Jeg vil vise deg flere operasjoner som en administrator kan utføre på et eksternt Windows-system ved å bruke ansible-playbook.
Ansible er et av de mest brukte DevOps-verktøyene på markedet i dag. Den gir en haug med Windows-moduler som brukes til å konfigurere og administrere Windows-serveren. Jeg antar at du allerede har Ansible installert på Windows der du vil administrere Windows-serverne.
Følgende er noen av de vanligste oppgavene som utføres av Windows-administratorer på daglig basis. Du vil bli overrasket over å se hvor enkelt det administreres Windows ved hjelp av Ansible.
IP-adressen til Ansible Windows-kontrollermaskinen min er 192.168.0.106, og IP-adressen til det eksterne Windows-systemet mitt er 192.168.0.102. Før du starter, sørg for at du kjører en win_ping-modul for å sjekke om du er i stand til å koble til Windows ekstern server eller ikke.
[email protected] ~ $ ansible win -m win_ping 192.168.0.102 | SUCCESS => { "changed": false, "ping": "pong" }
Min tilkobling til en ekstern vert er vellykket.
Så la oss komme i gang med Ansible Playbooks…
Innholdsfortegnelse
Kopiere filer
win_copy er en mulig modul som kopierer en fil fra den lokale serveren til en ekstern Windows-vert. Jeg vil bruke denne modulen til å kopiere en enkelt PDF.
Bruk YAML-koden nedenfor, oppgi kilde- og destinasjonsbanene.
[email protected] ~ $ vi copy.yml --- - hosts: win tasks: - name: Copy File win_copy: src: C:output.pdf dest: C:ansible_examples remote_src: yes
Kjør ansible-playbook for win_copy.
[email protected] ~ $ ansible-playbook copy.yml PLAY [win] *********************************************************************************************************************************** TASK [Gathering Facts] *********************************************************************************************************************** ok: [192.168.0.102] TASK [Copy File] ***************************************************************************************************************************** changed: [192.168.0.102] PLAY RECAP *********************************************************************************************************************************** 192.168.0.102 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Filen har blitt kopiert til målstedet på et eksternt Windows-system.
Installer/avinstaller MSI
For å installere en applikasjon som bruker MSI-filen, må du bruke win_get_url for å nevne banen til MSI-filen som skal lastes ned, og deretter bruke win_package-modulen til å installere den. Tilstanden tilstede betyr at MSI-en vil bli installert på maskinen, og applikasjonen er i den nåværende tilstanden.
Her installerer jeg Apache.
YAML-kode som skal brukes:
[email protected] ~ $ vi msi.yml --- - name: Installing Apache MSI hosts: win tasks: - name: Download the Apache installer win_get_url: url: https://archive.apache.org/dist/httpd/binaries/win32/httpd-2.2.25-win32-x86-no_ssl.msi dest: C:ansible_exampleshttpd-2.2.25-win32-x86-no_ssl.msi - name: Install MSI win_package: path: C:ansible_exampleshttpd-2.2.25-win32-x86-no_ssl.msi state: present
Kjør ansible-playbook for å installere med MSI.
[email protected] ~ $ ansible-playbook msi.yml PLAY [Installing Apache MSI] ***************************************************************************************************************** TASK [Gathering Facts] *********************************************************************************************************************** ok: [192.168.0.102] TASK [Download the Apache installer] ********************************************************************************************************* changed: [192.168.0.102] TASK [Install MSI] *************************************************************************************************************************** changed: [192.168.0.102] PLAY RECAP *********************************************************************************************************************************** 192.168.0.102 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Gå nå til Windows-systemet og sjekk om apache-applikasjonen ble installert.
C:Userstipsbilk.net>cd C:Program Files (x86)Apache Software FoundationApache2.2bin C:Program Files (x86)Apache Software FoundationApache2.2bin>httpd -v Server version: Apache/2.2.25 (Win32) Server built: Jul 10 2013 01:52:12
Du kan også installere applikasjoner ved å bruke MSI med argumenter. Nedenfor er det samme eksempelet som ovenfor, men i stedet for en tilstand, bruker vi et installeringsargument for å installere apache.
