Can't seem to connect to API

A

anyone21

New Member
Mar 21, 2024
6
0
1
Hello everyone,

Over the last few months I've been developing and ansible playbook to create several VM's on my proxmox server.
So far so good however I want now to get this to full production and tried the same playbook agains my new server and I can't seem to connect to API.

Here's what I've done
* Installed Proxmox
* Changed to no-subscription repository
* Updated and rebooted
* Created an user
* Created and API token
* Gave Administrator permissions to user and API token
* Ran ansible playbook which installed the following packages on proxmoxserver and tried to create a VM

python3-proxmoxer
python3-requests

I get this error:

proxmoxer.backends.https.AuthenticationError: Couldn't authenticate user: ansible@pve to https://172.27.1.200:8006/api2/json/access/ticket


I've formatted this new machine like 3 times and it's always the same :\

anyone here have any ideas?
 
anyone21 said:
proxmoxer.backends.https.AuthenticationError: Couldn't authenticate user: ansible@pve to https://172.27.1.200:8006/api2/json/access/ticket


I've formatted this new machine like 3 times and it's always the same :\
Click to expand...
SSH into the PVE node and run these commands:
curl -k https://localhost:8006
curl -k -d 'username=root@pam' --data-urlencode 'password=xxxxxx' https://localhost:8006/api2/json/access/ticket
curl -k -d 'username=ansible@pve' --data-urlencode 'password=xxxxxx' https://localhost:8006/api2/json/access/ticket

What is the output for each? Please use CODE tags when replying ( </> icon in the top menu of Reply box)


Blockbridge : Ultra low latency all-NVME shared storage for Proxmox - https://www.blockbridge.com/proxmox
 
curl -k https://localhost:8006
Code: 
<!DOCTYPE html>
<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
    <title>cenas - Proxmox Virtual Environment</title>
    <link rel="icon" sizes="128x128" href="/pve2/images/logo-128.png" />
    <link rel="apple-touch-icon" sizes="128x128" href="/pve2/images/logo-128.png" />
    <link rel="stylesheet" type="text/css" href="/pve2/ext6/theme-crisp/resources/theme-crisp-all.css?ver=7.0.0" />
    <link rel="stylesheet" type="text/css" href="/pve2/ext6/crisp/resources/charts-all.css?ver=7.0.0" />
    <link rel="stylesheet" type="text/css" href="/pve2/fa/css/font-awesome.css" />
    <link rel="stylesheet" type="text/css" href="/pve2/font-logos/css/font-logos.css" />
    <link rel="stylesheet" type="text/css" href="/pve2/css/ext6-pve.css?ver=8.2.7" />
    <link rel="stylesheet" type="text/css" href="/pwt/css/ext6-pmx.css?ver=v4.2.3-t1714038312" />
    <link rel="stylesheet" type="text/css" media="(prefers-color-scheme: dark)" href="/pwt/themes/theme-proxmox-dark.css?ver=v4.2.3-t1714038312" />

    <script type='text/javascript'>function gettext(buf) { return buf; }</script>

    <script type="text/javascript" src="/pve2/ext6/ext-all.js?ver=7.0.0"></script>
    <script type="text/javascript" src="/pve2/ext6/charts.js?ver=7.0.0"></script>

    <script type="text/javascript" src="/pve2/js/u2f-api.js"></script>
    <script type="text/javascript" src="/qrcode.min.js"></script>
    <script type="text/javascript">
    Proxmox = {
        Setup: { auth_cookie_name: 'PVEAuthCookie' },
        defaultLang: 'en',
        NodeName: 'cenas',
        UserName: '',
        CSRFPreventionToken: 'null'
    };
    </script>
    <script type="text/javascript" src="/proxmoxlib.js?ver=v4.2.3-t1714038312"></script>
    <script type="text/javascript" src="/pve2/js/pvemanagerlib.js?ver=8.2.7"></script>
    <script type="text/javascript" src="/pve2/ext6/locale/locale-en.js?ver=7.0.0"></script>

    <script type="text/javascript">
    if (typeof(PVE) === 'undefined') PVE = {};
    Ext.History.fieldid = 'x-history-field';
    Ext.onReady(function() { Ext.create('PVE.StdWorkspace');});
    </script>

  </head>
  <body>
    <!-- Fields required for history management -->
    <form id="history-form" class="x-hidden">
    <input type="hidden" id="x-history-field"/>
    </form>
  </body>
</html>

curl -k -d 'username=root@pam' --data-urlencode 'password=xxxxxx' https://localhost:8006/api2/json/access/ticket

