Firstly let me introduce a Windows service called: “Windows Remote Manager” or “WinRM”. This is the Windows feature that allows remote control of Windows machines and many other remote functionalities. In my case I have a Windows 7 laptop with SP1 and PowerShell v3 installed.
Secondly don’t forget that Ansible is developed using Python then a Python library have to manage the WinRM protocol. I’m talking about “pywinrm“. Using this library it’s easy to create simple scripts like that:
#!/usr/bin/env python import winrm s = winrm.Session('10.2.0.42', auth=('the_username', 'the_password')) r = s.run_cmd('ipconfig', ['/all']) print r.status_code print r.std_out print r.std_err
This is a remote call to the command “ipconfig /all” to see the Windows machine network configuration. The output is something like:
$ ./winrm_ipconfig.py 0 Windows IP Configuration Host Name . . . . . . . . . . . . : mini7w Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : ymbi.net Ethernet adapter GigaBit + HUB USB: Connection-specific DNS Suffix . : ymbi.net Description . . . . . . . . . . . : ASIX AX88179 USB 3.0 to Gigabit Ethernet Adapter Physical Address. . . . . . . . . : 00-23-56-1C-XX-XX DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::47e:c2c:8c25:xxxx%103(Preferred) IPv4 Address. . . . . . . . . . . : 10.2.0.42(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.192 Lease Obtained. . . . . . . . . . : mi�rcoles, 28 de enero de 2015 12:41:41 Lease Expires . . . . . . . . . . : mi�rcoles, 28 de enero de 2015 19:17:56 Default Gateway . . . . . . . . . : 10.2.0.1 DHCP Server . . . . . . . . . . . : 10.2.0.1 DHCPv6 IAID . . . . . . . . . . . : 2063606614 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-F7-BF-36-xx-C5-xx-03-xx-xx DNS Servers . . . . . . . . . . . : 10.2.0.27 10.2.0.1 NetBIOS over Tcpip. . . . . . . . : Enabled ...
Of course, it’s possible to run Powershell scripts like the next one which shows the system memory:
$strComputer = $Host Clear $RAM = WmiObject Win32_ComputerSystem $MB = 1048576 "Installed Memory: " + [int]($RAM.TotalPhysicalMemory /$MB) + " MB"
The Python code to run that script is:
#!/usr/bin/env python import winrm ps_script = open('scripts/mem.ps1','r').read() s = winrm.Session('10.2.0.42', auth=('the_username', 'the_password')) r = s.run_ps(ps_script) print r.status_code print r.std_out print r.std_err
and the output:
$ ./winrm_mem.py 0 Installed Memory: 2217 MB
In the end it’s time to talk about how to create an Ansible Playbook to deploy anything in a Windows machine. As always the first thing that we need is a hosts file. In the next example there are several ansible variables needed to run Ansible Windows modules on WinRM, all of them are self-explanatory:
[all] 10.2.0.42
[all:vars]
ansible_ssh_user=the_username ansible_ssh_pass=the_password ansible_ssh_port=5985 #winrm (non-ssl) port ansible_connection=winrm
The first basic example could be a simple playbook that runs the ‘ipconfig’ command and registers the output in an Ansible variable to be showed later like a debug information:
- name: test raw module hosts: all tasks: - name: run ipconfig raw: ipconfig register: ipconfig - debug: var=ipconfig
The command and the output to run latest example:
$ ansible-playbook -i hosts ipconfig.yml PLAY [test raw module] ******************************************************** GATHERING FACTS *************************************************************** ok: [10.2.0.42] TASK: [run ipconfig] ********************************************************** ok: [10.2.0.42] TASK: [debug var=ipconfig] **************************************************** ok: [10.2.0.42] => { "ipconfig": { "invocation": { "module_args": "ipconfig", "module_name": "raw" }, "rc": 0, "stderr": "", "stdout": "\r\nWindows IP Configuration\r\n\r\n\r\nEthernet adapter GigaBit ... ] } } PLAY RECAP ******************************************************************** 10.2.0.42 : ok=3 changed=0 unreachable=0 failed=0
As always Ansible have several modules, not only the ‘raw’ module. I committed two examples in my Github account using a module to download URLs and another one that runs Powershell scripts.
My examples are done using Ansible 1.8.2 installed in a Fedora 20. But main problems I’ve found are configuring Windows 7 to accept WinRM connections. Next I attach some references that helped me a lot:
- pywinrm Github project notes., easy to trace errors than Ansible.
- Ansible notes about Windows.
- How to enable WinRM via Group Policy by Alan Burchill
If you want to use my tests code you can connect to my Github: Basic Ansible playbooks for Windows.