The guides in this section cover using Ansible with a range of public cloud platforms. They explore particular use cases in greater depth and provide a more "top-down" explanation of some basic features.
Modules for interacting with the Kubernetes (K8s) and OpenShift API are under development, and can be used in preview mode. To use them, review the requirements, and then follow the installation and use instructions.
Modules for interacting with the Kubernetes (K8s) and OpenShift API are under development, and can be used in preview mode. To use them, review the requirements, and then follow the installation and use instructions.
@ -53,4 +53,3 @@ Filing issues
If you find a bug or have a suggestion regarding individual modules or the role, please file issues at `OpenShift Rest Client issues <https://github.com/openshift/openshift-restclient-python/issues>`_.
If you find a bug or have a suggestion regarding individual modules or the role, please file issues at `OpenShift Rest Client issues <https://github.com/openshift/openshift-restclient-python/issues>`_.
There is also a utility module, k8s_common.py, that is part of the `Ansible <https://github.com/ansible/ansible>`_ repo. If you find a bug or have suggestions regarding it, please file issues at `Ansible issues <https://github.com/ansible/ansible/issues>`_.
There is also a utility module, k8s_common.py, that is part of the `Ansible <https://github.com/ansible/ansible>`_ repo. If you find a bug or have suggestions regarding it, please file issues at `Ansible issues <https://github.com/ansible/ansible/issues>`_.
.. unified index page included for backwards compatibility
******************
Scenario Guides
Scenario Guides
***************
******************
The guides in this section cover integrating Ansible with a variety of
platforms, products, and technologies. They explore particular use cases in greater depth and provide a more "top-down" explanation of some basic features.
..toctree::
:maxdepth:1
:caption:Public Cloud Guides
The guides in this section explore particular use cases in greater depth and provide a more "top-down" explanation of some basic features.
guide_alicloud
guide_aws
guide_cloudstack
guide_gce
guide_azure
guide_online
guide_packet
guide_rax
guide_scaleway
guide_vultr
..toctree::
..toctree::
:glob:
:maxdepth:1
:maxdepth:1
:caption:Network Technology Guides
guide_aci
guide_meraki
guide_infoblox
guide_*
..toctree::
:maxdepth:1
:caption:Virtualization & Containerization Guides
Pending topics may include: Jenkins, Linode/DigitalOcean, Continuous Deployment, and more.
The guides in this section cover using Ansible with specific network technologies. They explore particular use cases in greater depth and provide a more "top-down" explanation of some basic features.
..toctree::
:maxdepth:1
guide_aci
guide_meraki
guide_infoblox
To learn more about Network Automation with Ansible, see :ref:`network_getting_started` and :ref:`network_advanced`.
The guides in this section cover integrating Ansible with popular tools for creating virtual machines and containers. They explore particular use cases in greater depth and provide a more "top-down" explanation of some basic features.
These concepts are common to all uses of Ansible, including VMware automation. You need to understand them to use Ansible for VMware automation. This basic introduction provides the background you need to follow the examples in this guide.
Some of these concepts are common to all uses of Ansible, including VMware automation; some are specific to VMware. You need to understand them to use Ansible for VMware automation. This introduction provides the background you need to follow the :ref:`scenarios<vmware_scenarios>` in this guide.
..contents:: Topics
..contents::
:local:
Control Node
Control Node
============
============
@ -16,20 +17,18 @@ Any machine with Ansible installed. You can run commands and playbooks, invoking
Delegation
Delegation
==========
==========
If you want to perform a VMware specific task on one host with reference to ESXi server or vCenter server, use the ``delegate_to`` keyword on a task. This delegation host will be any host where you have ``pyVmomi`` installed. Your control node and ``delegate_to`` host can be same or different.
Delegation allows you to select the system that executes a given task. If you do not have ``pyVmomi`` installed on your control node, use the ``delegate_to`` keyword on VMware-specific tasks to execute them on any host where you have ``pyVmomi`` installed.
Modules
Modules
=======
=======
The units of code Ansible executes. Each module has a particular use, from creating virtual machines on vCenter to managing distributed virtual switches on vCenter environment. You can invoke a single module with a task, or invoke several different modules in a playbook. For an idea of how many modules Ansible includes, take a look at the :ref:`list of VMware modules<vmware_cloud_modules>`.
