Setting up a Windows Server for Ansible Management

Setting up a Windows Server for Ansible Management

ยท

2 min read

Ansible, a widely used configuration management tool, is not just for Unix-like systems. With the right setup, it can also be used to manage Windows servers. This article will guide you through the process of setting up a Windows server to be controlled using Ansible.

For this demonstration, we'll be setting up two instances of "Microsoft Windows Server 2022 Base" as child nodes. Additionally, we'll create an Ubuntu instance to serve as our control node.

Ansible Uses SSH for connecting to Linux systems, And for Windows systems it uses Winrm.

Steps to Configure a Windows Server

Open Powershell in Administrator mode and run the below command. it will run a script that will do all the necessary configurations. yes, that's it on the Window side.

Invoke-WebRequest -Uri https://raw.githubusercontent.com/rallabandisrinivas/winrm_ansible/main/README.md -UseBasicParsing | Select-Object -ExpandProperty Content | Invoke-Expression

You can refer to the official documentation below if you face any issues

Ansible Windows Setup Link

Steps to Configure a Ubuntu Server

  1. Update Package list and upgrade Packages

     sudo apt update
     sudo apt upgrade
    

    Sometimes you may be asked to reboot then you can reboot using the below command.

     sudo reboot
    
  2. Install python3-pip and then install pywinrm package.

     sudo apt install python3-pip
     pip install pywinrm
    
  3. Let's install ansible

     sudo apt install ansible
    
  4. Now create an inventory file and add IP and authentication info about Windows servers in it.

    inventory

     [windows]
     server1 ansible_host=65.2.122.214 ansible_user=Administrator ansible_password=3zA)--5TI$4pFng6*=qnAVLudgYtTqRP
     server2 ansible_host=15.206.194.23 ansible_user=Administrator ansible_password=3zA)--5TI$4pFng6*=qnAVLudgYtTqRP
    
     [windows:vars]
     ansible_connection=winrm
     ansible_winrm_server_cert_validation=ignore
    

    Yes, Storing Passwords in plain text is a security risk we can use ansible-vault. But for the sake of the demo, we are storing it in plain text.

    In Production environments, We can Ansible Vault to securely store and use passwords.

    To learn more about Ansible Vault you can refer below article

    Secrets Management with Ansible Vault: A Comprehensive Guide with Examples

  5. Now We will be running the below Adhoc command to test the connectivity

     ansible windows -m win_ping -i inventory
    

    if you have created instances on the cloud and have not opened Winrm ports you might get the below error.

    Open those ports and run the command again

    Successful execution will look like the below

Now, with all the Configurations in place, you can fully automate a myriad of tasks on your Windows servers.

Happy automating! ๐Ÿค–

ย