Ansible Control Machine on Windows
The post describes how to easily run Ansible on Windows without docker, VirtualBox or Hyper-V. The approach utilizes Linux through Windows Subsystem for Linux (WSL) available in Windows 10.
What we are trying to achieve:
- A full-featured Ansible available under Windows without any headaches.
- Instant access to Ansible without the need to start and wait for a dedicated virtual machine.
- Ansible should have the same access to the network.
- A possibility to work with files stored on HDD drive, having convenient access to them by both, Ansible and any installed Windows software, at the same time.
Basically, most of the listed requirements are already covered by WSL, except for some nuances. All we need is to properly install and configure everything. Let's go step-by-step.
Enabling WSL and installing Linux
Open the Powershell under Administrator rights and run the following command:
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux
Restart the PC to enable the WSL.
The next step is to install a Linux distribution. Several of them are available in the Microsoft Store. For this post we use Ubuntu, so get it.
After installation is complete launch the Ubuntu from the Start Menu, wait until it is ready, and set the default user/password.
By default, WSL mounts Windows disks in Linux in
/mnt/. For example,
C:\ can be accessed through
In order to be able to work with mounted files like you would do it normally in Linux, including changing permissions and attributes, we need to enable additional metadata provided by DrvFs plugin. Otherwise, any changes to file attributes don't persist: they are overwritten by Windows, for example, when a file is modified outside the Linux.
Also, by default, all mounted Windows files have
0777 permissions. The included
x (executable) flag causes errors in Ansible and Vault like:
([Errno 8] Exec format error). If this is not a script, remove the executable bit from the file.
ERROR: The file [my_inventory] is marked as executable, but failed to execute correctly. If this is not supposed to be an executable script, correct this with `chmod -x [my_inventory]`
Setting permissions on files explicitly using
chmod does nothing until DrvFs is enabled, and anyway, they don't persist between sessions.
The solution to the issues described above is to create a WSL configuration file
sudo nano /etc/wsl.conf
Type in the following content:
[automount] enabled = true options = "metadata,umask=22,fmask=111"
Save the file (
Enter) and re-open the Ubuntu console.
In the configuration file we set the following options:
umask- the mask of permissions to exclude for all files and directories.
fmask- the mask of permissions to exclude for all regular files.
Optionally, it is possible to specify a mask for directories specifically using the
Verify that DrvFs is configured:
/mnt/c should have the options set in the configuration file:
If we look at any mounted file (
stat file_name), only read and write permission should be set now:
Additionally, it makes sense to mention, that all mounted files are owned by the default user created during the installation. They have the
uid=1000 (user ID) and
gid=1000 (group ID).
The file's owner also can be changed in the
wsl.conf by adding specific IDs to the
options. For example:
options = "metadata,uid=1000,gid=1000,umask=22,fmask=111"
To install the Ansible just run the following commands to add the Ansible repository and install it from there:
sudo apt update sudo apt install software-properties-common sudo apt-add-repository --yes --update ppa:ansible/ansible sudo apt install ansible
By the end, Ansible should be available for execution, that can be verified by checking its version:
After the described steps, it is possible to use Ansible from Windows, execute playbooks, decrypt vaults, edit decrypted files using any favorite Windows editor, encrypt them back.