Since the introduction of virtualization and cloud computing, organizations can handle their IT infrastructure using programmatic methods since most of the IT components are software-defined, such as software-defined data centers (SDDC), software-defined storage (SDS), software-defined networking (SDN), and others. But this additional layer of technologies also made infrastructure management more complex as engineers need to handle both the underlying infrastructure and the overcloud virtual components.

Ansible can help you automate both the underlying cloud infrastructure as well as the overcloud virtual components such as the automated cluster configurations of virtualization platforms (VMware, OpenStack, Red Hat Virtualization, and others). It can also help you provision virtual components such as virtual machines, virtual networks, and virtual storage.

In this chapter, we will cover the following topics:

• Introduction...

The following are the technical requirements for this chapter:

• A Linux machine for the Ansible control node (with internet access)
• Knowledge of managing cloud platforms (VMware, GCP, and AWS)
• Access to the VMware vCenter console and API (for the VMware use case)
• Access to the AWS console and API
• Access to the GCP console and API

All the Ansible code, playbooks, commands, and snippets for this chapter can be found in this book’s GitHub repository at https://github.com/PacktPublishing/Ansible-for-Real-life-Automation/tree/main/Chapter-07.

Infrastructure as Code (IaC) is a method that’s used to provision and manage infrastructure details and configurations as software code and make changes inside the code instead of changing the infrastructure whenever required. There are many dedicated tools and software for IaC, including Ansible. Instead of manually deploying the infrastructure components, such as virtual machines, storage, network, policies, and so on, it is possible to develop IaC and use tools to deploy the infrastructure automatically. The following diagram shows some typical IaC components regarding the following:

• Infrastructure component details will be stored as code in a specific format (for example, YAML playbooks).
• IaC tools (for example, Ansible) will create and manage the infrastructure component in the private or public cloud based on the infrastructure code:

Figure 7.1 – Typical Infrastructure as Code components...

As you learned in the previous chapters, Ansible can manage both Linux, Windows, and network devices. But virtualization platforms work differently and you cannot use SSH-based connections and operations to automate such platforms. Most of these platforms offer application programming interface (API) and software development kit (SDK)-based access to help us access and control such platforms over HTTP (or HTTPS). Since Ansible can use SDK (Python libraries) and communicate over HTTP/HTTPS, it is possible to automate any platforms that offer such access.

The following diagram shows the different connection methods used by Ansible to communicate with the managed devices and platforms:

Figure 7.2 – Ansible connection methods

Application Programming Interface

An API is a connection or protocol that allows one system to communicate with another using a dedicated set of instructions and results. Unlike command...

We will start with some simple automation use cases for VMware, such as provisioning of virtual machines, managing high availability (HA), network creation, and managing snapshots. The Ansible VMware collection (community.vmware) contains around 150 modules and other plugins:

Figure 7.6 – Ansible VMware collection by the community

The community.vmware collection relies on the pyvmomi and vSphere Automation SDK for Python libraries. Hence, to use the community.vmware collection, you need to install appropriate packages for Ansible to use it.

VMware has already introduced the vSphere REST API for vSphere 6.0 and later. A new Ansible collection was introduced (vmware.vmware_rest) to manage the operations using a REST API instead of Python libraries and SDKs. vmware.vmware_rest contains around 130 modules and other plugins:

Figure 7.7 – Ansible VMware REST API collection by...

In this section, you will create Ansible content to provision and manage AWS resources using Ansible. Let’s assume that whenever you need to create a new EC2 instance, you need to follow multiple manual procedures such as creating a new Virtual Private Cloud (VPC), a new security group, network access policies, and many other items. You also need to do post-provisioning steps such as creating new user accounts, installing packages, configuring applications, and more.

With the help of the Ansible AWS collection, it is possible to automate all of these tasks and manage the entire life cycle of the infrastructure.

AWS Free Tier

To practice AWS and Ansible use cases, it is possible to use AWS Free Tier, which provides more than 100 AWS resources free of charge. Visit https://aws.amazon.com/free (Figure 7.25) and sign up for a free AWS Free Tier account to find them:

Figure 7.25 – AWS Free Tier access with...

Like VMware and AWS, it is possible to create and manage GCP resources with the help of the Ansible GCP content collection.

Prerequisite for Ansible GCP automation

Before you start, you need to ensure the prerequisites have been configured for Ansible GCP automation.

As you learned for VMware, AWS, and other platforms, you need to install the relevant Ansible content collection. In this case, you must install the google.cloud collection if you haven’t done so yet:

[ansible@ansible Chapter-07]$ ansible-galaxy collection install google.cloud

The google.cloud collection contains around 170 modules, roles, and other plugins to automate the GCP infrastructure and its resources.

The modules in the google.cloud collection require the following Python libraries to be installed on the system:

$ pip install requests google-auth

Make sure you are installing the libraries into the correct path if you are using a Python virtual...

In this chapter, you learned about IaC concepts and how to use Ansible as an IaC tool. You also learned about how Ansible can manage virtualization and cloud platforms such as VMware, AWS, and GCP. Then, you learned about the different methods and credential configurations for these platforms so that Ansible can access and execute automated operations.

Next, you explored the Ansible modules and collections that are available for VMware, AWS, and GCP. By developing the basic playbooks for creating new virtual machines (EC2 instances or GCP instances), you have started your journey in infrastructure automation and management. Expand the playbook’s content to build use cases suitable for your cloud and virtualization environment.

In the next chapter, you will learn how to help non-platform teams use Ansible for their automation use cases, such as building and managing databases using Ansible.

To learn more about the topics that were covered in this chapter, take a look at the following resources:

• What is Infrastructure as Code (IaC)?: https://www.redhat.com/en/topics/automation/what-is-infrastructure-as-code-iac
• Ansible VMware Guide: https://docs.ansible.com/ansible/2.5/scenario_guides/guide_vmware.html
• VMware API and SDK Documentation: https://www.vmware.com/support/pubs/sdk_pubs.html
• Introducing the VMware REST Ansible Content Collection: https://www.ansible.com/blog/introducing-the-vmware-rest-ansible-content-collection
• Ansible Amazon Web Services Guide: https://docs.ansible.com/ansible/latest/collections/amazon/aws/docsite/guide_aws.html