Manage Windows machines with Ansible (winrm)

Ansible is a very powerful automation tool that is developed from RedHat. Many large organizations rely on Ansible to automate tasks and procedures. In this article I will explain how one can use ansible to manage windows clients and servers.

In order to manage windows hosts ansible winrm plugin should be used to communicate with the client/server machine.

The first step is to verify that ansible is installed.

Alongside with ansible, on the control node the pywinrm module should be also installed. By default this one is not installed and one should do it manually.

The managed Windows client/server machines should be configured to allow remote connections. A very useful power shell script is already developed from other users and it needs only to be executed on the managed host.

If your execution policy is prohibiting this script to be executed, you should set-execution policy to RemoteSigned as shown below and then execute the powershell.

Control node should have network connectivity with the managed hosts.

Some environmental variables should be used, so that ansible knows how the connection will be performed (winrm). I included those variables in my inventory file as I created this lab just for demonstration. My inventory file looks like below:

Lastly make sure that the user that is used for the connection has administrative rights on the managed windows hosts. Otherwise some error codes will be returned.

Lastly confirm ansible on managed host is working by using win_ping module.

Documentation:

https://www.ansible.com/blog/connecting-to-a-windows-host

Configure HAproxy to load balance Centos httpd containers

In this article I will explain a HAproxy installation on docker centos images. First things first, 3 centos images should be deployed. Two of them will be simple web servers with httpd installed and the third one will have haproxy installed to load balance between the two web servers.

In order to deploy 3 new centos docker images you should first download the latest centos image.

Just pull the Centos docker image from dockerHub by using the below command

And then deploy 3 instances of it:

Verify that containers have been deployed succesfully and execute some interactive commands on them.

You will get a result like the below, depending on the image you have installed.

Install httpd package on the two web servers. I am using portainer so that I can interact easier with containers. You could also execute an interactive command as shown below.

Lastly you should install haproxy package for the third server that will be used as a load balancer.

Verify connectivity between your containers. Based on the default network that have been deployed on my computer I get the following 3 IP’s.

Install a test html page on web servers that will be used to identify the node.

Enable and start httpd server on web servers and test that their page is up and running by running a curl from load balancer (server 3). You will get a respond like the below:

apache is running and responding on web servers 1,2

In order to use systemctl and systemd commands, check my previous article about deploying a Centos Image with systemd enabled.

Edit haproxy configuration setting under /etc/haproxy/haproxy.cfg and add your two webservers as backend servers of app section.

haproxy configuration

Restart haproxy so that configuration changes are loaded:

Curl loadbalancer and verify from the results that load is balanced between centos-1 and centos-2 webservers:

Deploy a CentOS container image with systemd enabled

In order to deploy a CentOS container with systemd enabled to perform and use commands as systemctl you could do the following:

Download the official Centos image with systemd integrated from DockerHub and create a file name Dockerfile on your current working directory. The following dockerfile will install/enable httpd package with yum and systemctl.

Build your image:

And then deploy a new container from your created image:

Verify that you can run successfully systemd commands:

Upgrade HAproxy to 2.1.3 – Red Hat Enterprise Linux server/Centos

I was struggling a couple of hours to upgrade HAproxy package to its latest version on a Red Hat Enterprise Linux server 7.6 and as I could not find a well documented page, I decided to create this article in order to explain the procedure.

The latest version that is available and supported from Red Hat for a Red Hat licensed server is 1.5.8. However we can upgrade the version by compiling the source code that is distributed online from the official page. HAproxy package is open source and its code is distributed so it can be built with make.

For the people that do not know HAproxy, it is a very widely known high performance tcp/http load balancer for Linux/Unix operating systems. More information can be also found on its page.

First things first haproxy-2.1.3.tar.gz must be downloaded and uploaded to the server.

In order to compile successfully and do not face hundred of errors during make you have to be sure that the below libraries are installed on your server. If a package from the below is missing you will get make errors.

  • gcc and all its dependencies
  • openssl and all its dependencies
  • systemd-devel
  • readline-devel

LUA is needed in order to make the package. Although LUA 5.1 was installed on the red hat server, during the compilation the variable could not be found so I had to manually install LUA latest version and also use its downloaded directory for the compilation of HAproxy.

Install LUA using the following commands. LUA directory may be needed

Finally make source code of HAproxy 2.1.3

Normally you should not get any error with the above commands. If so, then the version should be the upgraded. As a last step, reboot the server and then you will get the updated version.