Introduction
Ansible is an open-source automation tool used for IT tasks such as configuration management, application deployment, and provisioning. This post is the first in a series of articles that review automation with Ansible in an NSX-T 2.5 lab environment.
In this series, VMware’s NSX-T Ansible Modules will be used to:
Deploy the NSX-T Management plane
Perform ESXi host preparation
Deploy NSX-T Edges
Set up a full network topology for repro and testing
I became very interested in this topic after reading Madhukar Krishnarao‘s VMware blog article NSX-T Infrastructure Deployment Using Ansible, wanting to evaluate Ansible’s usefulness in repro and testing in lab-based casework. I’ve looked at NSX-T Lab Automation in a previous article. I can’t think of a better way to learn than through experimentation in the lab, and then the challenge of writing about it!
Part 1 in this series will cover the detailed steps required to set up an Ansible Guest VM.
Step 1: Selecting a Guest OS
In my NSX-T lab, I would like to run Ansible as a Guest VM and need to choose a Linux operating system. With a background in Network Engineering, I’m really not a Linux Admin but will choose Ubuntu since I’m slightly more familiar with it. VMware’s Photon OS would have been my first choice, but there seems to be less information out there on getting Ansible to run on Photon OS.
I used the Ubuntu Server install image for 64-bit PC (AMD64) computers (standard download), Ubuntu-18.04.3-live-server-amd64.iso, available here. Upload the ISO to a lab datastore:
Step 2: Guest VM Setup
When adding the Guest VM, choose 32 GB of disk space, since the default 16 GB is insufficient space for the required NSX-T OVAs. Connect the appliance to a Management vDS port group and boot from the Ubuntu ISO:
Step 3: Installing Ubuntu Server
Power the Ubuntu guest named Ansible. Only some of the non-default options will be shown for the Guest OS install.
Assign a static IP to the guest, and reference the same DNS setup used by ESXi hosts, and vCenter.
Getting DNS correctly configured is always critical!
For a successful install, I needed to use the Logical Volume Management tool, LVM, accepting the LVM defaults. (Use An Entire Disk didn’t work for me.)
Install the OpenSSH Server:
Step 4: Apply Ubuntu updates
Make sure Ubunto is up to date:
Verify Ubuntu version: ghills@ansible:~$ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 18.04.3 LTS Release: 18.04 Codename: bionic Establish root access: ghills@ansi:~$ sudo -i [sudo] password for ghills: Updates the list of available packages and installs newer versions of existing packages: root@ansi:~# apt-get update && apt-get upgrade Hit:1 http://us.archive.ubuntu.com/ubuntu bionic InRelease Hit:2 http://ppa.launchpad.net/ansible/ansible/ubuntu bionic InRelease Get:3 http://us.archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB] Get:4 http://us.archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB] Get:5 http://us.archive.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB] Fetched 252 kB in 2s (168 kB/s) Reading package lists… Done Reading package lists… Done Building dependency tree Reading state information… Done Calculating upgrade… Done 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. <-- we are up to date with the Ubuntu install
Step 5: Installing Ansible on Ubuntu
In this NSX-T Deployment Automation approach, of course, we need Ansible. Let’s install it!
In case you don't have it, you will need to manage the repositories that you install software from: root@ansible:~# apt install software-properties-common Reading package lists… Done Building dependency tree Reading state information… Done software-properties-common is already the newest version (0.96.24.32.12). software-properties-common set to manually installed. The following package was automatically installed and is no longer required: libdumbnet1 Use 'apt autoremove' to remove it. 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Add PPA (Personal Package Archives ansible to your system’s Software Source: root@ansible:~# apt-add-repository --yes --update ppa:ansible/ansible Hit:1 http://us.archive.ubuntu.com/ubuntu bionic InRelease Get:2 http://us.archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB] Get:3 http://ppa.launchpad.net/ansible/ansible/ubuntu bionic InRelease [15.9 kB] Get:4 http://us.archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB] Get:5 http://us.archive.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB] Get:6 http://ppa.launchpad.net/ansible/ansible/ubuntu bionic/main amd64 Packages [688 B] Get:7 http://ppa.launchpad.net/ansible/ansible/ubuntu bionic/main Translation-en [472 B] Fetched 269 kB in 1s (184 kB/s) Reading package lists… Done Install the latest version of ansible: root@ansible:~# apt install ansible Reading package lists… Done Building dependency tree Reading state information… Done The following package was automatically installed and is no longer required: libdumbnet1 Use 'apt autoremove' to remove it. The following additional packages will be installed: libpython-stdlib libpython2.7-minimal libpython2.7-stdlib python python-asn1crypto python-cffi-backend python-crypto python-cryptography python-enum34 python-httplib2 python-idna python-ipaddress python-jinja2 python-markupsafe python-minimal python-paramiko python-pkg-resources python-pyasn1 python-setuptools python-six python-yaml python2.7 python2.7-minimal sshpass Suggested packages: python-doc python-tk python-crypto-doc python-cryptography-doc python-cryptography-vectors python-enum34-doc python-jinja2-doc python-gssapi python-setuptools-doc python2.7-doc binutils binfmt-support The following NEW packages will be installed: ansible libpython-stdlib libpython2.7-minimal libpython2.7-stdlib python python-asn1crypto python-cffi-backend python-crypto python-cryptography python-enum34 python-httplib2 python-idna python-ipaddress python-jinja2 python-markupsafe python-minimal python-paramiko python-pkg-resources python-pyasn1 python-setuptools python-six python-yaml python2.7 python2.7-minimal sshpass 0 upgraded, 25 newly installed, 0 to remove and 0 not upgraded. Need to get 11.3 MB of archives. After this operation, 83.3 MB of additional disk space will be used. Do you want to continue? [Y/n] Y Verify Ansible has been installed successfully: root@ansible:~# ansible --version ansible 2.9.4 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/dist-packages/ansible executable location = /usr/bin/ansible python version = 2.7.17 (default, Nov 7 2019, 10:07:09) [GCC 7.4.0] root@ansible:~#
Step 6: Install pyVmomi, the VMware vSphere API Python SDK
Install pyVmomi, the Python SDK for the VMware vSphere API that allows you to automate actions on VMware ESX, ESXi, and vCenter servers.
