Setting up a Windows Server for Ansible Management

Ansible, a widely used configuration management tool, is not just for Unix-like systems. With the right setup, it can also be used to manage Windows servers. This article will guide you through the process of setting up a Windows server to be controlled using Ansible.

For this demonstration, we’ll be setting up two instances of “Microsoft Windows Server 2022 Base” as child nodes. Additionally, we’ll create an Ubuntu instance to serve as our control node.

Ansible Uses SSH for connecting to Linux systems, And for Windows systems it uses Winrm.

Steps to Configure a Windows Server

Open PowerShell in Administrator mode and run the below command. it will run a script that will do all the necessary configurations. yes, that’s it on the Window side.

Invoke-WebRequest -Uri https://raw.githubusercontent.com/rallabandisrinivas/winrm_ansible/main/README.md -UseBasicParsing | Select-Object -ExpandProperty Content | Invoke-Expression

You can refer to the official documentation below if you face any issues

Ansible Windows Setup Link

Steps to Configure a Ubuntu Server

1. Update Package list and upgrade Packages

sudo apt update
sudo apt upgrade

Sometimes you may be asked to reboot then you can reboot using the below command.

 sudo reboot

2. Install python3-pip and then install pywinrm package.

 sudo apt install python3-pip
 pip install pywinrm

3. Let’s install ansible

 sudo apt install ansible

4. Now create an inventory file and add IP and authentication info about Windows servers in it.

inventory

 [windows]
 server1 ansible_host=65.2.122.214 ansible_user=Administrator ansible_password=3zA)--5TI$4pFng6*=qnAVLudgYtTqRP
 server2 ansible_host=15.206.194.23 ansible_user=Administrator ansible_password=3zA)--5TI$4pFng6*=qnAVLudgYtTqRP

 [windows:vars]
 ansible_connection=winrm
 ansible_winrm_server_cert_validation=ignore

Yes, Storing Passwords in plain text is a security risk we can use ansible-vault. But for the sake of the demo, we are storing it in plain text.

In Production environments, We can Ansible Vault to securely store and use passwords.

To learn more about Ansible Vault you can refer below article

Secrets Management with Ansible Vault: A Comprehensive Guide with Examples

5. Now We will be running the below Adhoc command to test the connectivity

ansible windows -m win_ping -i inventory

if you have created instances on the cloud and have not opened Winrm ports you might get the below error.

Open those ports and run the command again

Successful execution will look like the below

Now, with all the Configurations in place, you can fully automate a myriad of tasks on your Windows servers.

Happy automating! 🤖

Originally published at https://anujdube.com.