Hi,
I have a requirement where the deployment file has to be copied to a window shared network. Jenkins slave is running on Linux server.
We are developing Ansible Playbook to achieve this.
I need help on below points to develop the playbook-
Site.yml
SR request.zip (374 KB)
Hi,
I’d recommend you work through this documentation https://docs.ansible.com/ansible/latest/user_guide/windows.html
You have a few options for copying files onto a windows file share, although copying to a remotely-mounted file share requires delegated authentication to get around the ‘second hop’ which windows defaults to not allowing (ansible - windows machine being 1 hop and windows machine to machine hosting the shared drive being a second hop) - see https://docs.ansible.com/ansible/latest/user_guide/windows_winrm.html#authentication-options and https://docs.ansible.com/ansible/latest/user_guide/windows_winrm.html#limitations if that applies to your situation.
If you have access to the machine that is hosting the share you can use the win_copy module https://docs.ansible.com/ansible/latest/modules/win_copy_module.html.
This can be slow if you have large files to transfer.
Another option is to use shell or command to run ‘smbclient’. This might be a good option if the source files are on your ansible controller. You might need to use ‘no_log: true’ to protect the password for the shared drive.
To connect to your windows hosts, you would need to remove the ‘connection:local’ line from your playbook and add the windows machine to a group which is configured to use winrm to connect (instead of using default ssh connection type). If you just have 1 windows host you can use host_vars instead of group_vars. The relevant settings are documented here: https://docs.ansible.com/ansible/latest/user_guide/windows_winrm.html#inventory-options
Hope this helps,
Jon
Hi Jon,
Thanks for your input.
User(Service account) is now having access to the machine that’s hosting the shared drive. WINRM has been enabled to the target server with CREDSSP authentication. connection has been updated from local to a group.
However now the pipeline is failing while connecting to the target server and it’s giving below error-
TASK [Gathering Facts]********************************************************
fatal: [ test1234p ]: UNREACHABLE! => {“changed”: false, “msg”: “credssp: The server did not response with a CredSSP token, auth rejected”, “unreachable”: true}
I have validated below points so far-
Service account is working fine and connecting to the target server when tried manually.
WINRM is up and running fine and they have remote access. Below commands have been executed to validate this-
Winrm get winrm/config/service
winrm quickconfig
3. Validated the listener and it looks good too. Below commands were use to verify this-
winrm e winrm**/config/**Listener
The server is listening to port 5986 for HTTPS (i am using https ).
PS-Remoting has been enabled for port 5986.
It has been verified that powershell4.0 is running on destination server.
Target server is 2008 server.
Could you please let me know what else can i validate now? Do i need to validate something for Ansible setup as well? Not sure if something needs to be validated on server as well?
Note- I have build a pipeline for IIS servers(which is 2012 R2 server) and using the same concept but it’s working fine. The only difference is the service account.
Regards,
Benktesh Kumar