The units of code Ansible executes. Each module has a particular use, from creating virtual machines on vCenter to managing distributed virtual switches in the vCenter environment. You can invoke a single module with a task, or invoke several different modules in a playbook. For an idea of how many modules Ansible includes, take a look at the :ref:`list of cloud modules<cloud_modules>`, which includes VMware modules.
Playbooks
Playbooks
=========
=========
Ordered lists of tasks, saved so you can run those tasks in that order repeatedly. Playbooks can include variables as well as tasks. Playbooks are written in YAML and are easy to read, write, share and understand.
Ordered lists of tasks, saved so you can run those tasks in that order repeatedly. Playbooks can include variables as well as tasks. Playbooks are written in YAML and are easy to read, write, share and understand.
All vCenter and ESXi servers require SSL encryption on all connections to enforce secure communication. You must enable SSL encryption for Ansible by installing the server's SSL certificates on your Ansible control node or delegate node.
==========================
All vCenter and ESXi servers require SSL encryption on all connections to enforce secure communication.
If the SSL certificate of your vCenter or ESXi server is not correctly installed on your Ansible control node, you will see the following warning when using Ansible VMware modules:
If you see the following warning while using Ansible VMware modules [warning], you need to enable SSL encryption for Ansible by installing the server's SSL certificates on your Ansible control node or delegate node.
``Unable to connect to vCenter or ESXi API at xx.xx.xx.xx on TCP/443: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)``
```
To install the SSL certificate for your VMware server, and run your Ansible VMware modules in encrypted mode, please follow the instructions for the server you are running with VMware.
Unable to connect to vCenter or ESXi API at xx.xx.xx.xx on TCP/443: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)
```
then, this means you need to add/install SSL certificate of vCenter or ESXi server in your Ansible control node.
Installing vCenter SSL certificates for Ansible
-----------------------------------------------
The following instructions allow you to run your Ansible VMware modules with encrypted mode (viz. ``validate_certs=True``).
Please follow the instructions depending upon your server to install SSL certificate.
vCenter
-------
* From any web browser, go to the base URL of the vCenter Server without port number like ``https://vcenter-domain.example.com``
* From any web browser, go to the base URL of the vCenter Server without port number like ``https://vcenter-domain.example.com``
@ -38,9 +32,8 @@ vCenter
* Install the certificate files are trusted certificates by the process that is appropriate for your operating system.
* Install the certificate files are trusted certificates by the process that is appropriate for your operating system.
Installing ESXi SSL certificates for Ansible
ESXi
--------------------------------------------
----
* Enable SSH Service on ESXi either by using Ansible VMware module `vmware_host_service_manager <https://github.com/ansible/ansible/blob/devel/lib/ansible/modules/cloud/vmware/vmware_host_config_manager.py>`_ or manually using vSphere Web interface.
* Enable SSH Service on ESXi either by using Ansible VMware module `vmware_host_service_manager <https://github.com/ansible/ansible/blob/devel/lib/ansible/modules/cloud/vmware/vmware_host_config_manager.py>`_ or manually using vSphere Web interface.
1) Modifying the Ubuntu 18.04 images and installing ``ifupdown`` in them via ``sudo apt install ifupdown``.
1) Modify the Ubuntu 18.04 images and installing ``ifupdown`` in them via ``sudo apt install ifupdown``.
If so you need to remove ``netplan`` via ``sudo apt remove netplan.io`` and you need stop ``systemd-networkd`` via ``sudo systemctl disable systemctl-networkd``.
If so you need to remove ``netplan`` via ``sudo apt remove netplan.io`` and you need stop ``systemd-networkd`` via ``sudo systemctl disable systemctl-networkd``.
2) You can generate the ``systemd-networkd`` files with a task in your vmware Ansible role:
2) Generate the ``systemd-networkd`` files with a task in your VMware Ansible role:
..code-block:: yaml
..code-block:: yaml
@ -100,14 +100,3 @@ There are several workarounds for this issue.
delegate_to: localhost
delegate_to: localhost
3) Wait for ``netplan`` support in ``open-vm-tools``
3) Wait for ``netplan`` support in ``open-vm-tools``
Continuous Delivery is the concept of frequently delivering updates to your software application.
Continuous delivery (CD) means frequently delivering updates to your software application.
The idea is that by updating more often, you do not have to wait for a specific timed period, and your organization
The idea is that by updating more often, you do not have to wait for a specific timed period, and your organization
gets better at the process of responding to change.
gets better at the process of responding to change.
