Ansible is an open source tool for automating tasks. It manages the configuration of your Linux and Windows servers. It works without an agent which means that Ansible uses SSH and current user SSH authorization.
You can use Ansible to automate three types of tasks:
- Provisioning: Set up several servers you need in your infrastructure.
- Configuration management: Change the configuration of an application, OS, or device; start and stop services; install or update applications; implement a security policy or perform a wide variety of other configuration tasks.
- Application deployment: Make DevOps easier by automating the deployment of internally developed applications to your production systems.
This article will guide you through the install and setup process for Ansible on CentOS 7, as well as the configuration for the administration of a machine that's running on a Windows Server.
- A sudo user.
- A CentOS 7 server instance.
Add the EPEL Repository.
sudo yum install epel-release
sudo yum -y update
Once the packages have been updated, install Ansible with
sudo yum -y install ansible
To administer your Windows servers, you will need to install the following packages:
Install the Python packages.
sudo yum -y install python-pip pip
Install WinRM (Windows Remote Management).
pip install pywinrm
Test the Ansible installation by retrieving its version using the following command.
ansible --version ansible 2.5.5 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible python version = 2.7.5 (default, Apr 11 2018, 07:36:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
Configure Ansible for Windows Server Management
Go to the Ansible directory.
hosts file with your favorite text editor.
Add the following lines at the bottom of the
[windows] server1.domain.local server1.domain.local
It is necessary to create an encrypted vault containing the access identifiers for the Windows server. For that, we will create a new encrypted
yml file. The file name must match the host group to which it will apply. In our case, the created group is called
windows, so the file will be
mkdir group_vars cd group_vars ansible-vault create windows.yml
yml file, add the following parameters.
ansible_ssh_user: _your_ssh_user_ ansible_ssh_pass: _your_ssh_pass_ ansible_ssh_port: 5986 ansible_connection: winrm ansible_winrm_server_cert_validation: ignore
Configure the Windows Server
A PowerShell script is available to automatically configure your machine. This script will automatically configure WinRM (Windows Remote Management) and open the firewall.
Download the PowerShell script from Github.
Modify the execution rules of the PowerShell scripts to allow the execution of the script.
Execute the script.
Your Windows Server is now ready for remote management with Ansible.