Thanks to Matt Davis who is the original creator of this presentation.
I adjusted this presentation to fit to my 40 minutes Meetup.
This was delivered for Ansible Meetup in Wellington
3. Agenda
● Connection methods
● App Install and Maintenance
● Windows Security and Hardening
● Windows Services
● Of course we need to talk about reboots
10. Services
● win_service looks/acts like Linux service module
● Provides fine control over complex service behavior
config in Windows SCM (who/what/when/how)
Poll: How many hate Windows?
Poll: using Ansible w/ Windows today?
While every modern Linux distro has some kind of package management built in, Windows as a whole has still managed to avoid it. The closest thing (outside the Windows App Store itself) is Chocolatey. If you're not familiar with it, it's probably closest to something like Homebrew for the Mac. I highly recommend using it wherever possible over directly installing apps, even if it means you have to maintain your own. Having installed app version metadata makes app management with an idempotent solution like Ansible so much easier. Choco also is easily deployed behind your firewall, if you're worried about relying on the public service, or want to deploy your own software privately, and they're starting to provide paid, supported offerings as well.
The IIS webserver has been a staple on Windows since NT4. It's gotten a lot more manageable over the years, and Ansible ships with a set of modules for idempotently managing the basics, like websites, virtual directories, webapps, app pools, and more.
Windows Services are another thing fairly unique to Windows. The concept definitely exists on Linux, but in many different forms that are generally simpler, like init, upstart, now systemd, and some others. The Windows Service Control Manager has a fairly broad surface area, and can be a hassle to set up and manage if you're not used to doing it. Ansible win_service module makes it a whole lot easier, and it looks very similar to the Linux service module that exposes a handful of properties necessary to making a service go, like when it should start, who it runs as, what it runs, etc.