Recently, while working on an internal project I was required to establish network connection between a Windows server and a RHEL server. Sounds easy, right? It would have been indeed, however, the task was not only to establish the network but also to ping the Windows server from RHEL via ansible, and that’s where the scenario got tricky. Also, the servers were EC2 instances hosted on AWS. I went through a few articles and videos on and thought of documenting my learnings in this blog.

Amazon Elastic Compute Cloud (Amazon EC2) provides scalable computing capacity in the Amazon Web Services (AWS) Cloud. Using Amazon EC2 eliminates your need to invest in hardware up front, so you can develop and deploy applications faster. You can use Amazon EC2 to launch as many or as few virtual servers as you need, configure security and networking, and manage storage. Amazon EC2 enables you to scale up or down to handle changes in requirements or spikes in popularity, reducing your need to forecast traffic.

Ping is a command-line utility, available on virtually any operating system with network connectivity, that acts as a test to see if a networked device is reachable. The ping command sends a request over the network to a specific device. A successful ping results in a response from the computer that was pinged back to the originating computer.

Let’s start by getting to know the host requirements.

Host requirements:

For Ansible to communicate to a Windows host and use Windows modules, the Windows host must meet these requirements:

• Ansible can generally manage Windows versions under current and extended support from Microsoft.
• Ansible can manage desktop OSs including Windows 7, 8.1, and 10, and server OSs including Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, and 2019.
• Ansible requires PowerShell 3.0 or newer and at least .NET 4.0 to be installed on the Windows host.
• A WinRM listener should be created and activated.

Use below steps to configure:

1. Configure Windows server 2016:

a. Open Windows PowerShell and check the version:

PS C:\Users\Adminstrator> Get-Host | Select-Object version

The powershell version should at least be 3.0 or more. If not then upgrade it using this document. Since we have version 5.1 no need to upgrade the version.

b. Once PowerShell has been upgraded, the final step is for the WinRM service to be configured so that Ansible can connect to it:

1
2
3
4

PS C:\Users\Administrator> [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
PS C:\Users\Administrator> $url = "https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1"$file = "$env:temp\ConfigureRemotingForAnsible.ps1"
PS C:\Users\Administrator> (New-Object -TypeName System.Net.WebClient).DownloadFile($url, $file)
PS C:\Users\Administrator> powershell.exe -ExecutionPolicy ByPass -File $file

c. Run this below script on Windows PowerShell ISE and check the version after successful script completion:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

Param([string]$computerName)

Function enableWinRM {
	$result = winrm id -r:$global:compName 2>$null

	Write-Host	
	if ($LastExitCode -eq 0) {
		Write-Host "WinRM already enabled on" $global:compName "..." -ForegroundColor green
	} else {
		Write-Host "Enabling WinRM on" $global:compName "..." -ForegroundColor red
		.\pstools\psexec.exe \\$global:compName -s C:\Windows\system32\winrm.cmd qc -quiet
		if ($LastExitCode -eq 0) {
			.\pstools\psservice.exe \\$global:compName restart WinRM
			$result = winrm id -r:$global:compName 2>$null
			
			if ($LastExitCode -eq 0) {Write-Host 'WinRM successfully enabled!' -ForegroundColor green}
			else {exit 1}
		} 
		else {exit 1}
	}
}

$global:compName = $computerName
enableWinRM
exit 0

d. Check if ports are listening:
PS C:\Users\Administrator> winrm enumerate winrm/config/Listener

2. Configure Red Hat 8 Server:

a. If you have subscription manager account then subscribe your system using subscription-manager command:

[root@ip-172-31-23-177 ~]# subscription-manager register

b. Install ansible if package is not available:
[root@ip-172-31-23-177 ~]# yum install ansible

c. Install python-pip package:

1
2
3
4
5
6
7
8
9

[root@ip-172-31-23-177 ~]# pip2 --version
[root@ip-172-31-23-177 ~]# pip3 --version
[root@ip-172-31-23-177 ~]# dnf install python2-pip
[root@ip-172-31-23-177 ~]# dnf install python3-pip
[root@ip-172-31-23-177 ~]# pip2 --version
pip 9.0.3 from /usr/lib/python2.7/site-packages (python 2.7)
[root@ip-172-31-23-177 ~]# pip3 --version
pip 9.0.3 from /usr/lib/python3.6/site-packages (python 3.6)
[root@ip-172-31-23-177 ~]# pip3 install "pywinrm>=0.2.2"

d. Now write a ansible playbook to ping windows server:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11

[root@ip-172-31-23-177 ~]# tail /etc/ansible/hosts 
## db-[99:101]-node.example.com

[windows]
107.20.75.188

[windows:vars]
ansible_user="windows_username"				//for example: ansible_user="Administrator"
ansible_password="windows_user_password"
ansible_connection=winrm
ansible_winrm_server_cert_validation=ignore

e. Use the below command to ping windows server:
[root@ip-172-31-23-177 ansible]# ansible all -i hosts -m win_ping

Resources:

1. Setting up a Windows Host
2. WinRM Setup
3. WinRM setup script
4. Linux and Windows host setup
5. How to install pip in RHEL 8 / CentOS 8 step by step instructions
6. Windows PowerShell Upgrade
7. Ansible-windows-lab-setup (where ansible server is in linux and target node is in windows)

Tip:
RDP Port No: 3389

Shreya Dhange is a Technical Training Developer at Red Hat, who likes to explore and learn new technologies and share her knowledge by writing articles. She has completed her Masters in Computer Science and has gained award for her exemplary academic performance. She has been engaged in creating and delivering content in the cloud and linux space. She can be reached out LinkedIn or via email.