win_copy
bloody!!!!!!
Sometimes,
win_copy
fail transfer file, nothong to do withFile-size
.
In ansible 2.2x, this issue not resolved... Any WA?
Copy from near server.
e.g. In aws, target Windows & ansible-linux should be at same region.
Reduce this issue, but from time to time, happen it.
Insted use win_get_url
Best practice!
But build web-server or S3 and upload it.
More better way, use Python small webserver @ ansible-linux (controler).
python -m SimpleHTTPServer &
# Listen 0.0.0.0:8000 default, DOC_ROOT = current directory
win_url_server=172.31.26.148:8000
# ansible-linux's Webserver
win_get_url:
url: 'http://{{win_url_server}}/roles/[role-name]/files/hoge.zip'
dest: 'c:\tmp\hoge.zip'
windows-side
powershell
> Set-ExecutionPolicy RemoteSigned
> wget https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1 -OutFile crfa.ps1
> crfa.ps1
After Sysprep, https refused!
After run ConfigureRemotingForAnsible.ps1
and sysprep
, we can not access via https(5986). I have never found root cause , so use http(5965) as remedy.
Root cause
see ConfigureRemotingForAnsible.ps1
's comment.
# Set $ForceNewSSLCert if the system has been syspreped and a new SSL Cert
# must be forced on the WinRM Listener when re-running this script. This
# is necessary when a new SID and CN name is created.
Solution
run ConfigureRemotingForAnsible.ps1 -ForceNewSSLCert
via userdata or any way.
Linux-side
pipでインスコ
pywinrmもインスコ
pip install pywinrm
SSLで文句言われる > python 2.7.9
↓ Ignore ansible 2.0 user.
ここよんどけ
https://github.com/ansible/ansible/issues/10294#issuecomment-93629047
import ssl
if hasattr(ssl, '_create_default_https_context') and hasattr(ssl, '_create_unverified_context'):
ssl._create_default_https_context = ssl._create_unverified_context
class CallbackModule(object):
pass
これを
~/.virtualenv/[xxx]/lib/python2.7/site-packages/ansible/callback_plugins/
に置いて、
ANSIBLE_LOAD_CALLBACK_PLUGINS=1 ansible windows -i [inventory] -m win_ping
もしくは ansible.cnfに
bin_ansible_callbacks=True
もっといいやり方がある。
[project_dir]/callback_plugins/
を掘って、その中に fix-ssl.pyを置く
さらに ansible.cfg
に
callback_plugins = /callback_plugins/fix-ssl.py
を書いておく
もっともっと楽なのは inventoryに
ansible_winrm_server_cert_validation=ignore
とすると良いらしい。
windows modules Overview
We can use win_template
, win_file
, win_unzip
, raw
.
win_copy
is bad way to file transfer. We should take wget
or other way.
Do NOT use such as win_iis
regarding to windows feature modules.
It's implementation is bloody
, so you shouldn't spend time ansible win_xxx
mods.Best way is use raw
and write powershell. This raw
powhersell reused serverspec
...
win_chocolatey
bug-fix for chocolatey > 0.9.9
# curl https://raw.githubusercontent.com/ansible/ansible-modules-extras/devel/windows/win_chocolatey.ps1 -o /usr/lib/python2.7/site-packages/ansible/modules/extras/windows/win_chocolatey.ps1
# curl https://raw.githubusercontent.com/ansible/ansible-modules-extras/devel/windows/win_chocolatey.py -o /usr/lib/python2.7/site-packages/ansible/modules/extras/windows/win_chocolatey.py
win_template
普通に動く。結局リモート管理サーバ側で python + jinja2が動くんで当然か。(Winから見るとただのファイルコピー)多分4MBの壁は超えられない < 2.x 系で上限は上がっているはず。
win_template replaces CRLF (\r\n) with LF (\n)
By default, windows line endings are not created in the generated file. In order to ensure windows line endings are in the generated file, add the following header as the first line of your template: #jinja2: newline_sequence:'\r\n' and ensure each line of the template ends with \r\n
You must follow some rules.
1. Template written by CR
LF
2. First line is #jinja2: newline_sequence:'\\r\\n'
3. If use UTF-8, DO NOT start BOM
Confirm BOM
file <your template>
Romove BOM
http://qiita.com/takuharu/items/455a413c6e7493398780
But if you want to use UTF-8-BOM
at windows...
Change newlines via powershell
[string]::Join("`r`n",(Get-Content .\unixText.txt.unix)) | Out-File -Encoding "UTF8" .\unixText.txt
ansible 2.2.0.0 bug
File starts with #jinja2: newline_sequence:'\\r\\n'
but no jinga2 element (var, loop etc), win_template DO NOT
erase 1st line #jinja2: newline_sequence:'\\r\\n'
. WA is ..
<!-- {{ansible_nodename}} -->
So bad!
ansible 2.x
Faster! Faster! Faster!
but .....
modules
raw
At ansible 1.9x raw = cmd
ansible -i hosts [server_host] -m raw -a 'dir'
[server_host] | success | rc=0 >>
Volume in drive C has no label.
Volume Serial Number is E60A-A6B1
Directory of C:\Users\[user]
2016/01/17 12:09 <DIR> .
2016/01/17 12:09 <DIR> ..
2016/01/17 12:09 <DIR> .gem
2016/01/17 11:43 <DIR> Contacts
2016/01/17 11:43 <DIR> Desktop
2016/01/17 11:43 <DIR> Documents
But 2.0x treat raw = powershell
ansible -i win-sensu_hosts [server_host] -m raw -a 'ls'
[server_host] | SUCCESS | rc=0 >>
Directory: C:\Users\[user]
Mode LastWriteTime Length Name
---- ------------- ------ ----
d---- 2016/01/17 12:09 .gem
d-r-- 2016/01/17 11:43 Contacts
d-r-- 2016/01/17 11:43 Desktop
d-r-- 2016/01/17 11:43 Documents
win_copy
bug-fixed at 2.0.0.2 but..
10MB file copy OK!
100MB file copy failed!
Sometimes, win_copy
fail transfer file, nothong to do with File-size
.
Run ansible with -vvvvvvv
option.
Write clean yaml!
win_copy: src="hoge.txt" dest="C:\work\hoge\fuga.txt"
# === NG! but allowed 1.9x ansible
win_copy:
src: 'hoge.txt'
dest: 'C:\work\hoge\fuga.txt'
# === OK! single-quote
win_file
We CAN NOT create file.
win_file state=file (default)
just verify the file exists or not. If you create file when file does not exists, use touch
state.
If `file', the file will NOT be created if it does not exist, see the
[copy] or [template] module if you want that behavior.
win_unzip
Support .7z cool!