The guides in this section cover using Ansible with a range of public cloud platforms. They explore particular use cases in greater depth and provide a more "top-down" explanation of some basic features.
Modules for interacting with the Kubernetes (K8s) and OpenShift API are under development, and can be used in preview mode. To use them, review the requirements, and then follow the installation and use instructions.
@ -53,4 +53,3 @@ Filing issues
If you find a bug or have a suggestion regarding individual modules or the role, please file issues at `OpenShift Rest Client issues <https://github.com/openshift/openshift-restclient-python/issues>`_.
There is also a utility module, k8s_common.py, that is part of the `Ansible <https://github.com/ansible/ansible>`_ repo. If you find a bug or have suggestions regarding it, please file issues at `Ansible issues <https://github.com/ansible/ansible/issues>`_.
.. unified index page included for backwards compatibility
******************
Scenario Guides
***************
******************
The guides in this section cover integrating Ansible with a variety of
platforms, products, and technologies. They explore particular use cases in greater depth and provide a more "top-down" explanation of some basic features.
..toctree::
:maxdepth:1
:caption:Public Cloud Guides
The guides in this section explore particular use cases in greater depth and provide a more "top-down" explanation of some basic features.
guide_alicloud
guide_aws
guide_cloudstack
guide_gce
guide_azure
guide_online
guide_packet
guide_rax
guide_scaleway
guide_vultr
..toctree::
:glob:
:maxdepth:1
:caption:Network Technology Guides
guide_aci
guide_meraki
guide_infoblox
guide_*
..toctree::
:maxdepth:1
:caption:Virtualization & Containerization Guides
Pending topics may include: Jenkins, Linode/DigitalOcean, Continuous Deployment, and more.
The guides in this section cover using Ansible with specific network technologies. They explore particular use cases in greater depth and provide a more "top-down" explanation of some basic features.
..toctree::
:maxdepth:1
guide_aci
guide_meraki
guide_infoblox
To learn more about Network Automation with Ansible, see :ref:`network_getting_started` and :ref:`network_advanced`.
The guides in this section cover integrating Ansible with popular tools for creating virtual machines and containers. They explore particular use cases in greater depth and provide a more "top-down" explanation of some basic features.
These concepts are common to all uses of Ansible, including VMware automation. You need to understand them to use Ansible for VMware automation. This basic introduction provides the background you need to follow the examples in this guide.
Some of these concepts are common to all uses of Ansible, including VMware automation; some are specific to VMware. You need to understand them to use Ansible for VMware automation. This introduction provides the background you need to follow the :ref:`scenarios<vmware_scenarios>` in this guide.
..contents:: Topics
..contents::
:local:
Control Node
============
@ -16,20 +17,18 @@ Any machine with Ansible installed. You can run commands and playbooks, invoking
Delegation
==========
If you want to perform a VMware specific task on one host with reference to ESXi server or vCenter server, use the ``delegate_to`` keyword on a task. This delegation host will be any host where you have ``pyVmomi`` installed. Your control node and ``delegate_to`` host can be same or different.
Delegation allows you to select the system that executes a given task. If you do not have ``pyVmomi`` installed on your control node, use the ``delegate_to`` keyword on VMware-specific tasks to execute them on any host where you have ``pyVmomi`` installed.
Modules
=======
The units of code Ansible executes. Each module has a particular use, from creating virtual machines on vCenter to managing distributed virtual switches on vCenter environment. You can invoke a single module with a task, or invoke several different modules in a playbook. For an idea of how many modules Ansible includes, take a look at the :ref:`list of VMware modules<vmware_cloud_modules>`.
The units of code Ansible executes. Each module has a particular use, from creating virtual machines on vCenter to managing distributed virtual switches in the vCenter environment. You can invoke a single module with a task, or invoke several different modules in a playbook. For an idea of how many modules Ansible includes, take a look at the :ref:`list of cloud modules<cloud_modules>`, which includes VMware modules.
Playbooks
=========
Ordered lists of tasks, saved so you can run those tasks in that order repeatedly. Playbooks can include variables as well as tasks. Playbooks are written in YAML and are easy to read, write, share and understand.
All vCenter and ESXi servers require SSL encryption on all connections to enforce secure communication. You must enable SSL encryption for Ansible by installing the server's SSL certificates on your Ansible control node or delegate node.
All vCenter and ESXi servers require SSL encryption on all connections to enforce secure communication.
If the SSL certificate of your vCenter or ESXi server is not correctly installed on your Ansible control node, you will see the following warning when using Ansible VMware modules:
If you see the following warning while using Ansible VMware modules [warning], you need to enable SSL encryption for Ansible by installing the server's SSL certificates on your Ansible control node or delegate node.
``Unable to connect to vCenter or ESXi API at xx.xx.xx.xx on TCP/443: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)``
```
Unable to connect to vCenter or ESXi API at xx.xx.xx.xx on TCP/443: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)
```
To install the SSL certificate for your VMware server, and run your Ansible VMware modules in encrypted mode, please follow the instructions for the server you are running with VMware.
then, this means you need to add/install SSL certificate of vCenter or ESXi server in your Ansible control node.
The following instructions allow you to run your Ansible VMware modules with encrypted mode (viz. ``validate_certs=True``).