Code: 
{"data":{"username":"root@pam","CSRFPreventionToken":"66FEC371:fNHQT1+sjLJj719Pz2BmM0DA8S1nvY+g6oiU2xkEaag","cap":{"sdn":{"SDN.Allocate":1,"SDN.Use":1,"Permissions.Modify":1,"SDN.Audit":1},"access":{"Group.Allocate":1,"User.Modify":1,"Permissions.Modify":1},"storage":{"Datastore.Audit":1,"Datastore.AllocateTemplate":1,"Datastore.AllocateSpace":1,"Datastore.Allocate":1,"Permissions.Modify":1},"mapping":{"Mapping.Audit":1,"Mapping.Modify":1,"Permissions.Modify":1,"Mapping.Use":1},"vms":{"VM.Monitor":1,"VM.Migrate":1,"VM.Audit":1,"VM.Config.Memory":1,"VM.Config.Cloudinit":1,"VM.Config.HWType":1,"VM.Backup":1,"VM.Allocate":1,"VM.Config.CPU":1,"VM.Snapshot.Rollback":1,"VM.Config.Options":1,"VM.Console":1,"VM.Config.CDROM":1,"VM.Snapshot":1,"VM.Config.Network":1,"VM.Clone":1,"VM.Config.Disk":1,"Permissions.Modify":1,"VM.PowerMgmt":1},"dc":{"SDN.Audit":1,"Sys.Audit":1,"Sys.Modify":1,"SDN.Allocate":1,"SDN.Use":1},"nodes":{"Sys.Modify":1,"Sys.Incoming":1,"Permissions.Modify":1,"Sys.AccessNetwork":1,"Sys.Audit":1,"Sys.PowerMgmt":1,"Sys.Console":1,"Sys.Syslog":1}},"ticket":"PVE:root@pam:66FEC371::dj989vjEyxHPq2EbfWMD4CMijN3TBfDfadMzzEhNlGta35/D8KYtKTZUFoRHjnHGIBmWsI3kr8t7imXQNayIOsRvA+wfzLsdfmH9DXSYKm72boj3vXOPf0gfiNE3dWnjMChEnFYFx8AfHzKMZLXE/pYhbtCGA9J3Wr3cEAMWPllknpRTWminYri9fZl0mtYzsO/KjW8k6mAJWhVVcwsn8lrZzVAHs+uGEFV4EX4FJjEYkQ5aEW+qljZ1CsYyDn/lH3zFPO+n7cBl3j62KfOaQhur6o/D82Bq9kzEizK4R11KSc8WNS1YLqDJxRzFa7EA2/Qe7oJHvIFbKVSJEwHzuQ=="}}

curl -k -d 'username=ansible@pve!token' --data-urlencode 'password=TOKEN_PASSWORD' https://localhost:8006/api2/json/access/ticket
Code: 
{"data":null}

curl -k -d 'username=ansible@pve' --data-urlencode 'password=WEB_UI_PASSWORD' https://localhost:8006/api2/json/access/ticket
Code: 
{"data":{"ticket":"PVE:ansible@pve:66FEC451::hWMJSew0YbtgzhTM4KZWPhn1qbvwn2wJ8FhCVno7td+Gtb0nUGZHnWfjWw7lTMyYjyP7kZRNBSVyUaYizdESURNNb/IGgG90ls54eSl/5/hsTC+xprvQvwKyzu2vaS7XOst+Zyislq79V//8x/HahTmY0dInZAatnAyuhx9mMMD3A2QaJwYwpyX/O+SNUcVqwueyNjMnlU/M/PxJpiEgboz9wmgogqul7BEkdxEDeYTi3t4RCdn0IMCQzin6Z48vL9mF4Chnr75Rkc40c636o7ui3/BkXrD3jgLrrFQg+f4p1J1bwLcTNqVaN8KjI92DGiHSOVk216eNLV7Mh+9P4Q==","cap":{"dc":{"Sys.Audit":1,"SDN.Audit":1,"Sys.Modify":1,"SDN.Use":1,"SDN.Allocate":1},"mapping":{"Mapping.Use":1,"Permissions.Modify":1,"Mapping.Audit":1,"Mapping.Modify":1},"vms":{"VM.Config.Options":1,"VM.Console":1,"VM.Config.CDROM":1,"VM.Config.Network":1,"VM.Snapshot":1,"Permissions.Modify":1,"VM.Config.Disk":1,"VM.Clone":1,"VM.PowerMgmt":1,"VM.Monitor":1,"VM.Migrate":1,"VM.Audit":1,"VM.Config.Cloudinit":1,"VM.Config.Memory":1,"VM.Config.HWType":1,"VM.Snapshot.Rollback":1,"VM.Allocate":1,"VM.Backup":1,"VM.Config.CPU":1},"nodes":{"Sys.Syslog":1,"Sys.Audit":1,"Sys.PowerMgmt":1,"Sys.Console":1,"Permissions.Modify":1,"Sys.AccessNetwork":1,"Sys.Incoming":1,"Sys.Modify":1},"access":{"Group.Allocate":1,"User.Modify":1,"Permissions.Modify":1},"sdn":{"SDN.Allocate":1,"SDN.Use":1,"Permissions.Modify":1,"SDN.Audit":1},"storage":{"Datastore.AllocateSpace":1,"Permissions.Modify":1,"Datastore.Allocate":1,"Datastore.Audit":1,"Datastore.AllocateTemplate":1}},"CSRFPreventionToken":"66FEC451:C0t2c8yYuyUe/mQ5KlqXfNZnvOIgvaLD7weROoeFg3I","username":"ansible@pve"}}


Everything that uses the token as password gives error...
 
anyone21 said:
bbgeek17, I'm using ansible for access to the server and start the vm creation
Click to expand...
I realize that. However, the first thing to do is to confirm that direct access, without any layers, works. You tried that and confirmed that PVE is functional.
You tried token access, albeit incorrectly. You should try it with proper format and confirm that it works and that the operations you provisioned the ticket for work.

Ansible modules are not written or supported by PVE staff. I presume that many people use these modules. You are the only one raising a concern.
My advice is to review your configuration and if everything seems fine - reach out to ansible community.

Its possible that you incorrectly permissioned the user/token. Try your operations with root token. Work by process of elimination.

Good luck.

Blockbridge : Ultra low latency all-NVME shared storage for Proxmox - https://www.blockbridge.com/proxmox
 
Yes, I'm sorry if I sounded to harsh. but it wasn't my intention.

I've being doing some tests and I think I've narrowed it down to the proxmoxer version on the pve host. The one on apt repo is a old version.

I'll try that later today
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back