Infra as Code for OpenStack with Ansible-Git Workflow: Part 2

In our previous blog, we worked on the instantiation of a new Virtual machine on the OpenStack cloud using Ansible. In this blog, we will be covering the second scenario, where the trigger to perform LCM on the newly created VM shall arrive from GitLab via Webhook.

For a recap, refer to the previous blog,

Scenario 2

For starters, We have a Virtual Machine from the previous blog Ansible_Build_VM in our OpenStack cloud infrastructure already in place. Let’s apply the STAR Method to get our result.

[admin@openstack(adminrc) ~]$ os server list
| ID                                   | Name             | Status | Networks                                    | Image                       | Flavor    |
| b12d04c6-21f5-45b9-9810-b45ca27c5de5 | Ansible_Build_VM | ACTIVE | Test-Network= | Ubuntu_OS | tiny      |


Attach the secondary volume to the Virtual Machine by simple Git commit and push to GitLab.


We need to enable a webhook between our project on GitLab with the project in Ansible Tower. Ansible tower will have a playbook to call the OpenStack modules, creating and attaching secondary volume.


Step 1: Creation of WebHook

Create Webhook between Git and Ansible Tower projects. First, we select our project on GitLab and create the webhook from settings.

GitLab Project Setting

Step 2: Linking with Ansible

Once created, we will get the webhook token with API address of Ansible tower. We will provide these information in our Infra as Code project’s template in Ansible tower.

AWX WebHook Project

Step 3: Upload Standard Playbook

Once the webhook is in place, before triggering it, we need to ensure the base playbook is already uploaded on Ansible tower for attaching secondary volume as a second virtual disk.

- name: attach secondary volume
  hosts: localhost
  - name: attach volume to host
      state: present
      cloud: site1
      server: xxxxxx
      volume: yyyyyy
      device: /dev/vdb

Step 4: Trigger Custom Playbook with Git Commit/Push

In our already uploaded playbook, the server name and secondary volume name is kept random. Next, from our remote client system with the Git project, we will trigger commit and push after replacing random strings with actual names.

[root@ansible iac]# sed -i 's/server: xxxxxx/server: Ansible_Build_VM/g' add_secondaryvolume.yaml

[root@ansible iac]# sed -i 's/volume: yyyyyy/volume: Secondary_Volume/g' add_secondaryvolume.yaml

[root@ansible iac]# git commit -m "Add secondary volume via Webhook"
[master 0f31114] Add secondary volume via Webhook
 1 file changed, 1 insertion(+), 1 deletion(-)

[root@ansible iac]# git push -u origin master
Username for '': devesh
Password for '':
Enumerating objects: 5, done.
Counting objects: 100% (5/5), done.
Delta compression using up to 4 threads
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 331 bytes | 331.00 KiB/s, done.
Total 3 (delta 2), reused 0 (delta 0), pack-reused 0
   8098343..0f31114  master -> master
Branch 'master' set up to track remote branch 'master' from 'origin'.


Inside our OpenStack cluster, we can now see secondary volume attached on /dev/vdb.

Finally, we have attained two major goals,

  • Git repo with playbooks to work on OpenStack for Infra as Code
  • And, Pipeline to push changes without manually running playbooks

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s