Ansible Pt.2 Windows - jude-lindale/Wiki GitHub Wiki
Preparing MGMT01 for Ansible
First we need to update mgmt01 to do so we need to start the windows service that allows us to update.
This can be done through PowerShell (as Admin) and run services.msc
. Then scroll down until we see “Windows Update”. We will want to set this to “Automatic” or “Manual”. Then hit apply and then exit.
Now back in PowerShell run:
sconfig
Select option #6. This will initiate the update.
Make sure OpenSSH is running on mgmt01
In Powershell as Admin run the following:
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
Start-Service sshd
Set-Service -Name sshd -StartupType 'Automatic'
Set Powershell to be the Default Shell for SSH
If you get a normal command prompt when logging in over SSH, Run the following 2 commands to change the ssh shell to Powershell:
Set-ItemProperty "HKLM:\Software\Microsoft\Powershell\1\ShellIds" -Name ConsolePrompting -Value $true
New-ItemProperty -Path HKLM:\SOFTWARE\OpenSSH -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force
SSH into mgmt01
To ssh into mgmt01 we run the following command:
ssh [email protected]@mgmt01-jude
On controller as deployer we will want to update the inventory file to add a new group called windows with mgmt01-yourname as the host in that group. Also include the variables associated with that group [windows:vars]. It should look as followed:
ansible1-jude
[webadmin]
ansible2-jude
[windows]
mgmt01-jude
[windows:vars]
ansible_shell_type=powershell
Then we will run the following command to ping mgmt01:
andible windows -i inventory.txt -m win_ping -u [email protected] --ask-pass
We then add wks01 to the inventory file.
ansible1-jude
[webadmin]
ansible2-jude
[windows]
mgmt01-jude
wsk01-jude
[windows:vars]
ansible_shell_type=powershell
An error may occure when running the win_ping command again. This can be fixed one of two ways. The first would be to ssh into wks1 first and accept the key. The second would be to ignore unknown hosts and you would do so by adding the following file to the directory in which you are running your ansible commands:
pwd
cat ansible.cfg
Rerun the playbook to see if wsk01 can be successfully pinged
Software deployment using win_chocolatey
Within the roles directory on deployer@controler01-jude we want to add a playbook called windows_software.yml which should contain the following:
- name: install windows applications
hosts: windows
tasks:
- name: Install Firefox and 7zip and notepadplusplus.install
win_chocolatey:
name:
- firefox
- 7zip
- notepadplusplus.install
state: present
We then run the playbook to install firefox, 7zip, and notepad++ on to wsk01 and mgmt01 using the following command:
ansible-playbook -i inventory.txt roles/windows_software.yml -u [email protected] --ask-pass