Ansible Dynamic Inventory plugin for vmware
The best way to interact with your hosts is to use the VMware dynamic inventory plugin, which dynamically queries VMware APIs and tells Ansible what nodes can be managed.
Requirements
To use the VMware dynamic inventory plugins, you must install pyVmomi on your control node (the host running Ansible).
To include tag-related information for the virtual machines in your dynamic inventory, you also need the vSphere Automation SDK, which supports REST API features like tagging and content libraries, on your control node. You can install the vSphere Automation SDK
following these instructions.$ pip install pyvmomi
To use this VMware dynamic inventory plugin, you need to enable it first by specifying the following in the ansible.cfg
file:
[inventory]
enable_plugins = vmware_vm_inventory
Then, create a file that ends in .vmware.yml
or .vmware.yaml
in your working directory.
The vmware_vm_inventory
script takes in the same authentication information as any VMware module.
Here’s an example of a valid inventory file:
plugin: vmware_vm_inventory
strict: False hostname: 10.65.223.31
username: administrator@vsphere.local
password: Esxi@123$%
validate_certs: False
with_tags: True
Executing ansible-inventory --list -i <filename>.vmware.yml
will create a list of VMware instances that are ready to be configured using Ansible.
Using vaulted configuration files
Since the inventory configuration file contains vCenter password in plain text, a security risk, you may want to encrypt your entire inventory configuration file.
You can encrypt a valid inventory configuration file as follows:$ ansible-vault encrypt <filename>.vmware.yml New Vault password: Confirm New Vault password: Encryption successful
And you can use this vaulted inventory configuration file using:$ ansible-inventory -i filename.vmware.yml –list –vault-password-file=/path/to/vault_password_file
My sample dynamic_inventory.vmware.yml
—
plugin: vmware_vm_inventory
strict: False
hostname: vcenter_hostname
username: vcenter_username
password: vcenter_password
validate_certs: False
#This will make sure vm’s filter based on tags
with_tags: True
#This option will help to use for dynamic fetch and no cache on disk
cache: no
# Create/filter groups basedo on tags, ex: below one fetch all the linux machines along with tag and we can use -l option to limit the execution
properties:
– ‘config.name’
– ‘guest.ipAddress’
– ‘guest.guestFamily’
– ‘summary.runtime.powerState’
keyed_groups:
– key: tag_category.Tier
prefix: “vmware_tag_category_”
separator: “”
with_nested_properties: True
filters:
– summary.runtime.powerState == “poweredOn”
– guest.guestFamily == “windowsGuest”
– guest.guestFamily == “linuxGuest”
hostnames:
– ‘config.name’
sample.yml:
—
– name: Sample Dynamic Inventory Check
hosts: all
gather_facts: False
vars:
ansible_ssh_extra_args: ‘-o StrictHostKeyChecking=no’
tasks:
– name: List Home dir
command: ls /home
register: output
– debug:
msg: Listing the home directory {{ output.stdout_lines }}
How to run and test the inventory:
ansible-inventory -i dynamic_inventory.vmware.yml –grapth (use list also –list)
ansible-playbook -i dynamic_inventory.vmware.yml -l <Prod> sample.yaml
Ref/: https://runebook.dev/en/docs/ansible/collections/community/vmware/vmware_vm_inventory_inventory