Introduction

As IT environments become increasingly complex, the need for robust automation tools to manage infrastructure across various platforms is more critical than ever. VMware vRealize Automation (vRA) is a powerful tool that helps IT teams manage, automate, and deliver IT services at scale. Integrating Ansible, a widely used automation tool, with vRA enhances its capabilities, enabling seamless configuration management, application deployment, and infrastructure orchestration.

This article explores how to integrate Ansible with VMware vRealize Automation, the benefits of this integration, and best practices for leveraging these tools to streamline IT operations.

Why Integrate Ansible with VMware vRealize Automation?

Integrating Ansible with vRA offers several advantages:

  1. Enhanced Automation: Ansible’s agentless architecture and extensive module library make it an ideal companion to vRA, allowing for the automation of complex tasks across a variety of environments.

  2. Consistency and Compliance: Ansible ensures consistent configuration across environments, reducing configuration drift and ensuring compliance with internal policies and external regulations.

  3. Scalability: Ansible can automate tasks across large-scale environments, including cloud, on-premises, and hybrid infrastructures, making it a perfect match for the scalable nature of vRA.

  4. Simplified Management: With Ansible’s simple, human-readable playbooks, IT teams can manage configurations and deployments with ease, reducing the need for complex scripting.

Configuring Ansible Integration in VMware vRealize Automation

The integration process involves configuring vRA to interact with an Ansible control node, enabling the execution of Ansible playbooks as part of the deployment and management workflows within vRA. Here’s a step-by-step guide:

Prerequisites

Before you begin the integration, ensure that:

  • You have a running instance of vRA.
  • Ansible is installed and configured on a control node.
  • SSH or WinRM access is configured between the vRA environment and the Ansible control node.
  • The necessary credentials and permissions are set up on both vRA and the Ansible control node.

Step 1: Add Ansible Integration in vRA

  1. Log in to the vRA console.
  2. Navigate to Infrastructure > Connections > Integrations.
  3. Click Add Integration and select Ansible.
  4. Enter the details for the Ansible control node, including the hostname and inventory file path.
  5. Provide the necessary credentials (username and password or SSH key) for connecting to the Ansible control node.
  6. Click Validate to ensure the integration is set up correctly.
  7. Once validated, click Add to complete the integration.

Step 2: Configuring Ansible Playbooks in vRA

  1. After the integration is set up, you can add Ansible components to your vRA cloud templates.
  2. On the cloud template canvas, select Ansible under the Configuration Management section and drag it to the canvas.
  3. Configure the properties of the Ansible component, such as the playbooks to be executed, host variables, and credentials.
  4. Save the cloud template.

Step 3: Deploying Configurations with Ansible

  1. When a new machine is provisioned via vRA, the specified Ansible playbooks will be executed in the defined order.
  2. Ansible will manage the configuration of the newly provisioned machine, ensuring it meets the desired state as defined in the playbooks.

Best Practices for Integrating Ansible with vRA

  1. Use Version Control: Store Ansible playbooks in a version-controlled repository to manage changes and enable rollbacks if necessary.
  2. Modular Playbooks: Keep playbooks modular and reusable. This approach simplifies maintenance and allows you to easily adapt playbooks for different environments or use cases.
  3. Test Playbooks Thoroughly: Before deploying playbooks in a production environment, test them in a staging environment to identify and resolve any issues.
  4. Leverage Dynamic Inventory: Use Ansible’s dynamic inventory feature to automatically update the inventory with information from vRA, ensuring that the correct hosts are targeted.

Example: vRA Cloud Template with Ansible Integration

Below is an example of how you can integrate Ansible with VMware vRealize Automation (vRA) by adding an Ansible component to a vRA cloud template. This example Playbooknstrates configuring a cloud template YAML file to run an Ansible playbook as part of the machine provisioning process.