Please follow the instructions depending upon your server to install SSL certificate.
vCenter
-------
Installing vCenter SSL certificates for Ansible
-----------------------------------------------
* From any web browser, go to the base URL of the vCenter Server without port number like ``https://vcenter-domain.example.com``
@ -38,9 +32,8 @@ vCenter
* Install the certificate files are trusted certificates by the process that is appropriate for your operating system.
ESXi
----
Installing ESXi SSL certificates for Ansible
--------------------------------------------
* Enable SSH Service on ESXi either by using Ansible VMware module `vmware_host_service_manager <https://github.com/ansible/ansible/blob/devel/lib/ansible/modules/cloud/vmware/vmware_host_config_manager.py>`_ or manually using vSphere Web interface.
1) Modifying the Ubuntu 18.04 images and installing ``ifupdown`` in them via ``sudo apt install ifupdown``.
1) Modify the Ubuntu 18.04 images and installing ``ifupdown`` in them via ``sudo apt install ifupdown``.
If so you need to remove ``netplan`` via ``sudo apt remove netplan.io`` and you need stop ``systemd-networkd`` via ``sudo systemctl disable systemctl-networkd``.
2) You can generate the ``systemd-networkd`` files with a task in your vmware Ansible role:
2) Generate the ``systemd-networkd`` files with a task in your VMware Ansible role:
..code-block:: yaml
@ -100,14 +100,3 @@ There are several workarounds for this issue.
delegate_to: localhost
3) Wait for ``netplan`` support in ``open-vm-tools``
This loops over all of the hosts in the group called ``monitoring``, and adds an ACCEPT line for
This loops over all of the hosts in the group called ``monitoring``, and adds an ACCEPT line for
each monitoring hosts' default IPv4 address to the current machine's iptables configuration, so that Nagios can monitor those hosts.
You can learn a lot more about Jinja2 and its capabilities `here <http://jinja.pocoo.org/docs/>`_, and you
You can learn a lot more about Jinja2 and its capabilities `here <http://jinja.pocoo.org/docs/>`_, and you
can read more about Ansible variables in general in the :ref:`playbooks_variables` section.
.._lamp_rolling_upgrade:
The Rolling Upgrade
```````````````````
The rolling upgrade
===================
Now you have a fully-deployed site with web servers, a load balancer, and monitoring. How do you update it? This is where Ansible's
Now you have a fully-deployed site with web servers, a load balancer, and monitoring. How do you update it? This is where Ansible's
orchestration features come into play. While some applications use the term 'orchestration' to mean basic ordering or command-blasting, Ansible
refers to orchestration as 'conducting machines like an orchestra', and has a pretty sophisticated engine for it.
@ -217,8 +221,8 @@ Here is the next part of the update play::
pre_tasks:
- name: disable nagios alerts for this host webserver service
nagios:
action: disable_alerts
nagios:
action: disable_alerts
host: "{{ inventory_hostname }}"
services: webserver
delegate_to: "{{ item }}"
@ -266,8 +270,8 @@ Again, if you were using a Netscaler or F5 or Elastic Load Balancer, you would j
.._lamp_end_notes:
Managing Other Load Balancers
`````````````````````````````
Managing other load balancers
=============================
In this example, we use the simple HAProxy load balancer to front-end the web servers. It's easy to configure and easy to manage. As we have mentioned, Ansible has built-in support for a variety of other load balancers like Citrix NetScaler, F5 BigIP, Amazon Elastic Load Balancers, and more. See the :ref:`working_with_modules` documentation for more information.
@ -275,8 +279,8 @@ For other load balancers, you may need to send shell commands to them (like we d
.._lamp_end_to_end:
Continuous Delivery End-To-End
``````````````````````````````
Continuous delivery end-to-end
==============================
Now that you have an automated way to deploy updates to your application, how do you tie it all together? A lot of organizations use a continuous integration tool like `Jenkins <https://jenkins.io/>`_ or `Atlassian Bamboo <https://www.atlassian.com/software/bamboo>`_ to tie the development, test, release, and deploy steps together. You may also want to use a tool like `Gerrit <https://www.gerritcodereview.com/>`_ to add a code review step to commits to either the application code itself, or to your Ansible playbooks, or both.
@ -298,5 +302,3 @@ This should give you a good idea of how to structure a multi-tier application wi
@ -7,10 +7,10 @@ Playbooks are Ansible's configuration, deployment, and orchestration language. T
If Ansible modules are the tools in your workshop, playbooks are your instruction manuals, and your inventory of hosts are your raw material.
At a basic level, playbooks can be used to manage configurations of and deployments to remote machines. At a more advanced level, they can sequence multi-tier rollouts involving rolling updates, and can delegate actions to other hosts, interacting with monitoring servers and load balancers along the way.
At a basic level, playbooks can be used to manage configurations of and deployments to remote machines. At a more advanced level, they can sequence multi-tier rollouts involving rolling updates, and can delegate actions to other hosts, interacting with monitoring servers and load balancers along the way.
While there's a lot of information here, there's no need to learn everything at once. You can start small and pick up more features
over time as you need them.
over time as you need them.
Playbooks are designed to be human-readable and are developed in a basic text language. There are multiple
ways to organize playbooks and the files they include, and we'll offer up some suggestions on that and making the most out of Ansible.
@ -30,5 +30,4 @@ You should look at `Example Playbooks <https://github.com/ansible/ansible-exampl
Alicia Cozine
7 years ago
committed by