How to use the NTT MCP Ansible Modules
Description
This page provides information on the NTT MCP Ansible modules for the CloudControl API.
Overview
To simplify the consumption of the NTT MCP CloudControl API and more easily allow automation using Ansible, NTT CIS has developed Ansible modules to integrate with the CloudControl API. This allows a user to quickly and easily deploy infrastructure within the MCP and keep the configuration synchronized with a template or baseline configuration. While the CloudControl API can be consumed in Ansible Playbooks using the uri module, the native Ansible modules offer a number of key enhancements that improve the user experience:
- Check Mode
- The NTT MCP Ansible modules support check mode which provides the user with the ability to do a "dry run" of a task and observe the changes that will occur (if any)
- Idempotency
- Ansible allows a user to define a desired state of the end system. Running an Ansible task or Playbook multiple times without any input changes should result in no changes because the state of the end system matches the desired state specified in the Ansible task and/or Playbook. This is the basic concept of idempotency as it relates to Ansible. The NTT MCP Ansible modules support idempotency and will only make changes when necessary.
- Inbuilt intelligence
- Use of object names instead of IDs. The CloudControl API requires long IDs to identify various objects (e.g. a server). The NTT MCP Ansible modules allow the user to specify the object by its display name.
- The NTT MCP modules simplify tasks that would usually require multiple API calls into single Ansible plays/tasks
- The inclusion of default values to reduce user input
Why Ansible?
Ansible was chosen as the supported automation/configuration management platform for the NTT MCPs due to the simplicity of Ansible and its widespread adoption. In addition, selecting Ansible as the platform to support the NTT MCP allows the user to automate the full deployment of an application stack in a single Playbook - from the infrastructure to system and application provisioning and configuration (rather than requiring multiple automation tools).
Ansible Collections
The Ansible development team is looking at removing 3rd party modules from Ansible Core and moving them to Ansible Collections, distributed through the Ansible Galaxy content distribution system (https://galaxy.ansible.com). Currently most 3rd party modules are included in the core Ansible distribution however from Ansible 3 modules contributors will be forced to migrate modules out of Ansible Core and into Collections. One of the major benefits of using Collections is that a module author can update the module(s), add features or include bug fixes in a timeframe that suits the author rather than waiting for a new release of Ansible Core.
Resources
- NTT MCP Ansible Galaxy page: https://galaxy.ansible.com/nttmcp/mcp
- NTT MCP Ansible Modules GitHub repository: https://github.com/nttmcp/mcp_ansible_collection
- Logging Issues/Bugs: https://github.com/nttmcp/mcp_ansible_collection/issues
Prerequisites
- Unix host or Mac with Internet access
- Ansible >=2.9
- Python modules
- requests
- configparser
- pyOpenSSL
- netaddr
Using the MCP Ansible Modules
- Installing the NTT MCP Ansible Modules
- Setting up Authentication for NTT MCP Ansible Modules
- Using the Ansible Modules
Supported MCP Infrastructure
The NTT MCP Ansible modules support almost all infrastructure and features within the MCP. With over 50 modules allow a user to create/modify/delete or report on infrastructure. The table below outlines the infrastructure supported by the NTT MCP Ansible modules.
Module Name | Purpose | Idempotency | Check_Mode |
|---|---|---|---|
| ansible_gw | Ansible module to deploy and configure an Ansible bastion host to facilitate connectivity into newly created networks and hosts for post-deployment configuration |  | |
| server | Ansible module to create, update, delete and get compute resources | | |
| server_info | List/Get server information | N/A | |
| server_monitoring | Configure/Update/Remove monitoring on a server | | |
| server_nic | Add a NIC, exchange VLANs, modify the adapter type and remove a NIC | | |
| server_disk | Add/Update server disk configuration | | |
| server_controller | Add/Update server SCSI controller configuration | N/A | |
| firewall | Create, update and delete ACLs | | |
| firewall_info | List/Get Firewall information | N/A | |
| ip_list | Create, update and delete IP Address Lists | | |
| ip_list_info | List/Get IP address list information | N/A | |
| port_list | Create, update and delete Port Lists | | |
| port_list_info | List/Get Port List information | N/A | |
| vip_node | Create, update and delete VIP Nodes | | |
| vip_node_info | List/Get VIP Node information | N/A | |
| vip_pool | Create, update and delete VIP Pools. Supports adding members. | | |
| vip_pool_info | List/Get VIP Pool information | N/A | |
| vip_listener | Create, update and delete VIP Listener | | |
| vip_listener_info | List/Get VIP Listener information | N/A | |
| vip_function_info | List VIP support functions (e.g. Health Monitors, iRules and Persistence Profiles) | N/A | |
| ssl | Create, update and delete SSL Offload Profiles, certificates and chains | | |
| ssl_certificate | Import or remove SSL certificates and chains independent of SSL Offload Profiles | | |
| ssl_info | List/Get SSL certificate and or chain information | N/A | |
| nat | Create, update and delete NAT rules | | |
| nat_info | List/Get NAT information | N/A | |
| ipam_public | Allocate the next free public IPv4 address | N/A | |
| ipam_reserve | Reserve an IP Address in IP Address Management | N/A | |
| ipam_info | List/Get Public IPv4 blocks or IPv4/IPv6 reservations | N/A | |
| network | Create, update and delete a Cloud Network Domain | | |
| network_info | List/Get Cloud Network Domain information | N/A | |
| vlan | Create, update, and delete a VLAN | | |
| vlan_info | List/Get VLAN information | N/A | |
| static_route | Create, update and delete Cloud Network Domain static routes | | |
| static_route_info | List/Get static route information | | |
snat | Create and delete SNAT exclusions | | |
snat_info | List/Get SNAT exclusion information | | |
| image_import | Import a custom OVF into CloudControl | N/A | |
| image_export | Export a custom image from CloudControl to an OVF | N/A | |
| geo_info | List/Get NTTC CIS Cloud Geo Information | N/A | |
| mcp_info | List/Get NTTC CIS MCP datacenter Information | N/A | |
| os_info | List/Get OS information | N/A | |
| image_info | List/Get OS image information (including customer imported images) | N/A | |
| snapshot_info | List/Get Snapshot Information | N/A | |
| snapshot_service | Enable/Disable the Snapshot Service on a server (including replication) | | |
| snapshot | Take a snapshot or delete a snapshot | N/A | |
| snapshot_restore | Restore file/directory from a snapshot | N/A | |
| snapshot_scripts | Configure Snapshot Pre/Post scripts on a server | | |
| snapshot_preview | Deploy Preview Servers (including remote) | N/A | |
| snapshot_migrate | Migrate a server currently in preview mode | N/A | |
| server_antiaffinity | Configure affinity groups for servers | | |
| server_antiaffinity_info | List/Get affinity groups information for servers | N/A | |
| sec_group | Configure security groups | | |
| sec_group_member | Add/Remove Servers/NICs from a security group | | |
| sec_group_info | Security group information | N/A | |
| server_clone | Clone a server to a customer image | N/A | |
| server_vapp | Enable/Set/Update/Delete/Disable vApp and vApp properties on a server | | |