Ansible Pt.2 Windows - jude-lindale/Wiki GitHub Wiki

Preparing MGMT01 for Ansible

First we need to update mgmt01 to do so we need to start the windows service that allows us to update. This can be done through PowerShell (as Admin) and run services.msc. Then scroll down until we see “Windows Update”. We will want to set this to “Automatic” or “Manual”. Then hit apply and then exit.

Now back in PowerShell run:

sconfig

Select option #6. This will initiate the update.

Make sure OpenSSH is running on mgmt01

In Powershell as Admin run the following:

Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
Start-Service sshd
Set-Service -Name sshd -StartupType 'Automatic'

Set Powershell to be the Default Shell for SSH

If you get a normal command prompt when logging in over SSH, Run the following 2 commands to change the ssh shell to Powershell:

Set-ItemProperty "HKLM:\Software\Microsoft\Powershell\1\ShellIds" -Name ConsolePrompting -Value $true
New-ItemProperty -Path HKLM:\SOFTWARE\OpenSSH -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force

SSH into mgmt01

To ssh into mgmt01 we run the following command:

ssh [email protected]@mgmt01-jude

On controller as deployer we will want to update the inventory file to add a new group called windows with mgmt01-yourname as the host in that group. Also include the variables associated with that group [windows:vars]. It should look as followed:

ansible1-jude
[webadmin]
ansible2-jude
[windows]
mgmt01-jude
[windows:vars]
ansible_shell_type=powershell

Then we will run the following command to ping mgmt01:

andible windows -i inventory.txt -m win_ping -u [email protected] --ask-pass

We then add wks01 to the inventory file.

ansible1-jude
[webadmin]
ansible2-jude
[windows]
mgmt01-jude
wsk01-jude
[windows:vars]
ansible_shell_type=powershell

An error may occure when running the win_ping command again. This can be fixed one of two ways. The first would be to ssh into wks1 first and accept the key. The second would be to ignore unknown hosts and you would do so by adding the following file to the directory in which you are running your ansible commands:

pwd
cat ansible.cfg

Rerun the playbook to see if wsk01 can be successfully pinged

Software deployment using win_chocolatey

Within the roles directory on deployer@controler01-jude we want to add a playbook called windows_software.yml which should contain the following:

- name: install windows applications
  hosts: windows
  tasks:
    - name: Install Firefox and 7zip and notepadplusplus.install
      win_chocolatey:
         name:
         - firefox
         - 7zip
         - notepadplusplus.install
         state: present

We then run the playbook to install firefox, 7zip, and notepad++ on to wsk01 and mgmt01 using the following command:

ansible-playbook -i inventory.txt roles/windows_software.yml -u [email protected] --ask-pass