Ansible delegate_to a Windows host
If you use Ansible, and Windows, and you need to perform a few tasks out of a play on a Windows host, you use delegate_to. However, using a regular delegate_to doesn't work, because of a certificate validation error.
TASK [certreq : win_shell] *****************************************************************************************
fatal: [linux_host]: UNREACHABLE! => {"changed": false, "msg": "ssl: HTTPSConnectionPool(host='win_host', port=5986): Max retries exceeded with url: /wsman (Caused by SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579)'),))", "unreachable": true}
What you need to do is set a host fact in the play:
- set_fact:
ansible_winrm_server_cert_validation: ignore
- win_shell: Write-Host 'Hello World!'
delegate_to: "{{ winhost_hostname }}"
vars:
ansible_user: "{{ winhost_user }}"
ansible_port: 5986
I have tried placing the variable in the vars on the win_shell command, but it didn't work. You have to set it as a host fact of the regular host(s) running the play. And that's it! You'll still get the warning, but the connection will work!
TASK [certreq : win_shell] *****************************************************************************************
/usr/lib/python2.7/site-packages/urllib3/connectionpool.py:858: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning)
changed: [linux_host -> win_host] => {"changed": true, "cmd": "Write-Host 'Hello World!'", "delta": "0:00:00.265626", "end": "2017-11-14 03:36:10.390993", "rc": 0, "start": "2017-11-14 03:36:10.125366", "stderr": "", "stderr_lines": [], "stdout": "Hello World!\n", "stdout_lines": ["Hello World!"]}
References
Weblinks
- My original research based on info from another github user, jborean93 https://github.com/ansible/ansible/issues/32673#issuecomment-344291429
Comments