Clean up some additional formatting in intro_windows.rst
This commit is contained in:
Matt Martz
parent
2654f7b200
commit
575a1fe19b
1 changed files with 18 additions and 16 deletions
|
|
@ -31,7 +31,7 @@ On a Linux control machine::
|
|||
Inventory
|
||||
`````````
|
||||
|
||||
Ansible's windows support relies on a few standard variables to indicate the username, password, and connection type (windows) of the remote hosts. These variables are most easily set up in inventory. This is used instead of SSH-keys or passwords as normally fed into Ansible.
|
||||
Ansible's windows support relies on a few standard variables to indicate the username, password, and connection type (windows) of the remote hosts. These variables are most easily set up in inventory. This is used instead of SSH-keys or passwords as normally fed into Ansible::
|
||||
|
||||
[windows]
|
||||
winserver1.example.com
|
||||
|
|
@ -79,12 +79,12 @@ In the powershell session, run the following to enable PS Remoting and set the e
|
|||
|
||||
If your Windows firewall is enabled, you must also run the following command to allow firewall access to the public firewall profile:
|
||||
|
||||
.. code-block:: bash
|
||||
.. code-block:: bash
|
||||
|
||||
# Windows 2012 / 2012R2
|
||||
# Windows 2012 / 2012R2
|
||||
$ Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP-PUBLIC" -RemoteAddress Any
|
||||
|
||||
# Windows 2008 / 2008R2
|
||||
# Windows 2008 / 2008R2
|
||||
$ NetSH ADVFirewall Set AllProfiles Settings remotemanagement Enable
|
||||
|
||||
By default, Powershell remoting enables an HTTP listener. The following commands enable an HTTPS listener, which secures communication between the Control Machine and windows.
|
||||
|
|
@ -99,14 +99,15 @@ Alternatively, a self-signed SSL certificate can be generated in powershell usin
|
|||
|
||||
# Create the https listener
|
||||
$ winrm create winrm/config/Listener?Address=*+Transport=HTTPS @{Hostname="host_name";CertificateThumbprint="certificate_thumbprint"}
|
||||
|
||||
# Delete the http listener
|
||||
$ WinRM delete winrm/config/listener?Address=*+Transport=HTTP
|
||||
|
||||
Again, if your Windows firewall is enabled, the following command to allow firewall access to the HTTPS listener:
|
||||
|
||||
.. code-block:: bash
|
||||
.. code-block:: bash
|
||||
|
||||
# Windows 2008 / 2008R2 / 2012 / 2012R2
|
||||
# Windows 2008 / 2008R2 / 2012 / 2012R2
|
||||
$ netsh advfirewall firewall add rule name="Allow WinRM HTTPS" dir=in localport=5986 protocol=TCP action=allow
|
||||
|
||||
It's time to verify things are working::
|
||||
|
|
@ -171,10 +172,11 @@ Windows modules live in a "windows/" subfolder in the Ansible "library/" subtree
|
|||
Modules (ps1 files) should start as follows::
|
||||
|
||||
#!powershell
|
||||
# <license>
|
||||
|
||||
# WANT_JSON
|
||||
# POWERSHELL_COMMON
|
||||
|
||||
# <license>
|
||||
# code goes here, reading in stdin as JSON and outputting JSON
|
||||
|
||||
The above magic is neccessary to tell Ansible to mix in some common code and also know how to push modules out. The common code contains some nice wrappers around working with hash data structures and emitting JSON results, and possibly a few mpmore useful things. Regular Ansible has this same concept for reusing Python code - this is just the windows equivalent.
|
||||
|
|
|
|||
Loading…
Reference in a new issue