Ansible is an open-source automation framework that was created by Ansible and now maintained by RedHat. Ansible is an orchestration tool that automates provisioning, configuration management, and application deployment.
In 2019, Aruba became an official Ansible partner, and currently supports Ansible for Central, among other Aruba products.
If you aren't already familiar with Ansible, please read through the pages linked here:
Our Aruba Central Ansible modules are packaged in the Aruba Central role.
- Python 2.7 or 3.5+
- Ansible 2.9.0 or later
- Minimum supported Aruba Central firmware version 2.5.2
The Aruba Central role was created solely for the sake of bundling up the Aruba Central Ansible modules for easy distribution and consumption. To install the role, issue the "ansible-galaxy" command:
ansible-galaxy install arubanetworks.aruba_central_role
If you plan on using the Aruba Central role in an Ansible Tower environment, make sure to provide the full path to a location in which Ansible Tower looks for installed roles. Ansible Tower looks in multiple places for installed roles. For example, one such path is
ansible-galaxy install arubanetworks.aruba_central_role --roles-path /etc/ansible/roles/
To install the latest updated role, simply re-run any of the previous commands. Ansible Galaxy will check to see if the existing role is out of date and install the latest version.
As an alternative to installing the role from Ansible Galaxy, you can install the role from the Github repository:
ansible-galaxy install git+https://github.com/aruba/aruba-central-ansible-role.git. The
-f option can be used to overwrite the current existing role version.
Additionally, you'll need to install the requests library. You can do so with the following command:
pip install -r requirements.txt
- The Aruba Central Ansible modules use Central's REST API. For information on REST API and instructions for obtaining access to the REST API, see the Developer Hub pages in the Aruba Central REST API section, beginning with Getting Started with REST API
- An API token must be created for a user on Aruba Central and a valid, non-expired access_token must be present
- Ensure that the access token was created with "Network Operations" selected in the Application drop-down list.
An access token is valid for a period of 7200 seconds or two hours. After two hours, it will expire and a new token needs to be created. The token expiry time is currently not configurable.
Your Ansible inventory will likely be rather modest as it will only contain the Central instance(s) as opposed to all the target devices, which will in turn be managed by Central.
The variables that should be defined in your inventory for your Aruba Central account are:
ansible_host: Base URL path for API-gateway on Aruba Central in FQDN format
ansible_connection: Must always be set to
ansible_network_os: Must always be set to
ansible_httpapi_use_ssl: Must always be set to
ansible_httpapi_session_key: Aruba Central's API access token
arubacentral ansible_host=internal-apigw.central.arubanetworks.com ansible_connection=httpapi ansible_network_os=aruba_central ansible_httpapi_use_ssl=True ansible_httpapi_central_access_token=CnjDaXXxvnjrvJRwxxxxXXxxXXXXxxxx
all: hosts: central: ansible_host: internal-apigw.central.arubanetworks.com ansible_connection: httpapi ansible_network_os: aruba_central ansible_httpapi_use_ssl: True ansible_httpapi_central_access_token: CnjDaXXxvnjrvJRwxxxxXXxxXXXXxxxx
Updated 10 months ago