Update: You might find this thread useful if you have issues getting ansible to work in babun/cygwin – thanks mcfo for the comments.
Update2: Another option is to run ansible inside a docker container using Docker for Windows. This way you are actually using Linux to run ansible in, so are likely to have less problems. Startup time, (after the first time you run it), should be very quick, so has none of the disadvantages of running inside a heavy VM.
Babun is a nice distribution of cygwin with lots of pre-installed packages, and also a built in package manager called pact. It has an auto update tool, and includes most of the ansible requirements already, such as python and gcc. Another advantage is that it won’t affect your existing Cygwin install, should you already have one. As such, it’s a pretty good way to get started with ansible on a windows workstation. Note that this is not officially supported, but it is often needed, and works pretty well for the most part, with a few tweaks.
This guide covers installing Babun, and the appropriate packages to get ansible working on Windows.
Getting and Installing Babun
- Download Babun from the website at: http://babun.github.io/
- Unzip the file and run the install.bat which comes with it. This will install Babun under your user profile at c:\Users\youruser\.babun
- A zsh shell will be launched – you can switch to bash with the below:
babun shell /bin/bash bash
There is an issue with the right click paste when inside the vim program.
Update: It should work if you add
set mouse-=a to your
~/.vimrc file – thanks mcfo for that!
Run the bootstrap script as follows:
curl https://raw.githubusercontent.com/chrisgilbert/scripts/master/bootstrap_ansible_windows.sh | bash
This will set up the dependencies for ansible on windows.
Babun adds a mount point /c for the C: drive. If you wish to add another drive, then you can add an entry to the /etc/fstab in a similar fashion, and run “mount -a”.
E.g. to access files at c:\src\ansible, you should use
Setting Up SSH Keypair
- Create an SSL public/private key pair. This will allow you to connect to servers remotely over SSH without usernames and passwords. This is required for easy operation of ansible, and also to use any corelogic git repositories. Ansible manages servers using public/private keypairs. It can also fall back to usernames and passwords, but this quickly becomes very laborious when working with multiple servers, especially when using roles. As such, you should set up a keypair as below, and protect it with a strong passphrase.
In order to do this in a secure way:
ssh-keygen [press enter to choose rsa] [enter your choosen passphrase twice] chgrp -R Users ~/.ssh chmod -R 700 ~/.ssh/ chmod 600 ~/.ssh/id_rsa
This secure passphrase is yours alone, and should be a good strength password. You can also add it to other programs which use SSH keypairs in many cases (e.g. putty, filezilla, etc).
- Next, you can add the ssh-agent for convenience. To avoid entering the passphase every time you connect, which would be no easier than a username/password, you can instead just enter it once per session. This is achieved using the ssh-agent package. The ansible bootstrap script you ran above should have added the appropriate lines to your bash profile. Just source it again with the following command:
You will be prompted for your password now, and each time you open a new shell.
Test Your Ansible
To test things are working:
# Add a server to test to your default inventory file (ansible-training will already be here if you used the bootstrap script) nano /etc/ansible/hosts ssh-copy-id root@ansible-training # You will be asked to input the root password once here (ansible), after which you should be able to connect without a password. ansible ansible-training -m ping -u root
Ansible-training is just an example – add your own server as required.
If that works, you should get a “pong” back from the server in green text to say the connection was successful. You may have spotted the “-u root”, which means connect as the root user. You can of course connect as other users, but ansible playbooks provide a way to switch users using sudo also, so don’t worry about that too much at this moment.