Ansible is increasingly becoming the go-to platform for application deployment, and software provisioning among developers owing to its ease of use and flexibility. Furthermore, it is easy to set up and no agent is required to be installed on remote nodes, instead, Ansible uses password less SSH authentication to manage remote Unix/Linux hosts. In this topic, however, we are going to see how you can manage Windows Host using Ansible.
Lab setup
We shall use the setup below to accomplish our objective
- Ansible Control node – CentOS 8 – IP: 192.168.43.13
- Windows 10 node – Windows 10 – IP: 192.168.43.147
Part 1: Installing Ansible on the Control node (CentOS 8)
Before anything else, we need to get Ansible installed on the Control node which is the CentOS 8 system.
Step 1: Verify that Python3 is installed on Ansible control node
Firstly, we need to confirm if Python3 is installed. CentOS 8 ships with Python3 but if it’s missing for any reason, install using the command:
# sudo dnf install python3
Next, make Python3 the default Python version by running:
# sudo alternatives --set python /usr/bin/python3
To verify if python3 is installed, run the command:
# python --version
Read Also : How to Install Ansible (Automation Tool) on CentOS 8/RHEL 8
Step 2: Install a virtual environment for running Ansible
For this exercise, an isolated environment for running and testing Ansible is preferred. This will keep at bay issues such as dependency problems and package conflicts. The isolated environment we are going to create is called a virtual environment.
Firstly, let’s begin with the installation of the virtual environment on CentOS 8.
# sudo dnf install python3-virtualenv
After the installation of the virtual environment, create a virtual workspace by running:
# virtualenv env
# source env/bin/activate
Great! Observer that the prompt has now changed to (env).
Step 3: Install Ansible
After the creation of the virtual environment, proceed and install Ansible automation tool using pip as shown:
# pip install ansible
You can later confirm the installation of Ansible using the command:
# ansible --version
To test Ansible and see if it’s working on our Ansible Control server run:
# ansible localhost -m ping
Great! Next, we need to define the Windows host or system on a host file on the Ansible control node. Therefore, open the default hosts file
# vim /etc/ansible/hosts
Define the Windows hosts as shown below.
Note: The username and password point to the user on the Windows host system.
Next, save and exit the configuration file.
Step 4: Install Pywinrm
Unlike in Unix systems where Ansible uses SSH to communicate with remote hosts, with Windows it’s a different story altogether. To communicate with Windows hosts, you need to install Winrm.
To install winrm, once again, use pip tool as shown:
# pip install pywinrm
Part 2: Configuring Windows Host
In this section, we are going to configure our Windows 10 remote host system to connect with the Ansible Control node. We are going to install the WinRM listener- short for Windows Remote – which will allow the connection between the Windows host system and the Ansible server.
But before we do so, your Windows host system needs to fulfill a few requirements for the installation to succeed:
- Your Windows host system should be Windows 7 or later. For Servers, ensure that you are using Windows Server 2008 and later versions.
- Ensure your system is running .NET Framework 4.0 and later.
- Windows PowerShell should be Version 3.0 & later
With all the requirements met, now follow the steps stipulated below:
Step 1: Download the WinRM script on Windows 10 host
WinRM can be installed using a script that you can download from this link. Copy the entire script and paste it onto the notepad editor. Thereafter, ensure you save the WinRM script at the most convenient location. In our case, we have saved the file on the Desktop under the name ConfigureRemotingForAnsible.ps1
Step 2: Run the WinRM script on Windows 10 host
Next, run PowerShell as the Administrator
Navigate to the script location and run it. In this case, we have navigated to the Desktop location where we saved the script. Next, proceed and execute the WinRM script on the WIndows host:
.\ConfigureRemotingForAnsible.ps1
This takes about a minute and you should get the output shown below. The output shows that WinRM has successfully been installed.
Part 3: Connecting to Windows Host from Ansible Control Node
To test connectivity to the Windows 10 host, run the command:
# ansible winhost -m win_ping
The output shows that we have indeed established a connection to the remote Windows 10 host from the Ansible Control node. This implies that we can now manage the remote Windows host using Ansible Playbooks. Let’s create a sample playbook for the Windows host system.
Part 4: Creating and running a playbook for Windows 10 host
In this final section, we shall create a playbook and create a task that will install Chocolatey on the remote host. Chocolatey is a package manager for Windows system. The play is defined as shown:
# vim chocolatey.yml --- - hosts: winhost gather_facts: no tasks: - name: Install Chocolatey on Windows10 win_chocolatey: name=procexp state=present
Save and close the yml file. Next, execute the playbook as shown
# ansible-playbook chocolatey.yml
The output is a pointer that all went well. And this concludes this topic on how you can manage Windows host using Ansible.
Also Read : How to Create Ansible Roles and Use them in Playbook
There is not such parameter status=present rather it should be state=present
Hi Arbab,
Yes , You are correct, i have corrected it now. Thank for pin pointing the typo.
do I need to Run the WinRM script on Windows 10 for each host? if I have multiple windows hosts.
Yes, WinRM script needs to be installed on each Windows 10 system
I met the following problem, how can I solve it?
PS X: .\ConfigureRemotingForAnsible.ps1
Unable to establish an HTTP or HTTPS remoting session.
X:\ConfigureRemotingForAnsible.ps1:451
+ Throw “Unable to establish an HTTP or HTTPS remoting session.”
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (Unable to estab…moting session.:String) [], RuntimeException
+ FullyQualifiedErrorId : Unable to establish an HTTP or HTTPS remoting session.
I am getting Object not found Command not found error
Hi Experts,
I have a question. How to handle windows workstations patching using Ansible. When the workstations are offline during patching schedule, they will not get latest patches installed. How do we need to automate the patching and execute a patching job from Ansible as and when workstations come online after actual patching schedule.
Great article!
It really helped me:-)
Great Article. It has helped me a lot. Thank you for sharing this.
Nice article. Testing it now on a Windows 11 VM. But there is a type in the playbook:
– host: winhost
should be
– hosts: winhost
Hi Peter,
Thanks for pin pointing the type. I have corrected it now.
Thank you for this nice article. I have a commvault server running on windows and there is a request to automate some of the commvault services. I have configured the windows server and able win_ping successfully. However I am unable to find modules for commvault which is running on windows. I have tried installing CVPySDK modules, but no success. I am unable to find the modules for commvault which is running on windows.. Can someone help me on it.. pls… as I am new to ansible.