This file was generated by Ansigenome. Do not edit this file directly but instead have a look at the files in the ./meta/ directory.
Goal of this project is to launch ansible script using pywinrm. A VagrantFile is downloading a windows 2012 server VM that will be hosted on VirtualBox. Then we are launching Ansible script in order to set up this VM.
- Os is an Ubuntu 18.04
- Test winrm
- From windows
- From unix
- User prompted for REALM name and KDC for Kerberos
- Python WinRM module
- Ignore warnings about maj_stat
- Kerberos and CredSSP
- Get xmllint for pretty print of SOAP response
- Replace 'targetHost' with the target Windows host
- Basic authentication is not enabled by default on a Windows host but can be enabled by running the following in PowerShell
- Automate jenkins service
- Check the java web start default JDK
- Run the java web start by hand if the JDK is not right
- Add -noCertificateCheck to the jenkins-slave.xml in the jenkins directory if missing
- Generate id_rsa from MSYS2
- Log on
- Change jenkins service to start as Log on as -> This account and use my user
- Checking image
- Docker
- Recovery
- Documentation
- Role variables
- Detailed usage guide
- Testing
- Ansible lint
- License
- Ensures that windows is installed
WARNING : In inventory file, please use ansible_ssh_user and ansible_ssh_pass instead of ansible_user ansible_password, because of vault overridden values
- name: Install windows
connection: local
hosts: windows
roles:
- role: windows
On Ubuntu, where VirtualBox and Vagrant are installed, do not forge to do the following : sudo pip install https://github.com/diyan/pywinrm/archive/df049454a9309280866e0156805ccda12d71c93a.zip --upgrade
It is working with the following version :
$ python -V Python 2.7.3 $ pip -V pip 1.4.1 from /usr/local/lib/python2.7/dist-packages (python 2.7)
$ VBoxManage --version 4.3.28r100309
$ vagrant --version Vagrant 2.3.1.0
$ vagrant plugin list winrm (1.1.3) vagrant-login (1.0.1, system) vagrant-share (1.1.0, system)
$ ansible --version ansible 1.7.2
Ansible 2.5.0 is required on order to have win_copy working on Windows 7 and Windows Server 2016
Check winrm in target host
winrm id
winrm get winrm/config
For older version of Windows, please do
Set-Item WSMan:\localhost\Shell\MaxMemoryPerShellMB 5000
Set-Item WSMan:\localhost\Plugin\Microsoft.PowerShell\Quotas\MaxMemoryPerShellMB 5000
Restart-Service winrm
winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="0"}'
On the windows VM :
powershell -File upgrade_to_ps3.ps1
@powershell -NoProfile -ExecutionPolicy unrestricted -Command "iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))" && SET PATH=%PATH%;%systemdrive%\chocolatey\bin
cinst powershell
choco install powershell
choco upgrade powershell
powershell -File ConfigureRemotingForAnsible.ps1
See windows_winrm
$ winrm identify -u:myuser -p:Mypass123! -r:http://targetHost:5985
$ winrm identify -u:MISYSROOT\aandrieu -p:Mypass123! -r:http://targetHost:5985
winrs -r:http://server:5985/wsman -u:Username -p:Password ipconfig
winrs -r:http://server:5985/wsman -u:Username -p:Password -ssl ipconfig
$ sudo apt-get install python-dev libkrb5-dev krb5-user
$ sudo pip install pyOpenSSL --upgrade $ sudo pip install "pywinrm>=0.2.2"
$ sudo pip install kerberos
$ sudo pip install "pywinrm[kerberos]" $ sudo pip install "pywinrm[credssp]" $ sudo pip install "requests-credssp" "requests-kerberos"
$ sudo apt-get install libxml2-utils -y
$ curl --header "Content-Type: application/soap+xml;charset=UTF-8" --header "WSMANIDENTIFY: unauthenticated" http://targetHost:5985/wsman --data '<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:wsmid="http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd"><s:Header/><s:Body><wsmid:Identify/></s:Body></s:Envelope>' | xmllint --format -
