In this article I will be configuring and connecting Ansible server and Windows host for Microsoft Windows system configuration management. First prepare Ansible host by installing ansible.windows collection with ansible-galaxy command. Next install pywinrm and python3-winrm Python packages with pip3 command.
Although the next task of checking nslookup is not necessary, but I will check it for best practices if I am planning to use hostname instead of IP in the Ansible inventory.
ubuntu@ansible:~$ ansible-galaxy collection install ansible.windows
Starting galaxy collection install process
Process install dependency map
Starting collection install process
Downloading https://galaxy.ansible.com/download/ansible-windows-1.12.0.tar.gz to /home/ubuntu/.ansible/tmp/ansible-local-3285938llsg6p6c/tmpodaxumnt/ansible-windows-1.12.0-4ya51jus
Installing 'ansible.windows:1.12.0' to '/home/ubuntu/.ansible/collections/ansible_collections/ansible/windows'
ansible.windows:1.12.0 was installed successfully
ubuntu@ansible:~$
################
ubuntu@ansible:~/Documents/Windows$ pip3 install pywinrm #python3-winrm
/usr/lib/python3/dist-packages/secretstorage/dhcrypto.py:15: CryptographyDeprecationWarning: int_from_bytes is deprecated, use int.from_bytes instead
from cryptography.utils import int_from_bytes
/usr/lib/python3/dist-packages/secretstorage/util.py:19: CryptographyDeprecationWarning: int_from_bytes is deprecated, use int.from_bytes instead
from cryptography.utils import int_from_bytes
Defaulting to user installation because normal site-packages is not writeable
Requirement already satisfied: pywinrm in /usr/lib/python3/dist-packages (0.3.0)
ubuntu@ansible:~/Documents/Windows$
################
ubuntu@ansible:~/Documents/Windows$ nslookup 192.168.34.44
44.34.168.192.in-addr.arpa name = testmachine2.vcloud-lab.com.
Below are my two ansible files which contain the yaml code and data to connect to Microsoft Windows server host from Ansible server. I am using local user authentication in this inventory configuration setup files. AD authentication will not work at the moment. To get it working I will have to set up Ansible server accordingly, I will write one article regarding the same in the future.
You can download this files here or it is also available on github.com/janviudapi.
# main.yaml - Ansible yaml code to ping Windows host --- - name: Windows connection testing from Ansible hosts: win gather_facts: false tasks: - name: Ansible ping testing to Windows ansible.windows.win_ping: # inventory - Ansible Inventory file - Windows IP Information and Authentication [win] testmachine2 ansible_host=192.168.34.44 #ansible_username=Username [win:vars] ansible_user=Administrator ansible_password='Computer@123' ansible_connection=winrm ansible_winrm_server_cert_validation=ignore #ansible_port=5896 #ansible_winrm_scheme=http #ansible_winrm_transport=basic
After preparing my Ansible server, When you run the playbook file for the first time against a Windows system you might get below error of unreachable. This is a simple ping test using ansible, but it is not normal ping where we use ICMP protocol. Instead ansible uses WINRM protocol to connect to Windows Host.
ubuntu@ansible:~/Documents/Windows$ ansible-playbook main.yaml -i inventory PLAY [Windows connection testing from Ansible] ************************************************************************************************************************************ TASK [Ansible ping testing to Windows] ******************************************************************************************************************************************** fatal: [testmachine2]: UNREACHABLE! => {"changed": false, "msg": "ssl: HTTPSConnectionPool(host='192.168.34.44', port=5896): Max retries exceeded with url: /wsman (Caused by ConnectTimeoutError(, 'Connection to 192.168.34.44 timed out. (connect timeout=30)'))", "unreachable": true} PLAY RECAP ************************************************************************************************************************************************************************ testmachine2 : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0 ubuntu@ansible:~/Documents/Windows$
To solve this error Windows system hosts need to be prepared by running below PowerShell script first. Ansible tries to connect to the Windows system over WinRM port and protocol.This Windows PSRemoting is not ready yet. By running below ps1 script file on PowerShell (As an Administrator), It will configure and setup WinRM (PS Remoting), Https self-signed certificate for winrm, create rules in windows firewall to allow winrm http: 5985 and https: 5986 ports for ansible collection and other settings.
https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1
Now my Microsoft Windows system is prepared. Running playbook command again on Ansible shows win_ping testing is successful.
ubuntu@ansible:~/Documents/Windows$ ansible-playbook main.yaml -i inventory
PLAY [Windows connection testing from Ansible] ************************************************************************************************************************************
TASK [Ansible ping testing to Windows] ********************************************************************************************************************************************
ok: [testmachine2]
PLAY RECAP ************************************************************************************************************************************************************************
testmachine2 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
ubuntu@ansible:~/Documents/Windows$
Useful Articles
Getting started Ansible AWX tower for IT automation run first playbook
Ansible for VMwary Using vmware_vm_inventory dynamic inventory plugin
Ansible selectattr The error was TemplateRuntimeError no test named 'equalto'
ansible create an array with set_fact
Ansible get information from esxi advanced settings nested dictionary with unique keynames
Install Ansible AWX Tower on Ubuntu Linux
Ansible AWX installation error Cannot have both the docker-py and docker python modules
Ansible AWX installation error docker-compose run --rm --service-ports task awx-manage migrate --no-input
docker: Got permission denied while trying to connect to the Docker daemon socket
Ansible AWX Tower create Manual SCM (Source Control Credential Type) project
Reset Ansible AWX Tower admin password
Install Ansible AWX on Microsoft Windows OS
Step by Step Install Ansible on Ubuntu OS
Install Ansible AWX Tower on Ubuntu Linux OS
Ansible AWX Tower Github inventory integration | Github inventory source