Ansible – Part II

In my last Article I outlined a bit what Ansible is and what you can do with it. As I stated previously you can extend Ansible by adding Modules. Having a VMware vSphere Infrastructure it was a no-brainer to integrate the matching vmware modules. But before you get to exited, there is a little groundwork to do.

• install pip
• install pyVmomi

In Order for everything to work, your control node must have pyVmomi installed which is a Python SDK for the vSphere API. So assuming you haven’t installed pip, here is how you do it (if you already have, awesome, an on you scroll):

curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py

python get-pip.py

After pip is installed you can proceed and install pyVmomi

pip install pyvmomi

You might want to add this to a script or playbook, so every time you deploy a control node all your “essentials” are installed the same way and right order.

Okay now to the fun part, I keep a separate file for all of my vcsa´s under “./host_vars/” since all the data is sort of unique to each vcsa (FQDN, IP, templates,…).

Datacenter

The Datacenter Module Documentation is pretty straight forward, so organising the Datacenters in a list of Items lets you easily deploy and maintain their state.

– name: Create Datacenter

with_items:

– {datacenter: ANSDC00, state: present}

– {datacenter: ANSDC01, state: present}

– {datacenter: ANSDC02, state: present}

vmware_datacenter:

hostname: “{{ vcenter_fqdn }}”

username: “{{ vcenter_ssouser }}”

password: “{{ vcenter_ssopassword }}”

validate_certs: no

datacenter_name: “{{ item.datacenter }}”

state: “{{ item.state }}”

delegate_to: localhost

Cluster

The Cluster Module has still room for improvement, but it enables you to configure the basic settings like HA, DRS, VSAN. I found it quite convenient for myself to organise the settings in in a list of items.

– name: Create Cluster

with_items:

– {datacenter: ANSDC00, cluster: ANSCLU00, ha: true, drs: true, state: present}

– {datacenter: ANSDC01, cluster: ANSCLU01, ha: false, drs: false, state: present}

– {datacenter: ANSDC02, cluster: ANSCLU02, ha: true, drs: true, state: present}

vmware_cluster:

hostname: “{{ vcenter_fqdn }}”

username: “{{ vcenter_ssouser }}”

password: “{{ vcenter_ssopassword }}”

validate_certs: no

datacenter_name: “{{ item.datacenter }}”

cluster_name: “{{ item.cluster }}”

enable_ha: “{{ item.ha }}”

enable_drs: “{{ item.drs }}”

state: “{{ item.state }}”

delegate_to: localhost

Hosts

I have a couple of playbooks for my Hosts, but I´ll spare you with those, but as you might have guessed there are tons of possibility’s ranging from managing advanced host config, datastores, dns settings, you can check out the full list in the documentation.

DVS / Portgroups

I keep a playbook for each DVS so i can deploy/manage my port groups without a hassle. I found the name of the port group type a bit awkward, but the API Documentation explained it, even though it it looks like its a bit dated.

– name: Create dvs portgroup

with_items:

– {portgroup_name: 200_ESX_MGMT, vlan_id: 200, num_ports: 8, portgroup_type: earlyBinding, state: present}

– {portgroup_name: 201_ESX_vMotion, vlan_id: 201, num_ports: 8, portgroup_type: earlyBinding, state: present}

– {portgroup_name: 202_ESX_Provisioning, vlan_id: 202, num_ports: 8, portgroup_type: earlyBinding, state: present}

– {portgroup_name: 203_ESX_VSAN0, vlan_id: 203, num_ports: 8, portgroup_type: earlyBinding, state: present}

– {portgroup_name: 204_ESX_VSAN1, vlan_id: 204, num_ports: 8, portgroup_type: earlyBinding, state: present}

– {portgroup_name: 400_VM_POD00, vlan_id: 400, num_ports: 8, portgroup_type: earlyBinding, state: present}

vmware_dvs_portgroup:

hostname: “{{ vcenter_fqdn }}”

username: “{{ vcenter_ssouser }}”

password: “{{ vcenter_ssopassword }}”

validate_certs: no

portgroup_name: “{{ item.portgroup_name }}”

switch_name: “{{ vcenter_dvs00 }}”

vlan_id: “{{ item.vlan_id }}”

num_ports: “{{ item.num_ports }}”

portgroup_type: “{{ item.portgroup_type }}”

state: “{{ item.state }}”

Virtual Machines

the local/technical user for creating requires some additional privileges:

 

• VirtualMachine.Provisioning.Clone on the virtual machine you are cloning
• VirtualMachine.Inventory.CreateFromExisting on the datacenter or virtual machine folder
• VirtualMachine.Config.AddNewDisk on the datacenter or virtual machine folder
• Resource.Assign virtual machine to resource pool on the destination host, cluster, or resource pool
• Datastore.AllocateSpace on the destination datastore or datastore folder
• Network.AssignNetwork on the network to which the virtual machine will be assigned
• VirtualMachine.Provisioning.Customize on the virtual machine or virtual machine folder if you are customizing the guest operating system
• VirtualMachine.Provisioning.ReadCustSpecs on the root vCenter Server if you are customizing the guest operating system

 

The vmware_guest module gives great flexibility with creating, reconfiguring, cloning, you name it. Combining them with OS specific playbooks, leaves you with nearly no limits.