How to use Ansible with Windows Host - Ansible Windows Example

Updated on:

In this article we are going to see how to use Ansible with Windows Host.

How to Setup Windows machine for  Ansible to be able to connect or remote login just like SSH in Linux.

While there is a way to use SSH in windows which can be further leveraged by ansible for windows connectivity and automation.

There is a better way and more stable way to do it with Windows Remote Manager (WinRM)

So we are going to see how to use WinRM and connect to remote windows machine from Ansible control machine.

Let's go.

I have written half a century articles in Ansible mostly for Linux  cause I did not really had a requirement or chance to work with Ansible and windows.

And there would be series of articles on this Ansible + Windows combo. Please Stay  connected.

 

Ansible Windows

 

How to Setup WinRM in Windows Machine to Prepare for Ansible

The First step for us to be able to connect to the windows machine is to install this WinRM properly on our Windows machine.

Thanks to Ansible team. they have created a PowerShell script that does the required configuration on the windows machine for us.

Do not worry about downloading the Powershell script file.  Just run the following powershell command in your PowerShell terminal

This downloads the script automatically and runs it in your terminal.

iex(iwr https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1).Content

Ansible Windows

If the installation is done right. you can see that your WinRM is UP and running and would be listening in port 5986

Like in Linux, Windows has netstat command too you can read more about it here 

here is a quick command to for you to check if winrm listens on the port 5986

netstat -anp|findstr 5986

Thats all.

One more thing is pending. If you are on a cloud,

Consider opening this port to ansible control machine. So the Ansible can connect this machine from control machine. ( It is same like Opening up port 22 for linux to allow SSH)

Ansible Configuration Changes on the Control machine.

Hope you have already installed Ansible on your control machine ( Linux/Mac/Windows)

But there are few more extra packages you might need for Ansible to support windows modules

If you are using Ansible with Python 2 use PIP to install this package

pip install pywinrm

If you are using Ansible with Python3 use PIP3 to install pywinrm

pip3 install pywinrm

once the pywinrm package is installed we are all good and we can go and do a quick health check with ping.

But I would recommend you can use telnet or nc command (whichever available) to make sure that the network connectivity is there to the remote machine

nc -w 3 -v <remote windows server ip/hostname> 5986
(or)
telnet <remote windows server ip/hostname>:5986

This would give you an additional confidence that your connection is OK.

 

Create or Update ansible hosts inventory file

Before you can connect to the remote machine with Ansible.

you need to let Ansible know about this machine, as usual you need to add this machine to any hostgroup. In my case the host group name is win

[win]
192.9.12.122

You can keep the IP or the hostname which ever is reachable from your ansible control machine

Additionally, since this is windows, we need to provide some more variables at the hostgroup level.

[win:vars]
ansible_connection=winrm 
ansible_user=administrator 
ansible_password=r$eBQNgc5U&A2at8kDwpWo.KzLT5NvHd 
ansible_winrm_server_cert_validation=ignore
  • ansible_connection=winrm to define the connection is not SSH should use winrm
  • ansible_user what ever the username you have created in the windows machine
  • ansible_password password for that user ( the same one you use for RDP)
  • ansible_winrm_server_cert_validation this is fine in DEV/TEST environment to tell ansible to ignore hostkey/server cert validation.

The complete inventory file is given below for your reference

[win]
192.9.12.122

[win:vars]
ansible_connection=winrm 
ansible_user=administrator 
ansible_password=r$eBQNgc5U&A2at8kDwpWo.KzLT5NvHd 
ansible_winrm_server_cert_validation=ignore

I have saved this file in my custom directory where I would create my playbooks and named this as ansible_hosts

this is to keep things isolated and neat. You can directly add in the ansible global inventory if you want

Now its a time to test.

Win_ping - Ping the remote windows machine using Ansible.

Even if you are a beginner in Ansible, I presume you might have come across ansible ping module.

Ansible ping is to check the connection from control machine to remote linux machine.

Likewise, Ansible win_ping is to check the connectivity from Control machine to Windows.

It is like a Hello world of programming language we can say.

So we are going execute the following command

ansible win -m win_ping -i ansible_hosts

here the win is our host group name and with -m we are telling ansible to use win_ping module

We have an ansible ad hoc command cheat sheet with various ad hoc command examples.

Quick Note for Mac users - Python Crashing issue

While you are executing this command, you might get a pop up and can see the Python is crashing.

You might see either of these or both error messages which can be solved by setting this environment variable

export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES

Error messages are given below for your reference.

Ansible Windows

Once you have got the successful ping message. You are All good to test your Playbooks and other commands.

Ansible windows ping

Validate Other Ansible AD Hoc commands and Playbooks

Once the win_ping is green. you can execute some other modules and commands either as ad_hoc or as playbook to test it

here is a quick playbook you can use which executes a command on the remote server

---
- name: Windows Test Playbook
  hosts: win
  tasks:
    - name: Remote Execute the mqsc files
      win_shell: |
        hostname
        Get-Date
      register: scriptoutput

    - name: Script output
      debug: var=scriptoutput.stdout

The same playbook can be executed as two ansible ad hoc commands

ansible win -m win_shell -a "hostname" -i ansible_hosts
ansible win -m win_shell -a "Get-Date" -i ansible_hosts

Voila. You did it.

So from here onwards, your windows automation is going to take another form I can imagine.

Good luck.

If you are having any DevOps/Cloud/Automation related projects and looking for support. Try our professional team at Gritfy

 

Cheers
Sarav

Follow me on Linkedin My Profile
Follow DevopsJunction onFacebook orTwitter
For more practical videos and tutorials. Subscribe to our channel

Buy Me a Coffee at ko-fi.com

Signup for Exclusive "Subscriber-only" Content

More from Middleware Inventory

  • windows netstat command
    Netstat command windows - Usage and Examples

    Introduction Like Linux, Windows does have a netstat command and it can come handy when you are in need of network-related monitoring and troubleshooting. Consider you have any of the following requirement How to find who or which process owns the port in Windows Server To see how many  HTTP/DB…

  • powershell tail file
    PowerShell tail file - Windows tail command

    PowerShell is a powerful tool and it enables the Windows servers to compete with the Shell and Linux command line features. One of the useful command in linux is tail which helps us to view the file as it gets updated mostly used to view the log files. For instance,…

  • Ansible Find
    Ansible Find Examples - How to use Ansible Find

    Ansible find module functions as same as the Linux Find command and helps to find files and directories based on various search criteria such as age of the file, accessed date, modified date,  regex search pattern etcetera. As said earlier, this is more of an ansible way to execute the…

  • Ansible delegate_to
    Ansible delegate_to Examples - Run task on specific host

    Ansible Delegate_to module helps us to execute a specific task in our playbook to run in other host or machine. This process of handing over the control of execution to another host (or) executing a task in another machine is called as delegation and  the module delegate_to helps you to…

  • Ansible Shell
    Ansible Shell Module Examples

      Ansible shell module is designed to execute Shell commands against the target Unix based hosts. Unlike the Ansible command module, Ansible Shell would accept any highly complexed commands with pipes, redirection etc and you can also execute Shell scripts using Ansible Shell module. The Advantage of Ansible Shell module…