Server Fault Asked by Adam C on November 30, 2020
Currently when running extended builds (Packer
/Ansible
based) on Windows we have found that WinRM has errors so frequently as to be unusable and have had to fall back to running some large build jobs manually as a result. Using a host in AWS as the source of the builds (rather than remote) has helped somewhat, eliminating connectivity as one of the error causes, but the number of failures is excessive and costly, since the builds then restart from scratch even if they have been running for hours.
The Ansible documentation mentions that OpenSSH
can be used (at your own risk since it is experimental) for configuring Windows hosts in lieu of WinRM
. However, there is little guidance given in terms of how to set this up.
In addition to a suspicion that ssh
might be more reliable than WinRM
as a connection method for Ansible, using ssh
on port 22 would simplify some of our security rules and bring Windows into line with our Linux build hosts from a connectivity perspective. The ideal would be to create a re-usable build job to allow us to create a base AMI
(from the official Windows Server 2019 AMI
) to act as a new base for our Packer/Ansible jobs. Having never used OpenSSH
on Windows, nor attempted to use ssh
to connect to Windows with Ansible, if anyone could share a working config or at least pointers that would be very much appreciated.
This requires several steps, and you will generally want to update it every so often to get a more recent version of Windows.
Here is a repository on Github which will (in eu-west-1 by default) take the latest official Windows Server 2019 image and install OpenSSH, configure the server, copy keys such that the Administrator user is accessible over ssh
, and finally create an AMI which will have ssh
available on boot. This build will use WinRM
to do the initial work, but once created ssh
can be used instead.
Also included is an example of how to use that new base image in an Ansible run (to install some build tools) when connecting via ssh
rather than WinRM
.
Answered by Adam C on November 30, 2020
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP