using vsphere 6.5 apis with ansible
TRANSCRIPT
![Page 1: Using vSphere 6.5 APIs with Ansible](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6df6077f8b9ad4678b4cb9/html5/thumbnails/1.jpg)
© 2015 VMware Inc. All rights reserved.
Using vSphere 6.5 APIs with Ansible
Jonathan Frappier
August 2017
![Page 2: Using vSphere 6.5 APIs with Ansible](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6df6077f8b9ad4678b4cb9/html5/thumbnails/2.jpg)
CONFIDENTIAL 2
@jfrappier | @commitmas | @vbrownabag
/in/jonathanfrappier
github.com/jfrappier
github.com/commitmas
jfrap.com
vbrownbag.com
http://bit.ly/
Jonathan Frappier
Senior Technical Consultant, Dell EMC
Education
![Page 3: Using vSphere 6.5 APIs with Ansible](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6df6077f8b9ad4678b4cb9/html5/thumbnails/3.jpg)
Disclaimer
The information in this presentation is intended to outline our general product direction and should not
be relied on in making a purchasing decision. It is for informational purposes only and may not be
incorporated into any contract.
• This presentation may contain product features or functionality that are currently under development.
• This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.
• Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.
• Technical feasibility and market demand will affect final delivery.
• Pricing and packaging for any new features/functionality/technology discussed or presented, have not been determined.
• This information is confidential.
![Page 4: Using vSphere 6.5 APIs with Ansible](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6df6077f8b9ad4678b4cb9/html5/thumbnails/4.jpg)
My Disclaimer
• When I say how awesome something is what I really mean “In most cases” that thing is awesome
• Here is one way you could do it, there are many others
• I can’t draw 7 red lines all perpendicular with red, green, or transparent ink
CONFIDENTIAL 4
![Page 5: Using vSphere 6.5 APIs with Ansible](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6df6077f8b9ad4678b4cb9/html5/thumbnails/5.jpg)
What are we talking about
vSphere and vCenter 6.5 + vSphere APIs + Ansible
Haven’t use vSphere 6.5? >> http://bit.ly/v65new
Don’t know what an API is? >> http://bit.ly/apizerohero
What’s an Ansible, I want one! >> http://bit.ly/vbbAnsible
Using vSphere 6.5 API Into >> http://bit.ly/RuddyRULES
CONFIDENTIAL 5
![Page 6: Using vSphere 6.5 APIs with Ansible](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6df6077f8b9ad4678b4cb9/html5/thumbnails/6.jpg)
Use Cases
vCenter APIs
http://bit.ly/vc65apis
• Define vCenter configuration as code
– Create data center
– Add hosts to data center
– Create VMs
– Configure VM settings (limited)
CONFIDENTIAL 6
vCenter Server Appliance APIs
http://bit.ly/vcsa65apis
• VCSA configuration management
– Enable/disable SSH
– Set/Manage DNS search domins
– Set/Manage DNS servers
– Run backup
• Currently in Tech Preview
– Create local users
– Manage firewall
– Set/Manage NTP Servers
– Restart services
![Page 7: Using vSphere 6.5 APIs with Ansible](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6df6077f8b9ad4678b4cb9/html5/thumbnails/7.jpg)
Scenario
Oh no! My security auditor says I need to ensure SSH is disabled on all VCSA appliances!
What am I going to do??
CONFIDENTIAL 7
![Page 8: Using vSphere 6.5 APIs with Ansible](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6df6077f8b9ad4678b4cb9/html5/thumbnails/8.jpg)
Using API Explorer
CONFIDENTIAL 8
![Page 9: Using vSphere 6.5 APIs with Ansible](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6df6077f8b9ad4678b4cb9/html5/thumbnails/9.jpg)
Determine JSON block
CONFIDENTIAL 9
![Page 10: Using vSphere 6.5 APIs with Ansible](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6df6077f8b9ad4678b4cb9/html5/thumbnails/10.jpg)
Ansible Playbook with URI module example
CONFIDENTIAL 10
---
- hosts: localhost
become: no
tasks:
- name: vcenter login
uri:
url: https://cloudvc.student.lab/rest/com/vmware/cis/session
force_basic_auth: yes
method: POST
user: [email protected]
password: P@ssw0rd
status_code: 200
validate_certs: no
register: login
- name: disable ssh
uri:
url: https://cloudvc.student.lab/rest/appliance/access/ssh
force_basic_auth: yes
method: PUT
body_format: json
body: "{{ lookup('file','sshoff.json') }}"
validate_certs: no
headers:
Cookie: "{{login.set_cookie}}"
![Page 11: Using vSphere 6.5 APIs with Ansible](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6df6077f8b9ad4678b4cb9/html5/thumbnails/11.jpg)
Create JSON File
CONFIDENTIAL 11
{
“enabled”: false
}
![Page 12: Using vSphere 6.5 APIs with Ansible](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6df6077f8b9ad4678b4cb9/html5/thumbnails/12.jpg)
One more use case…
CONFIDENTIAL 12
![Page 13: Using vSphere 6.5 APIs with Ansible](https://reader031.vdocuments.net/reader031/viewer/2022030318/5a6df6077f8b9ad4678b4cb9/html5/thumbnails/13.jpg)
One more use case…
CONFIDENTIAL 13