This article is outdated and may not work correctly for current operating systems or software.
Ansible is an open source tool for automating tasks. It manages the configuration of your Linux and Windows servers. It works without an agent which means that Ansible uses SSH and current user SSH authorization.
You can use Ansible to automate three types of tasks:
Provisioning: Set up several servers you need in your infrastructure.
Configuration management: Change the configuration of an application, OS, or device; start and stop services; install or update applications; implement a security policy; or perform a wide variety of other configuration tasks.
Application deployment: Make DevOps easier by automating the deployment of internally developed applications to your production systems.
This article will guide you through the install and setup process for Ansible on Debian Stretch, as well the configuration for the administration of a machine that's running on a Windows Server.
A sudo user.
A Debian 9 "Stretch" server instance.
Add the following line to the
deb http://ppa.launchpad.net/ansible/ansible/ubuntu trusty main
Add the repo keys.
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367
Update the system.
sudo apt-get update
sudo apt-get install ansible
To administer your Windows servers, you will need to install the following packages:
Install the Python packages.
sudo apt-get install python-pip pip
Install WinRM (Windows Remote Management).
sudo apt-get install pywinrm
Test the Ansible installation by retrieving its version using the following command.
ansible --version ansible 18.104.22.168 config file = None configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python2.7/dist-packages/ansible-22.214.171.124-py2.7.egg/ansible executable location = /usr/local/bin/ansible python version = 2.7.13 (default, Jan 19 2017, 14:48:08) [GCC 6.3.0 20170118]
Go to the Ansible directory.
hosts file with your favorite text editor.
Add the following lines at the bottom of the
[windows] server1.domain.local server1.domain.local
It is necessary to create an encrypted vault containing the access identifiers for the Windows server. For that, we will create a new encrypted
yml file. The file name must match the host group to which it should apply. In our case, the created group is called
windows, so the file will be
mkdir group_vars cd group_vars ansible-vault create windows.yml
yml file, add the following parameters.
ansible_ssh_user: _your_ssh_user_ ansible_ssh_pass: _your_ssh_pass_ ansible_ssh_port: 5986 ansible_connection: winrm ansible_winrm_server_cert_validation: ignore
A PowerShell script is available to automatically configure your machine. This script will automatically configure WinRM (Windows Remote Management) and open the firewall.
Download the PowerShell script from Github.
Modify the execution rules of Powershell scripts to allow the execution of the script.
Execute the script.
Your Windows Server is now ready for remote management with Ansible.