Using vmware_tools connection plugin
Introduction
This guide will show you how to utilize VMware Connection plugin to communicate and automate various tasks on VMware guest machines.
Scenario requirements
Software
Ansible 2.9 or later must be installed.
We recommend installing the latest version with pip:
pip install Pyvmomi
on the Ansible control node (as the OS packages are usually out of date and incompatible) if you are planning to use any existing VMware modules.
Hardware
vCenter Server 6.5 and above
Access / Credentials
Ansible (or the target server) must have network access to either the vCenter server
Username and Password for vCenter with required permissions
VMware tools or openvm-tools with required dependencies like Perl installed on the given virtual machine
Caveats
All variable names and VMware object names are case sensitive.
You need to use Python 2.7.9 version in order to use
validate_certs
option, as this version is capable of changing the SSL verification behaviors.
Example description
User can run playbooks against VMware virtual machines using vmware_tools
connection plugin.
In order work with vmware_tools
connection plugin, you will need to specify hostvars for the given virtual machine.
For example, if you want to run a playbook on a virtual machine called centos_7
located at /Asia-Datacenter1/prod/centos_7
in the given vCenter, you will need to specify hostvars as follows:
[centos7]
host1
[centos7:vars]
# vmware_tools related variables
ansible_connection=vmware_tools
ansible_vmware_host=10.65.201.128
ansible_vmware_user=[email protected]
ansible_vmware_password=Esxi@123$%
ansible_vmware_validate_certs=no
# Location of the virtual machine
ansible_vmware_guest_path=Asia-Datacenter1/vm/prod/centos_7
# Credentials
ansible_vmware_tools_user=root
ansible_vmware_tools_password=Secret123
Here, we are providing vCenter details and credentials for the given virtual machine to run the playbook on.
If your virtual machine path is Asia-Datacenter1/prod/centos_7
, you specify ansible_vmware_guest_path
as Asia-Datacenter1/vm/prod/centos_7
. Please take a note that /vm
is added in the virtual machine path, since this is a logical folder structure in the VMware inventory.
Let us now run following playbook,
---
- name: Example showing VMware Connection plugin
hosts: centos7
tasks:
- name: Gather information about temporary directory inside VM
shell: ls /tmp
Since Ansible utilizes the vmware-tools
or openvm-tools
service capabilities running in the virtual machine to perform actions, in this use case it will be connecting directly to the guest machine.
For now, you will be entering credentials in plain text, but in a more advanced playbook this can be abstracted out and stored in a more secure fashion using ansible-vault or using Ansible Tower credentials.
What to expect
Running this playbook can take some time, depending on your environment and network connectivity. When the run is complete you will see:
{
"changed": true,
"cmd": "ls /tmp",
"delta": "0:00:00.005440",
"end": "2020-10-01 07:30:56.940813",
"rc": 0,
"start": "2020-10-01 07:30:56.935373",
"stderr": "",
"stderr_lines": [],
"stdout": "ansible_command_payload_JzWiL9\niso",
"stdout_lines": ["ansible_command_payload_JzWiL9", "iso", "vmware-root"]
}
Troubleshooting
If your playbook fails:
Check if the values provided for username and password are correct.
Check if the path of virtual machine is correct. Please mind that
/vm/
needs to be provided while specifying virtual machine location.