Use of Ansible in windows
1.linux offline installation ansible
Reference blog: ansible offline installation
Related installation packages:
Link: https://pan.baidu.com/s/1vqUSk3B_XKLAvzFGAr0HIw
Extraction code: 3844
Use the relevant commands to install:
# Unpack the installation package tar -xzvf ansible-2.4-rpms.el7.tar.gz # Enter the installation package cd ansible-2.4-rpms.el7 # Install ansible dependent content rpm -ivh PyYAML*rpm libyaml*rpm python-babel*rpm python-backports*rpm python-backports-ssl_match_hostname*rpm python-cffi*rpm python-enum34*rpm python-httplib2*rpm python-idna*rpm python-ipaddress*rpm python-jinja2*rpm python-markupsafe*rpm python-paramiko*rpm python-passlib*rpm python-ply*rpm python-pycparser*rpm python-setuptools*rpm python-six*rpm python2-cryptography*rpm python2-jmespath*rpm python2-pyasn1*rpm sshpass*rpm --nodeps --force # Install ansible rpm -ivh ansible-2.4.2.0-2.el7.noarch.rpm
View the version information of ansible after installation:
Another ansible installation method uses a yum source packaged for installation, and no attempt is made.
2.Linux Installation of third-party libraries
The current python environment version is 2.7.5
Download the third-party library at: https://pypi.org/
The third-party libraries installed offline include:
pywinrm-0.4.2
ntlm-auth-1.1.0.tar.gz
requests_ntlm-1.1.0.tar.gz
xmltodict-0.12.0-py2.py3-none-any.whl
The relevant version information is as follows:
3. Configure windows system
1. Change the powerShell policy to remotesignated, otherwise the powerShell script file cannot be run.
PS C:\Users\huangp> get-executionpolicy Restricted PS C:\Users\huangp> set-executionpolicy remotesigned PS C:\Users\huangp> get-executionpolicy RemoteSigned
2. If the powshell version is incorrect, execute the following command to update the powshell version
At present, I am using powershell version 5.1.14393
# How to view the version of PowerShell for windows PS C:\Users\ywwei> host
So my version doesn't need to be updated.
The following is the command to update version information.
#Script to update PowerShell 2.0 to 3.0: #https://github.com/ansible/ansible/blob/devel/examples/scripts/upgrade_to_ps3.ps1 #The commands invoked can be as follows PS C:\Users\huangp> & "E:/temp/upgrade_ps3.ps1" #perhaps PS C:\> powershell.exe -ExecutionPolicy RemoteSigned -file "C:\p test.ps1"
3. Configure remote control
Download and run https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1
If I dislike the slow download speed of Github: I uploaded the link to my Alibaba cloud disk: https://www.aliyundrive.com/s/opYkwmSnQk5
# Enter my own desktop PS C:\Users\ywwei> cd C:\Users\ywwei\Desktop # Execute the downloaded powershell script PS C:\Users\ywwei\Desktop> .\ConfigureRemotingForAnsible.ps1
4. Execute in PowerShell:
# Start winrm
winrm qc
# Set related configuration
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/service/auth '@{Basic="true"}'
5. View winrm configuration information
# View winrm configuration information winrm get winrm/config
4. List of configured Linux hosts
Modify host list content
# Add the following $ sudo vim /etc/ansible/hosts
The list of Linux hosts is as follows:
# personal computer [windows] # ywwei's computer 192.168.56.101 ansible_ssh_user="LG\ywwei" ansible_ssh_pass="Hitrend@0701" ansible_ssh_port=5985 ansible_connection="winrm" ansible_winrm_server_cert_validation=ignore ansible_winrm_transport=ntlm # Large watch stand [largeWatchStand] # Meter rack 6 192.168.41.29 ansible_ssh_user="admin" ansible_ssh_pass="dddddddd" ansible_ssh_port=5985 ansible_connection="winrm" ansible_winrm_server_cert_validation=ignore ansible_winrm_transport=ntlm # Meter rack 7 192.168.41.47 ansible_ssh_user="admin" ansible_ssh_pass="dddddddd" ansible_ssh_port=5985 ansible_connection="winrm" ansible_winrm_server_cert_validation=ignore ansible_winrm_transport=ntlm
View the contents of the host list
# View host list $ sudo cat /etc/ansible/hosts
Check for connectivity
# Check whether ping is enabled $ ansible all -m win_ping
If you can't connect, please check, or check whether my pit record has stepped on a pit.
4.1 execute Ansible script
After preparation, you can write a small example to test and verify
Execute test script
# Test whether the windows group ansible windows -m win_ping # Check whether all hosts can be connected ansible all -m win_ping
Successfully connected:
4.2 using common modules
4.2.1 create folder
ansible windows -m win_file -a 'dest=C:/test state=directory'
4.2.2 remote execution of cmd command
# Execute cmd command remotely ansible windows -m win_shell -a 'ipconfig'
4.2.3 file directory operation
# Delete file ansible windows -m win_file -a 'dest=c:\test\hosts.txt state=absent' # Delete directory ansible windows -m win_file -a 'dest=c:\test state=absent' # Transfer files to windows ansible windows -m win_copy -a 'src=/etc/hosts dest=c:\test\hosts.txt'
4.2.4 restart
# restart ansible windows -m win_reboot ansible windows -m win_shell -a 'shutdown -r -t 0'
4.2.5 create user
# Create user ansible 192.168.11.149 -m win_user -a "name=user1 passwd=123456"
4.3 writing playbook
5. Pit stepping record
5.1 offline installation of python winrm module
Installation command with network: pip install pywinrm
Download the third-party library at: https://pypi.org/
The third-party libraries installed offline include:
pywinrm-0.4.2
ntlm-auth-1.5.0.tar.gz \ ntlm_auth-1.0.1-py2.py3-none-any.whl (recommended)
requests_ntlm-1.1.0.tar.gz
xmltodict-0.12.0-py2.py3-none-any.whl
Pit during installation of third-party warehouse:
1.Error in ntlm-auth setup command: Invalid environment marker: python_versions"2.7"
Solution:
Use downloaded ntlm_auth-1.0.1-py2.py3-none-any.whl is installed because I use ntlm_auth-1.0.1-py2.py3-none-any.whl. After using another method to install, it is successful.
2.but you' ll have requests 2.6.0 which is incompatible
When these prompts appear during installation, you need to use the corresponding installation package version for installation. The version is too low or too high.
3.Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None))
WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError (' spip._vendor. ur11ib3. connection. HTTPSConnection object at 0x7f024a55c590x: Failed to establish a new connection: [ Errno 101] Network is unreachable',)': /simple/six/E
This is because the installation on the intranet cannot connect to the external network, so this error will occur. Therefore, you can install the third-party library by using ntlm-auth-1.5.0.tar.gz, and then view the specific information. You need to rely on other third-party libraries.
4. Prompt: the corresponding file directory cannot be found
Try setting with the following command:
Add corresponding -- target information
5.2 Ethernet settings
Error: the WinRM firewall exception will not run because one of the network connection types on this computer is set to public. Change the network connection type to domain or private and try again.
After Ethernet settings are turned on
After the network is set to private, re execute the relevant commands.
5.3 the managed machine cannot be connected
1."msg": "plaintext: the specified credentials were rejected by the server",
# Edit the configuration file of the host and add the following fields ansible_winrm_transport=ntlm
2.'msg': "ssl: the specified credentials were rejected by the server"
This is because ansible is missing from the host list_ ssh_ Port = 5985, please carefully check the configuration information in the host list
3. Connection timeout
The user name or password may be wrong.