Sergey Nivens - Fotolia

Can I install Ansible for Windows system management?

Even though Ansible has its roots in open source software and Linux, is it possible to use the configuration management tool for Windows environments?

While it's possible to use Ansible to manage Windows, there are some areas where Linux admins have an easier time.

Ansible started as a Linux-based tool, and it uses the Secure Shell (SSH) protocol to communicate with the machines it manages. As most Linux hosts already have SSH installed, Ansible implementation in these environments is fairly straightforward.

But SSH is not installed on a Windows server in the same way, and it isn't available for production environments yet. Instead, Ansible uses PowerShell to push out and implement changes to Windows host machines. To use Ansible for Windows configuration management, run PowerShell version 3.0 or higher, as well as the .NET framework version 4.0 or higher, on managed systems.

Admins should prepare for a more complex setup compared with that for Linux environments if they choose to host Ansible on a Windows server, as there are several configuration steps to install it.

While Ansible can target a Windows machine for configuration and provisioning, the control environment -- Ansible Tower -- runs on Linux. To actually run Ansible on a Windows box, run Linux as a VM on that box. According to Red Hat, there are no plans to change this model, as Ansible is still able to automate Windows in the same way it does Linux systems through running as a VM.

Because Ansible cannot run on a Windows host natively, the admin must set it up under the Windows Subsystem for Linux. WSL is a feature Microsoft added with Windows 10 that supports native Linux command-line tools on Windows. It isn't installed with Ansible by default, however; access and install WSL from the Microsoft Store. In addition, Ansible doesn't formally support the WSL feature, so its use is not advised for production systems.

In short, a Windows-based server can consume Ansible commands and playbooks, but not send them out for other hosts to consume. Windows shouldn't serve as the OS for a development platform for non-Windows hosts, either.

There are additional considerations that might give administrators pause when they manage Windows configurations via Ansible. Ansible for Windows uses PowerShell modules, and Python modules cannot run on Windows hosts. It's possible to work around this limitation and run a Python module on the Ansible controller via the delegate_to: localhost command.

Given the requirements mentioned above, the installation of Ansible on Windows involves more than the standard apt-get install ansible command for Linux environments. That said, Windows shops can stand to gain from the use of Ansible. Potential benefits include the operation of a single configuration management tool across all systems and supporting DevOps and automation adoption for Windows application lifecycle management.

Dig Deeper on Systems automation and orchestration