YAML-kode som skal brukes:
--- - name: Installing Apache MSI hosts: win tasks: - name: Download the Apache installer win_get_url: url: https://archive.apache.org/dist/httpd/binaries/win32/httpd-2.2.25-win32-x86-no_ssl.msi dest: C:ansible_exampleshttpd-2.2.25-win32-x86-no_ssl.msi - name: Install MSI win_package: path: C:ansible_exampleshttpd-2.2.25-win32-x86-no_ssl.msi arguments: - /install - /passive - /norestart
For å avinstallere en applikasjon ved hjelp av MSI-filen, må du bruke win_package-modulen. Tilstanden fraværende betyr at applikasjonen vil bli avinstallert ved hjelp av MSI-filen.
Her avinstallerer jeg Apache.
[email protected] ~ $ vi uninstall_msi.yml --- - name: UnInstalling Apache MSI hosts: win tasks: - name: UnInstall MSI win_package: path: C:ansible_exampleshttpd-2.2.25-win32-x86-no_ssl.msi state: absent
Kjør ansible-playbook for å avinstallere med MSI.
[email protected] ~ $ ansible-playbook uninstall_msi.yml PLAY [UnInstalling Apache MSI] ***************************************************************************************************************** TASK [Gathering Facts] *********************************************************************************************************************** ok: [192.168.0.102] TASK [UnInstall MSI] ************************************************************************************************************************* changed: [192.168.0.102] PLAY RECAP *********************************************************************************************************************************** 192.168.0.102 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Nå, hvis jeg sjekker apache-versjonen, vil jeg få utdataene nedenfor når applikasjonen ble avinstallert.
C:Program Files (x86)Apache Software FoundationApache2.2bin>httpd -v 'httpd' is not recognized as an internal or external command, operable program or batch file.
Avinstaller programvare (.EXE)
Du kan også avinstallere programvare med .exe-fil ved å bruke produkt-ID-en til den programvaren.
[email protected] ~ $ vi uninstall.yml --- - hosts: win tasks: - name: Uninstall 7-Zip from the exe win_package: path: C:Program Files7-ZipUninstall.exe product_id: 7-Zip arguments: /S state: absent
Kjør ansible-playbook for å avinstallere 7-Zip.
[email protected] ~ $ ansible-playbook uninstall.yml PLAY [win] ************************************************************************************************************************************************************************************* TASK [Gathering Facts] ************************************************************************************************************************************************************************* ok: [192.168.0.102] TASK [Uninstall 7-Zip from the exe] *********************************************************************************************************************************************************** changed: [192.168.0.102] PLAY RECAP ************************************************************************************************************************************************************************************* 192.168.0.102 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Stopp/start/start Windows-tjenester på nytt
win_service ansible-modulen brukes til å starte, stoppe eller starte en tjeneste på nytt. Her vil jeg vise deg hvordan du stopper tomcat-tjenesten.
Du må nevne tjenestenavnet i YAML-filen og angi at tilstanden skal stoppe.
[email protected] ~ $ vi service.yml --- - hosts: win tasks: - name: Stop service Tomcat win_service: name: Tomcat8 state: stopped
Kjør ansible-playbook for å stoppe tomcat-tjenesten.
[email protected] ~ $ ansible-playbook service.yml PLAY [win] *********************************************************************************************************************************** TASK [Gathering Facts] *********************************************************************************************************************** ok: [192.168.0.102] TASK [Stop service Tomcat] **************************************************************************************************************** changed: [192.168.0.102] PLAY RECAP *********************************************************************************************************************************** 192.168.0.102 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Hvis du sjekker tomcat-tjenesten på Windows-systemet, er den nå i stoppet status.
Du kan definere status til startet eller omstartet eller satt på pause for å endre statusen til tjenesten.
Innhenting av fakta
Ved å bruke win_disk_facts ansible modul kan du hente all diskinformasjonen til målverten.
