#Setting up windows node
Windows node: 1. Update the powershell to the latest version or download and install powershell-core 7.4 or latest version. 2. Using powershell, install chocolatey the package manager for windows. i. Run get-executionpolicy ii. Run Set-ExecutionPolicy Allsigned or Set-ExecutionPolicy Bypass -Scope Process iii. Run Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1')) 3. Set up winrm, see the link. https://docs.ansible.com/ansible/latest/os_guide/windows_setup.html 4. Install python3 Master(linux machine where ansible is installed): 1. Create a config file. 2. Create an inventory file. [windows] xxx.xxx.xxx.xxx [windows:vars] #user account with administrative permission in windows machine. ansible_user=username #password of user account in windows machine. ansible_password="password" #port used by ansible, use 5985 for http and 5986 for https. ansible_port=5985 #connection type to be use, can be winrm or ssh. ansible_conneciton=winrm #protocol to be used. ansible_winrm_scheme=http #if certificate will be used. ansible_winrm_server_cert_validation=ignore #authentication service. ansible_winrm_kerberos_delegation=true #location of python exe file in windows machine. ansible_python_interpreter=C:/Python312/python.exe 3. Create a playbook named playbook.yaml --- - hosts: windows tasks: - name: ping windows machine win_ping: 4. Install Python3 and pywinrm
#Setting up DNS server 1. install bind sudo yum install bind 2. backup /etc/named.conf sudo cp /etc/named.conf ~/backup/named.bak 3. edit /etc/named.conf allow-query { localhost; 172.31.0.0/24; }; 4. add at the end of the line of /etc/named.conf //forward zone zone "janus.local" IN { type master; file "janus.local.db"; allow-update { none; }; allow-query { any; }; }; //backward zone zone "0.31.172.in-addr.arpa" IN { type master; file "janus.local.rev"; allow-update { none; }; allow-query { any; }; }; 5. create forward dns zone # vim /var/named/janus.local.db $TTL 86400 @ IN SOA dns-primary.janus.local. admin.janus.local. ( 2020011800 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) ;Name Server Information @ IN NS dns-primary.janus.local. ;IP Address for Name Server dns-primary IN A 172.31.0.5 ;Mail Server MX (Mail exchanger) Record janus.local. IN MX 10 mail.janus.local. ;A Record for the following Host name www IN A 172.31.0.6 mail IN A 172.31.0.7 ;CNAME Record ftp IN CNAME www.janus.local. 6. create reverse dns lookups # vim /var/named/janus.local.rev $TTL 86400 @ IN SOA dns-primary.janus.local. admin.janus.local. ( 2020011800 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) ;Name Server Information @ IN NS dns-primary.janus.local. dns-primary IN A 172.31.0.5 ;Reverse lookup for Name Server 35 IN PTR dns-primary.janus.local. ;PTR Record IP address to Hostname 50 IN PTR www.janus.local. 60 IN PTR mail.janus.local. 7. change the file permission, owner and group owner # chown named:named /var/named/janus.local.db # chown named:named /var/named/janus.local.rev 8. check for syntactical error # named-checkconf # named-checkzone janus.local /var/named/janus.local.db # named-checkzone 172.31.0.5 /var/named/janus.local.rev 9.restart the named service sudo systemctl restart named 10. for client to accesds the dns service # firewall-cmd --add-service=dns --zone=public --permanent # firewall-cmd --reload 11. test the bind dns # nslookup dns-primary.janus.local