How to use the NTT MCP Ansible Modules

Description

This page provides information on the NTT MCP Ansible modules for the CloudControl API.

Overview

To simplify the consumption of the NTT MCP CloudControl API and more easily allow automation using Ansible, NTT CIS has developed Ansible modules to integrate with the CloudControl API. This allows a user to quickly and easily deploy infrastructure within the MCP and keep the configuration synchronized with a template or baseline configuration. While the CloudControl API can be consumed in Ansible Playbooks using the uri module, the native Ansible modules offer a number of key enhancements that improve the user experience:

  • Check Mode
    • The NTT MCP Ansible modules support check mode which provides the user with the ability to do a "dry run" of a task and observe the changes that will occur (if any)
  • Idempotency
    • Ansible allows a user to define a desired state of the end system. Running an Ansible task or Playbook multiple times without any input changes should result in no changes because the state of the end system matches the desired state specified in the Ansible task and/or Playbook. This is the basic concept of idempotency as it relates to Ansible. The NTT MCP Ansible modules support idempotency and will only make changes when necessary.
  • Inbuilt intelligence
    • Use of object names instead of IDs. The CloudControl API requires long IDs to identify various objects (e.g. a server). The NTT MCP Ansible modules allow the user to specify the object by its display name.
    • The NTT MCP modules simplify tasks that would usually require multiple API calls into single Ansible plays/tasks
    • The inclusion of default values to reduce user input

Why Ansible?

Ansible was chosen as the supported automation/configuration management platform for the NTT MCPs due to the simplicity of Ansible and its widespread adoption. In addition, selecting Ansible as the platform to support the NTT MCP allows the user to automate the full deployment of an application stack in a single Playbook - from the infrastructure to system and application provisioning and configuration (rather than requiring multiple automation tools).

Ansible Collections

The Ansible development team is looking at removing 3rd party modules from Ansible Core and moving them to Ansible Collections, distributed through the Ansible Galaxy content distribution system (https://galaxy.ansible.com). Currently most 3rd party modules are included in the core Ansible distribution however from Ansible 3 modules contributors will be forced to migrate modules out of Ansible Core and into Collections. One of the major benefits of using Collections is that a module author can update the module(s), add features or include bug fixes in a timeframe that suits the author rather than waiting for a new release of Ansible Core.

Resources


Prerequisites

  • Unix host or Mac with Internet access
  • Ansible >=2.9
  • Python modules
    • requests
    • configparser
    • pyOpenSSL
    • netaddr

Using the MCP Ansible Modules

Supported MCP Infrastructure

The NTT MCP Ansible modules support almost all infrastructure and features within the MCP. With over 50 modules allow a user to create/modify/delete or report on infrastructure. The table below outlines the infrastructure supported by the NTT MCP Ansible modules.

Module Name

Purpose

Idempotency

Check_Mode

ansible_gwAnsible module to deploy and configure an Ansible bastion host to facilitate connectivity into newly created networks and hosts for post-deployment configuration(tick)(tick)
serverAnsible module to create, update, delete and get compute resources(tick)(tick)
server_infoList/Get server informationN/A(tick)
server_monitoringConfigure/Update/Remove monitoring on a server(tick)(tick)
server_nicAdd a NIC, exchange VLANs, modify the adapter type and remove a NIC(tick)(tick)
server_diskAdd/Update server disk configuration(tick)(tick)
server_controllerAdd/Update server SCSI controller configurationN/A(tick)
firewallCreate, update and delete ACLs(tick)(tick)
firewall_infoList/Get Firewall informationN/A(tick)
ip_listCreate, update and delete IP Address Lists(tick)(tick)
ip_list_infoList/Get IP address list informationN/A(tick)
port_listCreate, update and delete Port Lists(tick)(tick)
port_list_infoList/Get Port List informationN/A(tick)
vip_nodeCreate, update and delete VIP Nodes(tick)(tick)
vip_node_infoList/Get VIP Node informationN/A(tick)
vip_pool

Create, update and delete VIP Pools. Supports adding members.

(tick)(tick)
vip_pool_infoList/Get VIP Pool informationN/A(tick)
vip_listenerCreate, update and delete VIP Listener(tick)(tick)
vip_listener_infoList/Get VIP Listener informationN/A(tick)
vip_function_infoList VIP support functions (e.g. Health Monitors, iRules and Persistence Profiles)N/A(tick)
sslCreate, update and delete SSL Offload Profiles, certificates and chains(tick)(tick)
ssl_certificateImport or remove SSL certificates and chains independent of SSL Offload Profiles(tick)(tick)
ssl_infoList/Get SSL certificate and or chain informationN/A(tick)
natCreate, update and delete NAT rules(tick)(tick)
nat_infoList/Get NAT informationN/A(tick)
ipam_publicAllocate the next free public IPv4 addressN/A(tick)
ipam_reserveReserve an IP Address in IP Address ManagementN/A(tick)
ipam_infoList/Get Public IPv4 blocks or IPv4/IPv6 reservationsN/A(tick)
networkCreate, update and delete a Cloud Network Domain(tick)(tick)
network_infoList/Get Cloud Network Domain informationN/A(tick)
vlanCreate, update, and delete a VLAN(tick)(tick)
vlan_infoList/Get VLAN informationN/A(tick)
static_routeCreate, update and delete Cloud Network Domain static routes(tick)(tick)
static_route_infoList/Get static route information(tick)(tick)

snat

Create and delete SNAT exclusions(tick)(tick)

snat_info

List/Get SNAT exclusion information(tick)(tick)
image_importImport a custom OVF into CloudControlN/A(tick)
image_exportExport a custom image from CloudControl to an OVFN/A(tick)
geo_infoList/Get NTTC CIS Cloud Geo InformationN/A(tick)
mcp_infoList/Get NTTC CIS MCP datacenter InformationN/A(tick)
os_infoList/Get OS informationN/A(tick)
image_infoList/Get OS image information (including customer imported images)N/A(tick)
snapshot_infoList/Get Snapshot InformationN/A(tick)
snapshot_serviceEnable/Disable the Snapshot Service on a server (including replication)(tick)(tick)
snapshotTake a snapshot or delete a snapshotN/A(tick)
snapshot_restoreRestore file/directory from a snapshotN/A(tick)
snapshot_scriptsConfigure Snapshot Pre/Post scripts on a server(tick)(tick)
snapshot_previewDeploy Preview Servers (including remote)N/A(tick)
snapshot_migrateMigrate a server currently in preview modeN/A(tick)
server_antiaffinityConfigure affinity groups for servers(tick)(tick)
server_antiaffinity_infoList/Get affinity groups information for serversN/A(tick)
sec_groupConfigure security groups(tick)(tick)
sec_group_memberAdd/Remove Servers/NICs from a security group(tick)(tick)
sec_group_infoSecurity group informationN/A(tick)
server_cloneClone a server to a customer imageN/A(tick)
server_vappEnable/Set/Update/Delete/Disable vApp and vApp properties on a server(tick)(tick)


Recently Updated