Use of Ansible in windows

Use of Ansible in windows

1.linux offline installation ansible

Reference blog: ansible offline installation

Related installation packages:

Link: https://pan.baidu.com/s/1vqUSk3B_XKLAvzFGAr0HIw
Extraction code: 3844

Use the relevant commands to install:

# Unpack the installation package
tar -xzvf ansible-2.4-rpms.el7.tar.gz
# Enter the installation package
cd ansible-2.4-rpms.el7
# Install ansible dependent content
rpm -ivh PyYAML*rpm libyaml*rpm python-babel*rpm python-backports*rpm python-backports-ssl_match_hostname*rpm python-cffi*rpm python-enum34*rpm python-httplib2*rpm python-idna*rpm python-ipaddress*rpm python-jinja2*rpm python-markupsafe*rpm python-paramiko*rpm python-passlib*rpm python-ply*rpm python-pycparser*rpm python-setuptools*rpm python-six*rpm python2-cryptography*rpm python2-jmespath*rpm python2-pyasn1*rpm sshpass*rpm --nodeps --force
# Install ansible
rpm -ivh ansible-2.4.2.0-2.el7.noarch.rpm

View the version information of ansible after installation:

Another ansible installation method uses a yum source packaged for installation, and no attempt is made.

2.Linux Installation of third-party libraries

The current python environment version is 2.7.5

Download the third-party library at: https://pypi.org/

The third-party libraries installed offline include:

pywinrm-0.4.2

ntlm-auth-1.1.0.tar.gz

requests_ntlm-1.1.0.tar.gz

xmltodict-0.12.0-py2.py3-none-any.whl

The relevant version information is as follows:

3. Configure windows system

1. Change the powerShell policy to remotesignated, otherwise the powerShell script file cannot be run.

PS C:\Users\huangp> get-executionpolicy
Restricted
PS C:\Users\huangp> set-executionpolicy remotesigned
PS C:\Users\huangp> get-executionpolicy
RemoteSigned

2. If the powshell version is incorrect, execute the following command to update the powshell version

At present, I am using powershell version 5.1.14393

# How to view the version of PowerShell for windows
PS C:\Users\ywwei> host

So my version doesn't need to be updated.

The following is the command to update version information.

#Script to update PowerShell 2.0 to 3.0:
#https://github.com/ansible/ansible/blob/devel/examples/scripts/upgrade_to_ps3.ps1
#The commands invoked can be as follows
PS C:\Users\huangp> & "E:/temp/upgrade_ps3.ps1"
#perhaps
PS C:\> powershell.exe -ExecutionPolicy RemoteSigned   -file "C:\p test.ps1"

3. Configure remote control

Download and run https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1

If I dislike the slow download speed of Github: I uploaded the link to my Alibaba cloud disk: https://www.aliyundrive.com/s/opYkwmSnQk5

# Enter my own desktop
PS C:\Users\ywwei> cd C:\Users\ywwei\Desktop
# Execute the downloaded powershell script
PS C:\Users\ywwei\Desktop> .\ConfigureRemotingForAnsible.ps1

4. Execute in PowerShell:

# Start winrm
winrm qc
# Set related configuration
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/service/auth '@{Basic="true"}'

5. View winrm configuration information

# View winrm configuration information
winrm get winrm/config

4. List of configured Linux hosts

Modify host list content

# Add the following
$ sudo vim /etc/ansible/hosts

The list of Linux hosts is as follows:

# personal computer
[windows]
# ywwei's computer
192.168.56.101 ansible_ssh_user="LG\ywwei" ansible_ssh_pass="Hitrend@0701" ansible_ssh_port=5985 ansible_connection="winrm" ansible_winrm_server_cert_validation=ignore ansible_winrm_transport=ntlm

# Large watch stand
[largeWatchStand]
# Meter rack 6
192.168.41.29  ansible_ssh_user="admin" ansible_ssh_pass="dddddddd" ansible_ssh_port=5985 ansible_connection="winrm" ansible_winrm_server_cert_validation=ignore ansible_winrm_transport=ntlm
# Meter rack 7
192.168.41.47  ansible_ssh_user="admin" ansible_ssh_pass="dddddddd" ansible_ssh_port=5985 ansible_connection="winrm" ansible_winrm_server_cert_validation=ignore ansible_winrm_transport=ntlm

View the contents of the host list

# View host list
$ sudo cat /etc/ansible/hosts

Check for connectivity

# Check whether ping is enabled
$ ansible all -m win_ping

If you can't connect, please check, or check whether my pit record has stepped on a pit.