root@ansible:~# apt-get install -y python-pyvmomi Reading package lists… Done Building dependency tree Reading state information… Done The following package was automatically installed and is no longer required: libdumbnet1 Use 'apt autoremove' to remove it. The following additional packages will be installed: python-certifi python-chardet python-openssl python-requests python-urllib3 Suggested packages: python-openssl-doc python-openssl-dbg python-pyvmomi-doc python-socks python-ntlm The following NEW packages will be installed: python-certifi python-chardet python-openssl python-pyvmomi python-requests python-urllib3 0 upgraded, 6 newly installed, 0 to remove and 0 not upgraded. Need to get 579 kB of archives. After this operation, 3,259 kB of additional disk space will be used. Get:1 http://us.archive.ubuntu.com/ubuntu bionic/main amd64 python-certifi all 2018.1.18-2 [144 kB] Get:2 http://us.archive.ubuntu.com/ubuntu bionic/main amd64 python-chardet all 3.0.4-1 [80.3 kB] Get:3 http://us.archive.ubuntu.com/ubuntu bionic-updates/main amd64 python-urllib3 all 1.22-1ubuntu0.18.04.1 [85.9 kB] Get:4 http://us.archive.ubuntu.com/ubuntu bionic-updates/main amd64 python-requests all 2.18.4-2ubuntu0.1 [58.5 kB] Get:5 http://us.archive.ubuntu.com/ubuntu bionic/universe amd64 python-pyvmomi all 6.5.0.2017.5-0ubuntu1 [169 kB] Get:6 http://us.archive.ubuntu.com/ubuntu bionic/main amd64 python-openssl all 17.5.0-1ubuntu1 [41.3 kB] Fetched 579 kB in 1s (647 kB/s) Selecting previously unselected package python-certifi. (Reading database … 74573 files and directories currently installed.)
Step 7: Install VMware’s OVF Tool
Install VMware OVF Tool, a command-line utility that allows you to import and export OVF packages to and from many VMware products. This will be required to install OVAs for NSX-T Manager and NSX-T Edges. The VMware OVF Tool, version 4.3, for Linux 64-bit, is named: VMware-ovftool-4.3.0-7948156-lin.x86_64.bundle.
root@ansible:~# cd /home/ghills/ root@ansible:/home/ghills# mkdir Ansible root@ansible:/home/ghills# cd Ansible/ root@ansible:/home/ghills/Ansible# pwd /home/ghills/Ansible root@ansible:/home/ghills/Ansible# cd .. root@ansible:/home/ghills# chmod 777 Ansible/ -R
Transfer VMware-ovftool-4.3.0-7948156-lin.x86_64.bundle to the Guest VM using WinSCP.
root@ansible:/home/ghills/Ansible# cd ..
root@ansible:/home/ghills# chmod 777 Ansible/ -R
root@ansible:/home/ghills# cd Ansible/
root@ansible:/home/ghills/Ansible# ./VMware-ovftool-4.3.0-7948156-lin.x86_64.bundle
Extracting VMware Installer…done.
You must accept the VMware OVF Tool component for Linux End User
License Agreement to continue. Press Enter to proceed.
VMWARE END USER LICENSE AGREEMENT
PLEASE NOTE THAT THE TERMS OF THIS END USER LICENSE AGREEMENT SHALL GOVERN YOUR
USE OF THE SOFTWARE, REGARDLESS OF ANY TERMS THAT MAY APPEAR DURING THE
INSTALLATION OF THE SOFTWARE.
