Configure a Windows Host for Ansible - ansible winrm

우분투에 ansible설치

튜토리얼 - 우분투 리눅스에 Ansible 설치 [ 단계별로 ]

관리당하는 PC에서 할 것

  1. ansible에서 사용할 계정을 만든다

    Untitled

    Untitled

    Untitled

  2. Powershell 버전 확인

    Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.
Try the new cross-platform PowerShell <https://aka.ms/pscore6>
PS C:\\Users\\vagrant> Get-Host | Select-Object Version
Version
-------
5.1.19041.1237

  3. .net 버전 확인

    PS C:\\Users\\vagrant> Get-ChildItem 'HKLM:\\SOFTWARE\\Microsoft\\NET Framework Setup\\NDP' -Recurse | Get-ItemProperty -Name version -EA 0 | Where { $_.PSChildName -Match '^(?!S)\\p{L}'} | Select PSChildName, version
>>
PSChildName Version
----------- -------
Client      4.8.04084
Full        4.8.04084
Client      4.0.0.0
PS C:\\Users\\vagrant>

  4. WinRM Setup

PS C:\\Users\\vagrant> winrm qc
  1. WinRM설정 확인
PS C:\\Users\\vagrant> winrm get winrm/config/Service
Service
    RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)
    MaxConcurrentOperations = 4294967295
    MaxConcurrentOperationsPerUser = 1500
    EnumerationTimeoutms = 240000
    MaxConnections = 300
    MaxPacketRetrievalTimeSeconds = 120
    AllowUnencrypted = true
    Auth
        Basic = true
        Kerberos = true
        Negotiate = true
        Certificate = false
        CredSSP = false
        CbtHardeningLevel = Relaxed
    DefaultPorts
        HTTP = 5985
        HTTPS = 5986
    IPv4Filter = *
    IPv6Filter = *
    EnableCompatibilityHttpListener = false
    EnableCompatibilityHttpsListener = false
    CertificateThumbprint
    AllowRemoteAccess = true
PS C:\\Users\\vagrant>
PS C:\\Users\\vagrant> winrm get winrm/config/Winrs
Winrs
    AllowRemoteShellAccess = true
    IdleTimeout = 7200000
    MaxConcurrentUsers = 2147483647
    MaxShellRunTime = 2147483647
    MaxProcessesPerShell = 2147483647
    MaxMemoryPerShellMB = 2147483647
    MaxShellsPerUser = 2147483647
PS C:\\Users\\vagrant> winrm enumerate winrm/config/Listener
Listener
    Address = *
    Transport = HTTPS
    Port = 5986
    Hostname = WIN10
    Enabled = true
    URLPrefix = wsman
    CertificateThumbprint = F4D065F8FC6EE18F1F0FF9533584955D0C9B8E59
    ListeningOn = 10.0.2.15, 127.0.0.1, 169.254.20.54, ::1, fe80::44a1:482d:5918:7cb4%4, fe80::d017:a935:ff50:4eb4%5

관리할 PC (LINUX)에서 할 것

  1. windows폴더를 하나 만든다.

    mkdir windows

  2. inventory 파일을 생성한다

    sudo vi windows/inventory

  3. inventory파일 안에 다음 내용을 써 준다.

    [windows]
windows10 ansible_host=192.168.100.13
[windows:vars]
ansible_user=ansible
ansible_password=1234
ansible_port=5985
ansible_connection=winrm
ansible_winrm_transport=basic
ansible_winrm_server_cert_validation=ignore

  4. windows폴더 안에 win_ping.yml 파일을 만들고 아래 내용을 써 준다.

    ---
- name: win_ping module demo
  hosts: windows
  become: false
  gather_facts: false
  tasks:
    - name: test connection
      ansible.windows.win_ping:

  5. 실행해서 테스트

    ansible-playbook -i windows/inventory windows/win_ping.yml