Basic authentication is not enabled by default on a Windows host but can be enabled by running the following in PowerShell
$ Set-Item -Path WSMan:\localhost\Service\Auth\Basic -Value $true
$ Set-Item -Path WSMan:\localhost\Service\Auth\Certificate -Value
$ .\ConfigureRemotingForAnsible.ps1 -ForceNewSSLCert
On the windows VM :
Install PowerShell Configure remoting Disable password
Change default JDK if wrong Replace Path Environment variable from C:\ProgramData\Oracle\Java\javapath by %JAVA_HOME%\bin Replace regedit Registry key 'Software\JavaSoft\Java Runtime Environment'\CurrentVersion' but 1.7 Replace regedit Registry key 'Software\JavaSoft\Java Development Kit'\CurrentVersion' but 1.7
$ javaws -viewer
$ javaws "slave-agent.jnlp"
Copy it from C:\msys64\home\mysuser or C:\tools\msys64\home\mysuser to the user Add the key to Bitbucket Test doing git clone ssh://stash:7999/test/repo.git
Make sure in the jenkins you have Log on -> Log on as -> Local System account BUT NOT Change jenkins service to start as Log on as -> This account and use my user, otherwise is do not reconnect automatically after reboot
Add HOME C:\Users\jenkins
setx -m HOME ^%UserProfile^%
See Git Bash See Access denied
[https://github.com/jenkinsci/windows-slaves-plugin/blob/master/docs/troubleshooting.adoc#wbem-scripting-locator](WBEM Scripting Locator)
Petelea, Mihai modify the permissions to local administrators instead of trusted installer but that was done with a server admin account that superseeds the normal admin accounts and then he changed the permissions to the entire C drive to Administrators
https://blogs.sap.com/2020/06/25/how-to-install-the-.net-framework-3.5-on-windows-server-2016-and-later/ https://winaero.com/install-net-framework-3-5-in-windows-10/
See files/net-framework-core.ps1
PowerShell
Enable-WindowsOptionalFeature -Online -FeatureName "NetFx3"
Or Cmd
Dism /online /Enable-Feature /FeatureName:"NetFx3"
https://lecrabeinfo.net/reparer-image-de-windows-10-dism.html
Dism /Online /Cleanup-Image /CheckHealth
Docker build on windows
Fix docker
"C:\Program Files\Docker\Docker\DockerCli.exe" -SwitchDaemon
PowerShell
Restart-Service docker Get-Service docker
Build docker image
` docker pull mcr.microsoft.com/windows/servercore:ltsc2019
cd /c/workspace/fusionrisk-ansible/roles/windows/ docker login docker build -t nabla/ansible-jenkins-slave-win:1.0.0 . --platform=windows/amd64 docker manifest inspect nabla/ansible-jenkins-slave-win:1.0.0 --verbose docker run -it nabla/ansible-jenkins-slave-win:1.0.0 cmd.exe `
Reset fail count after: 1 days Restart service after: 60 minutes
More information about alban.andrieu.windows
can be found in the
TODO official alban.andrieu.windows documentation.
List of default variables available in the inventory:
windows_enabled: yes # Enable module
#ansible_ssh_user: vagrant
#ansible_ssh_pass: vagrant
#target port
#ansible_ssh_port: 5986
#local port
#ansible_ssh_port: 55985
ansible_connection: winrm
Run the following command :
ansible-playbook -i hosts -c local -v windows.yml -vvvv --ask-sudo-pass | tee setup.log
ansible-galaxy install alban.andrieu.windows
vagrant up
git add tasks/pacman.yml # First add your file, then
pre-commit run ansible-lint
The issue tracker is the preferred channel for bug reports, features requests and submitting pull requests.
For pull requests, editor preferences are available in the editor config for easy use in common text editors. Read more and download plugins at http://editorconfig.org.
In lieu of a formal styleguide, take care to maintain the existing coding style. Add unit tests and examples for any new or changed functionality.
- Fork it
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create new Pull Request
roles/alban_andrieu_windows
role was written by:
- License: GPLv3
Are welcome!
This role is part of the Nabla project. README generated by Ansigenome.
Alban Andrieu