Output of windows raw cmd as var
87 views
Skip to first unread message
Dimitri Yioulos
Sep 1, 2015, 12:22:23 PM9/1/15
to Ansible Project
Hi, all.
I've been struggling with trying to get Ansible working for Windows automation. Perhaps I'm asking too much, but here's what I'm after - I want to update a group of servers, stop a particular service on a few of those server, then reboot the entire group. Updating and rebooting are the easy parts. My challenge is in identifying the servers that have the particular service running, and stopping that service if it's running. The command that I'd use at the Windows cli would be this: sc query ListManager | find "RUNNING" or
sc query ListManager | find "STATE", which return "STATE : 4 RUNNING". I can extend that a bit, like so: sc query ListManager | find "RUNNING" >nul 2>&1 && echo running, which obviously returns "running".
Here's my play, so far:
---
- hosts: all
gather_facts: false
tasks:
- name: update server
raw: 'cmd /c wuauclt.exe /resetauthorization /detectnow /updatenow'
- name: check for Lyris service
raw: sc query ListManager | find "RUNNING" >nul 2>&1 && echo running
# when: "'LM' not in inventory_hostname"
register: lyris_hint
always_run: yes
tags:
- lyristest
- debug: var=lyris_hint.stdout_lines
I was hoping that the debug line would output "running" so that I could use output from the raw as the basis for stopping the service with:
- win_service:
name: ListManager
state: stopped
- win_service:
name: LyrisAlert
state: stopped
and, finally, reboot the systems with:
- name: reboot server
raw: 'cmd /c shutdown /r /t 0'
Can anyone help me with the service detection/stop part of this?
Thanks.
Dimitri
I've been struggling with trying to get Ansible working for Windows automation. Perhaps I'm asking too much, but here's what I'm after - I want to update a group of servers, stop a particular service on a few of those server, then reboot the entire group. Updating and rebooting are the easy parts. My challenge is in identifying the servers that have the particular service running, and stopping that service if it's running. The command that I'd use at the Windows cli would be this: sc query ListManager | find "RUNNING" or
sc query ListManager | find "STATE", which return "STATE : 4 RUNNING". I can extend that a bit, like so: sc query ListManager | find "RUNNING" >nul 2>&1 && echo running, which obviously returns "running".
Here's my play, so far:
---
- hosts: all
gather_facts: false
tasks:
- name: update server
raw: 'cmd /c wuauclt.exe /resetauthorization /detectnow /updatenow'
- name: check for Lyris service
raw: sc query ListManager | find "RUNNING" >nul 2>&1 && echo running
# when: "'LM' not in inventory_hostname"
register: lyris_hint
always_run: yes
tags:
- lyristest
- debug: var=lyris_hint.stdout_lines
I was hoping that the debug line would output "running" so that I could use output from the raw as the basis for stopping the service with:
- win_service:
name: ListManager
state: stopped
- win_service:
name: LyrisAlert
state: stopped
and, finally, reboot the systems with:
- name: reboot server
raw: 'cmd /c shutdown /r /t 0'
Can anyone help me with the service detection/stop part of this?
Thanks.
Dimitri
Matt Davis
Sep 1, 2015, 1:36:43 PM9/1/15
to Ansible Project
Hi Dimitri,
First, please try out the new win_updates module here (and +1 the PR if it works for you) - the way you're kicking off the Windows updates asynchronously can fail in all sorts of interesting ways.
Second, while the approach you're using will work, it can also mask other failures. I'm guessing you don't really care if the services are running or not, merely that they're installed, and if so, they should be stopped. The win_service module (and most Ansible modules) are designed to enforce a desired state, not just blindly run commands, so that part's already taken care of. To just skip the task if not installed, I'd suggest something like:
tasks:
- name: check for Lyris service
raw: sc query ListManager
register: lyris_hint
failed_when: lyris_hint.rc not in [0,1060] # 1060 == Service not installed
- name: stop services
service: name={{ item }} state=stopped
with_items: ["ListManager", "LyrisAlert"]
when: lyris_hint.rc == 0 # ie, the ListManager service is installed
This way, if it fails for some other reason than the service not being installed, your playbook will break instead of masking the failure.
