Work with VPC using the package ansible-selvpc-modules

As we have already written, the Selectel Virtual Private Cloud service is based on the OpenStack platform, you can read more about this in our previous article .



Many of our clients are used to using Ansible configuration management system in their projects, which allows you to automate routine tasks and make life easier for the system administrator. Also, the advantages of Ansible include many ready-made modules, including for automation of work with components of the OpenStack platform (a list of ready-made modules ).

')

Working with a virtual private cloud begins with creating a project and reserving resources for it. These operations can be performed through the control panel or using our API.



Often, when working with a VPC service, it may be necessary to create several identical virtual machines, add, allocate a certain amount of resources, create new users, and so on.



To bring the initial configuration of the project and work with the OpenStack API to a common denominator, we developed the ansible-selvpc-modules package, which includes several ansible-modules designed specifically for our service. It will be useful in work for any kind of professionals who interact with our API.



The modules cover the whole range of functions that our service provides. Now there is no need to manually install resources for the project or use third-party utilities: all this can be done immediately in one playbook using ansible-selvpc-modules.



The ansible-selvpc-modules package includes:

• selvpc_projects - for managing VPC projects;
• selvpc_quotas - to manage project resources;
• selvpc_limits - to get information about available resources;
• selvpc_users - to work with users;
• selvpc_floatingips - to work with floating ip addresses;
• selvpc_subnets - for working with subnets;
• selvpc_roles - to work with roles in the project;
• selvpc_tokens - to create keys;
• selvpc_licenses - to work with licenses.

Below I will describe the process of installing the package, and also give an example of use, in which we will step by step from the creation of the project to the launch of virtual machines.

Installation

Create an isolated virtual environment, activate and install ansible-selvpc-modules:

$ virtualenv --no-site-packages env $ source env/bin/activate $ pip install ansible-selvpc-modules 

We will also need additional packages for work: shade as a dependency for os_ * ansible-modules and jmespath for convenient parsing of json-a ( more ). We put from PyPi:

 $ pip install shade jmespath 

Keys are required to work with the Resell API. Registered Selectel users can get them here .



Now add the SEL_URL and SEL_TOKEN environment variables:

 $ export SEL_URL=https://api.selectel.ru/vpc/resell/ //       API  2 $ export SEL_TOKEN=< API-    > 

As in the example I will use the OpenStack modules for Ansible, in addition I will need the following variables:

 $ export OS_PROJECT_DOMAIN_NAME=<   my.selectel.ru> $ export OS_USER_DOMAIN_NAME=< > 

To make life and walking on hosts through Ansible easier, set the ANSIBLE_HOST_KEY_CHECKING environment variable to False:

 $ export ANSIBLE_HOST_KEY_CHECKING=False 

All necessary packages are installed, variables are added, let's start writing a playbook.

Example

1. Create an example_vars.yaml file, where we define the image, username, password, and project_name variables, as well as two lists with the names of our disks and virtual machines. (image is the image of the OS that will run our virtual machines, flavor is the configuration of the machine, in our case it is 512 RAM and 1 VCPU, more ):
   
   
   
   

    --- username: TestUser password: 123456 project_name: TestProject image: Ubuntu 16.04 LTS 32-bit volumes: - display_name: volume1 - display_name: volume2 - display_name: volume3 servers: - name: vm1 - name: vm2 - name: vm3 

   
   
   
2. Create an example.yaml file in which we will describe our tasks. Add the necessary parameters hosts and vars_files.
   
   
   
   The hosts variable defines the machine / machines with which we will be executing tasks, and vars_files indicates where to load the necessary variables (here is the example_vars.yaml file):
   
   
   
   

    --- - hosts: localhost vars_files: - example_vars.yaml 

   
   
   
3. Let's start writing Tasks. First, let's add project creation using selvpc_projects and allocating quotas for a project using the selvpc_quotas module. For 3 machines, 3 processor cores, 1536 RAM and 15 GB SSD disk will be enough:
   
   
   
   

    ... tasks: - name: Create project selvpc_projects: project_name: "{{ project_name }}" register: project_out - name: Set quotas on created project selvpc_quotas: project_id: "{{ project_out.project.id }}" quotas: compute_cores: - region: ru-1 zone: ru-1a value: 3 compute_ram: - region: ru-1 zone: ru-1a value: 1536 volume_gigabytes_fast: - region: ru-1 zone: ru-1a value: 15 register: quotas_out 

   
   
   
4. Create and add a user to the project:
   
   
   
   

    tasks: ... - name: Create user selvpc_users: username: "{{ username }}" password: "{{ password }}" register: user_out - name: Add created user to project selvpc_roles: project_id: "{{ project_out.project.id }}" user_id: "{{ user_out.user.id }}" 

   
   
   
5. Create a network:
   
   
   
   

    tasks: ... - name: Create public net selvpc_subnets: project_id: "{{ project_out.project.id }}" subnets: - region: ru-1 type: ipv4 quantity: 1 prefix_length: 29 register: public_net - name: Get info about network selvpc_subnets: subnet_id: "{{ public_net|json_query(subnets[0].id') }}" register: network_out 

   
   
   
6. After creating a network to create virtual machines, we will need disks that can be created using the ready-made Ansible module os_volume :
   
   
   
