In my new job, I’ve been working with other cloud technologies apart from OpenStack. Ansible is used heavily and now some version of this technology runs through a large percentage of Red Hat’s products. Cloudforms positions itself as a single pane of glass through which to control not just traditional infrastructure providers like RHEV and VMware but also OpenStack, AWS, Satellite 6, Ansible Tower and a multitude of other tools.
So I have only a small amount of experience with the above, OpenStack aside. Documentation is generally pretty good but I have spent some time reading the API runes to determine how to automatically create providers within Cloudforms (note that this should work fine for ManageIQ as well). Ansible does have a manageiq provider module but its far from complete.
NB: The following is appropriate for MY usage on one environment, you WILL need to set and adjust parameters to suit. This should just be used to understand what parameters you need, not how to set them. This was using the Ansible uri module in 2.4 against Cloudforms 4.5.
RHEV providers are pretty simple:
- name: Create RHEV Provider
uri:
url: "https://{{ inventory_hostname }}/api/providers"
method: POST
user: "{{ vault_cfme_user }}"
password: "{{ vault_cfme_password }}"
body:
type: "ManageIQ::Providers::Redhat::InfraManager"
name: "{{ cloudforms.rhev_name }}"
hostname: "{{ inventory_hostname }}"
credentials:
userid: "{{ vault_rhev_user }}"
password: "{{ vault_rhev_password }}"
status_code: 200
body_format: json
validate_certs: no
Satellite 6 too (but notice URL is different):
- name: Create Satellite Provider
uri:
url: "https://{{ inventory_hostname }}/api/providers?provider_class=provider"
method: POST
user: "{{ vault_cfme_user }}"
password: "{{ vault_cfme_password }}"
body:
type: "ManageIQ::Providers::Foreman::Provider"
name: "{{ cloudforms.satellite_name }}"
url: "{{ inventory_hostname }}"
credentials:
userid: "{{ vault_satellite_user }}"
password: "{{ vault_satellite_password }}"
status_code: 200
body_format: json
validate_certs: no
OpenStack – note that you have to set BOTH security_protocol and verify_ssl here, at least if you are needing to set those. This would not be appropriate outside of dev/PoC yada-yada-yada:
- name: Create OpenStack Provider
uri:
url: "https://{{ inventory_hostname }}/api/providers"
method: POST
user: "{{ vault_cfme_user }}"
password: "{{ vault_cfme_password }}"
body:
type: "ManageIQ::Providers::Openstack::CloudManager"
verify_ssl: "false"
security_protocol: "Non-SSL"
name: "{{ cloudforms.openstack_name }}"
hostname: "{{ inventory_hostname }}"
credentials:
userid: "{{ vault_openstack_user }}"
password: "{{ vault_openstack_password }}"
status_code: 200
body_format: json
validate_certs: no
Ansible Tower – pretty simple but again, note the specific “provider_class” URL:
- name: Create Ansible Tower Provider
uri:
url: "https://{{ inventory_hostname }}/api/providers?provider_class=provider"
method: POST
user: "{{ vault_cfme_user }}"
password: "{{ vault_cfme_password }}"
body:
type: "ManageIQ::Providers::AnsibleTower::Provider"
name: "Ansible Tower"
url: "{{ inventory_hostname }}"
credentials:
userid: "{{ vault_tower_user }}"
password: "{{ vault_tower_password }}"
status_code: 200
body_format: json
validate_certs: no
Finally OpenShift, the most complex but not that much to it. You just need to note that here we pass an array to endpoint_configurations of both the OpenShift and Hawkular endpoints. Plus we are using a token here. And again, be sure to set both ssl options otherwise the provider is created but doesn’t work.
- name: Create OCP Provider
uri:
url: "https://{{ inventory_hostname }}/api/providers"
method: POST
user: "{{ vault_cfme_user }}"
password: "{{ vault_cfme_password }}"
body:
type: "ManageIQ::Providers::Openshift::ContainerManager"
name: "OpenShift"
port: "8443"
connection_configurations:
- endpoint:
role: "default"
hostname: "{{ inventory_hostname }}"
port: "8443"
verify_ssl: "false"
security_protocol: "ssl-without-validation"
authentication:
authtype: "bearer"
auth_key: "{{ vault_ocp_token }}"
- endpoint:
role: "hawkular"
hostname: "{{ cloudforms.hawkular_hostname }}"
port: "443"
verify_ssl: "false"
security_protocol: "ssl-without-validation"
authentication:
authtype: "hawkular"
auth_key: "{{ vault_ocp_token }}"
status_code: 200
body_format: json
validate_certs: no
Can't stop fiddling... 