I’ve heard from many customers that they would like to deploy a set of standard configuration to all of their Avi controllers. A good example of this would be to deploy a particular health monitor to all of your data centers, and to make sure that health monitor’s configuration always stays the same across the sites. Reduce config drift! I know from managing F5s back in the day, the same named health monitor can have different settings across each LTM. Just depends on who copied it over, and if they missed or changed anything.
Using the following ansible playbook, you can standardize your config deployment to a list of Avi controllers.
Software Versions used in this demo
| Software | Version |
|---|---|
| Bootstrap VM | Ubuntu 22.04.3 LTS |
| Ansible | 2.15.9 |
| Ansible Python | 3.10.12 |
| Ansible Collection: vmware.alb | 30.1.1 |
| Github Repo | avi_standard_config |
| Avi Controller & SEs | 22.1.3 |
Deploy an Avi controller and SEs
If you don’t already have some type of Avi controller in your environment, you’ll need to do this as a first step. The script below is designed for an Avi controller running in vCenter. So if you have a public cloud environment, the script will need to be modified slightly.
See my blog post on deploying an Avi controller
Prepping a bootstrap VM for Ansible
You need some type of server/host to run ansible playbooks. This can be an ubuntu or centos VM, it could even be your PC or MAC if you find a way to install ansible from there. In my case I’ve deployed a VM in vcenter, and installed Ubuntu 22.
Update Ubuntu
sudo su
apt update && sudo apt full-upgrade -y
reboot # I like to reboot after a large upgrade like thisInstall Ansible and the vmware.alb collection
sudo su
apt install ansible
ansible-galaxy collection install vmware.albInstall Git
sudo su
apt install gitClone the ansible repo
mkdir /home/ubuntu/ansible
cd /home/ubuntu/ansible
git clone https://github.com/canad1an/avi_ansible_examples.git
cd avi_ansible_examples/avi_create_app/Configuring the ansible playbook
Now that we’ve setup the ubuntu bootstrap VM, let’s configure some variables in the ansible playbook and we can run the playbook.
The only configuration file in this playbook is /vars/creds.yaml
The avi_controllers_info list is a list of all the Avi controllers in which you would like to apply the standardized configuration. If you would prefer to use the same password for all, then set the username and password in the global_info instead of in the avi_controllers_info list.
avi_controllers_info:
- avi_credentials: # Info for Avi controller 1
controller: "10.225.9.35" # IP or fqdn
username: "admin" # Not required if global_info.username is set
password: "password123" # Not required if global_info.password is set
api_version: "22.1.3" # Not required if global_info.api_version is set
- avi_credentials: # Info for Avi controller 2
controller: "10.225.9.36"
username: "admin"
password: "password123"
api_version: "22.1.3"
global_info:
username: "admin"
password: "password123"
api_version: "22.1.3"
tenant: "admin" # Tenant to deploy the config
state: "present" # present or absentJust to reiterate on the above. If username/password/api_version are set in the avi_controllers_info, then it will take precedence over the global_info settings.
Run the ansible playbook and create the standard config
After you’ve edited the above config file, now we can run the ansible script.
cd avi_ansible_examples/avi_standard_config #Navigate back to this directory, since this is where the main.yaml file exists
export ANSIBLE_HOST_KEY_CHECKING=False; ansible-playbook main.yaml
All 4 objects were created above, on all the Avi controllers I had specified in my list.
Feel free to customize this script as needed, for your use case.