I’ve put together a basic ansible play that will create a user in the Lunavi vCloud geo us-mid-01. This post covers the basics of installing and authenticating to the API. It will create an idempotent user name ‘test’ with ‘Organizational Administrator’ privileges.
This just covers the basics. I would highly recommend encrypting the passwords via the ansible-vault command.
Assumptions
Item | Value | Notes |
OS | Ubuntu 20.04 | Any install of Ubuntu 20.04 (or any modern linux should suffice) |
Python | Python 3.8 | Python 3.6 is the minimum version needed to run pyvcloud |
Lunavi Geo | us-mid-01 | This was tested on us-mid-01. Others should work just as well. You will need to change the URL though. |
Ansible | 2.10.6 | Anything >= 2.9 should work just fine |
pyvcloud | current | pip3 install –user pyvcloud |
ansible module vcloud director | current | git clone https://github.com/vmware/ansible-module-vcloud-director |
Ansible Skeleton | Any | see below |
Preparation
Install python >= 3.6
$ sudo apt-get install python3.8-dev python3.8
Install Ansible
$ pip3 install ansible ansible-base
Install vcloud ansible modules
$ git clone https://github.com/vmware/ansible-module-vcloud-director
Setup the ansible skeleton
$ mkdir ansible
$ cp -R ansible-module-vcloud-director/{modules|module_utils} ansible
$ cat << EOF
[defaults]
library = modules
module_utils = module_utils
EOF > ansible/ansible.cfg
Create a test play.
We are telling ansible to use the localhost, with a local connection, and set the shell environment variables below. Then we execute the ansible module vcd_user with the parameters necessary to create the idempotent user ‘testuser’.
$ vi vcloud.yml
Insert the following
---
- hosts: localhost
connection: local
vars:
environment:
env_user: "my_vcloud_username"
env_password: "my_vcloud_password" # you probably should put this in the vault
env_host: https://mycloud.us-mid-01.lunavi.com/
env_org: my_tenant_org
env_api_version: "32.0"
env_verify_ssl_certs: true
tasks:
- name: Create VcD user
vcd_user:
username: testuser
userpassword: "super-secret"
role_name: "Organization Administrator"
org_name: my_tenant_org
state: present
register: vcd_user
- name: print out vcd_user
debug: var=vcd_user
Execute the play
$ ansible-playbook vcloud.yml
PLAY [localhost] **********************************************************************************************************************************
TASK [Gathering Facts] ****************************************************************************************************************************
ok: [localhost]
TASK [Create VcD user] ****************************************************************************************************************************
[WARNING]: The value "0" (type int) was converted to "'0'" (type string). If this does not look like what you expect, quote the entire value to
ensure it does not change.
changed: [localhost]
TASK [print out vcd_user] *************************************************************************************************************************
ok: [localhost] => {
"vcd_user": {
"changed": true,
"failed": false,
"msg": "User testuser has been created"
}
}
PLAY RECAP ****************************************************************************************************************************************
localhost : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
You can read more about the module documentation here: https://github.com/vmware/ansible-module-vcloud-director/blob/master/docs/index.md
Up next, I’m going to attempt to move all of my NAT and Firewall rules into ansible for easy management.
Hope this helps my fellow devops engineers out there!