vmware_guest module allows you to run scripts in 'runonce' section, so you
can run the configure for remoting script as part of this, and any other
steps you need.
I use a playbook like the following to create vm from template. Before
using you have to add a hostname to the 'domainmember' group and allocate
it an ip address in your inventory, like this
# ansible inventory
[domainmember]
testmachine01 ip=172.17.0.1
---
# spin up a vm from a template
- hosts: localhost
gather_facts: true
- hosts: domainmember
gather_facts: false
vars:
template: Winserver-TEMPLATE
vars_prompt:
- name: 'vmware_user'
prompt: 'Enter VMWare username'
private: no
- name: 'vmware_cred'
prompt: 'Enter VMWare password'
private: yes
pre_tasks:
- name: show what we are planning on doing
debug:
msg: "ensure vm with hostname {{inventory_hostname}} and ip
{{hostvars[inventory_hostname]['ip']}} exists."
- name: clone vmware template and customise so it is ready for use as
domain member
vmware_guest:
annotation: "Ansible cloned from template '{{template}}' on
{{hostvars['localhost']['ansible_date_time']['date']}} by {{vmware_user}}"
cluster: Dev Cluster
datacenter: Dev datacenter
folder: /Development/
hostname: vcenterhost
name: "{{inventory_hostname}}"
password: "{{ vmware_cred }}"
resource_pool: Normal
state: poweredon
template: "{{template}}"
username: '{{vmware_user}}'
validate_certs: no
hardware:
memory_mb: 1024
num_cpus: 1
networks:
- name: VM Network
ip: "{{hostvars[inventory_hostname]['ip']}}"
netmask: 255.255.128.0
gateway: 172.x.x.1
# deliberately not specifying a domain here domain:
devdomain.local
dns_servers:
- 172.x.x.x
- 172.x.x.x2
# I had trouble using vmxnet3, it allways seems to want to be
dhcp-configured.
# may be worth retrying in future but ensuring static ip configured in
template
# devicetype: vmxnet3
devicetype: e1000e
type: static
customization:
autologon: yes
autologoncount: 5
hostname: "{{inventory_hostname}}"
ip: "{{hostvars[inventory_hostname]['ip']}}"
netmask: 255.255.128.0
gateway: 172.x.x.x
dns_servers:
- 172.x.x.x
- 172.x.x.x2
# deliberately not specifying a domain here domain:
devdomain.local
password: "{{guest_administrator_pass}}"
joindomain: devdomain.local
domainadmin: "{{ win_dom_user }}"
domainadminpassword: "{{ win_dom_cred }}"
runonce:
- powershell.exe -ExecutionPolicy Unrestricted -File C:\Users\
Administrator\Downloads\ConfigureRemotingForAnsible.ps1 -ForceNewSSLCert
- C:\finishsetup.bat
timezone: 85
# set timezone correctly or domain trust relationship will be lost
delegate_to: localhost
- name: wait for connection to become reachable
wait_for_connection:
delay: 75
sleep: 11
timeout: 675
# by this point host should be on the domain so you can start running roles
to provision your windows host
On Thursday, March 29, 2018 at 12:05:32 AM UTC+1, anil kumar wrote:
>
> do you have any ideas on configuring winrm in the template(vmware)?
>
> On Wed, Mar 28, 2018 at 11:58 AM, Anil <visit...@gmail.com <javascript:>>
> wrote:
>
>> Thanks for elaborate information on ansible with windows.
>>
>> Winrm is disabled by default. Not sure about the security constraints
>> when we enable this service.
>>
>> I will do research on it.
>>
>> On Mar 27, 2018, at 9:32 PM, Jordan Borean <jbor...@gmail.com
>> <javascript:>> wrote:
>>
>> You can currently only use the winrm connection plugin with Ansible to
>> talk to Windows hosts. WinRM allows you to connect using both domain and
>> local accounts and usually you need administrative rights on that host to
>> both connect and manipulate group membership. WinRM allows you to
>> authenticate using various protocol such as;
>>
>> * Basic
>> * Certificate (not the same as SSH keys)
>> * NTLM
>> * Kerberos
>> * CredSSP
>>
>> More details can be found here
>> http://docs.ansible.com/ansible/latest/user_guide/windows.html.
>>
>> Thanks
>>
>> Jordan
>>
>> --
>> You received this message because you are subscribed to a topic in the
>> Google Groups "Ansible Project" group.
>> To unsubscribe from this topic, visit
>> https://groups.google.com/d/topic/ansible-project/QDoRl0_KU-Y/unsubscribe
>> .
>> To unsubscribe from this group and all its topics, send an email to
>> ansible-proje...@googlegroups.com <javascript:>.
>> To post to this group, send email to ansible...@googlegroups.com
>> <javascript:>.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/444b5db2-68b0-4fbf-906d-07ec4303d11a%40googlegroups.com
>>
>> <https://groups.google.com/d/msgid/ansible-project/444b5db2-68b0-4fbf-906d-07ec4303d11a%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/00d1e2b2-c215-43a9-8632-64b58a256426%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
