Ansible and Micetro DDI

Want to learn how you can start automating and orchestrating DNS, DHCP, and IPAM with Ansible? Micetro has an up-to-date Ansible collection and plug-in right on Ansible Galaxy. If you missed our first article on setting GitHub up and installing Ansible, check it out here (especially if this is the first time you've used Ansible or GitHub).

This article is for someone who has never used Ansible before and is not currently running it in their environment. If you are an Ansible enthusiast already, I recommend just diving into the playbooks we've already created! https://galaxy.ansible.com/menandmice/ansible_micetro

Installing Ansible:

I'll be using a Linux Ubuntu 22.04 VM for this. It's highly recommended to use Linux as your Ansible control machine, because it's just really hard to run it on Windows using the subsystem for Linux. Also, just do yourself a favor and install pip if you don't have it already.

Note: Make sure you are installing at least version 2.10 of Ansible for the Micetro plugin to work correctly. You'll also need to have Python 3.6 or above installed as well.

$ sudo apt update
$ sudo apt install software-properties-common
$ sudo add-apt-repository --yes --update ppa:ansible/ansible
$ sudo apt install ansible

$ ansible --version

$ sudo apt install python3-pip

Setting Up Ansible for Micetro

Ansible for Micetro works a bit differently in that you won't actually create an inventory list to reach out to managed nodes or "hosts." Instead you'll run the following command which will build out the necessary configuration to connect to your Micetro APIs. This will include building out the plugins and modules files we'll talk about in the next section.

$ sudo ansible-galaxy collection install menandmice.ansible_micetro

Note, you will need to have Micetro up and running as well as have a Micetro account/password with necessary access to run API commands.

I can now go to '/root/.ansible/ to see what's been configured.

#cd .ansible/

~/.ansible# ls

Plugins and Modules

If you're following along in the Ansible documentation, then you'll see there are a few different chapters or sections on Plugins and Modules. These are not the same as Ansible Playbooks, which we'll talk about in just a bit.

Ansible Plugins - Extend the core functionality of Ansible.

Ansible Modules - a type of plugin that execute automation tasks on a ‘target’ (usually a remote system).

The Micetro plugins and modules have been built then, to extend the core capabilities of Ansible so that you may use it to create and manage workflows in your Micetro DDI environment. For more information on general plugins and modules, you can find it in the Ansible documentation here https://docs.ansible.com/ansible/latest/dev_guide/developing_locally.html

You don't have to do anything with these plugins and modules as they. It's like adding features to Ansible specific to Micetro. When we create Ansible Playbooks then, we'll call upon these plugins and modules to do some of the work.

Now that we have Ansible installed and configured for Micetro generally, we can create a group_vars/all files which will tell Ansible where to look for Micetro.

Create a group_vars/all file in /etc/ansible/.

$ mkdir group_vars
$ touch group_vars/all
$ nano group_vars/all

mm_provider:
 mm_url: http://micetro.example.net
 mm_user: apiuser
 mm_password: apipassword

Note: Generally you'll want to encrypt this password so it's not stored in plaintext anywhere, but we're just going to use plaintext for the sake of this demo.

Note: Make sure you're using proper indentation! The group_vars/all file requires spaces instead of tabs, where as in your playbooks you can use tabs.

You'll also create an ansible configuration file called ansible.cfg. This will call the micetro.yml file, which we'll get to in just a moment.

$ touch ansible.cfg

$ nano ansible.cfg

[defaults]
remote_tmp = $HOME/.ansible/tmp
inventory = micetro.yml
nocows = 1

[inventory]
enable_plugins = menandmice.ansible_micetro.inventory, host_list, auto
cache = yes
cache_plugin = jsonfile
cache_prefix = micetro_inv
cache_timeout = 60
cache_connection = /tmp/micetro_inventory_cache

[privilege_escalation]
become = False
become_method = sudo
become_user = root
become_ask_pass = False

You'll also see a sample micetro.yml-sample file in /root/.ansible/collections/ansible_collections/menandmice/ansible_micetro

You can either change the name of that file or create a new file called micetro.yml.

$ touch micetro.yml

$ nano micetro.yml

plugin: menandmice.ansible_micetro.inventory
mm_url: "http://micetro.example.net"
mm_user: apiuser
mm_password: apipassword

Running a Playbook

Now, your Ansible control machine should be all set up to start running playbooks! Ansible playbooks contain tasks or "plays" which you can run to automate your environment. We're going to get started with an easy one, of just claiming an IP.

This playbook may also be find in Ansible Galaxy, linked above. Remember that indentation really matters! So I'm just going to link to the README.pdf which contains the playbook example. https://github.com/menandmice/ansible_micetro/blob/main/docs/README.pdf

You can find the "play_claimIP" playbook in chapter 4, at 4.5. You'll just need to create a yaml file on your control machine with a name like:

$ touch play_claimIP.yml

$ nano play_claimIP.yml

Once you're in the editor, copy and paste the content from the example in the pdf. Make sure you go through and check indentation, although Ansible is pretty helpful and pointing out where syntax is incorrect.

When you're ready to run it type the command:

$ ansible-playbook play_claimIP.yml

Then go check in Micetro to see if you were able to successfully claim the IP you indicated in the playbook.

Have Suggestions?

We'd love to hear how you're using Ansible. Share your playbooks and ask for suggestions right in Ansible Galaxy or at the Github repo! https://galaxy.ansible.com/menandmice/ansible_micetro