[email protected] ~ $ vi disk.yml --- - hosts: win tasks: - name: Get disk facts win_disk_facts: - name: Output first disk size debug: var: ansible_facts.disks[0].size - name: Convert first system disk into various formats debug: msg: '{{ disksize_gib }} vs {{ disksize_gib_human }}' vars: # Get first system disk disk: '{{ ansible_facts.disks|selectattr("system_disk")|first }}' # Show disk size in Gibibytes disksize_gib_human: '{{ disk.size|filesizeformat(true) }}' disksize_gib: '{{ (disk.size/1024|pow(3))|round|int }} GiB'
Kjør ansible-playbook for å få diskinformasjonen.
[email protected] ~ $ ansible-playbook disk.yml PLAY [win] *********************************************************************************************************************************** TASK [Gathering Facts] *********************************************************************************************************************** ok: [192.168.0.102] TASK [Get disk facts] ************************************************************************************************************************ ok: [192.168.0.102] TASK [Output first disk size] **************************************************************************************************************** ok: [192.168.0.102] => { "ansible_facts.disks[0].size": "1000204886016" } TASK [Convert first system disk into various formats] **************************************************************************************** ok: [192.168.0.102] => { "msg": "932 GiB vs 931.5 GiB" } PLAY RECAP *********************************************************************************************************************************** 192.168.0.102 : ok=4 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Ved å bruke win_command ansible-modulen kan du utføre kommandoer på den eksterne verten og få CPU-informasjon, enhetsdetaljer og mye mer.
wdzwd[email protected] ~ $ vi check.yml --- - hosts: win tasks: - name: Get disk facts win_command: wmic cpu get caption, deviceid, name, numberofcores, maxclockspeed, status register: usage - debug: msg="{{ usage.stdout }}"
Kjør ansible-playbook for å få ekstern systeminformasjon.
[email protected] ~ $ ansible-playbook check.yml PLAY [win] *********************************************************************************************************************************** TASK [Gathering Facts] *********************************************************************************************************************** ok: [192.168.0.102] TASK [Get facts] ************************************************************************************************************************ changed: [192.168.0.102] TASK [debug] ********************************************************************************************************************************* ok: [192.168.0.102] => { "msg": "Caption DeviceID MaxClockSpeed Name NumberOfCores Status rrnIntel64 Family 6 Model 142 Stepping 9 CPU0 2712 Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz 2 OK rrnrrn" } PLAY RECAP *********************************************************************************************************************************** 192.168.0.102 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Kjører kommandoer
Uansett hvilke kommandoer du kjører på et vindu, kan de kjøres gjennom den mulige win_command-modulen. Du trenger bare å spesifisere kommandoen i YAML-filen. Her lager jeg bare en katalog.
[email protected] ~ $ vi commands.yml --- - hosts: win tasks: - name: run an executable using win_command win_command: whoami.exe - name: run a cmd command win_command: cmd.exe /c mkdir C:test
Kjør ansible-playbook for å utføre win_command-operasjon.
[email protected] ~ $ ansible-playbook commands.yml PLAY [win] *********************************************************************************************************************************** TASK [Gathering Facts] *********************************************************************************************************************** ok: [192.168.0.102] TASK [run an executable using win_command] *************************************************************************************************** changed: [192.168.0.102] TASK [run a cmd command] ********************************************************************************************************************* changed: [192.168.0.102] PLAY RECAP *********************************************************************************************************************************** 192.168.0.102 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Miljøvariabler
Et Windows-system har flere miljøvariabler, for eksempel JAVA_HOME. Ved å bruke win_environment ansible-modulen kan du legge til eller endre miljøvariabler på et Windows-system. I dette eksemplet legger jeg til en ny variabel i listen over miljøvariabler i Windows.
[email protected] ~ $ vi env.yml --- - hosts: win tasks: - name: Set an environment variable for all users win_environment: state: present name: NewVariable value: New Value level: machine
Kjør ansible-playbook for å legge til miljøvariabelen på en ekstern Windows-maskin.
