement already satisfied (use --upgrade to upgrade): backports.ssl-match-hostname in /usr/lib/python2.7/site-packages (from websocket-client>=0.32.0->docker-py==1.7.2)", "Installing collected packages: docker-py", "  Running setup.py install for docker-py: started", "\u001b[?25l    Running setup.py install for docker-py: finished with status 'done'", "\u001b[?25hSuccessfully installed docker-py-1.7.2"], "version": "1.7.2", "virtualenv": null}

TASK [Install Docker-py 2] *****************************************************
task path: /var/go/goagent1/test.yml:10
<172.99.999.99> ESTABLISH SSH CONNECTION FOR USER: myadmin
<172.99.999.99> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r -tt 172.99.999.99 '( umask 22 && mkdir -p "$( echo $HOME/.ansible/tmp/ansible-tmp-1456359122.42-261916276173598 )" && echo "$( echo $HOME/.ansible/tmp/ansible-tmp-1456359122.42-261916276173598 )" )'
<172.99.999.99> PUT /tmp/tmpS1j9qh TO /home/myadmin/.ansible/tmp/ansible-tmp-1456359122.42-261916276173598/pip
<172.99.999.99> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r '[172.99.999.99]'
<172.99.999.99> ESTABLISH SSH CONNECTION FOR USER: myadmin
<172.99.999.99> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r -tt 172.99.999.99 '/bin/sh -c '"'"'sudo -H -S  -p "[sudo via ansible, key=jwxftzdclbpnokvptjxtkqgvmwsdiunx] password: " -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-jwxftzdclbpnokvptjxtkqgvmwsdiunx; LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 LC_MESSAGES=en_US.UTF-8 /usr/bin/python /home/myadmin/.ansible/tmp/ansible-tmp-1456359122.42-261916276173598/pip; rm -rf "/home/myadmin/.ansible/tmp/ansible-tmp-1456359122.42-261916276173598/" > /dev/null 2>&1'"'"'"'"'"'"'"'"''"'"''
ok: [172.99.999.99] => {"changed": false, "cmd": "/bin/pip install docker-py==1.7.2", "invocation": {"module_args": {"chdir": null, "editable": true, "executable": null, "extra_args": null, "name": "docker-py", "requirements": null, "state": "present", "use_mirrors": true, "version": "1.7.2", "virtualenv": null, "virtualenv_command": "virtualenv", "virtualenv_python": null, "virtualenv_site_packages": false}, "module_name": "pip"}, "name": "docker-py", "requirements": null, "state": "present", "stderr": "", "stdout": "Requirement already satisfied (use --upgrade to upgrade): docker-py==1.7.2 in /usr/lib/python2.7/site-packages\nRequirement already satisfied (use --upgrade to upgrade): requests>=2.5.2 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)\nRequirement already satisfied (use --upgrade to upgrade): six>=1.4.0 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)\nRequirement already satisfied (use --upgrade to upgrade): websocket-client>=0.32.0 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)\nRequirement already satisfied (use --upgrade to upgrade): backports.ssl-match-hostname in /usr/lib/python2.7/site-packages (from websocket-client>=0.32.0->docker-py==1.7.2)\n", "stdout_lines": ["Requirement already satisfied (use --upgrade to upgrade): docker-py==1.7.2 in /usr/lib/python2.7/site-packages", "Requirement already satisfied (use --upgrade to upgrade): requests>=2.5.2 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)", "Requirement already satisfied (use --upgrade to upgrade): six>=1.4.0 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)", "Requirement already satisfied (use --upgrade to upgrade): websocket-client>=0.32.0 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)", "Requirement already satisfied (use --upgrade to upgrade): backports.ssl-match-hostname in /usr/lib/python2.7/site-packages (from websocket-client>=0.32.0->docker-py==1.7.2)"], "version": "1.7.2", "virtualenv": null}

