Infra as Code for OpenStack with Ansible-Git Workflow: Part 1

/ devesh

Ansible provides a powerful configuration and workflow management tool, which can easily be applied to perform Infrastructure as Code use cases on OpenStack. For my setup, I am using Ansible 2.9.11 in sync with Gitlab for the code repository and source control for playbooks.

For this solution, I will proceed with two steps,

Scenario 1: Creating instance on Openstack, by directly running playbook from the command line of my Ansible controller server

Scenario 2: Attaching volume on newly created OpenStack instance, by pushing playbook on Git, triggering webhook towards Ansible.

Scenario 1

Step 1: Downloading ansible-galaxy collection locally for OpenStack

In order to use OpenStack relevant modules in my playbook, we need to install OpenStack collections from ansible-galaxy. Ansible Galaxy is Ansible’s official hub for sharing Ansible content. We can find different community builds free to use collections of modules for various target systems.

My ansible controller doesn’t have direct internet access so I installed collections by directly downloading tarball from the URL, https://galaxy.ansible.com/openstack/cloud

Step 2: Installation of collections

Next, I will install a collection tarball into my local ansible controller.

[root@ansible iac]# ansible-galaxy collection install openstack-cloud-1.7.0.tar.gz -p ./collections

I can check collections are now present in my local directory path specified in the previous command.

[root@ansible iac]# tree -L 3 collections/
collections/
└── ansible_collections
    └── openstack
        └── cloud

Step 3: Installing openstacksdk module

OpenStack SDK module is used to enable remote machines able to communicate with the OpenStack cloud. We need it for helping with ansible controller push instruction to OpenStack cloud via playbooks. 

[root@ansible iac]# pip install openstacksdk
[root@lxansawx01 iac]# python3 -m openstack version
OpenstackSDK Version 0.61.0

To connect my local system (Ansible controller in this case) to the OpenStack cloud, I need to specify my cloud authentication details in either a separate YAML file or ansible-playbook. For easier understanding, I created a separate YAML file in the local directory with details of my OpenStack cloud environment.

clouds:
  site1:
    region_name: regionOne
    auth:
      user_domain_id: default
      username: admin
      password: xxxxxxxxx
      project_name: admin
      auth_url: https://xxx.xxx.xxx.xxx:13000
      project_name: admin
      project_domain_id: default
    identity_api_version: '3'
    verify: False

Step 4: Instantiation of Virtual Machine on OpenStack using the Playbook

With both collections and OpenStack cloud environments YAML placed in my ansible controller, I am ready to write the playbook for my Infra, which will use Ansible modules from the collection and refer environment file to access the OpenStack cloud. Optionally, I also place my ansible.cfg for my ansible controller also locally, to avoid ansible referring to common configuration files from /etc/ansible/ directory.

---
- hosts: localhost
  name: Server Create
  tasks:
  - name:  Creates a new instance and attaches to a specific network
    openstack.cloud.server:
      state: present
      image: 8dc5f07c-058d-40b8-a796-f89f90cdaa20
      flavor: 3f61d2e0-9c57-48f5-b116-720d2a051791
      network: b78931e8-b60b-43a1-a14f-c64a9918ffc2
      name: Ansible_Build_VM

Upon triggering the playbook from the Ansible controller, 

[root@ansible iac]# ansible-playbook compute.yaml
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [Server Create] *****************************************************************************************************************************************************************************

TASK [Gathering Facts] ***************************************************************************************************************************************************************************
ok: [localhost]

TASK [Creates a new instance and attaches to a specific network] *********************************************************************************************************************************

changed: [localhost]


PLAY RECAP ***************************************************************************************************************************************************************************************
localhost                  : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Verify Instance in Server list on OpenStack

[admin@openstack(adminrc) ~]$ os server list
+--------------------------------------+------------------+--------+---------------------------------------------+-----------------------------+-----------+
| ID                                   | Name             | Status | Networks                                    | Image                       | Flavor    |
+--------------------------------------+------------------+--------+---------------------------------------------+-----------------------------+-----------+
| b12d04c6-21f5-45b9-9810-b45ca27c5de5 | Ansible_Build_VM | ACTIVE | Test-Network=10.10.10.50 | Ubuntu_OS | tiny      |

In my next blog, I will be adding volume to this newly created instance via Git-Ansible workflow using webhooks.

devesh

Advertisement

One thought on “Infra as Code for OpenStack with Ansible-Git Workflow: Part 1

  1. Pingback: Infra as Code for OpenStack with Ansible-Git Workflow: Part 2

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s