4.1 execute Ansible script

After preparation, you can write a small example to test and verify

Execute test script

# Test whether the windows group
ansible windows -m win_ping
# Check whether all hosts can be connected
ansible all -m win_ping

Successfully connected:

4.2 using common modules

4.2.1 create folder

ansible windows -m win_file -a 'dest=C:/test state=directory'

4.2.2 remote execution of cmd command

# Execute cmd command remotely
ansible windows  -m win_shell -a 'ipconfig'

4.2.3 file directory operation

# Delete file
ansible windows  -m win_file -a 'dest=c:\test\hosts.txt state=absent'
# Delete directory
ansible windows  -m win_file -a 'dest=c:\test state=absent'
# Transfer files to windows
ansible windows -m win_copy -a 'src=/etc/hosts dest=c:\test\hosts.txt'

4.2.4 restart

# restart 
ansible windows  -m win_reboot
ansible windows  -m win_shell -a 'shutdown -r -t 0'

4.2.5 create user

# Create user
ansible 192.168.11.149 -m win_user -a "name=user1 passwd=123456"

4.3 writing playbook

5. Pit stepping record

5.1 offline installation of python winrm module

Installation command with network: pip install pywinrm

Download the third-party library at: https://pypi.org/

The third-party libraries installed offline include:

pywinrm-0.4.2

ntlm-auth-1.5.0.tar.gz \ ntlm_auth-1.0.1-py2.py3-none-any.whl (recommended)

requests_ntlm-1.1.0.tar.gz

xmltodict-0.12.0-py2.py3-none-any.whl

Pit during installation of third-party warehouse:

1.Error in ntlm-auth setup command: Invalid environment marker: python_versions"2.7"

Solution:

Use downloaded ntlm_auth-1.0.1-py2.py3-none-any.whl is installed because I use ntlm_auth-1.0.1-py2.py3-none-any.whl. After using another method to install, it is successful.

2.but you' ll have requests 2.6.0 which is incompatible

When these prompts appear during installation, you need to use the corresponding installation package version for installation. The version is too low or too high.

3.Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None))

WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError (' spip._vendor. ur11ib3. connection. HTTPSConnection object at 0x7f024a55c590x: Failed to establish a new connection: [ Errno 101] Network is unreachable',)': /simple/six/E

This is because the installation on the intranet cannot connect to the external network, so this error will occur. Therefore, you can install the third-party library by using ntlm-auth-1.5.0.tar.gz, and then view the specific information. You need to rely on other third-party libraries.

4. Prompt: the corresponding file directory cannot be found

Try setting with the following command:

Add corresponding -- target information

5.2 Ethernet settings

Error: the WinRM firewall exception will not run because one of the network connection types on this computer is set to public. Change the network connection type to domain or private and try again.

After Ethernet settings are turned on

After the network is set to private, re execute the relevant commands.

5.3 the managed machine cannot be connected

1."msg": "plaintext: the specified credentials were rejected by the server",

# Edit the configuration file of the host and add the following fields
ansible_winrm_transport=ntlm

2.'msg': "ssl: the specified credentials were rejected by the server"

This is because ansible is missing from the host list_ ssh_ Port = 5985, please carefully check the configuration information in the host list

3. Connection timeout

The user name or password may be wrong.

Tags: Linux Windows Operation & Maintenance

Posted on Tue, 26 Oct 2021 09:45:12 -0400 by Joshv1288