Run Ansible Playbook during Service provisioning

Having CloudForms/ManageIQ provision servers is great but we want to be able to see the creation include any standards or applications at the end state. Typically in the past we added into the template a script to run when it starts up, this can include Puppet or Chef Agents that will talk back to the Master and ask what is needed to complete the build based off its hostname of custom facts on the instance. But not everyone has an existing configuration management framework already in place. Now with Ansible this is simple to achieve.


Lets get these straight out-of-the-way

  1. As of CloudForms 4.5 or ManageIQ Fine we have Ansible embedded this means Ansible is already installed on the appliance for previous versions you will need to install Ansible on the appliances yourself.
  2. With my Method outlined I am doing this with a root SSH key so either ensure that you have already got this set in your VM Template in known hosts or you are setting it with cloud-init etc. Or you can change the code to tell it to connect as a user and become root but specify the password either from the object and pass it through or use a credentials file.
  3. I am using the standard /etc/ansible/hosts for the example ( This is great if we only have one CloudForms appliance but if we have multiple we will want to ensure the inventory file is consistent on all ( Maybe think about having an NFS share on all CloudForms appliances and configure the ansible.cfg to use a default inventory file there )
  4. I am using the standard /etc/ansible/roles again as above great if only one CloudForms box but for scaling out look to have shared storage.
  5. The Code just note the following
  • ┬áThe Playbook is defined at lines 45 -> 60 I put in 2 Tasks and a Role as a simple example of how it will run ( You will probably want to remove lines 50 -> 55 out or just add in your own task if needed )
  • Line 17 where I specify which ipaddress to get in this case [0] when using RHEV/OVIRT if you enable IPv6 note that is ipaddress[0] in which case change it to be ipaddress[1] or if you disable IPv6 on your templates then keep it as ipaddress[0] I don’t believe VMWare does this.

First we need to create a new automate method and instance

Automation – Automate – Explorer

For this purpose I created a Datastore called my_datastore a Namespace called Integration, another Namespace called Ansible, and then a class called ansible-init,


Inside of this class we will create a new Method, click on the methods tab


Go to Configuration drop down menu and select Add a New Method Call the Name ansible_role and the Display Name ansible_role Location keep as inline and then add in the code from my Github

At the bottom click on Validate and then scroll back to the top of the page to make sure its validated and no issues with the copy and paste.


Once validated just click on Add

Now we want a Schema

Click on the Schema Tab


Click on the Configuration drop down menu and select Edit selected Schema

Click on the + to add a New Field

Name is Execute

Type is Method

Data Type is String

Then click on the Grey tick to the left to add it in


Then click Save at the bottom

Now we need to create an Instance so click on the Instances Tab


Click on Configuration drop down menu and select Add a New Instance

name ansible_role

Display Name ansible_role

You should only have one Field which is Execute and in the Value add in ansible_role


now we will want to add this to the provisioning state similar to how we added in the IPAM earlier except we don’t have a pre defined Name in the Schema. I am using the Provision VM from Template (template) If you don’t already have this then you want to copy it from ManageIQ/Infrastructure/VM/Provisioning/StateMachines/VMProvision_VM

manageiq location

Click on Configuration drop down menu and select Copy this instance and copy it to your Datastore name and keep the tick copy to same path


Now you want to click on the VMProvision_VM Class that you just copied over to your existing DataStore and then click on Schema


Click on Configuration and select Edit Selected Schema

Scroll to the bottom and click on the + next to

Name AnsibleRole

Type State Data Type String

Default Value /Integration/Ansible/ansible-init/ansible_role

Then click on the Grey Tick and Save


We now need to change the order of the schema so click on configuration drop down menu and select Edit Sequence, highlight (AnsibleRole) and move it up above RegisterDHCP and below PostProvision ( We do this because we need the server to have an IP and be online before we connect to it, it also makes sence than any other post provisioning tasks set by CloudForms or by you are done before the Ansible Run.)


And Click save at the bottom

Next we want to add a section into the Service Dialog so we can select which roles if any to add to our server when we build it out.

Automation – Automate – Customization

Click on Service Dialogs and edit your service dialog you use

In this example I am setting this on a Standard RHEV Dialog I have called rhev_std_dialog

And then edit your dialog by click on the Configuration drop down menu and selecting Edit this Dialog

You need to add a new element to your service dialog

Label Ansible Role

Name ansiblerole

Type Drop Down List

Visable enabled

Required True ( I set mine to True but if you have a need to build boxes without Ansible roles then you can change this to False )

Default Value ( set this to a Role that you want as default if none are selected or it can just be kept to none which is In my case I have taken the Hello World role I built out )

Value Type String

You can now add Entries at the bottom, the Value needs to match the role name and the Description is just the human readable one


And then Save it.

You can now see when I order a VM with this dialog I have my Ansible Roles to choose from


Leave a Reply

Your email address will not be published. Required fields are marked *