Ansible, a widely used configuration management tool, is not just for Unix-like systems. With the right setup, it can also be used to manage Windows servers. This article will guide you through the process of setting up a Windows server to be controlled using Ansible.
For this demonstration, we'll be setting up two instances of "Microsoft Windows Server 2022 Base" as child nodes. Additionally, we'll create an Ubuntu instance to serve as our control node.
Ansible Uses SSH for connecting to Linux systems, And for Windows systems it uses Winrm.
Steps to Configure a Windows Server
Open Powershell in Administrator mode and run the below command. it will run a script that will do all the necessary configurations. yes, that's it on the Window side.
Invoke-WebRequest -Uri https://raw.githubusercontent.com/rallabandisrinivas/winrm_ansible/main/README.md -UseBasicParsing | Select-Object -ExpandProperty Content | Invoke-Expression
You can refer to the official documentation below if you face any issues
Steps to Configure a Ubuntu Server
Update Package list and upgrade Packages
sudo apt update sudo apt upgrade
Sometimes you may be asked to reboot then you can reboot using the below command.
sudo reboot
Install python3-pip and then install pywinrm package.
sudo apt install python3-pip pip install pywinrm
Let's install ansible
sudo apt install ansible
Now create an inventory file and add IP and authentication info about Windows servers in it.
inventory
[windows] server1 ansible_host=65.2.122.214 ansible_user=Administrator ansible_password=3zA)--5TI$4pFng6*=qnAVLudgYtTqRP server2 ansible_host=15.206.194.23 ansible_user=Administrator ansible_password=3zA)--5TI$4pFng6*=qnAVLudgYtTqRP [windows:vars] ansible_connection=winrm ansible_winrm_server_cert_validation=ignore
Yes, Storing Passwords in plain text is a security risk we can use ansible-vault. But for the sake of the demo, we are storing it in plain text.
In Production environments, We can Ansible Vault to securely store and use passwords.
To learn more about Ansible Vault you can refer below article
Secrets Management with Ansible Vault: A Comprehensive Guide with Examples
Now We will be running the below Adhoc command to test the connectivity
ansible windows -m win_ping -i inventory
if you have created instances on the cloud and have not opened Winrm ports you might get the below error.
Open those ports and run the command again
Successful execution will look like the below
Now, with all the Configurations in place, you can fully automate a myriad of tasks on your Windows servers.
Happy automating! ๐ค