vmware.vmware.vcsa_settings module – Configure vCenter Server Appliance settings

Note

This module is part of the vmware.vmware collection (version 1.7.1).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install vmware.vmware. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: vmware.vmware.vcsa_settings.

New in vmware.vmware 1.2.0

Synopsis

  • Configure vCenter Server Appliance settings.

Requirements

The below requirements are needed on the host that executes this module.

  • vSphere Automation SDK

Parameters

Parameter

Comments

consolecli_enabled

boolean

Enable/Disable state of the console-based controlled CLI (TTY1).

Choices:

  • false

  • true

dcui_enabled

boolean

Enable/Disable state of Direct Console User Interface (DCUI TTY2).

Choices:

  • false

  • true

dns_append

boolean

If true items from dns_domains and dns_servers will be added to already configured DNS domains/servers.

If false domains/servers will be overridden.

Choices:

  • false

  • true ← (default)

dns_domains

list / elements=string

List of DNS domains.

dns_hostname

string

DNS hostname.

dns_mode

string

Set the DNS mode.

Choices:

  • "is_static"

  • "dhcp"

dns_servers

list / elements=string

List of DNS servers.

firewall_rules

list / elements=dictionary

Set the ordered list of firewall rules to allow or deny traffic from one or more incoming IP addresses.

Within the list of traffic rules, rules are processed in order of appearance, from top to bottom.

address

string

IPv4 or IPv6 address.

interface_name

string

The interface to which this rule applies. An * indicates that the rule applies to all interfaces.

policy

string

Defines firewall rule policies.

Choices:

  • "ACCEPT"

  • "IGNORE"

  • "REJECT"

  • "RETURN"

prefix

integer

CIDR prefix used to mask address. For example, an IPv4 prefix of 24 ignores the low-order 8 bits of address.

firewall_rules_append

boolean

If false the rules overwrites the existing firewall rules and creates a new rule list. If true we append the rules to existing rules.

Choices:

  • false

  • true ← (default)

global_fips

boolean

Enable/Disable Global FIPS mode for the appliance. Caution: Changing the value of this setting will reboot the Appliance.

Choices:

  • false

  • true

hostname

string

The hostname or IP address of the vSphere vCenter server.

If the value is not specified in the task, the value of environment variable VMWARE_HOST will be used instead.

noproxy

list / elements=string

List of hosts that should be ignored by proxy configuration.

ntp_servers

list / elements=string

List of NTP servers. This method updates old NTP servers from configuration and sets the input NTP servers in the configuration.

If NTP based time synchronization is used internally, the NTP daemon will be restarted to reload given NTP configuration.

In case NTP based time synchronization is not used, this method only replaces servers in the NTP configuration.

password

aliases: pass, pwd

string

The password of the vSphere vCenter server.

If the value is not specified in the task, the value of environment variable VMWARE_PASSWORD will be used instead.

port

integer

The port number of the vSphere vCenter.

If the value is not specified in the task, the value of environment variable VMWARE_PORT will be used instead.

Default: 443

protocol

string

The connection to protocol.

Choices:

  • "http"

  • "https" ← (default)

proxy

list / elements=dictionary

A list of proxy configurations.

enabled

boolean / required

Define if this proxy configuration should be enabled.

Choices:

  • false

  • true

password

string

Define password for the proxy server if proxy requires authentication.

port

integer / required

Define the port of the proxy server.

protocol

string / required

Define the protocol of the proxy server(FTP, HTTP, HTTPS).

url

string / required

Define the URL of the proxy server (including protocol ie. http://…).

username

string

Define username for the proxy server if proxy requires authentication.

proxy_host

string

Address of a proxy that will receive all HTTPS requests and relay them.

The format is a hostname or a IP.

If the value is not specified in the task, the value of environment variable VMWARE_PROXY_HOST will be used instead.

proxy_port

integer

Port of the HTTP proxy that will receive all HTTPS requests and relay them.

If the value is not specified in the task, the value of environment variable VMWARE_PROXY_PORT will be used instead.

resize_storage

boolean

Resize all partitions to 100 percent of disk size.

Choices:

  • false ← (default)

  • true

shell_enabled

boolean

Enable/Disable state of BASH, that is, access to BASH from within the controlled CLI.

Choices:

  • false

  • true

shell_timeout

integer

The timeout (in seconds) specifies how long you enable the Shell access. The maximum timeout is 86400 seconds(1 day).

This parameter is mandatory in case shell_enabled=true.

ssh_enabled

boolean

Enable/Disable state of the SSH-based controlled CLI.

Choices:

  • false

  • true

timesync_mode

string

Set time synchronization mode.

Choices:

  • "disabled"

  • "host"

  • "ntp"

timezone

string

Set time zone.

username

aliases: admin, user

string

The username of the vSphere vCenter server.

If the value is not specified in the task, the value of environment variable VMWARE_USER will be used instead.

validate_certs

boolean

Allows connection when SSL certificates are not valid.

Set to false when certificates are not trusted.

If the value is not specified in the task, the value of environment variable VMWARE_VALIDATE_CERTS will be used instead.

Choices:

  • false

  • true ← (default)

Attributes

Attribute

Support

Description

check_mode

Support: full

The check_mode support.

Notes

Note

  • All modules require API write access and hence is not supported on a free ESXi license.

  • All variables and VMware object names are case sensitive.

  • Modules may rely on the ‘requests’ python library, which does not use the system certificate store by default. You can specify the certificate store by setting the REQUESTS_CA_BUNDLE environment variable. Example: ‘export REQUESTS_CA_BUNDLE=/path/to/your/ca_bundle.pem’

Examples

- name: Enable shell and SSH
  vmware.vmware.vcsa_settings:
    hostname: "https://vcenter"
    username: "username"
    password: "password"
    ssh_enabled: true
    shell_enabled: true
    shell_timeout: 120

- name: Set firewall rules
  vmware.vmware.vcsa_settings:
    hostname: "https://vcenter"
    username: "username"
    password: "password"
    firewall_rules:
      - address: '1.2.3.7'
        interface_name: '*'
        prefix: 24
        policy: 'ACCEPT'

- name: Set NTP servers
  vmware.vmware.vcsa_settings:
    hostname: "https://vcenter"
    username: "username"
    password: "password"
    timesync_mode: ntp
    ntp_servers:
      - time.google.com

- name: Enable HTTP proxy
  vmware.vmware.vcsa_settings:
    hostname: "https://vcenter"
    username: "username"
    password: "password"
    proxy:
      - enabled: true
        protocol: 'http'
        url: 'http://myproxy'
        port: 8080

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

vcsa_settings

dictionary

Information about appliance.

Returned: On success

Sample: {"consolecli_enabled": false, "dcui_enabled": true, "dns_domains": ["abc.com"], "dns_mode": null, "noproxy": ["abc.com"], "ntp_servers": ["time.google.com"], "proxy": [{"enabled": true, "password": null, "port": 80, "protocol": "http", "url": "http://127.0.0.1", "username": null}], "resize_storage": false, "shell_timeout": 350, "ssh_enabled": true, "timesync_mode": "ntp"}

Authors

  • Ansible Cloud Team (@ansible-collections)