Выполните команды cmd на целевом хосте Windows с хоста linux, используя ansible

Question

Я пытаюсь связаться с целевой виртуальной машиной Windows, созданной на портале Azure. Но даже после включения winrm на порту 5986, я не могу достичь этого целевого vm с помощью ansible host.

VM была создана с использованием файла playbook ниже create_win.yml:

- hosts: localhost
  tasks:
    - name: Prepare random postfix
      set_fact:
        rpfx: "{{ 100000 | random }}"
      run_once: yes

- name: provision new azure host
  hosts: localhost
  connection: local
  vars:
    resource_group: myTestRG
    vm_name: wintestvm{{ rpfx }}
    vm_user: azureuser
    vm_password: MyPassword123!!!
    location: eastus

    # Below is UTF-16 Base64 encoding for:
    #   Invoke-Expression -Command ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1')); Enable-WSManCredSSP -Role Server -Force
    winrm_enable_script: SQBuAHYAbwBrAGUALQBFAHgAcAByAGUAcwBzAGkAbwBuACAALQBDAG8AbQBtAGEAbgBkACAAKAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAKQAuAEQAbwB3AG4AbABvAGEAZABTAHQAcgBpAG4AZwAoACcAaAB0AHQAcABzADoALwAvAHIAYQB3AC4AZwBpAHQAaAB1AGIAdQBzAGUAcgBjAG8AbgB0AGUAbgB0AC4AYwBvAG0ALwBhAG4AcwBpAGIAbABlAC8AYQBuAHMAaQBiAGwAZQAvAGQAZQB2AGUAbAAvAGUAeABhAG0AcABsAGUAcwAvAHMAYwByAGkAcAB0AHMALwBDAG8AbgBmAGkAZwB1AHIAZQBSAGUAbQBvAHQAaQBuAGcARgBvAHIAQQBuAHMAaQBiAGwAZQAuAHAAcwAxACcAKQApADsAIABFAG4AYQBiAGwAZQAtAFcAUwBNAGEAbgBDAHIAZQBkAFMAUwBQACAALQBSAG8AbABlACAAUwBlAHIAdgBlAHIAIAAtAEYAbwByAGMAZQA=

  tasks:

  - name: create Azure virtual network in resource group
    azure_rm_virtualnetwork:
      name: "{{ vm_name }}"
      resource_group: "{{ resource_group }}"
      address_prefixes_cidr:
      - 10.1.0.0/16
      state: present

  - name: create Azure subnet in virtualnetwork
    azure_rm_subnet:
      name: '{{ vm_name }}'
      state: present
      virtual_network_name: "{{ vm_name }}"
      resource_group: "{{ resource_group }}"
      address_prefix_cidr: 10.1.0.0/24

  - name: create Azure storage account
    azure_rm_storageaccount:
      name: '{{ vm_name }}'
      resource_group: "{{ resource_group }}"
      account_type: Standard_LRS

  - name: provision new Azure virtual host
    azure_rm_virtualmachine:
      admin_username: '{{ vm_user }}'
      admin_password: "{{ vm_password }}"
      os_type: Windows
      image:
        offer: WindowsServer
        publisher: MicrosoftWindowsServer
        sku: 2016-Datacenter
        version: latest
      name: "{{ vm_name }}"
      resource_group: "{{ resource_group }}"
      state: present
      vm_size: Standard_D1
      storage_account_name: "{{ vm_name }}"
      virtual_network_name: "{{ vm_name }}"
      subnet_name: "{{ vm_name }}"

  - name: create Azure vm extension to enable HTTPS WinRM listener
    azure_rm_virtualmachine_extension:
      name: winrm-extension
      resource_group: "{{ resource_group }}"
      virtual_machine_name: "{{ vm_name }}"
      publisher: Microsoft.Compute
      virtual_machine_extension_type: CustomScriptExtension
      type_handler_version: 1.9
      settings: '{"commandToExecute": "powershell.exe -ExecutionPolicy ByPass -EncodedCommand {{winrm_enable_script}}"}'
      auto_upgrade_minor_version: true

  - name: wait for the WinRM port to come online
    wait_for:
      port: 5986
      host: '{{azure_vm.properties.networkProfile.networkInterfaces[0].properties.ipConfigurations[0].properties.publicIPAddress.properties.ipAddress}}'
      timeout: 600