TASK [Install Docker-py 3] *****************************************************
task path: /var/go/goagent1/test.yml:13
<172.99.999.99> ESTABLISH SSH CONNECTION FOR USER: myadmin
<172.99.999.99> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r -tt 172.99.999.99 '( umask 22 && mkdir -p "$( echo $HOME/.ansible/tmp/ansible-tmp-1456359123.4-141502625881211 )" && echo "$( echo $HOME/.ansible/tmp/ansible-tmp-1456359123.4-141502625881211 )" )'
<172.99.999.99> PUT /tmp/tmpnoyP6R TO /home/myadmin/.ansible/tmp/ansible-tmp-1456359123.4-141502625881211/pip
<172.99.999.99> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r '[172.99.999.99]'
<172.99.999.99> ESTABLISH SSH CONNECTION FOR USER: myadmin
<172.99.999.99> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r -tt 172.99.999.99 '/bin/sh -c '"'"'sudo -H -S  -p "[sudo via ansible, key=eqmlffurkgladlcnvtdhqkzolhjtwnjo] password: " -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-eqmlffurkgladlcnvtdhqkzolhjtwnjo; LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 LC_MESSAGES=en_US.UTF-8 /usr/bin/python /home/myadmin/.ansible/tmp/ansible-tmp-1456359123.4-141502625881211/pip; rm -rf "/home/myadmin/.ansible/tmp/ansible-tmp-1456359123.4-141502625881211/" > /dev/null 2>&1'"'"'"'"'"'"'"'"''"'"''
ok: [172.99.999.99] => {"changed": false, "cmd": "/bin/pip install docker-py==1.7.2", "invocation": {"module_args": {"chdir": null, "editable": true, "executable": null, "extra_args": null, "name": "docker-py", "requirements": null, "state": "present", "use_mirrors": true, "version": "1.7.2", "virtualenv": null, "virtualenv_command": "virtualenv", "virtualenv_python": null, "virtualenv_site_packages": false}, "module_name": "pip"}, "name": "docker-py", "requirements": null, "state": "present", "stderr": "", "stdout": "Requirement already satisfied (use --upgrade to upgrade): docker-py==1.7.2 in /usr/lib/python2.7/site-packages\nRequirement already satisfied (use --upgrade to upgrade): requests>=2.5.2 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)\nRequirement already satisfied (use --upgrade to upgrade): six>=1.4.0 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)\nRequirement already satisfied (use --upgrade to upgrade): websocket-client>=0.32.0 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)\nRequirement already satisfied (use --upgrade to upgrade): backports.ssl-match-hostname in /usr/lib/python2.7/site-packages (from websocket-client>=0.32.0->docker-py==1.7.2)\n", "stdout_lines": ["Requirement already satisfied (use --upgrade to upgrade): docker-py==1.7.2 in /usr/lib/python2.7/site-packages", "Requirement already satisfied (use --upgrade to upgrade): requests>=2.5.2 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)", "Requirement already satisfied (use --upgrade to upgrade): six>=1.4.0 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)", "Requirement already satisfied (use --upgrade to upgrade): websocket-client>=0.32.0 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)", "Requirement already satisfied (use --upgrade to upgrade): backports.ssl-match-hostname in /usr/lib/python2.7/site-packages (from websocket-client>=0.32.0->docker-py==1.7.2)"], "version": "1.7.2", "virtualenv": null}

