Playbook to provision MS-Windows servers

Playbook to provision MS-Windows servers

Playbook to provision MS-Windows servers

The following playbook is an implementation for Windows servers that allows provisioning users and groups for a standalone environment. Other tasks are performed in the run in order to implement software and update the operating system; in summary we will do the following.

  • Create a group
  • Create a user
  • Copy Files
  • Install software components from .msi files or from external repositories.
  • Install IIS
  • Update operating system

With Ansible, we can generate more complex tasks that allow us to efficiently automate the server provisioning process from a single point of administration, thus saving operational costs.

In file “complex.yaml” executes a local connection in order to generate a temporary file; then the workflow is changed to the servers in the “RedHat” tab of the /etc/ansible/hosts file to effectively perform the tasks on those servers.

The following is the content of the playbook we designed.

---
- name: All windows tasks
 hosts: Windows
 gather_facts: false
 vars:
 ansible_ssh_user: uniqs
 ansible_ssh_pass: uniqs
 ansible_ssh_port: 5986
 ansible_connection: winrm



 tasks:
 - name: Add Group
 win_group:
 name: deploy
 description: Deploy Group
 state: present

 - name: Add User
 win_user:
 name: ansible
 password: "@ns1bl3"
 groups: ["Users,deploy"]

 - name: Copy files
 win_copy: src=MSIs dest=c:/temp/

 - name: Install msi package
 win_msi: path=C:\\temp\MSIs\winzip195mul-32.msi wait=true

 - name: Install Visual C from URL
 win_package:
 name="Microsoft Visual C"
 path="http://download.microsoft.com/download/1/6/B/16B06F60-3B20-4FF2-B699-5E9B7962F9AE/VSU_4/vcredist_x64.exe"
 Product_Id="{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}"
 Arguments="/install /passive /norestart"

 - name: Install Windows role (IIS)
 win_feature:
 name: "Web-Server"
 state: present
 restart: yes
 include_sub_features: yes
 include_management_tools: yes

 - name: Update Windows (Security, Critial, Rollups)
 win_updates:
 category_names: ['SecurityUpdates','CriticalUpdates','UpdateRollups']

Now let’s see the execution:

$ ansible-playbook complex.yaml --step

PLAY [All windows tasks] *******************************************************
Perform task: TASK: Add Group (y/n/c): n

Perform task: TASK: Add Group (y/n/c): *****************************************
Perform task: TASK: Add User (y/n/c): n

Perform task: TASK: Add User (y/n/c): ******************************************
Perform task: TASK: Copy files (y/n/c): n

Perform task: TASK: Copy files (y/n/c): ****************************************
Perform task: TASK: Install msi package (y/n/c): n

Perform task: TASK: Install msi package (y/n/c): *******************************
Perform task: TASK: Install Visual C from URL (y/n/c): n

Perform task: TASK: Install Visual C from URL (y/n/c): *************************
Perform task: TASK: Install Windows role (IIS) (y/n/c): n

Perform task: TASK: Install Windows role (IIS) (y/n/c): ************************
Perform task: TASK: Update Windows (Security, Critial, Rollups) (y/n/c): y

Perform task: TASK: Update Windows (Security, Critial, Rollups) (y/n/c): *******

TASK [Update Windows (Security, Critial, Rollups)] *****************************
ok: [demo5]

PLAY RECAP *********************************************************************
demo5 : ok=1 changed=0 unreachable=0 failed=0

This playbook can be very useful for those administrators who need to perform repetitive tasks on Windows servers, saving time and money in activities that are easily programmable.

The following video is a summary of the playbook’s execution:

Alternatively, we can integrate the provisioning flow by registering objects in Microsoft Active Directory rather than in standalone mode (http://docs.ansible.com/ansible/intro_windows.html#active-directory-support).
By Uniqs

Dejá un comentario

Tu dirección de correo electrónico no será publicada. Los campos necesarios están marcados *