This is part 2 of opensource Configuration Management tools integration with vRealize Automation Cloud. In part 1 I wrote about using Puppet Bolt together with VMware Cloud Automation Services for installing and configuring software on a deployed VM. 

A lot has changed since, Cloud Automation Services is renamed to vRealize Automation Cloud (vRA Cloud) and the on-premises version, vRealize Automation 8, has just been released. Both share the same codebase and have similar features and use cases, giving customers choice how they want to consume their automation platform.

vRA Cloud has a lot Out-of-the-Box integrations. One of these is the Ansible opensource integration. In this post I’ll explain how to setup an Ansible Control node and how to configure the integration in vRA Cloud. Then with some Ansible code and a blueprint I’ll show how easy it is to install and configure software using this integration.

Setting up the Ansible Control node

The Ansible Control node is any Linux based machine with Ansible installed. Windows isn’t supported for the control node.

Once installed you can run commands and playbooks, invoking /usr/bin/ansible or /usr/bin/ansible-playbook, from the control node.

Playbooks are ordered lists of tasks, saved so you can run those tasks in that order repeatedly. Playbooks can include variables as well as tasks. Playbooks are written in YAML and are easy to read, write, share and understand. To learn more about playbooks, see Intro to Playbooks.

It is possible to install and configure the Ansible Control node by hand. You can also refer to Ansible documentation for detailed setup instructions here. In my case though I will use a vRA Cloud blueprint and a VM template with Cloud-init enabled to install packages and do the Ansible specific configuration using cloudConfig. In the blueprint, I do the following:

  • Install Ansible
  • Create an Ansible user including a ssh keypair
  • Set some permissions
  • Create some files
  • Modifying Ansible specific configuration so that it can be added as Integration with vRA Cloud
  • Enable Password Authentication
  • Restart the sshd service

Here’s my blueprint YAML code. Notice that I use Ansible to install and configure the Ansible Control node ;-)

  1. Login to vRealize Automation Cloud (vRA Cloud) and go to Blueprints and create a new blueprint. Copy and add the YAML code. Be aware that you have to change some settings to get it working in your vRA Cloud environment!

  2. Click Deploy, enter a Deployment Name and select Current Draft.

  3. In the next screen enter the Ansible username and password, the Ansible Vault password and your private SSH key for connecting remotely to this node. If you have Slack, create an App in Slack with a webhook enabled for receiving notifications in one of your channels. Enter the webhook details. This will be used to send the public key details of the generated keypair that Ansible will use to connect to remote nodes. Click Deploy.
  4. After a successful deployment, connect remotely to the Ansible Control node using ssh. Check if Ansible is installed by entering  ansible --version. Then go to /etc/ansible and check of all the necessary directories and files are in place.
  5. Copy the public ssh key you received in your Slack channel.

Setting up the Ansible integration in vRA Cloud

  1. In vRA Cloud, go to Integrations, select Add new integration and select the Ansible tile.opensource Configuration Management 
  2. Enter the IP address of the Ansible Control node, select the location of the machine and if it runs on-prem select your Cloud proxy. Enter the Username and Password used during install. Click Validate. After validation, enter a name for the Integration.opensource Configuration Managementopensource Configuration Management  

Adding content to the Ansible Control node

To show how Ansible works I created a simple Playbook that updates my deployed machine, installs Nginx and deploys a webpage. I also make use of a Role for setting up the firewall and opening tcp port 80. 

  1. Use ssh to login to the Ansible Control node. Go to /etc/ansible and in the console enter ansible-galaxy install geerlingguy.firewall
  2. Check if the Role was installed in /etc/ansible/roles by entering ansible-galaxy listopensource Configuration Management 
  3. Download my Nginx playbook including additional files for the webpage on https://github.com/ddeswart/ansible-examples
  4. Copy the downloaded content over to the Ansible Control node. I used WinSCP for this task but other alternatives are available.opensource Configuration Managementopensource Configuration Management 

Create a blueprint using the Ansible integration

The final step is to create a blueprint which deploys a VM and installs and configures Nginx using the Ansible integration.

Here’s my blueprint YAML code.

  1. In vRA Cloud, go to Blueprints and create a new blueprint.
  2. Copy and add the YAML code. Be aware that you have to change some settings to get it working in your vRA Cloud environment!  opensource Configuration Management
  3. In the VM part of the YAML code notice that I’ve created a new user (ansible) with sudo privileges using cloudConfig. Change the ssh key to the key you received in your Slack channel!opensource Configuration Management
  4. In the Ansible part of the YAML code you can see settings as Inventory file location (etc/ansible/hosts), which Playbook to provision (install-nginx), if the node needs to be grouped in specific group (WebServers) and off course the name of the Ansible integration to use. opensource Configuration Management
  5. Click Deploy and enter a Deployment Name and select Current Draft. opensource Configuration Management
  6. Enter a Machine name and click Deploy. opensource Configuration Management
  7. If the deployment was successful go to your web browser and enter the IP address of the deployed machine. opensource Configuration Management
  8. You can also check if the Ansible Playbook was deployed correctly by logging in to the Ansible Control node using ssh and view the ansible.log file in /var/log/opensource Configuration Management
  9. And finally, check that the deployed node was added to the Ansible inventory under the WebServers group. View the /etc/ansible/hosts fileopensource Configuration Management

This concludes my two part blog about opensource Configuration Management integration with vRA Cloud. I hope that with this blog, and earlier blogs about Configuration Management, you have a good understanding of how to install and configure software with vRA Cloud using Cloud-init, Puppet Bolt, Puppet Enterprise and Ansible opensource.