[email protected] ~ $ ansible-playbook env.yml PLAY [win] *********************************************************************************************************************************** TASK [Gathering Facts] *********************************************************************************************************************** ok: [192.168.0.102] TASK [Set an environment variable for all users] ********************************************************************************************* changed: [192.168.0.102] PLAY RECAP *********************************************************************************************************************************** 192.168.0.102 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Gå til vinduet for miljøvariabler; du vil se den nye variabelen du nettopp la til er til stede her.
Legg til/rediger register
win_regedit ansible-modulen brukes til å legge til eller redigere registerdetaljer på en ekstern Windows-maskin. Du må angi banen til registeret og innholdet som skal legges til/oppdateres. Her lager jeg en ny registeroppføring tipsbilk.net i HKLM:SOFTWARE-banen og legger deretter til navn og data til dette registeret.
[email protected] ~ $ vi registry.yml --- - hosts: win tasks: - name: Creating a registry win_regedit: path: HKLM:SOFTWAREtipsbilk.net - name: Modifying a registry, adding name and data win_regedit: path: HKLM:SOFTWAREtipsbilk.net name: Geek data: Flare
Kjør ansible-playbook for å legge til registret.
[email protected] ~ $ ansible-playbook registry.yml PLAY [win] *********************************************************************************************************************************** TASK [Gathering Facts] *********************************************************************************************************************** ok: [192.168.0.102] TASK [Creating a registry] ******************************************************************************************************************* changed: [192.168.0.102] TASK [Modifying a registry, adding name and data] ******************************************************************************************** changed: [192.168.0.102] PLAY RECAP *********************************************************************************************************************************** 192.168.0.102 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Hvis du går til Registerredigering på det eksterne systemet, kan du se at dette registret har blitt lagt til med navn og dataparametere.
Slett logg
win_eventlog ansible-modulen brukes til å legge til, slette eller fjerne Windows-hendelseslogger fra Windows-systemet.
Gå til Windows Powershell, og liste opp EventLogs som finnes på den eksterne Windows-maskinen.
PS C:Userstipsbilk.net> Get-EventLog -List Max(K) Retain OverflowAction Entries Log ------ ------ -------------- ------- --- 20,480 0 OverwriteAsNeeded 33,549 Application 20,480 0 OverwriteAsNeeded 0 HardwareEvents 512 7 OverwriteOlder 20 Internet Explorer 20,480 0 OverwriteAsNeeded 0 Key Management Service 128 0 OverwriteAsNeeded 190 OAlerts Security 20,480 0 OverwriteAsNeeded 44,828 System 15,360 0 OverwriteAsNeeded 3,662 Windows PowerShell
Nå skal jeg vise hvordan du fjerner logger fra alle kilder for Internet Explorer.
[email protected] ~ $ vi log.yml --- - hosts: win tasks: - name: Remove Internet Explorer Logs win_eventlog: name: Internet Explorer state: absent
Kjør ansible-playbook for å fjerne Internet Explorer fra den eksterne Windows-maskinen.
[email protected] ~ $ ansible-playbook log.yml PLAY [win] ************************************************************************************************************************************************************************************* TASK [Gathering Facts] ************************************************************************************************************************************************************************* ok: [192.168.0.102] TASK [Remove Internet Explorer Logs] ********************************************************************************************************************************************** changed: [192.168.0.102] PLAY RECAP ************************************************************************************************************************************************************************************* 192.168.0.102 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Nå, hvis du viser hendelsesloggene igjen, vil du se at Internet Explorer-loggene er fjernet.
PS C:Userstipsbilk.net> Get-EventLog -List Max(K) Retain OverflowAction Entries Log ------ ------ -------------- ------- --- 20,480 0 OverwriteAsNeeded 33,549 Application 20,480 0 OverwriteAsNeeded 0 HardwareEvents 20,480 0 OverwriteAsNeeded 0 Key Management Service 128 0 OverwriteAsNeeded 190 OAlerts Security 20,480 0 OverwriteAsNeeded 44,835 System 15,360 0 OverwriteAsNeeded 56 Windows PowerShell
Så det handlet om Ansible playbooks, som kan brukes til ekstern administrasjon av Windows. Gå videre og prøv disse lekebøkene. Du kan også prøve andre Ansible Windows-moduler tilgjengelig.