   

    tasks: ... - name: Create volumes os_volume: state: present auth: auth_url: https://api.selvpc.ru/identity/v3 username: "{{ username }}" password: "{{ password }}" project_name: "{{ project_name }}" display_name: "{{ item.display_name }}" image: "{{ image }}" size: 5 region_name: ru-1 with_items: "{{ volumes }}" register: volume 

   
   
   
7. To access our machines, we will need SSH keys. We will create one key for all machines. This will help us os_keypair :
   
   
   
   

    tasks: ... - name: Create key os_keypair: state: present auth: auth_url: https://api.selvpc.ru/identity/v3 username: "{{ username }}" password: "{{ password }}" project_name: "{{ project_name }}" name: ansible_key region_name: ru-1 public_key_file: "{{ '~' | expanduser }}/.ssh/id_rsa.pub" register: key 

   
   
   
8. Using os_nova_flavor, we will create a configuration (flavor) for our machines, in our case, this is 512 RAM and 1 VCPU and we will call it “selectel_test_flavor” (any other can be given):
   
   
   
   

    tasks: ... - name: Create flavor os_nova_flavor: state: present auth: auth_url: https://api.selvpc.ru/identity/v3 username: "{{ username }}" password: "{{ password }}" project_name: "{{ project_name }}" name: selectel_test_flavor ram: 512 vcpus: 1 disk: 0 region_name: ru-1 is_public: False register: flavor 

   
   
   
9. We will describe the task to create them and additionally task to add them to the in-memory inventory for further work with the already created hosts, at the end a short pause for the virtual machines to turn on before using:
   
   
   
   

    tasks: ... - name: Create servers os_server: state: present auth: auth_url: https://api.selvpc.ru/identity/v3 username: "{{ username }}" password: "{{ password }}" project_name: "{{ project_name }}" name: "{{ item.1.name }}" flavor: "{{ flavor }}" boot_volume: "{{ item.0 }}" nics: "net-id={{ network_out.subnet.network_id }}" key_name: ansible_key region_name: ru-1 with_together: - "{{ volume|json_query('results[*].id') }}" - "{{ servers }}" register: created_servers - name: Add hosts to inventory add_host: name: "{{ item }}" ansible_host: "{{ item }}" ansible_ssh_user: root groups: just_created with_items: "{{ created_servers|json_query('results[*].openstack.accessIPv4') }}" - pause: seconds: 60 

   
   
   
10. At the end, add a task to check our hosts for availability:
    
    
    
    

     tasks: ... - hosts: just_created tasks: - name: Ping all instances ping: register: results debug: msg={{ results }} 

    
    
    I also added debug and ignore_errors in this task for clarity, this is not mandatory (debug will allow us to output a more detailed result of performing tasks, and ignore_errors will not terminate the playbook in the event of any errors).
    
    
    
    Additionally, at the end of the playbook, I added a configuration removal (flavor), a user, and a project to clean everything that was created earlier:
    
    
    
    

     - hosts: localhost gather_facts: False vars_files: - example_vars.yaml tasks: - name: Delete flavor os_nova_flavor: state: absent auth: auth_url: https://api.selvpc.ru/identity/v3 username: "{{ username }}" password: "{{ password }}" project_name: "{{ project_name }}" name: "{{ flavor.flavor.name }}" region_name: ru-1 register: out - name: Delete user selvpc_users: user_id: "{{ user_out.user.id }}" state: absent register: out - name: Delete project selvpc_projects: project_id: "{{ project_out.project.id }}" state: absent register: out 

    
    
    The complete playbook file can be found here .
    
    
    
    
11. Launch our playbook:
    
    
    
    

     $ ansible-playbook example.yaml 

    
    
    During the pause, which we added earlier at the end of paragraph 9, you can go to the project control panel and look at the created servers:
    
    
    
    
    
    
    
    The results of the playlist in the console:
    
    
    
    

     TASK [Ping all instances] ************************************************************************* ok: [95.213.234.211] ok: [95.213.234.212] ok: [95.213.234.210] TASK [debug] ************************************************************************* ok: [95.213.234.210] => { "msg": { "changed": false, "ping": "pong" } } ok: [95.213.234.211] => { "msg": { "changed": false, "ping": "pong" } } ok: [95.213.234.212] => { "msg": { "changed": false, "ping": "pong" } } PLAY [localhost] ************************************************************************* TASK [Delete flavor] ************************************************************************* changed: [localhost] TASK [Delete user] ************************************************************************* changed: [localhost] TASK [Delete project] ************************************************************************* changed: [localhost] PLAY RECAP ************************************************************************* 95.213.234.210 : ok=3 changed=0 unreachable=0 failed=0 95.213.234.211 : ok=3 changed=0 unreachable=0 failed=0 95.213.234.212 : ok=3 changed=0 unreachable=0 failed=0 localhost : ok=25 changed=13 unreachable=0 failed=0 

    
    
    In the output, we see that all the tasks have been successfully completed and our hosts are available. We also see that the created user and the project, and with it the virtual machines were successfully deleted.
    
    

Ansible modules cover the entire set of functions that our service provides and are useful in the work of specialists interacting with our API.



I invite everyone interested to try out the modules and make comments, suggestions and suggestions.



→ Documentation and source codes