Getting Started with Ansible
Installation and setup
Introduction
Ansible is an open-source automation framework that was created by Ansible and now maintained by RedHat. Ansible is an orchestration tool that automates provisioning, configuration management, and application deployment.
In 2019, Aruba became an official Ansible partner, and currently supports Ansible for Central, among other Aruba products.
If you aren't already familiar with Ansible, please read through the pages linked here:
Installing the Role
Our Aruba Central Ansible modules are packaged in the Aruba Central role.
- Python 2.7 or 3.5+
- Ansible 2.9.0 or later
- Minimum supported Aruba Central firmware version 2.5.2
The Aruba Central role was created solely for the sake of bundling up the Aruba Central Ansible modules for easy distribution and consumption. To install the role, issue the "ansible-galaxy" command: ansible-galaxy install arubanetworks.aruba_central_role
If you plan on using the Aruba Central role in an Ansible Tower environment, make sure to provide the full path to a location in which Ansible Tower looks for installed roles. Ansible Tower looks in multiple places for installed roles. For example, one such path is /etc/ansible/roles/:
ansible-galaxy install arubanetworks.aruba_central_role --roles-path /etc/ansible/roles/
To install the latest updated role, simply re-run any of the previous commands. Ansible Galaxy will check to see if the existing role is out of date and install the latest version.
As an alternative to installing the role from Ansible Galaxy, you can install the role from the Github repository: ansible-galaxy install git+https://github.com/aruba/aruba-central-ansible-role.git. The -f option can be used to overwrite the current existing role version.
Additionally, you'll need to install the requests library. You can do so with the following command:
pip install -r requirements.txt
Setting up the Ansible Inventory for Aruba Central
- The Aruba Central Ansible modules use Central's REST API. For information on REST API and instructions for obtaining access to the REST API, see the Developer Hub pages in the Aruba Central REST API section, beginning with Getting Started with REST API
- An API token must be created for a user on Aruba Central and a valid, non-expired access_token must be present
- Ensure that the access token was created with "Network Operations" selected in the Application drop-down list.
An access token is valid for a period of 7200 seconds or two hours. After two hours, it will expire and a new token needs to be created. The token expiry time is currently not configurable.
Your Ansible inventory will likely be rather modest as it will only contain the Central instance(s) as opposed to all the target devices, which will in turn be managed by Central.
Inventory Variables
The variables that should be defined in your inventory for your Aruba Central account are:
ansible_host: Base URL path for API-gateway on Aruba Central in FQDN formatansible_connection: Must always be set tohttpapiansible_network_os: Must always be set toaruba_centralansible_httpapi_use_ssl: Must always be set toTrueansible_httpapi_session_key: Aruba Central's API access token
Sample Inventories
INI
arubacentral ansible_host=internal-apigw.central.arubanetworks.com ansible_connection=httpapi ansible_network_os=aruba_central ansible_httpapi_use_ssl=True ansible_httpapi_central_access_token=CnjDaXXxvnjrvJRwxxxxXXxxXXXXxxxx
YAML
all:
hosts:
central:
ansible_host: internal-apigw.central.arubanetworks.com
ansible_connection: httpapi
ansible_network_os: aruba_central
ansible_httpapi_use_ssl: True
ansible_httpapi_central_access_token: CnjDaXXxvnjrvJRwxxxxXXxxXXXXxxxx
Updated 4 months ago