Unable to provision a Windows Server 2019 vagrant box with Ansible over ssh

Question

I have created a Windows server 2019 Vagrant box using https://github.com/rgl/windows-vagrant . I did not make any changes.

Steps to reproduce:

git clone git@github.com:rgl/windows-vagrant.git
cd windows-vagrant
make build-windows-2019-virtualbox

Then I added the new box with

vagrant box add -f windows-2019-amd64 windows-2019-amd64-virtualbox.box

Vagrantfile :

Vagrant.configure("2") do |config|
  config.vm.box = "windows-2019-amd64"
  config.vm.provision :ansible do |ansible|
    ansible.playbook = "./provisioners/ansible/ansible_playbook.yml"
    ansible.config_file = "./provisioners/ansible/ansible.cfg"
    ansible.inventory_path = "vagrant_ansible_inventory"
    config.vm.network "forwarded_port", guest: 22, host: 2222
  end
end

vagrant_ansible_inventory :

default ansible_connection=ssh ansible_host=127.0.0.1 ansible_port=2222 ansible_user='vagrant' ansible_password='vagrant' ansible_ssh_pass='vagrant'

I can start the box:

vagrant up --no-provision

I can connect to the box over ssh:

vagrant ssh

(drops me into a DOS shell on the Windows Server 2019, where I can execute DOS shell commands like dir )

I cannot provision:

vagrant provision

results in error

==> default: Running provisioner: ansible...
    default: Running ansible-playbook...

PLAY [Jenkins node playbook] ***************************************************

TASK [Gathering Facts] *********************************************************
Friday 29 January 2021  14:21:36 +0100 (0:00:00.015)       0:00:00.015 ******** 
fatal: [default]: UNREACHABLE! => {"changed": false, "msg": "Failed to create
temporary directory. In some cases, you may have been able to authenticate and
did not have permissions on the target directory. Consider changing the remote
tmp path in ansible.cfg to a path rooted in \"/tmp\", for more error information
use -vvv. Failed command was: ( umask 77 && mkdir -p \"` echo ~/.ansible/tmp
`\"&& mkdir ~/.ansible/tmp/ansible-tmp-1611926496.6021953-399403-196553100140944
&& echo ansible-tmp-1611926496.6021953-399403-196553100140944=\"` echo
~/.ansible/tmp/ansible-tmp-1611926496.6021953-399403-196553100140944 `\" ),
exited with result 1", "unreachable": true}

PLAY RECAP *********************************************************************
default                    : ok=0    changed=0    unreachable=1    failed=0
    skipped=0    rescued=0    ignored=0   

Friday 29 January 2021  14:21:36 +0100 (0:00:00.320)       0:00:00.335 ******** 
=============================================================================== 
Gathering Facts --------------------------------------------------------- 0.32s
Playbook run took 0 days, 0 hours, 0 minutes, 0 seconds
Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.

How do I fix this?

Answer 1

Solution:

A. in the box, set Powershell as the default shell:

Write-Host 'Set the default shell to PowerShell'
Set-ItemProperty `
    -Path 'HKLM:\SOFTWARE\OpenSSH' `
    -Name DefaultShell `
    -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"

B. In the inventory file, add

ansible_shell_type='powershell'

Why?

Because Ansible tried to execute:

umask 77 && mkdir -p \"` echo ~/.ansible/tmp
`\"&& mkdir ~/.ansible/tmp/ansible-tmp-1611926496.6021953-399403-196553100140944
&& echo ansible-tmp-1611926496.6021953-399403-196553100140944=\"` echo
~/.ansible/tmp/ansible-tmp-1611926496.6021953-399403-196553100140944 `\"

Those are all Linux shell commands.

I logged in on the box with vagrant ssh and tried to execute the shell commands manually one by one, which obviously failed miserably. Even the umask command. which doesn't require any privileges. So then it dawned to me that Ansible was using Linux commands in a DOS shell.

By setting the default Windows ssh shell to Powershell, and telling Ansible to use powershell as shell type, Ansible was finally able to communicate with Windows.