How to Manage Remote Windows Host using Ansible

Ansible is increasingly becoming the go-to platform for application deployment, and software provisioning among developers owing to its ease of use and flexibility. Furthermore, it is easy to set up and no agent is required to be installed on remote nodes, instead, Ansible uses password less SSH authentication to manage remote Unix/Linux hosts. In this topic, however, we are going to see how you can manage Windows Host using Ansible.

Manage-Windows-Hosts-using-Ansible

Lab setup

We shall use the setup below to accomplish our objective

  • Ansible Control node   –    CentOS 8          –     IP: 192.168.43.13
  • Windows 10 node         –    Windows 10     –     IP: 192.168.43.147

Part 1: Installing Ansible on the Control node (CentOS 8)

Before anything else, we need to get Ansible installed on the Control node which is the CentOS 8 system.

Step 1: Verify that Python3 is installed on Ansible control node

Firstly, we need to confirm if Python3 is installed. CentOS 8 ships with Python3 but if it’s missing for any reason, install using the command:

# sudo dnf install python3

Next, make Python3 the default Python version by running:

# sudo alternatives --set python /usr/bin/python3

To verify if python3 is installed, run the command:

# python --version

check-python-version 

Read Also : How to Install Ansible (Automation Tool) on CentOS 8/RHEL 8

Step 2: Install a virtual environment for running Ansible

For this exercise, an isolated environment for running and testing Ansible is preferred. This will keep at bay issues such as dependency problems and package conflicts. The isolated environment we are going to create is called a virtual environment.

Firstly, let’s begin with the installation of the virtual environment on CentOS 8.

# sudo dnf install python3-virtualenv

install-python3-virtualenv

After the installation of the virtual environment, create a virtual workspace by running:

# virtualenv env

virtualenv-env-ansible

# source env/bin/activate

source-env-bin-activate-ansible

Great! Observer that the prompt has now changed to (env).

Step 3: Install Ansible

After the creation of the virtual environment, proceed and install Ansible automation tool using pip as shown:

# pip install ansible

pip-install-Ansible

You can later confirm the installation of Ansible using the command:

# ansible --version

check-ansible-version

To test Ansible and see if it’s working on our Ansible Control server run:

# ansible localhost -m ping

Test-ansible-for-connectivity

Great! Next, we need to define the Windows host or system on a host file on the Ansible control node. Therefore, open the default hosts file

# vim /etc/ansible/hosts

Define the Windows hosts as shown below.

Ansible-hosts-file

Note: The username and password point to the user on the Windows host system.

Next, save and exit the configuration file.

Step 4: Install Pywinrm

Unlike in Unix systems where Ansible uses SSH to communicate with remote hosts, with Windows it’s a different story altogether. To communicate with Windows hosts, you need to install Winrm.

To install winrm, once again, use pip tool as shown:

# pip install pywinrm

install-pywinrm

Part 2: Configuring Windows Host

In this section, we are going to configure our Windows 10 remote host system to connect with the Ansible Control node. We are going to install the WinRM listener- short for Windows Remote – which will allow the connection between the Windows host system and the Ansible server.

But before we do so, your Windows host system needs to fulfill a few requirements for the installation to succeed:

  • Your Windows host system should be Windows 7 or later. For Servers, ensure that you are using Windows Server 2008 and later versions.
  • Ensure your system is running .NET Framework 4.0 and later.
  • Windows PowerShell should be Version 3.0 & later

With all the requirements met, now follow the steps stipulated below:

Step 1: Download the WinRM script on Windows 10 host

WinRM can be installed using a script that you can download from this link. Copy the entire script and paste it onto the notepad editor. Thereafter, ensure you save the WinRM script at the most convenient location. In our case, we have saved the file on the Desktop under the name  ConfigureRemotingForAnsible.ps1

Step 2: Run the WinRM script on Windows 10 host

Next, run PowerShell as the Administrator

Run-PowerShell-as-Administrator

Navigate to the script location and run it. In this case, we have navigated to the Desktop location where we saved the script. Next, proceed and execute the WinRM script on the WIndows host:

.\ConfigureRemotingForAnsible.ps1

This takes about a minute and you should get the output shown below. The output shows that WinRM has successfully been installed.

set-up-WinRM-on-Windows10

Part 3: Connecting to Windows Host from Ansible Control Node

To test connectivity to the Windows 10 host, run the command:

# ansible winhost -m win_ping

Ansible-ping-windows-host-machine

The output shows that we have indeed established a connection to the remote Windows 10 host from the Ansible Control node. This implies that we can now manage the remote Windows host using Ansible Playbooks. Let’s create a sample playbook for the Windows host system.

Part 4: Creating and running a playbook for Windows 10 host

In this final section, we shall create a playbook and create a task that will install Chocolatey on the remote host. Chocolatey is a package manager for Windows system. The play is defined as shown:

# vim chocolatey.yml
---
- hosts: winhost
  gather_facts: no
  tasks:
   - name: Install Chocolatey on Windows10
     win_chocolatey: name=procexp  state=present

Ansible-Playbook-install-chocolatey

Save and close the yml file. Next, execute the playbook as shown

# ansible-playbook chocolatey.yml

Ansible-playBook-succeeded

The output is a pointer that all went well. And this concludes this topic on how you can manage Windows host using Ansible.

Also Read How to Create Ansible Roles and Use them in Playbook

12 thoughts on “How to Manage Remote Windows Host using Ansible”

  1. I met the following problem, how can I solve it?

    PS X: .\ConfigureRemotingForAnsible.ps1
    Unable to establish an HTTP or HTTPS remoting session.
    X:\ConfigureRemotingForAnsible.ps1:451
    + Throw “Unable to establish an HTTP or HTTPS remoting session.”
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : OperationStopped: (Unable to estab…moting session.:String) [], RuntimeException
    + FullyQualifiedErrorId : Unable to establish an HTTP or HTTPS remoting session.

    Reply
  2. Hi Experts,

    I have a question. How to handle windows workstations patching using Ansible. When the workstations are offline during patching schedule, they will not get latest patches installed. How do we need to automate the patching and execute a patching job from Ansible as and when workstations come online after actual patching schedule.

    Reply
  3. Nice article. Testing it now on a Windows 11 VM. But there is a type in the playbook:

    – host: winhost

    should be

    – hosts: winhost

    Reply
  4. Thank you for this nice article. I have a commvault server running on windows and there is a request to automate some of the commvault services. I have configured the windows server and able win_ping successfully. However I am unable to find modules for commvault which is running on windows. I have tried installing CVPySDK modules, but no success. I am unable to find the modules for commvault which is running on windows.. Can someone help me on it.. pls… as I am new to ansible.

    Reply

Leave a Reply to Sandhya Jha Cancel reply