...
EULA, please send an email to info@vmware.com.
Do you agree? [yes/no]: yes
The product is ready to be installed. Press Enter to begin
installation or Ctrl-C to cancel.
Installing VMware OVF Tool component for Linux 4.3.0
Configuring…
[######################################################################] 100%
Installation was successful.
Use the which command to locate the ovftool executable.
root@ansible:/home/ghills/Ansible# which ovftool
/usr/bin/ovftool
Test the ovftool install by listing Guest VMs on an ESXi host.
root@ansible:/home/ghills/Ansible# ovftool "vi://root@192.168.110.41/"
Accept SSL fingerprint (ED:CD:27:E8:74:AE:5B:C7:CA:18:84:81:3C:B8:76:70:4A:3A:23:8F) for host 192.168.110.41 as source type.
Fingerprint will be added to the known host file
Write 'yes' or 'no'
yes
Enter login information for source vi://192.168.110.41/
Username: root
Password: VMware1!
Error: Found wrong kind of object (ResourcePool). Possible completions are:
nsxtmgr02 <-- two VMs are listed
Ansible
Step 8: Install Ansible for NSX-T Examples:
The NSX-T example files are zipped. Install the unzip package on Ubuntu.
root@ansible:/home/ghills/Ansible# apt-get install -y unzip
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following package was automatically installed and is no longer required:
libdumbnet1
Use 'apt autoremove' to remove it.
Suggested packages:
zip
The following NEW packages will be installed:
unzip
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 167 kB of archives.
After this operation, 558 kB of additional disk space will be used.
Get:1 http://us.archive.ubuntu.com/ubuntu bionic/main amd64 unzip amd64 6.0-21ubuntu1 [167 kB]
Fetched 167 kB in 1s (276 kB/s)
Selecting previously unselected package unzip.
(Reading database … 74770 files and directories currently installed.)
Preparing to unpack …/unzip_6.0-21ubuntu1_amd64.deb …
Unpacking unzip (6.0-21ubuntu1) …
Setting up unzip (6.0-21ubuntu1) …
Processing triggers for mime-support (3.60ubuntu1) …
Processing triggers for man-db (2.8.3-2ubuntu0.1) …
root@ansible:/home/ghills/Ansible#
Download the Ansible for NSX-T examples:
root@ansible:/home/ghills/Ansible# curl -LJO https://github.com/vmware/ansible-for-nsxt/archive/master.zip
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 128 0 128 0 0 374 0 --:--:-- --:--:-- --:--:-- 373
100 170k 0 170k 0 0 169k 0 --:--:-- 0:00:01 --:--:-- 169k
curl: Saved to filename 'ansible-for-nsxt-master.zip'
Unzip the Ansible for NSX-T example archives:
root@ansible:/home/ghills/Ansible# unzip ansible-for-nsxt-master.zip
Archive: ansible-for-nsxt-master.zip
9e38c988a0c368fee7280cdb5f4fc48434d2ba05
creating: ansible-for-nsxt-master/
extracting: ansible-for-nsxt-master/.gitignore
inflating: ansible-for-nsxt-master/CONTRIBUTING.md
inflating: ansible-for-nsxt-master/LICENSE.txt
inflating: ansible-for-nsxt-master/README.md
...
inflating: ansible-for-nsxt-master/test_transport_zones_facts.yml
inflating: ansible-for-nsxt-master/test_uplink_profiles.yml
inflating: ansible-for-nsxt-master/test_uplink_profiles_facts.yml
Let's take a look at some of the examples, which includes the playbooks we will use to get started:
root@ansible: cd /home/ghills/Ansible/ansible-for-nsxt-master/examples/deploy_nsx_cluster
root@ansible:/home/ghills/Ansible/ansible-for-nsxt-master/examples/deploy_nsx_cluster# ls -larth
total 28K
-rw-r--r-- 1 root root 563 Jan 21 22:43 README.md
-rw-r--r-- 1 root root 2.4K Jan 21 22:43 deploy_nsx_cluster_vars.yml
-rwxr-xr-x 1 root root 1.7K Jan 21 22:43 03_deploy_second_third_node.yml
-rwxr-xr-x 1 root root 895 Jan 21 22:43 02_configure_compute_manager.yml
-rwxr-xr-x 1 root root 1.7K Jan 21 22:43 01_deploy_first_node.yml
drwxr-xr-x 4 root root 4.0K Jan 21 22:43 ..
drwxr-xr-x 2 root root 4.0K Jan 21 22:43 .
That does it, the Ubuntu guest VM is ready for some Ansible automation!
Next Steps
In part 2 of this series, NSX-T Automation with Ansible, we will use Ansible to prepare the lab environment by deploying the NSX-T Management plane, performing ESXi host preparation, and deploying NSX-T Edges.