TASK [Install Docker-py 4] *****************************************************
task path: /var/go/goagent1/test.yml:16
<172.99.999.99> ESTABLISH SSH CONNECTION FOR USER: myadmin
<172.99.999.99> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r -tt 172.99.999.99 '( umask 22 && mkdir -p "$( echo $HOME/.ansible/tmp/ansible-tmp-1456359124.36-194141614024427 )" && echo "$( echo $HOME/.ansible/tmp/ansible-tmp-1456359124.36-194141614024427 )" )'
<172.99.999.99> PUT /tmp/tmpHGNrHc TO /home/myadmin/.ansible/tmp/ansible-tmp-1456359124.36-194141614024427/pip
<172.99.999.99> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r '[172.99.999.99]'
<172.99.999.99> ESTABLISH SSH CONNECTION FOR USER: myadmin
<172.99.999.99> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r -tt 172.99.999.99 '/bin/sh -c '"'"'sudo -H -S  -p "[sudo via ansible, key=beraduqnvoedusfzxlidyadsqkmmkcff] password: " -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-beraduqnvoedusfzxlidyadsqkmmkcff; LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 LC_MESSAGES=en_US.UTF-8 /usr/bin/python /home/myadmin/.ansible/tmp/ansible-tmp-1456359124.36-194141614024427/pip; rm -rf "/home/myadmin/.ansible/tmp/ansible-tmp-1456359124.36-194141614024427/" > /dev/null 2>&1'"'"'"'"'"'"'"'"''"'"''
ok: [172.99.999.99] => {"changed": false, "cmd": "/bin/pip install docker-py==1.7.2", "invocation": {"module_args": {"chdir": null, "editable": true, "executable": null, "extra_args": null, "name": "docker-py", "requirements": null, "state": "present", "use_mirrors": true, "version": "1.7.2", "virtualenv": null, "virtualenv_command": "virtualenv", "virtualenv_python": null, "virtualenv_site_packages": false}, "module_name": "pip"}, "name": "docker-py", "requirements": null, "state": "present", "stderr": "", "stdout": "Requirement already satisfied (use --upgrade to upgrade): docker-py==1.7.2 in /usr/lib/python2.7/site-packages\nRequirement already satisfied (use --upgrade to upgrade): requests>=2.5.2 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)\nRequirement already satisfied (use --upgrade to upgrade): six>=1.4.0 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)\nRequirement already satisfied (use --upgrade to upgrade): websocket-client>=0.32.0 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)\nRequirement already satisfied (use --upgrade to upgrade): backports.ssl-match-hostname in /usr/lib/python2.7/site-packages (from websocket-client>=0.32.0->docker-py==1.7.2)\n", "stdout_lines": ["Requirement already satisfied (use --upgrade to upgrade): docker-py==1.7.2 in /usr/lib/python2.7/site-packages", "Requirement already satisfied (use --upgrade to upgrade): requests>=2.5.2 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)", "Requirement already satisfied (use --upgrade to upgrade): six>=1.4.0 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)", "Requirement already satisfied (use --upgrade to upgrade): websocket-client>=0.32.0 in /usr/lib/python2.7/site-packages (from docker-py==1.7.2)", "Requirement already satisfied (use --upgrade to upgrade): backports.ssl-match-hostname in /usr/lib/python2.7/site-packages (from websocket-client>=0.32.0->docker-py==1.7.2)"], "version": "1.7.2", "virtualenv": null}

TASK [Install Docker-py 5] *****************************************************
task path: /var/go/goagent1/test.yml:19
<172.99.999.99> ESTABLISH SSH CONNECTION FOR USER: myadmin
<172.99.999.99> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r -tt 172.99.999.99 '( umask 22 && mkdir -p "$( echo $HOME/.ansible/tmp/ansible-tmp-1456359124.92-165709074016367 )" && echo "$( echo $HOME/.ansible/tmp/ansible-tmp-1456359124.92-165709074016367 )" )'
<172.99.999.99> PUT /tmp/tmp8uZ91z TO /home/myadmin/.ansible/tmp/ansible-tmp-1456359124.92-165709074016367/pip
<172.99.999.99> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r '[172.99.999.99]'
<172.99.999.99> ESTABLISH SSH CONNECTION FOR USER: myadmin
<172.99.999.99> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=myadmin -o ConnectTimeout=10 -o ControlPath=/var/go/goagent1/.ansible/cp/ansible-ssh-%h-%p-%r -tt 172.99.999.99 '/bin/sh -c '"'"'sudo -H -S  -p "[sudo via ansible, key=krdaymenedsdokntbfdjtispegjjtcyo] password: " -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-krdaymenedsdokntbfdjtispegjjtcyo; LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 LC_MESSAGES=en_US.UTF-8 /usr/bin/python /home/myadmin/.ansible/tmp/ansible-tmp-1456359124.92-165709074016367/pip; rm -rf "/home/myadmin/.ansible/tmp/ansible-tmp-1456359124.92-165709074016367/" > /dev/null 2>&1'"'"'"'"'"'"'"'"''"'"''
fatal: [172.99.999.99]: FAILED! => {"failed": true, "msg": "ERROR! Timeout (12s) waiting for privilege escalation prompt: "}

PLAY RECAP *********************************************************************
172.99.999.99              : ok=5    changed=1    unreachable=0    failed=1

Best Answer

Thanks for the response larsks. It got us to ask different questions.

We found clues in /var/log/messages. For the failed request, we saw "start request repeated too quickly for fprintd.service". We don't need that service, so we disabled it as a pre-task.

pre_tasks:
    - name: Disable Fingerprint checking that may be enabled.  When enabled, causes SSH issues.
      command: authconfig --disablefingerprint --update

All is well.

Related Topic