Dell OpenManage Enterprise Operations with Ansible Part 2: Templates and Deployment
Mon, 04 Dec 2023 16:30:25 -0000
|Read Time: 0 minutes
In case you missed it, check out the first part of this blog series for some background on the openmanage Ansible collection by Dell. In this post, we’ll take a look at template based deployment in OME driving from Ansible.
Template based deployment
Templates in OME are a great way to define the exact configuration that you would like to replicate on a group of servers. You can collect devices into multiple groups based on the workload profile and apply templates on these groups to achieve identical configurations based on security, performance, and other considerations.
To retrieve template information, you can use the dellemc.openmanage.ome_template_info module to query templates based on a variety of system_query _options. You can pass filter parameters as shown here:
- name: Get filtered template info based on name. dellemc.openmanage.ome_template_info: hostname: "{{ hostname }}" username: "{{ username }}" password: "{{ password }}" validate_certs: no system_query_options: filter: "Name eq 'empty_template'" register: template_info - name: print template info debug: msg: "{{template_info}}"
Template creation
One way to create a template is by using an existing device configuration. You can also create a template by cloning an existing template and then modifying the parameters as necessary. Following are the Ansible tasks for each respective method:
- name: Create a template from a reference device. dellemc.openmanage.ome_template: hostname: "{{ hostname }}" username: "{{ username }}" password: "{{ password }}" validate_certs: no device_service_tag: "{{device_service_tag}}" attributes: Name: "{{device_service_tag}}-template" Description: "ideal Template description" - name: Clone a template dellemc.openmanage.ome_template: hostname: "{{ hostname }}" username: "{{ username }}" password: "{{ password }}" validate_certs: no command: "clone" template_name: "empty_template" attributes: Name: "deploy_clone" delegate_to: localhost
Template Attribute list
Very often as part of day-2 operations you may have to change a set of attributes, which can be difficult given that a template is a very detailed object with thousands of parameters. To see what parameters are available to modify in a template, we must get the complete list of parameters using a REST API call. In the following example, we first establish an API connection and then make a call to api/TemplateService/Templates(11)/Views(1)/AttributeViewDetails. We then store this information in a JSON file for further exploration and parsing:
- name: Get PowerScale API Session Token ansible.builtin.uri: url: "https://{{ hostname }}/api/SessionService/Sessions" method: post body_format: json validate_certs: false status_code: 200,201 body: | { "UserName": "{{ username }}", "Password": "{{ password }}", "SessionType":"API" } register: api_response tags: "api-call" - name: Store API auth token ansible.builtin.set_fact: ome_auth_token: "{{ api_response.x_auth_token }}" tags: "api-call" - name: Get attribute details uri: url: "https://{{ hostname }}/api/TemplateService/Templates(11)/Views(1)/AttributeViewDetails" validate_certs: false method: get #body_format: json #body: | # {"privileges":{{ admin_priv.json.privileges }}} headers: X-Auth-Token: "{{ ome_auth_token }}" status_code: 200,201,204,409 register: api_output - name: Save device_info to a file copy: content: "{{ api_output | to_nice_json }}" dest: "./output-json/api_output.json"
Once we have the JSON file with the complete set of attributes, we can find the exact attribute we want to modify. Given the attribute JSON file can span thousands of lines, we can use a simple python script to run a quick search of the attributes file based on keywords. Here are a few lines that can retrieve all the attributes containing Email:
import json with open('./output-json/api_output.json') as f: data = json.load(f) for item in data['json']['AttributeGroups'][0]['SubAttributeGroups']: if item['DisplayName'].find("Email") >-1: print('\n') print(item['DisplayName']) print('-------------------------') for subitem in item['Attributes']: print(subitem['DisplayName'])
Once we have the attribute that needs to be modified, we can use the ome_template module with (a) command set to modify and (b) attribute name and value set as follows:
- name: Modify template dellemc.openmanage.ome_template: hostname: "{{ hostname }}" username: "{{ username }}" password: "{{ password }}" validate_certs: no command: "modify" template_name: "deploy_clone" attributes: Attributes: - DisplayName: 'iDRAC, RAC Email Alert, EmailAlert 1 Email Alert Address' Value: "world123@test.com"
Device grouping and deployment
To apply templates to multiple devices, we can create device groups and then apply the deployment template for the entire group. To add devices to a group, you can create an array of devices. Here, I am passing the entire set of devices that I queried using ome_device_info:
- name: Retrieve basic inventory of all devices. dellemc.openmanage.ome_device_info: hostname: "{{ hostname }}" username: "{{ username }}" password: "{{ password }}" validate_certs: no register: device_info_result - name: get all service tags set_fact: service_tags: "{{ service_tags + [item.DeviceServiceTag] }}" loop: "{{ device_info_result.device_info.value }}" no_log: true - name: Create a device group dellemc.openmanage.ome_groups: hostname: "{{ hostname }}" username: "{{ username }}" password: "{{ password }}" validate_certs: no name: "demo-group-all" - name: Add devices to a static device group dellemc.openmanage.ome_device_group: hostname: "{{ hostname }}" username: "{{ username }}" password: "{{ password }}" validate_certs: no name: "demo-group-all" device_service_tags: "{{service_tags}}"
Now, we are ready to deploy our template to the device group we created using the same ome_template module but with command set to deploy:
- name: Deploy template on groups dellemc.openmanage.ome_template: hostname: "{{ hostname }}" username: "{{ username }}" password: "{{ password }}" validate_certs: no command: "deploy" template_name: "deploy_clone" device_group_names: - "deploy_group"
You can watch the following video to see in depth how the different steps of the workflow are run:
Conclusion
To recap, we’ve covered how to create templates, query and find the available attributes we can modify, and then modify them in a template, as well as how to group devices and deploy templates to those groups. You can find the code mentioned in this blog on GitHub as part of this Automation examples repo.
Author: Parasar Kodati, Engineering Technologist, Dell ISG