ansible管理windows主机
2024-10-19 16:29:14
1. 在windows开启winrm
winrm service 默认都是未启用的状态,先查看状态;如无返回信息,则是没有启动;
winrm enumerate winrm/config/listener
针对winrm service 进行基础配置:
winrm quickconfig
查看winrm service listener:
winrm e winrm/config/listener
为winrm service 配置auth:
winrm set winrm/config/service/auth @{Basic="true"}
为winrm service 配置加密方式为允许非加密:
winrm set winrm/config/service @{AllowUnencrypted="true"}
2. Ansible 官方提供初始化脚本
https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1
安装winrm(ansible主机)
pip install "pywinrm>=0.1.1"
编译安装方式:https://pypi.org/project/pywinrm/#files
在windows主机powershell执行:.\Desktop\ConfigureRemotingForAnsible.ps1(上图)
wget http://download.baiyongjie.com/python/pip/pip-8.1.0.tar.gz
wget http://download.baiyongjie.com/python/pip/setuptools-33.1.1.zip
tar xzf pip-8.1.0.tar.gz && unzip setuptools-33.1.1.zip
yum install -y epel-release yum install -y python36
cd setuptools-33.1.1 && python3 setup.py install
cd pip-8.1.0 && python3 setup.py instll
pip3 install --upgrade pip
pip3.6 install pywinrm 或者pip安装ansible:pip install ansible或者pip3 install ansible
3. 将windows信息写入变量文件
cat group_vars/windows.yml
ansible_user: Administrator
ansible_ssh_pass: Mlxg2234
ansible_ssh_port: 5986
ansible_connection: winrm
ansible_winrm_server_cert_validation: ignore
加密文件:ansible-vault encrypt group_vars/windows.yml
解密文件:ansible-vault decrypt group_vars/windows.yml
关闭windows server防火墙或者开放5986端口 4. 将windows主机写入hosts文件
[windows]
192.168.20.35 #ansible_ssh_user="Administrator" ---不写变量写入host也行
ansible_ssh_pass="Mlxg2234" ansible_ssh_port=5986
ansible_connection="winrm" ansible_winrm_server_cert_validation=ignore ansible_winrm_transport=ntlm
5. 执行命令测试
ansible -i hosts windows -m win_ping --ask-vault-pass(输入windows文件密码)
6. 测试文件
ansible -i hosts windows -m win_file -a 'dest=c:\ConfigureRemotingForAnsible.ps1 state=directory' --ask-vault-pass
ansible -i hosts windows -m win_copy -a 'src=/etc/hosts dest=c:\config_dir\hosts.txt' --ask-vault-pass 7. 删除文件/目录
ansible -i hosts windows -m win_file -a 'dest=c:\config_dir\hosts.txt state=absent' --ask-vault-pass
ansible -i hosts windows -m win_file -a 'dest=c:\config state=absent' --ask-vault-pass 8. 测试远程执行cmd命令
ansible -i hosts windows -m win_shell -a 'ipconfig' --ask-vault-pass 9. 远程重启windows服务器
ansible -i hosts windows -m win_reboot --ask-vault-pass --ask-vault-pass
ansible -i hosts windows -m win_shell -a 'shutdown -r -t 0' --ask-vault-pass 10. 测试创建用户(远程在windows客户端上创建用户)
ansible -i hosts windows -m win_user -a "name=test1 passwd=Mlxg2234" --ask-vault-pass
11. 安装iis服务
ansible -i hosts windows -m win_feature -a "name=Web-Server" --ask-vault-pass
ansible -i hosts windows -m win_feature -a "name=Web-Server,Web-Common-Http" --ask-vault-pass 12. 获取iis站点信息
ansible -i hosts -m win_iis_website -a "name='Default Web Site'" windows --ask-vault-pass 13. 停止启动IIS站点(started', 'restarted', 'stopped' or 'absent)
ansible -i hosts windows -m win_iis_website -a "name='Default Web Site' state=stopped" --ask-vault-pass
ansible -i hosts windows -m win_iis_website -a "name='Default Web Site' state=started" --ask-vault-pass 14. 添加站点
ansible -i hosts windows -m win_iis_website -a "name=acme physical_path=c:\site_test" --ask-vault-pass
15. 从网站下下载文件
ansible -i hosts -c winrm -m win_get_url -a "url=文件url dest='C:\site_test'" windows --ask-vault-pass
playbook下载
- hosts: windows
gather_facts: false
tasks:
- name: Download png
win_get_url:
url: 'url下载链接'
dest: 'C:\site_test'
force: no ---playbook方式发生变化时才下载
16. 管理Windows服务
- hosts: windows
gather_facts: false
tasks:
- name: DNS Client(Dnscache)
win_service:
name: Dnscache
start_mode: auto ----开机自启动
state: started
最新文章
- Git 小技巧
- remi
- MySQL的数据类型
- Bzoj2434 [Noi2011]阿狸的打字机
- Farey Sequence
- nginx源码学习资源(不断更新)
- 跨应用Session共享
- Linux进程通信之System V消息队列
- Logcat中报内存泄漏MemoryLeak的一次分析
- Node安装与环境配置
- 【改造Linux命令之rm - 删除文件或目录-】
- 1.webpack-----模块加载器兼打包工具
- Java MD5加密与RSA加密
- SQL 查找存在某内容的存储过程都有哪些
- realm清空所有数据库的数据
- lombok踩坑与思考
- patch函数的解释2
- 北航学堂Android客户端Beta阶段发布说明
- 语音笔记:CTC
- BZOJ1395 : [Baltic2005]Trip