Using powercli in Ansible

[Bob Nian]

Is it possible to use powercli in Ansible? This is because I am trying to harden an EXSi host but I am trying simpler code first which is disabling SSH service. I've created two files, one is for my powercli script and another is a .yml file. However, I encountered an error.

This is how it look: 

script.ps1

Get-VMHost | Foreach {

  {Stop-VMHostService -HostService ($_ | Get-VMHostService | Where {$_.Key -eq $

}

playbook.yml

---

# This playbook tests the script module on ESXi hosts

- name: Run powercli script

  hosts: all

  gather_facts: false

  tasks:

    - name: Run powercli script

      script: script.ps1

Error

fatal: [esxi-host]: FAILED! => {"changed": true, "failed": true, "rc": 2, "stderr": "Shared connection to 192.168.1.190 closed.\r\n", "stdout": "//.ansible/tmp/ansible-tmp-1495450802.21-237546974052981/script.ps1: line 1: Get-VMHost: not found\r\n//.ansible/tmp/ansible-tmp-1495450802.21-237546974052981/script.ps1: line 1: Foreach: not found\r\n//.ansible/tmp/ansible-tmp-1495450802.21-237546974052981/script.ps1: line 2: syntax error: unexpected \"(\"\r\n", "stdout_lines": ["//.ansible/tmp/ansible-tmp-1495450802.21-237546974052981/script.ps1: line 1: Get-VMHost: not found", "//.ansible/tmp/ansible-tmp-1495450802.21-237546974052981/script.ps1: line 1: Foreach: not found", "//.ansible/tmp/ansible-tmp-1495450802.21-237546974052981/script.ps1: line 2: syntax error: unexpected \"(\""]}

 [WARNING]: Could not create retry file '/etc/ansible/playbook.retry'.

[Errno 13] Permission denied: u'/etc/ansible/playbook.retry'

[J Hawkesworth]

is esxi-host a windows machine?  I'm guessing a bit here but it looks to me like powershell isn't processing the script you are sending to this machine.

I suggest rather than 'hosts: all' you define some groups in your inventory and put all the windows hosts in a separate group, and set up the windows-specific connection parameters there.

Also worth considering using the vmware_* modules, which will talk to your vcenter hosts and manage many of the things you might otherwise manage via powercli.

Hope this helps,

Jon

[Bob Nian]

So basically my ESXi host is a bare-metal installation. The script that was stated above is running from my Ubuntu VM in my own laptop.

[J Hawkesworth]

I think you will almost certainly need to delegate the script task to a machine which has powercli installed on it. I think the bare metal esxi host is unlikely to have powercli installed on it.

I am going to say again that it is well worth taking a look at the vmware_guest module (and associated VMware modules). You just delegate the VMware modules to your vcenter and declare what you want in your playbooks and roles, meaning no need to switch into powercli syntax when you need something doing in vsphere.

Hope this helps,

Jon

[Bob Nian]

This is because I've to harden my vSphere esxi host using script (powercli) and thus I will be using ansible to automate the script. However, after reading through the vmware_guest module, it seems like the module does not have that relation to what I am doing. Is there anyway that I can incorporate powercli scripts to ansible or is there any module that has some sort of relation of esxi hardening?

[Aaron K]

Try PowerCLI 10.0 from the Linux box or if you want to use the Windows version of PowerCLI, delegate your tasks to your Windows machine that has PowerCLI installed.

[Ramesh AR]

Hi All, I want to do ESXi upgrade by using Ansible from Scratch. Does anyone has sample playbooks for disabling alarm, VMs migration,put hosts in maintenance mode, remove from vCenter and upgrade process then reconnect to vcenter. I'm new to Ansible and very hard to find some sample playbooks for VMs migration from one host to anohter host.

[Varun Chopra]

Should be an easy conversion if you already have scripts in place that do this for you.

[kadir vel]

Not sure if you already had an answer for this. Just came across with this requirement and found a solution. 

you might want to install PowerShell on your Ansible master server #sudo install powershell,  Depending on your Linux distro and version you may have to set an updated MS repo.

#sudo pwsh

PS /home/user/> Install-Module vmware.powercli

PS /home/user/> Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Scope AllUsers

Create a PowerShell Script:

Connect-VIServers Get-Host >> test.ps1

Call the above ps script using ansible "command" option:

---

- hosts: localhost

  tasks:

    - name: Get esxi hosts

      command: pwsh test.ps1

Regards,

Kadirvel A

[Abhijeet Kasurde]

Hi All,

I am maintainer of VMware Ansible modules. I would strongly recommend to use existing VMware Ansible modules since they are tested and works well with existing setups. For current use case like disabling firewall, you can use `vmware_host_service_manager` module. You can check this stackoverflow answer - https://stackoverflow.com/a/48293497/1075324 for more details.

Yes, It is possible to run powercli scripts against given ESXi. You need to use a Windows machine as a delegate host since powercli will reside and run on that same host. So long story short 

Ansible controller will communicate to Windows machine as a delegate host and then that windows machine will communicate to ESXi host. 

You need to edit the existing powershell script to work with Ansible. Since requires certain format for Ansible Powershell module. You can check these sample powershell scripts with python helper modules - https://github.com/Akasurde/ansible-vmware_update_manager and https://github.com/mycloudrevolution/Ansible-Veeam 

Let me know if you any question around this.

Thanks

Abhijeet Kasurde

[Angel Rengifo Cancino]

Actually, I usually run PowerCLI scripts from the Ansible controller without any issues. I just invoke shell module pointing to my PS1 script.

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/9f8f664a-f85d-4877-9d91-24c3884a8b14%40googlegroups.com.

[Jon POK]

Hello 

Is it possible to run powercli commands instead of using scyrpt in *.ps1?

sth like this but example gives me error :(

tasks:

    - name: Run PowerShell Command

      shell: |

         Connect-VIServer -Server <IP>-User administrator -Password <Password>

          Get-VMHost <nameofhost> | get-datastore local |Set-Datastore -Name localdatastore

I have also tried with command: | also not working