VMware Cloud Community
cloudjk
Contributor
Contributor
Jump to solution

vRA 7.3 - Ansible Integration

I'm fairly new to vRealize Automation Platform. I'm curious If any community members have done this vRA/vRO -> Ansible - HTTPS REST API to invoke a playbook after a successful VM creation. Need some guidance on how to achieve this goal. Appreciate any feedback. I do know there's a third party plugin for ansible but I'm looking to perform this without third party plugin. Thanks

1 Solution

Accepted Solutions
jasnyder
Hot Shot
Hot Shot
Jump to solution

Do we need to upload any plugin to support HTTPS REST?

No, you will just specify the protocol and port in the host URL.  It will add the server's certificate to the trust store for you.

Does anybody have any example of how to add a third party HTTPS REST in vRO?

Here's a quick tutorial using HTTPS to register the local vRO server as a REST host and enumerate and call workflows with it via API from itself.  The value of this particular example is basically null and void outside of showing how to configure a REST API using the plug-in.

Run the Add a REST host workflow:

pastedImage_4.png

Enter the friendly name of the host and the connection info:

pastedImage_5.png

Choose the authentication type:

pastedImage_0.png

Choose the session type (shared session = uses one credential as a service account; most likely this is the one you need), and enter the username and password.  If you choose per user, the currently logged in user's credential will get passed through.

pastedImage_1.png

Choose whether to use a proxy,  If yes, enter the proxy connection info.  If no, just continue:

pastedImage_3.png

Choose whether to enforce proper x509 validation (i.e. common name matches dns name), and whether you need client certificate authentication (and provide the key if yes).

pastedImage_4.png

After the host is successfully add, you need to add methods using the Add a REST operation workflow:

pastedImage_6.png

Select the host you just added.  Enter the template URL (variables are added by enclosing in braces).  And Select a method:

pastedImage_5.png

Test the method by running the Invoke a REST operation workflow:

Select the operation to call and enter params and headers as necessary:

pastedImage_7.png

Review the result in the vRO logs (I can see that I got a massive JSON list back of all the workflows in vRO):

pastedImage_8.png

What if I want to get a specific vRO workflow by ID?  I need to add a new operation that goes to /workflows/{workflowId} by running the Add a REST Operation workflow again.  This time the input looks like this:

pastedImage_10.png

Now when I invoke that particular method, I want to get workflow with ID A18080808080808080808080808080808080808001299080088268176866967b3:

pastedImage_12.png

The workflow presentation now gives me a second step to input the parameter values:

pastedImage_13.png

Enter the ID of the workflow in parameter 1, and run the workflow:

pastedImage_14.png

Turns out that workflow happens to be the Invoke a REST operation workflow, and the call to get the info on it returns this:

pastedImage_15.png

What if we want to run a workflow?  Add another operation which is a POST to the /workflows/{workflowId}/executions URI:

pastedImage_16.png

(If you prefer XML, you could put application/xml, but I don't recommend it unless your endpoint requires it)

Now we'll test the executeWorkflowWithId operation:

pastedImage_17.png

This time, I'm providing an ID of a different workflow that takes a single input and outputs it to the log.

pastedImage_18.png

You'll notice a third step here which is the POST body content.  I pasted this JSON in the content to specify the parameters to the workflow I'm calling with this operation:

{

  "parameters": [

    {

      "name": "input1",

      "scope": "local",

      "type": "string",

      "value": {

            "string": {

                 "value": "test input via REST operation workflow call"

            }

      }

    }

  ]

}

The final step looks like this:

pastedImage_20.png

After hitting submit on that, I verify I get a 202 response:

pastedImage_23.png

And go to check the workflow that I executed with this call:

pastedImage_24.png

Last thing is you can check the HTTP-REST hosts and operations in the inventory tab, just to make sure they got configured.

pastedImage_26.png

View solution in original post

6 Replies
jasnyder
Hot Shot
Hot Shot
Jump to solution

I haven't done this specific thing before, but the question is around provisioning a VM and then calling out to a third-party REST API to kick off the playbook to configure the VM that just got configured, correct?  Do you need to call to a Tower server or a different REST API that would then invoke the playbook?

In any case, the flow would look like this, if the above goal is correct:

  1. vRA Catalog request submitted
  2. VM clone, customization, boot
  3. Call out to vRO workflow with some information about the VM
  4. vRO workflow calls out to third-party REST API to POST the collected information
  5. Third-party server takes the info and does some action with it
  6. (optional) vRO workflow waits pending completion or confirmation from third-party system (perhaps via a period call to the API to check on the status of a job).  This could also be performed by checking some condition within the VM that indicates a complete job.

To do this, you would need to register the REST API endpoint and necessary methods with the vRO HTTP-REST plugin.  Once you have that configured, it would be a good idea to test those methods independently to make sure calling them from vRO works.

Next you need to create the workflow that vRA will call to perform the REST callout.  This will accept an input of type properties to take VM properties from the provisioning operation.

The blueprint needs to be updated with the custom property - Extensibility.Lifecycle.Properties.VMPSMasterWorkflow32.MachineProvisioned = *

That will cause vRA to send the request and VM properties to the vRO workflow when it's called.

Next you need to create an event subscription to call your workflow when the machine lifecycle state name = VMPSMasterWorkflow32.MachineProvisioned and the lifecycle state = POST.  You may also want to add an addition condition to match to the blueprint name so this only runs when a certain blueprint is requested, or another condition that makes sense for when to run it.

