Difference between revisions of "Ansible"
Jump to navigation
Jump to search
| (4 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | https://docs.ansible.com/ansible/latest/reference_appendices/config.html | ||
| + | |||
| + | https://docs.ansible.com/ansible/latest/user_guide/windows_winrm.html | ||
| + | |||
| + | |||
| + | |||
# Install and Use | # Install and Use | ||
| Line 131: | Line 137: | ||
| − | # No | + | # No inventory file to run script on remote |
| + | .env | ||
| + | ``` | ||
| + | export ANSIBLE_USER="MYDOMAIN\\myuser" | ||
| + | export ANSIBLE_PASSWORD='mypass' | ||
| + | export ANSIBLE_HOST_KEY_CHECKING=False # Not recommended | ||
| + | ``` | ||
| + | |||
| + | rcmd.sh | ||
``` | ``` | ||
#!/usr/bin/env bash | #!/usr/bin/env bash | ||
set -e | set -e | ||
# Create .env file with ANSIBLE_USER/PASSWORD using export then . .env | # Create .env file with ANSIBLE_USER/PASSWORD using export then . .env | ||
| + | # .env | ||
| + | # export ANSIBLE_USER="EXAMPLE\\myuser" | ||
| + | # export ANSIBLE_PASSWORD='mypass' | ||
| + | # export ANSIBLE_HOST_KEY_CHECKING=False # not recommended if possible | ||
| + | # . .env | ||
| − | if [ "$#" -ne | + | if [ "$#" -ne 2 ]; then |
| − | echo "Usage $0 | + | echo "Usage $0 <hostname> <script>" |
| − | echo "Example $0 | + | echo "Example $0 host.example.com ./test.ps1" |
exit | exit | ||
fi | fi | ||
| − | + | host=$1 | |
| − | + | script=$2 | |
| − | |||
inventory=$(mktemp tmp.inventory.XXXXX.yaml) | inventory=$(mktemp tmp.inventory.XXXXX.yaml) | ||
ansible_user=${ANSIBLE_USER} | ansible_user=${ANSIBLE_USER} | ||
ansible_password=${ANSIBLE_PASSWORD} | ansible_password=${ANSIBLE_PASSWORD} | ||
| + | winrm_port=5985 | ||
| + | ssh_port=22 | ||
| + | os="" | ||
| − | if [[ | + | # ping_status=$(ping -c 1 $host > /dev/null 2>&1; echo $?) |
| − | + | winrm_status=$(nc -z $host $winrm_port; echo $?) | |
| − | + | ||
| + | if [[ $winrm_status -eq 0 ]]; then | ||
| + | os=windows | ||
| + | windowshost="$host:" | ||
| + | else | ||
| + | ssh_status=$(nc -z $host $ssh_port) | ||
| + | if [[ $ssh_status -eq 0 ]]; then | ||
| + | os=linux | ||
linuxhost="$host:" | linuxhost="$host:" | ||
| − | else | + | else |
| − | echo E: | + | echo E: winrm port $winrm_port or ssh port $ssh_port are not available on $host. |
exit | exit | ||
| + | fi | ||
fi | fi | ||
| + | |||
text=" | text=" | ||
Latest revision as of 16:26, 11 June 2022
https://docs.ansible.com/ansible/latest/reference_appendices/config.html
https://docs.ansible.com/ansible/latest/user_guide/windows_winrm.html
Install and Use
Using apt and older version
sudo apt install ansible sshpass
python3 -m venv venv source ansible/bin/activate # pip install -U pip pip install ansible pywinrm
inventory.yaml
all:
vars:
ansible_user: <myusername>
ansible_password: <mypass>
windows:
hosts:
winhost.example.com:
vars:
ansible_connection: winrm
ansible_port: 5985
ansible_winrm_scheme: http # Recommend https if possible
ansible_winrm_transport: ntlm
ansible_winrm_server_cert_validation: ignore # Not recommended