Я создал инвентарьTXT-файл с содержанием ниже:

target1 ansible_host=<my-target-ip-pasted-here> ansible_user=azureuser ansible_password=MyPassword123!!! ansible_connection=winrm ansible_winrm_server_cert_validation=ignore

После запуска:

ansible target1 -m ping -i inventory.txt

Я получаю ниже вывод:

[WARNING]: No python interpreters found for host target1 (tried ['/usr/bin/python', 'python3.7', 'python3.6', 'python3.5', 'python2.7', 'python2.6', '/usr/libexec/platform-python', '/usr/bin/python3', 'python'])

target1 | FAILED! => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": false,
    "module_stderr": "Exception calling \"Create\" with \"1\" argument(s): \"At line:4 char:21\r\n+ def _ansiballz_main():\r\n+                     ~\r\nAn expression was expected after '('.\r\nAt line:13 char:27\r\n+     except (AttributeError, OSError):\r\n+                           ~\r\nMissing argument in parameter list.\r\nAt line:15 char:7\r\n+     if scriptdir is not None:\r\n+       ~\r\nMissing '(' after 'if' in if statement.\r\nAt line:22 char:7\r\n+     if sys.version_info < (3,):\r\n+       ~\r\nMissing '(' after 'if' in if statement.\r\nAt line:22 char:30\r\n+     if sys.version_info < (3,):\r\n+                              ~\r\nMissing expression after ','.\r\nAt line:22 char:25\r\n+     if sys.version_info < (3,):\r\n+                         ~\r\nThe '<' operator is reserved for future use.\r\nAt line:24 char:32\r\n+         MOD_DESC = ('.py', 'U', imp.PY_SOURCE)\r\n+                                ~\r\nMissing expression after ','.\r\nAt line:24 char:33\r\n+         MOD_DESC = ('.py', 'U', imp.PY_SOURCE)\r\n+                                 ~~~~~~~~~~~~~\r\nUnexpected token 'imp.PY_SOURCE' in expression or statement.\r\nAt line:24 char:32\r\n+         MOD_DESC = ('.py', 'U', imp.PY_SOURCE)\r\n+                                ~\r\nMissing closing ')' in expression.\r\nAt line:24 char:46\r\n+         MOD_DESC = ('.py', 'U', imp.PY_SOURCE)\r\n+                                              ~\r\nUnexpected token ')' in expression or statement.\r\nNot all parse errors were reported.  Correct the reported errors and try again.\"\r\nAt line:6 char:1\r\n+ $exec_wrapper = [ScriptBlock]::Create($split_parts[0])\r\n+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\n    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException\r\n    + FullyQualifiedErrorId : ParseException\r\n \r\nThe expression after '&' in a pipeline element produced an object that was not valid. It must result in a command \r\nname, a script block, or a CommandInfo object.\r\nAt line:7 char:2\r\n+ &$exec_wrapper\r\n+  ~~~~~~~~~~~~~\r\n    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException\r\n    + FullyQualifiedErrorId : BadExpression\r\n ",
    "module_stdout": "",
    "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
    "rc": 1
}
ankur512512@testvmansible-ankur:~$

Просто чтобы вы знали, цельНа машине уже установлен python, и он также попытался скопировать его в путь / usr / bin, но мой ansible не может связаться с этой машиной Windows. Может кто-нибудь помочь, пожалуйста?

Answer 1

Для других лиц, которые сталкиваются с той же проблемой. Ниже приведен файл ansible-playbook с именем run_windows_cmd.yml , который я использовал, чтобы проверить, работает он или нет. И затем выполнил команду: ansible-playbook run_windows_cmd.yml -i inventory.txt

- name: Execute commands on Azure VM
  hosts: target1
  connection: winrm
  tasks:
    - name: Run a command under cmd
      win_shell: mkdir test

После этого я увидел тестовый каталог, созданный в домашнем каталоге azureuser.

Answer 2

Обратите внимание, что модуль ping не работает на хостах Windows. Для Windows попробуйте эквивалентный - win_ping

Также обратите внимание, что WinRM требует некоторых дополнительных подготовительных шагов , чтобы машина могла управляться Ansible. Вы прошли через эти шаги?