OR Option 2 -

All of the above is one possibility.  You might also consider if it's possible to make the callout from a script within the VM once provisioning is complete.  If that is possible, you could use software components to execute scripts on the VM that would do curl or some other CLI tool to callout to the API to invoke the necessary steps.  If you go this route, you can have the script take one or more properties as inputs from the user and use those inputs to make decisions or perform actions specific to the input.  In this case, you would also need to install the vRA guest agent (gugent) and the darwin bootstrap agent on the machine template backing the blueprint.  The agents are responsible for checking in with the vRA and IaaS servers for work items and scripts for software installs.  You could use this option to fetch playbooks from a remote repository and run them locally (not sure if that fits your need in this case).  Which playbook you fetch could be driven by user input (i.e. drop-down to choose a server type).

rstoker13
VMware Employee
VMware Employee
Jump to solution

Great post jasnyder​! We have vRA Advanced and have planned to test using almost exactly the same process as defined in your 'Option 1.' If the OP happens to be licensed for vRA Enterprise, the following blog may be of assistance: The vRA Guest Agent Ansible Integration – VMtoCloud.com

Reply
0 Kudos
cloudjk
Contributor
Contributor
Jump to solution

Thanks a lot for the detailed workflow and steps!! Really appreciated! We are going to use Ansible Tower to call out. I assume option 1 would be the best approach. Also, I see in vRO as HTTP Rest not HTTPS Rest ? Do we need to upload any plugin to support HTTPS REST? Does anybody have any example of how to add a third party HTTPS REST in vRO?

Reply
0 Kudos
jasnyder
Hot Shot
Hot Shot
Jump to solution

Do we need to upload any plugin to support HTTPS REST?

No, you will just specify the protocol and port in the host URL.  It will add the server's certificate to the trust store for you.

Does anybody have any example of how to add a third party HTTPS REST in vRO?

Here's a quick tutorial using HTTPS to register the local vRO server as a REST host and enumerate and call workflows with it via API from itself.  The value of this particular example is basically null and void outside of showing how to configure a REST API using the plug-in.

Run the Add a REST host workflow:

pastedImage_4.png

Enter the friendly name of the host and the connection info:

pastedImage_5.png

Choose the authentication type:

pastedImage_0.png

Choose the session type (shared session = uses one credential as a service account; most likely this is the one you need), and enter the username and password.  If you choose per user, the currently logged in user's credential will get passed through.

pastedImage_1.png

Choose whether to use a proxy,  If yes, enter the proxy connection info.  If no, just continue:

pastedImage_3.png

Choose whether to enforce proper x509 validation (i.e. common name matches dns name), and whether you need client certificate authentication (and provide the key if yes).

pastedImage_4.png

After the host is successfully add, you need to add methods using the Add a REST operation workflow:

pastedImage_6.png

Select the host you just added.  Enter the template URL (variables are added by enclosing in braces).  And Select a method:

pastedImage_5.png

Test the method by running the Invoke a REST operation workflow:

Select the operation to call and enter params and headers as necessary:

pastedImage_7.png

Review the result in the vRO logs (I can see that I got a massive JSON list back of all the workflows in vRO):

pastedImage_8.png

What if I want to get a specific vRO workflow by ID?  I need to add a new operation that goes to /workflows/{workflowId} by running the Add a REST Operation workflow again.  This time the input looks like this:

pastedImage_10.png

Now when I invoke that particular method, I want to get workflow with ID A18080808080808080808080808080808080808001299080088268176866967b3:

pastedImage_12.png

The workflow presentation now gives me a second step to input the parameter values:

pastedImage_13.png

Enter the ID of the workflow in parameter 1, and run the workflow:

pastedImage_14.png

Turns out that workflow happens to be the Invoke a REST operation workflow, and the call to get the info on it returns this:

pastedImage_15.png

What if we want to run a workflow?  Add another operation which is a POST to the /workflows/{workflowId}/executions URI:

pastedImage_16.png

(If you prefer XML, you could put application/xml, but I don't recommend it unless your endpoint requires it)

Now we'll test the executeWorkflowWithId operation:

pastedImage_17.png

This time, I'm providing an ID of a different workflow that takes a single input and outputs it to the log.

pastedImage_18.png

You'll notice a third step here which is the POST body content.  I pasted this JSON in the content to specify the parameters to the workflow I'm calling with this operation:

{

  "parameters": [

    {

      "name": "input1",

      "scope": "local",

      "type": "string",

      "value": {

            "string": {

                 "value": "test input via REST operation workflow call"

            }

      }

    }

  ]

}

The final step looks like this:

pastedImage_20.png

After hitting submit on that, I verify I get a 202 response:

pastedImage_23.png

And go to check the workflow that I executed with this call:

pastedImage_24.png

Last thing is you can check the HTTP-REST hosts and operations in the inventory tab, just to make sure they got configured.

pastedImage_26.png

cloudjk
Contributor
Contributor
Jump to solution

Thanks a lot for your help guys!! Really appreciate it! I have another question on. How can we remove unnecessary workflows showing up under HTTP-Rest endpoint in vRO? I did couple of tests just for an experiment and would like to remove them and only keep required ones.

Reply
0 Kudos
jasnyder
Hot Shot
Hot Shot
Jump to solution

Use the Remove a rest operation workflow:

pastedImage_0.png

Select the operation from the inventory, and hit submit:

pastedImage_1.png

Similarly, you can remove a host using the Remove a REST host workflow.

Reply
0 Kudos