Having CloudForms/ManageIQ provision servers is great but we want to be able to see the creation include any standards or applications at the end state. Typically in the past we added into the template a script to run when it starts up, this can include Puppet or Chef Agents that will talk back to the Master and ask what is needed to complete the build based off its hostname of custom facts on the instance. But not everyone has an existing configuration management framework already in place. Now with Ansible this is simple to achieve.
Lets get these straight out-of-the-way
- As of CloudForms 4.5 or ManageIQ Fine we have Ansible embedded this means Ansible is already installed on the appliance for previous versions you will need to install Ansible on the appliances yourself.
- With my Method outlined I am doing this with a root SSH key so either ensure that you have already got this set in your VM Template in known hosts or you are setting it with cloud-init etc. Or you can change the code to tell it to connect as a user and become root but specify the password either from the object and pass it through or use a credentials file.
- I am using the standard /etc/ansible/hosts for the example ( This is great if we only have one CloudForms appliance but if we have multiple we will want to ensure the inventory file is consistent on all ( Maybe think about having an NFS share on all CloudForms appliances and configure the ansible.cfg to use a default inventory file there )
- I am using the standard /etc/ansible/roles again as above great if only one CloudForms box but for scaling out look to have shared storage.
- The Code just note the following
- The Playbook is defined at lines 45 -> 60 I put in 2 Tasks and a Role as a simple example of how it will run ( You will probably want to remove lines 50 -> 55 out or just add in your own task if needed )
- Line 17 where I specify which ipaddress to get in this case  when using RHEV/OVIRT if you enable IPv6 note that is ipaddress in which case change it to be ipaddress or if you disable IPv6 on your templates then keep it as ipaddress I don’t believe VMWare does this.
First we need to create a new automate method and instance
Automation – Automate – Explorer
For this purpose I created a Datastore called my_datastore a Namespace called Integration, another Namespace called Ansible, and then a class called ansible-init,
Inside of this class we will create a new Method, click on the methods tab
Go to Configuration drop down menu and select Add a New Method Call the Name ansible_role and the Display Name ansible_role Location keep as inline and then add in the code from my Github
At the bottom click on Validate and then scroll back to the top of the page to make sure its validated and no issues with the copy and paste.
Once validated just click on Add
Now we want a Schema
Click on the Schema Tab
Click on the Configuration drop down menu and select Edit selected Schema
Click on the + to add a New Field
Name is Execute
Type is Method
Data Type is String
Then click on the Grey tick to the left to add it in
Then click Save at the bottom
Now we need to create an Instance so click on the Instances Tab
Click on Configuration drop down menu and select Add a New Instance
Display Name ansible_role
You should only have one Field which is Execute and in the Value add in ansible_role
now we will want to add this to the provisioning state similar to how we added in the IPAM earlier except we don’t have a pre defined Name in the Schema. I am using the Provision VM from Template (template) If you don’t already have this then you want to copy it from ManageIQ/Infrastructure/VM/Provisioning/StateMachines/VMProvision_VM
Click on Configuration drop down menu and select Copy this instance and copy it to your Datastore name and keep the tick copy to same path
Now you want to click on the VMProvision_VM Class that you just copied over to your existing DataStore and then click on Schema
Click on Configuration and select Edit Selected Schema
Scroll to the bottom and click on the + next to
Type State Data Type String
Default Value /Integration/Ansible/ansible-init/ansible_role
Then click on the Grey Tick and Save
We now need to change the order of the schema so click on configuration drop down menu and select Edit Sequence, highlight (AnsibleRole) and move it up above RegisterDHCP and below PostProvision ( We do this because we need the server to have an IP and be online before we connect to it, it also makes sence than any other post provisioning tasks set by CloudForms or by you are done before the Ansible Run.)
And Click save at the bottom
Next we want to add a section into the Service Dialog so we can select which roles if any to add to our server when we build it out.
Automation – Automate – Customization
Click on Service Dialogs and edit your service dialog you use
In this example I am setting this on a Standard RHEV Dialog I have called rhev_std_dialog
And then edit your dialog by click on the Configuration drop down menu and selecting Edit this Dialog
You need to add a new element to your service dialog
Label Ansible Role
Type Drop Down List
Required True ( I set mine to True but if you have a need to build boxes without Ansible roles then you can change this to False )
Default Value ( set this to a Role that you want as default if none are selected or it can just be kept to none which is In my case I have taken the Hello World role I built out )
Value Type String
You can now add Entries at the bottom, the Value needs to match the role name and the Description is just the human readable one
And then Save it.
You can now see when I order a VM with this dialog I have my Ansible Roles to choose from