This example assumes you have already integrated Ansible with vRA as described earlier. The following cloud template YAML file provisions a virtual machine and runs an Ansible playbook to install and configure a web server on it.

formatVersion: 1
inputs:
  username:
    type: string
    title: VM Username
  password:
    type: string
    title: VM Password
    encrypted: true

resources:
  WebServerVM:
    type: Cloud.Machine
    properties:
      image: ubuntu-20.04
      flavor: small
      constraints:
        - tag: environment:dev
      remoteAccess:
        authentication: generatedPublicPrivateKey
      networks:
        - network: '${resource.Network.id}'
      customizationSpec: Linux
      username: '${input.username}'
      password: '${input.password}'

  Network:
    type: Cloud.Network
    properties:
      networkType: existing
      constraints:
        - tag: environment:dev

  WebServerAnsible:
    type: Cloud.Ansible
    properties:
      host: '${resource.WebServerVM.address}'
      osType: linux
      account: ansible-integration
      username: '${input.username}'
      password: '${input.password}'
      maxConnectionRetries: 10
      playbooks:
        provision:
          - /etc/ansible/playbooks/install_web_server.yml
      hostVariables: |
        project: ${env.projectName}
        environment: development

Breakdown of the YAML Code

  • inputs: Defines user inputs, such as username and password, which are used to access the virtual machine.
  • resources:
    • WebServerVM: Provisions a virtual machine using a specified image and flavor. The remoteAccess section configures SSH access using a generated public/private key pair.
    • Network: Specifies the network to which the VM will be connected.
    • WebServerAnsible: Configures the Ansible integration. The host is set to the IP address of the provisioned VM, and the specified playbook (install_web_server.yml) is run to configure the server.

Example Ansible Playbook: install_web_server.yml

Below is an example of what the install_web_server.yml playbook might look like. This playbook installs and starts an NGINX web server on the provisioned VM.

---
- name: Install and configure NGINX web server
  hosts: all
  become: yes
  tasks:
    - name: Ensure NGINX is installed
      apt:
        name: nginx
        state: present
        update_cache: yes

    - name: Ensure NGINX is started and enabled
      systemd:
        name: nginx
        state: started
        enabled: yes

    - name: Deploy a custom index.html
      copy:
        content: |
          <html>
          <head>
            <title>Welcome to vRA with Ansible!</title>
          </head>
          <body>
            <h1>NGINX is installed and running!</h1>
            <p>This web server was configured by Ansible through VMware vRealize Automation.</p>
          </body>
          </html>          
        dest: /var/www/html/index.html
        owner: www-data
        group: www-data
        mode: '0644'

Explanation of the Playbook

  • hosts: all: The playbook runs on all hosts specified in the inventory (in this case, the VM provisioned by vRA).
  • become: yes: Ensures that tasks are run with elevated privileges (sudo).
  • tasks:
    • Install NGINX: Ensures that the NGINX package is installed.
    • Start and enable NGINX: Ensures that NGINX is started and set to start on boot.
    • Deploy a custom index.html: Copies a custom HTML file to the NGINX web root.

Execution Flow

  1. Provisioning: vRA provisions the virtual machine using the specified cloud template.
  2. Ansible Execution: After the VM is provisioned, vRA triggers the Ansible playbook specified in the WebServerAnsible component.
  3. Configuration: Ansible connects to the VM and runs the playbook, which installs and configures the NGINX web server.

This integration allows you to automate the provisioning and configuration of infrastructure in a consistent and repeatable manner, leveraging the power of both vRA and Ansible.

Conclusion

Integrating Ansible with VMware vRealize Automation enhances the automation capabilities of your IT infrastructure, enabling more efficient and consistent management of resources. By following best practices and leveraging the strengths of both tools, IT teams can significantly reduce manual intervention, minimize errors, and ensure that their environments are always in the desired state.

This integration is particularly beneficial in hybrid and multi-cloud environments, where the ability to manage diverse infrastructures from a single platform is crucial for maintaining operational efficiency and agility.

Subscribe to the YouTube channel, Medium, and Website, X (formerly Twitter) to not miss the next episode of the Ansible Pilot.

Academy

Learn the Ansible automation technology with some real-life examples in my Udemy 300+ Lessons Video Course.

BUY the Complete Udemy 300+ Lessons Video Course

My book Ansible By Examples: 200+ Automation Examples For Linux and Windows System Administrator and DevOps

BUY the Complete PDF BOOK to easily Copy and Paste the 250+ Ansible code

Want to keep this project going? Please donate

Patreon Buy me a Pizza