deploy VM from template and customize guest

[Tony Wong]

I am trying to deploy VM from VM template with ansible. I got the playbook to deploy the VM. but how do I customize the guest:

I need to

1. rename the guest name to VM name

2. join domain

3. put it in an specific OU

any udea?

[Dave York]

Ive done this by using the customization argument of the vmware_guest module to join the domain. but prior to vmware_guest i use a win_domain_computer delegated to a windows utility box to prestage the computer object in the right ou

Sent from Outlook Mobile

[Tony Wong]

I got a customization template in vcenter. how do I specify using that template. Also the template looks like will override my static IP settings on my Vms. 

On Sun, Jun 7, 2020 at 3:31 PM Dave York <dave...@gmail.com> wrote:

Ive done this by using the customization argument of the vmware_guest module to join the domain. but prior to vmware_guest i use a win_domain_computer delegated to a windows utility box to prestage the computer object in the right ou

Sent from Outlook Mobile

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/BY5PR11MB389625F705684B8C33E6891EA1840%40BY5PR11MB3896.namprd11.prod.outlook.com.

[Tony Wong]

for ansible, is there a reverse order to detroy the vms after the vm playbook has been run like terraform? Or do I need to create another playbook to destroy the vms?

[David Foley]

I'll assume you are refering to Custom Specs within vCenter :

You can use the following: https://docs.ansible.com/ansible/latest/modules/vmware_guest_module.html

customization_spec  - added in 2.6

Unique name identifying the requested customization specification. This parameter is case sensitive. If set, then overrides customization parameter values.

 

[David Foley]

So you want to do something like Terraform init / plan & Apply and once finished you want to do a Terraform Destroy? 

No Ansible doesn't do State Files 

[Dave York]

These are the two plays I use to do what you were asking about:

- name: Ensure Computer Object exists in AD

    win_domain_computer:

      name: '{{ inventory_hostname_short }}'

      dns_hostname: '{{ inventory_hostname }}'

      domain_server: domaincontroller.fqdn

      sam_account_name: '{{ inventory_hostname_short }}$'

      ou: '{{ AD_OU }}'

      description: '{{ owner_email }}'

      enabled: yes

      state: present

    delegate_to: utilityserver.fqdn

  - name: Clone to VM from Template

    vmware_guest:

      hostname: '{{ vsphere_hostname }}' 

      username: '{{ lookup("env", "VMWARE_USER") }}'

      password: '{{ lookup("env", "VMWARE_PASSWORD") }}'

      validate_certs: no

      folder: '{{ vmware_folder }}'

      annotation: "{{ owner_email }}"

      datacenter: '{{ vmware_datacenter }}'

      name: '{{ inventory_hostname_short }}'

      cluster: '{{ vmware_cluster }}'

      state: poweredon

      template: '{{ vmware_template }}'

      datastore: '{{ vmware_datastore }}'

      customization:

        domainadmin: '{{ lookup("env", "ANSIBLE_NET_USERNAME") }}'

        domainadminpassword: '{{ lookup("env", "ANSIBLE_NET_PASSWORD") }}'

        joindomain: domain.fqdn

        password: '{{ templatepwd }}'

        timezone: 004

      disk:

      - size_gb: 100

        type: thin

      - size_gb: 100

        type: thin

      hardware:

        memory_mb: '{{ vmware_mem }}'

        num_cpus: '{{ vmware_cpu }}'

        scsi: paravirtual

        hotadd_cpu: True

        hotremove_cpu: True

        hotadd_memory: True

        boot_firmware: "efi"

      networks:

      - name: '{{ vmware_network }}'

        ip: '{{ ipv4 }}'

        netmask: '255.255.255.0'

        gateway: '{{ ipv4_gateway }}'

        device_type: vmxnet3

        dns_servers: 

        - '{{ dns_primary }}'

        - '{{ dns_secondary }}'

      wait_for_ip_address: yes

      wait_for_customization: yes

    delegate_to: localhost

    register: deploy

On Monday, June 8, 2020 at 7:15:11 AM UTC-7, Tony Wong wrote:

for ansible, is there a reverse order to detroy the vms after the vm playbook has been run like terraform? Or do I need to create another playbook to destroy the vms?

On Mon, Jun 8, 2020 at 6:59 AM Tony Wong <tdub...@gmail.com> wrote:

I got a customization template in vcenter. how do I specify using that template. Also the template looks like will override my static IP settings on my Vms. 

On Sun, Jun 7, 2020 at 3:31 PM Dave York <dave...@gmail.com> wrote:

Ive done this by using the customization argument of the vmware_guest module to join the domain. but prior to vmware_guest i use a win_domain_computer delegated to a windows utility box to prestage the computer object in the right ou

Sent from Outlook Mobile

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.

To unsubscribe from this group and stop receiving emails from it, send an email to ansible...@googlegroups.com.

[Tony Wong]

Thank you. So for the customization part, i didnt see a mention of the name of the customization template in vcenter. 

so ansible does not use that ?

To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/a6389e24-f428-4922-b2a2-e5dc8489cbc6o%40googlegroups.com.

[Dave York]

I'm not using a customization template, but it may be possible - I think that's what David Foley was referencing.

Check out customization_spec within the vmware_guest module https://docs.ansible.com/ansible/latest/modules/vmware_guest_module.html

You can use the method im using OR you can call customization_spec

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/a6389e24-f428-4922-b2a2-e5dc8489cbc6o%40googlegroups.com.

[Tony Wong]

hi

for 

customization:

        domainadmin: '{{ lookup("env", "ANSIBLE_NET_USERNAME") }}'

        domainadminpassword: '{{ lookup("env", "ANSIBLE_NET_PASSWORD") }}'

        joindomain: domain.fqdn

what does this mean?

lookup("env", "ANSIBLE_NET_USERNAME"

are you manually putting the username and password in the answer file?

Can this be encrypted

To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/ae6c3fe4-e482-4ac7-a701-d6eeaca4c367o%40googlegroups.com.

[Tony Wong]

ok I was able to use the customization_spec to join the machine to the domain

But how do I assign the statistic IP to the server?

my  host file looks like this before using the customization_spec

[prod-k8s-workers]
prod-k8s-worker01 deploy_vsphere_datastore='RW-VA-NIM-VOL9' guest_custom_ip='10.200.1.41' guest_notes='Worker #01'
prod-k8s-worker02 deploy_vsphere_datastore='RW-VA-NIM-VOL9' guest_custom_ip='10.200.1.43' guest_notes='Worker #02'
#prod-k8s-worker03 deploy_vsphere_datastore='RW-VA-NIM-VOL9' guest_custom_ip='10.200.1.44' guest_notes='Worker #03'
#prod-k8s-worker04 deploy_vsphere_datastore='RW-VA-NIM-VOL9' guest_custom_ip='10.200.1.45' guest_notes='Worker #04'
#prod-k8s-worker05 deploy_vsphere_datastore='RW-VA-NIM-VOL9' guest_custom_ip='10.200.1.46' guest_notes='Worker #05'

and in my roles file

 networks:
    - name: '{{ guest_network }}'
      ip: '{{ guest_custom_ip }}'
      netmask: '{{ guest_netmask }}'
      gateway: '{{ guest_gateway }}'
    customization:
      dns_servers:
      - '{{ guest_dns_server }}'
      domain : '{{ guest_domain_name }}'
      hostname: '{{ inventory_hostname }}

I guess I cannot use the values in my roles file when using customization_spec?

[Tony Wong]

can i get some help w this? My account to join the domain keeps getting locked out. 

This password has spaces in it

like this

"This is my pa$$w0rd!"

but account keeps getting locked out