Introduction
Infoblox provides an easy to use interface that frequently makes an administrator’s life easier for day to day operations. But what if you are looking to take things to the next level and automate tasks that you might be stuck doing manually?
Many organizations are growing increasingly dependent on implementing steps and processes that power the automation that keeps day to day operations humming along. This procedure has even branched out into an entirely new field that is highly sought after in the industry- DevOps. There has been a merger between the philosophies for software development and IT operations, hence the term “DevOps”.
If you are wondering how you might benefit with Infoblox, you are not alone. Administrators know that many tasks are repetitive and that any miss-step can be difficult to keep track of, cause deployment failures or operational issues. When getting started, it is important to identify things like frequent repetitive requests or tasks with high error rates (example: IP address assignments, DNS record creation, and cleanup of everything once a resource is no longer needed), Infoblox has a robust API with an extensive library of information at hand to help you get started; however, this still requires knowledge of scripting languages and can be quite complex to pick up when you are getting started.
To fill this gap, orchestration platforms that provide greater ease of use, reliability and portability have quickly grown in popularity. Many Infoblox integrations have been developed for these orchestration platforms, such as Ansible, Terraform and others. Ansible was the first orchestration platform with officially supported integrations for Infoblox. It is a great resource for NIOS administrators who are ready to take that first step towards automation or for experienced administrators who are looking for an alternative to custom developed scripts that is easier to maintain.
Getting Started
One challenge that administrators may face is just knowing where to begin. To make this as simple as possible, Ansible uses modules and plugins that contain all the logic necessary for a specific operation. These modules and plugins are used in plays to complete the specified operation and these are called through a playbook. A playbook is essentially your script where you put everything together and can include other playbooks as well. With Ansible version 2.7, there are 13 modules and three plugins for Infoblox and a handy resource with details and basic examples for these can be found at https://docs.ansible.com/ansible/latest/scenario_guides/guide_infoblox.html.
Overview
The examples that are available do a great job demonstrating how to use the Infoblox modules and plugins, but what about a real-world example that ties everything together? This was a question that I was asked recently. We were looking at deployments for Azure MySQL servers and virtual machines and using those plentiful individual play examples , we were able to combine all into a working playbook. The working playbook, with just a little input, collects all necessary information, creates the desired objects in Infoblox, and the VM or database in Azure.
While there are countless ways you can accomplish this, the basic structure we followed for deploying a VM included:
- Set the parameters (‘facts’) to be used in the playbook through variables.
- Create a public IP address in Azure.
- Get the next available IP address from Infoblox and store that as a fact.
- Create a Host record in Infoblox using the stored IP address.
- Create a vNIC in Azure using the stored IP address.
- Deploy the VM using the previously created vNIC and public IP address.
For the MySQL server, the flow was a little simpler:
- Create the MySQL server.
- Lookup the IP address for that MySQL server.
- Create the Host record in Infoblox for local resolvability.
Structure
Variables are the key to tying together different plays in your playbook. They can be set directly in the playbook, through a separate file, or as an option in your command line. Using variables also provides you with maximum flexibility and ease of use. So much so, that a single playbook can be easily customized to fit changing needs, such as changing a name or resource. When using variables, static values can be set directly in the playbook, while others that are expected to change, such as unique deployment names , might be easier to set in the command line.
Here is a simple example for how this looks at the command line:
ansible-playbook create_vm.yaml –extra-vars “resource_group_name=resource-group1 vm_name=vm1”
And the following is what you will see in the playbook:
vars:
resource_group: “{{ resource_group_name }}”
name: “{{ vm_name }}”
When it comes to building your playbook, you can combine plays in a single playbook or categorize them into their own playbooks and then include these in your main playbook to help keep things tidy. Variables are an important piece of the puzzle because these will be used throughout your playbook. For example, the vm_name variable can be used to create a virtual machine in Azure, and to create a matching DNS record in Infoblox. Building your playbook to use variables as a single source of values, as your playbook is executed, is key to making sure that nothing is missed and that names are applied consistently.
For example, here is a play that creates a VM:
– name: Create VM
azure_rm_virtualmachine:
resource_group: “{{ resource_group_name }}”
name: “{{ vm_name }}”
vm_size: Standard_DS1_v2
admin_username: azureuser
admin_password: password
ssh_password_enabled: true
network_interfaces: “{{ vnic_name }}”
image:
offer: CentOS
publisher: OpenLogic
sku: ‘7.5’
version: latest
state: “{{ state }}”
And here is a play that creates a Host record in Infoblox:
– name: create host record
nios_host_record:
name: “{{ vm_name }}.{{ zone }}”
view: default
ipv4addrs:
– ipv4addr: “{{ ipaddr }}”
ttl: 3600
extattrs:
Site: Test Site
comment: Created with Ansible
state: “{{ state }}”
provider: “{{ nios_provider }}”
register: output_host_record
By combining these into the same playbook, the variables are defined one time and reused throughout.
To see the structure used for this playbook and get a better idea on exactly how they work, be sure to check out the sample playbook attached here. With simple updates to the state for each object that was created, you can easily remove these once done.
Conclusion
By putting processes in place to automate common tasks and leveraging an orchestration platform like Ansible, you can see benefits such as:
- Reduced time to deployment
- Prevent errors
- Simplified processes
- Ease of maintenance
- Increased accessibility by allowing updates through other groups in your organization
While not always an easy transition, implementing automation, of at least common or error prone tasks, can be a game changer for many organizations. It can also help increase accessibility to services that may be a challenge for a busy and overworked staff to keep up with.
Ansible is a registered trademark of Ansible, Inc. in the United States and other countries.
Azure is a registered trademark of Microsoft Corporation.
linux-vm-complete.txt 3 KB