-
Notifications
You must be signed in to change notification settings - Fork 65
Home
Welcome to the oneview-ansible wiki!
HPE OneView makes it simple to deploy and manage today’s complex hybrid cloud infrastructure. HPE OneView can help you transform your data center to software-defined, and it supports HPE’s broad portfolio of servers, storage, and networking solutions, ensuring the simple and automated management of your hybrid infrastructure. Software-defined intelligence enables a template-driven approach for deploying, provisioning, updating, and integrating compute, storage, and networking infrastructure.
The HPE OneView Ansible library provides modules to manage HPE OneView using Ansible playbooks using HPE OneView REST APIs.
You can find the latest supported HPE OneView Ansible SDK here
Refer to
- Supported HPE OneView Ansible APIs Implementation and
- Latest version of the OneView Ansible SDK documentation.
To run the Ansible modules provided in this project, you may run a containerized version or perform a full installation.
To use containerized version, you should execute the following steps:
The containerized version of the oneview-ansible modules is available in the Docker Store.
The Docker Store image tag consist of two sections: <sdk_version-OV_version>
#Download and store a local copy of hpe-oneview-sdk-for-ansible and
# use it as a Docker image.
$ docker pull hewlettpackardenterprise/hpe-oneview-sdk-for-ansible:v5.8.0-OV5.4
# Run docker commands using the below command and this will in turn create
# a sh session where you can create files, issue commands and execute playbooks
$ docker run -it hewlettpackardenterprise/hpe-oneview-sdk-for-ansible:v5.8.0-OV5.4 /bin/shThere is also a how-to guide with instructions on how to use the container without creating a sh session.
To perform a full installation, you should execute the following steps:
Run:
$ git clone https://github.com/HewlettPackard/oneview-ansible.gitRun pip command from the cloned directory:
pip install -r requirements.txtSet the environment variables ANSIBLE_LIBRARY and ANSIBLE_MODULE_UTILS, specifying the library full path from the cloned project:
$ export ANSIBLE_LIBRARY=/path/to/oneview-ansible/library
$ export ANSIBLE_MODULE_UTILS=/path/to/oneview-ansible/library/module_utils/To use the Ansible OneView modules, you can store the configuration on a JSON file. This file is used to define the settings, which will be used on the OneView appliance connection, like hostname, username, and password. Here's an example:
{
"ip": "172.25.105.12",
"credentials": {
"userName": "Administrator",
"authLoginDomain": "",
"password": "secret123"
},
"api_version": 2000
}The api_version specifies the version of the Rest API to invoke. When not defined, it will use 600 as the
default value.
If your environment requires a proxy, define the proxy properties in the JSON file using the following syntax:
"proxy": "<proxy_host>:<proxy_port>"🔒 Tip: Check the file permissions since the password is stored in clear-text.
The configuration file path must be provided for all of the playbooks config arguments. For example:
- name: Gather facts about the FCoE Network with name 'FCoE Network Test'
oneview_fcoe_network_facts:
config: "/path/to/config.json"
name: "FCoE Network Test"If you prefer, the configuration can also be stored in environment variables.
# Required
export ONEVIEWSDK_IP='172.25.105.12'
export ONEVIEWSDK_USERNAME='Administrator'
export ONEVIEWSDK_PASSWORD='secret123'
# Optional
export ONEVIEWSDK_API_VERSION='2000'
export ONEVIEWSDK_AUTH_LOGIN_DOMAIN='authdomain'
export ONEVIEWSDK_PROXY='<proxy_host>:<proxy_port>'🔒 Tip: Make sure no unauthorised person has access to the environment variables, since the password is stored in clear-text.
In this case, you shouldn't provide the config argument. For example:
- name: Gather facts about the FCoE Network with name 'FCoE Network Test'
oneview_fcoe_network_facts:
name: "FCoE Network Test"Once you have defined the environment variables, you can run the plays.
The third way to pass in your HPE OneView credentials to your tasks is through explicit specification on the task.
This option allows the parameters hostname, username, password, api_version and image_streamer_hostname to be passed directly inside your task.
- name: Create a Fibre Channel Network
oneview_fc_network:
hostname: 172.16.101.48
username: administrator
password: my_password
api_version: 2000
state: present
data:
name: "{{ network_name }}"
fabricType: 'FabricAttach'
linkStabilityTime: '30'
autoLoginRedistribution: true
no_log: true
delegate_to: localhostSetting no_log: true is highly recommended in this case, as the credentials are otherwise returned in the log after task completion.
If you prefer, the credential of the user can be stored in encrypted format.
-
Create a oneview_config.yml file.
-
Run below commands to encrypt your username and password for oneview.
ansible-vault encrypt_string 'secret123' --name ONEVIEWSDK_PASSWORD
Note: This password will be used to run the playbook.
- Paste the encrypted password along with the configuration in oneview_config.yml file.
# Required
ip: 172.168.1.1
api_version:2000
username: Administrator
password: !vault |
$ANSIBLE_VAULT;1.1;AES256
37646435306637633461376438653439323666383934353234333934616363313164636637376536
3239356538653537643734626265366662623863323661350a613834313562303635343931356139
35343863313563363830356638343339373138316539613636336532333065366133386662333833
6663363236663031340a636562646634323136353737373539326434626137353837333530376665
3835- Update the oneview_config.yml as vars_file in playbook for example:
- vars_file:
- oneview_config.yml
- name: Create a Fibre Channel Network
oneview_fc_network:
hostname: "{{ ip }}"
username: "{{ username }}"
password: "{{ password }}"
api_version: "{{ api_version }}"
state: present
data:
name: "Test Network"
fabricType: 'FabricAttach'
linkStabilityTime: '30'
autoLoginRedistribution: true
no_log: true
delegate_to: localhost
# Optional
We can encrypt the oneview_config.yml file also, but if you encrypt the file then you shall not encrypt the password inside the encrypted file. 🔒 Tip: Make sure no unauthorised person has access to the encrypted variables/files, since the password can be decrypted with the password.
- Run the playbook with --ask-vault-pass option to get the password prompt to run the playbook.
ansible-playbook example.yml --ask-vault-passNote: Most of the examples provided in this repository uses OneView Credentials in plain text.
The Ansible modules for HPE OneView support the API endpoints for HPE OneView 4.00, 4.10, 4.20, 5.00, 5.20, 5.30, 5.40
The current default HPE OneView version will pick the OneView appliance version.
To use a different API, you must set the API version together with your credentials, either using the JSON configuration:
"api_version": 2000OR using the Environment variable:
export ONEVIEWSDK_API_VERSION='2000'If this property is not specified, it will fall back to the default value.
The API list is as follows:
- HPE OneView 5.00 API version:
1200 - HPE OneView 5.20 API version:
1600 - HPE OneView 5.30 API version:
1800 - HPE OneView 5.40 API version:
2000
Are you running into a road block? Have an issue with unexpected behavior? Feel free to open a new issue on the issue tracker
When creating an issue, recommend providing the following and any additional information which would help address quicker.
[What you are trying to achieve but can't?]
- OneView SDK Version: [Version of this SDK for which you are encountering the issue]
- OneView Appliance Version: [Version of the OneView appliance you're interacting with]
- OneView Client API Version: [API version of your client object]
- Ruby Version: [Version of Python in your environment]
- Platform: [OS distribution and release version]
[What are the complete steps needed to do in order to reproduce your problem?]
[What do you expect to happen after taking the steps above?]
[What actually happens after the steps above? Include error output or a link to a gist.]