@ -31,8 +35,8 @@ example for that information. Instead, we're going to take a close look at every
.._lamp_deployment:
.._lamp_deployment:
Site Deployment
Site deployment
```````````````
===============
Let's start with ``site.yml``. This is our site-wide deployment playbook. It can be used to initially deploy the site, as well
Let's start with ``site.yml``. This is our site-wide deployment playbook. It can be used to initially deploy the site, as well
as push updates to all of the servers::
as push updates to all of the servers::
@ -89,8 +93,8 @@ sample web application and the Nagios hosts.
.._lamp_roles:
.._lamp_roles:
Reusable Content: Roles
Reusable content: roles
```````````````````````
=======================
By now you should have a bit of understanding about roles and how they work in Ansible. Roles are a way to organize
By now you should have a bit of understanding about roles and how they work in Ansible. Roles are a way to organize
content: tasks, handlers, templates, and files, into reusable components.
content: tasks, handlers, templates, and files, into reusable components.
@ -104,8 +108,8 @@ You can read more about roles in the :ref:`playbooks_reuse_roles` section.
.._lamp_group_variables:
.._lamp_group_variables:
Configuration: Group Variables
Configuration: group variables
``````````````````````````````
==============================
Group variables are variables that are applied to groups of servers. They can be used in templates and in
Group variables are variables that are applied to groups of servers. They can be used in templates and in
playbooks to customize behavior and to provide easily-changed settings and parameters. They are stored in
playbooks to customize behavior and to provide easily-changed settings and parameters. They are stored in
@ -189,8 +193,8 @@ can read more about Ansible variables in general in the :ref:`playbooks_variable
.._lamp_rolling_upgrade:
.._lamp_rolling_upgrade:
The Rolling Upgrade
The rolling upgrade
```````````````````
===================
Now you have a fully-deployed site with web servers, a load balancer, and monitoring. How do you update it? This is where Ansible's
Now you have a fully-deployed site with web servers, a load balancer, and monitoring. How do you update it? This is where Ansible's
orchestration features come into play. While some applications use the term 'orchestration' to mean basic ordering or command-blasting, Ansible
orchestration features come into play. While some applications use the term 'orchestration' to mean basic ordering or command-blasting, Ansible
@ -266,8 +270,8 @@ Again, if you were using a Netscaler or F5 or Elastic Load Balancer, you would j
.._lamp_end_notes:
.._lamp_end_notes:
Managing Other Load Balancers
Managing other load balancers
`````````````````````````````
=============================
In this example, we use the simple HAProxy load balancer to front-end the web servers. It's easy to configure and easy to manage. As we have mentioned, Ansible has built-in support for a variety of other load balancers like Citrix NetScaler, F5 BigIP, Amazon Elastic Load Balancers, and more. See the :ref:`working_with_modules` documentation for more information.
In this example, we use the simple HAProxy load balancer to front-end the web servers. It's easy to configure and easy to manage. As we have mentioned, Ansible has built-in support for a variety of other load balancers like Citrix NetScaler, F5 BigIP, Amazon Elastic Load Balancers, and more. See the :ref:`working_with_modules` documentation for more information.
@ -275,8 +279,8 @@ For other load balancers, you may need to send shell commands to them (like we d
.._lamp_end_to_end:
.._lamp_end_to_end:
Continuous Delivery End-To-End
Continuous delivery end-to-end
``````````````````````````````
==============================
Now that you have an automated way to deploy updates to your application, how do you tie it all together? A lot of organizations use a continuous integration tool like `Jenkins <https://jenkins.io/>`_ or `Atlassian Bamboo <https://www.atlassian.com/software/bamboo>`_ to tie the development, test, release, and deploy steps together. You may also want to use a tool like `Gerrit <https://www.gerritcodereview.com/>`_ to add a code review step to commits to either the application code itself, or to your Ansible playbooks, or both.
Now that you have an automated way to deploy updates to your application, how do you tie it all together? A lot of organizations use a continuous integration tool like `Jenkins <https://jenkins.io/>`_ or `Atlassian Bamboo <https://www.atlassian.com/software/bamboo>`_ to tie the development, test, release, and deploy steps together. You may also want to use a tool like `Gerrit <https://www.gerritcodereview.com/>`_ to add a code review step to commits to either the application code itself, or to your Ansible playbooks, or both.
@ -298,5 +302,3 @@ This should give you a good idea of how to structure a multi-tier application wi
Alicia Cozine
7 years ago
committed by