Good luck!
-Matt
Dimitri Yioulos
Sep 1, 2015, 3:44:18 PM9/1/15
to Ansible Project
Matt,
Superb, and thanks!
I went ahead and installed the latest win_updates module. The only reason I wasn't using it is that I've had good luck with running native Windows commands via the raw command. I understand why you recommend using win_updates, though, and I'll work with it.
The two service-related tasks work a treat! Being pretty new to ansible, I was wondering where you got this from?: lyris_hint.rc not in [0,1060]. Knowing such things looks to be extremely valuable.
Also, why am I not seeing the output of sc query ListManager if I add - debug: var=reboot_hint.stdout_lines ? I created another play that returns whether or not a Linux x system requires a reboot because the kernel was updated:
---
- hosts: all
gather_facts: true
sudo: yes
# serial: 1
tasks:
- name: Check for reboot hint.
shell: if [ `rpm -qa --last|grep kernel-2.6| cut -d'-' -f2- | awk '{print $1}' | head -n 1` != `uname -r` ]; then echo "reboot"; else echo "no"; fi
register: reboot_hint
always_run: yes
tags:
- testreboot
- debug: var=reboot_hint.stdout_lines
which outs:
ok: [victoriantra] => {
"var": {
"reboot_hint.stdout_lines": [
"no"
]
}
}
That's a bit chatty, but a parsing question of which I'll ask about in another post.
Your continued help is appreciated.
Dimitri
Superb, and thanks!
I went ahead and installed the latest win_updates module. The only reason I wasn't using it is that I've had good luck with running native Windows commands via the raw command. I understand why you recommend using win_updates, though, and I'll work with it.
The two service-related tasks work a treat! Being pretty new to ansible, I was wondering where you got this from?: lyris_hint.rc not in [0,1060]. Knowing such things looks to be extremely valuable.
Also, why am I not seeing the output of sc query ListManager if I add - debug: var=reboot_hint.stdout_lines ? I created another play that returns whether or not a Linux x system requires a reboot because the kernel was updated:
---
- hosts: all
gather_facts: true
sudo: yes
# serial: 1
tasks:
- name: Check for reboot hint.
shell: if [ `rpm -qa --last|grep kernel-2.6| cut -d'-' -f2- | awk '{print $1}' | head -n 1` != `uname -r` ]; then echo "reboot"; else echo "no"; fi
register: reboot_hint
always_run: yes
tags:
- testreboot
- debug: var=reboot_hint.stdout_lines
which outs:
ok: [victoriantra] => {
"var": {
"reboot_hint.stdout_lines": [
"no"
]
}
}
That's a bit chatty, but a parsing question of which I'll ask about in another post.
Your continued help is appreciated.
Dimitri
Dimitri Yioulos
Sep 1, 2015, 4:03:27 PM9/1/15
to Ansible Project
Ah, and now I remember - I couldn't get the win_updates module to work. When I update Windows servers, I want the install all available updates (e.g. critical and important), with the exception of optional. I've created a play to look like this:
---
- hosts: windows
gather_facts: true
tasks:
- name: win update
win_updates:
category: security
The play runs, but no updates are applied. Also, I have no idea how to apply multiple types of updates. I've posted previously about this, but it's still unresolved. That's why I went for using raw.
---
- hosts: windows
gather_facts: true
tasks:
- name: win update
win_updates:
category: security
The play runs, but no updates are applied. Also, I have no idea how to apply multiple types of updates. I've posted previously about this, but it's still unresolved. That's why I went for using raw.
Dimitri
On Tuesday, September 1, 2015 at 12:22:23 PM UTC-4, Dimitri Yioulos wrote:
Reply all
Reply to author
Forward
0 new messages