Ansible之Window运维

1.安装Ansible

基于centos7环境

[root@docker bin]# yum install -y epel-release
[root@docker bin]# yum install -y ansible
[root@docker bin]# yum install -y openssh-server python
[root@docker bin]# /bin/echo -e “[local]\nlocalhost ansible_connection=local” >> /etc/ansible/hosts #本机测试
[root@docker bin]# ansible localhost -m command -a ‘echo Hello World.’
localhost | CHANGED | rc=0 >>
Hello World.

2.配置windows的powershell

client端是基于windows2012R2 64Bit

Windows客户端配置winrm，启用powershell远程管理

查看powershell版本

查看powershell执行策略

查看是否为remotesigned，若不是，需要开启

开启命令:set-executionpolicy remotesigned

配置winrm service并启动服务

winrm quickconfig

查看winrm service启动监听状态

winrm enumerate winrm/config/listener

修改winrm配置，启用远程连接认证

winrm set winrm/config/service/auth ‘@{Basic=”true”}’
winrm set winrm/config/service ‘@{AllowUnencrypted=”true”}’

关闭防火墙或者放行5985端口

ansible服务端测试端口

3.配置ansible服务端

加入host配置

[root@docker ~]# cat /etc/ansible/hosts #加入host配置行，XXXXXXXXX为OS的密码
…
[windows]
172.16.1.129 ansible_ssh_user=”Administrator” ansible_ssh_pass=”XXXXXXXXXXX” ansible_ssh_port=5985 ansible_connection=”winrm” ansible_winrm_server_cert_validation=ignore

安装pywinrm插件

安装pip
[root@docker ~]# wget https://files.pythonhosted.org/packages/8e/76/66066b7bc71817238924c7e4b448abdb17eb0c92d645769c223f9ace478f/pip-20.0.2.tar.gz
[root@docker ~]# tar -zxvf pip-20.0.2.tar.gz -C /usr/local
[root@docker ~]# cd /usr/local/pip-20.0.2
[root@docker ~]# python2.7 setup.py install

安装pywinrm插件

[root@docker ~]# pip install pywinrm

测试连通性

[root@docker ~]# ansible 172.16.1.129 -m win_ping
172.16.1.129 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}

4.测试

创建文件夹测试

[root@docker ~]# ansible 172.16.1.129 -m win_file -a ‘dest=c:\config_dir state=directory’ #在C盘根目录创建文件夹config_dir

复制动作测试

[root@docker ~]# ls /home/ansible/lab/
bin
[root@docker ~]# ansible 172.16.1.129 -m win_copy -a ‘src=/home/ansible/lab/bin dest=c:\config_dir\’    #复制/home/ansible/lab/的bin文件夹包括里面的内容

部署测试完毕