linux:
hosts:
linuxhost.example.com:
vars:
ansible_connection: ssh
https://www.vgemba.net/ansible/Ansible-WinRM-Workgroup/
ansible 'Windows' -m win_shell -i inventory.yaml -a 'pwd' ansible 'Linux' -i inventory.yaml -a 'pwd'
Run local script on remotes
ansible 'Windows' -m "script ./a.ps1" -i inventory.yaml
ansible myhost.example.com -a "pwd" --ask-pass
Use latest Python and Pip source
Or lets just use Python Source of latest, pip
#!/usr/bin/env bash
set -e pipefail
version='3.9.6'
get() {
sudo apt install -y build-essential checkinstall
sudo apt install -y libreadline-gplv2-dev libncursesw5-dev libssl-dev \
libsqlite3-dev tk-dev libgdbm-dev libc6-dev libbz2-dev libffi-dev zlib1g-dev
curl -LO https://www.python.org/ftp/python/$version/Python-$version.tgz
tar xzf Python-$version.tgz
}
install() {
cd Python-$version
./configure --prefix=/usr/local
#./configure --prefix=/usr/local --enable-optimizations
sudo make altinstall
}
get
install
Install ansible in virtual env
python3.9 -m venv venv source ansible/bin/activate # pip install -U pip pip install ansible pywinrm
inventory.toml
[Windows] winhost.example.com [Windows:vars] ansible_user=<myuser> ansible_password=<mypass> ansible_connection=winrm # ansible_port=5985 # ansible_winrm_scheme=http ansible_port=5986 ansible_winrm_scheme=https ansible_winrm_server_cert_validation: ignore [Linux] linuxhost.example.com [Linux:vars] ansible_user=<my user> ansible_password=<my pass> ansible_connection=ssh
Presentations
https://www.vgemba.net/ansible/Ansible-WinRM-Workgroup/
No inventory file to run script on remote
.env
export ANSIBLE_USER="MYDOMAIN\\myuser" export ANSIBLE_PASSWORD='mypass' export ANSIBLE_HOST_KEY_CHECKING=False # Not recommended
rcmd.sh
#!/usr/bin/env bash
set -e
# Create .env file with ANSIBLE_USER/PASSWORD using export then . .env
# .env
# export ANSIBLE_USER="EXAMPLE\\myuser"
# export ANSIBLE_PASSWORD='mypass'
# export ANSIBLE_HOST_KEY_CHECKING=False # not recommended if possible
# . .env
if [ "$#" -ne 2 ]; then
echo "Usage $0 <hostname> <script>"
echo "Example $0 host.example.com ./test.ps1"
exit
fi
host=$1
script=$2
inventory=$(mktemp tmp.inventory.XXXXX.yaml)
ansible_user=${ANSIBLE_USER}
ansible_password=${ANSIBLE_PASSWORD}
winrm_port=5985
ssh_port=22
os=""
# ping_status=$(ping -c 1 $host > /dev/null 2>&1; echo $?)
winrm_status=$(nc -z $host $winrm_port; echo $?)
if [[ $winrm_status -eq 0 ]]; then
os=windows
windowshost="$host:"
else
ssh_status=$(nc -z $host $ssh_port)
if [[ $ssh_status -eq 0 ]]; then
os=linux
linuxhost="$host:"
else
echo E: winrm port $winrm_port or ssh port $ssh_port are not available on $host.
exit
fi
fi
text="
all:
vars:
ansible_user: ${ansible_user}
ansible_password: ${ansible_password}
windows:
hosts:
${windowshost}
vars:
ansible_connection: winrm
ansible_port: 5985
ansible_winrm_scheme: http
ansible_winrm_transport: ntlm
ansible_winrm_server_cert_validation: ignore
linux:
hosts:
$linuxhost
vars:
ansible_connection: ssh
"
echo "$text" > $inventory
ansible "$host" -m "script $script" -i $inventory
rm $inventory