fujitsu/ism-ansible

Ansible Modules and Sample Playbooks for Fujitsu Software Infrastructure Manager

Ansible Modules for Infrastructure Manager

This is the modules to manage Infrastructure Manager using Ansible playbooks.

Requirements

• Ansible Server
  • Ansible 2.4 or later
  • Python 2.6 or later
• FUJITSU Software Infrastructure Manager
  • 2.2.0 or later

Examples

Sample playbooks and instructions on how to run the modules can be found in the examples directory.

Setup

To run the Ansible modules and sample playbooks provided in this project, you should execute the following steps:

1. Clone the repository

Run on the Ansible Server:

cd /etc/ansible
git clone https://github.com/fujitsu/ism-ansible.git

2. Configure the ANSIBLE_LIBRARY environmental variable

Set the environment variables ANSIBLE_LIBRARY and ANSIBLE_MODULE_UTILS, PYTHONPATH, specifying the library full path from the cloned project.

Run on the Ansible Server:

export ANSIBLE_LIBRARY=/etc/ansible/ism-ansible/library
export ANSIBLE_MODULE_UTILS=/etc/ansible/ism-ansible/library/module_utils/
export PYTHONPATH=$PYTHONPATH:$ANSIBLE_LIBRARY

3. Certificate assignment for Infrastructure Manager

Acquire the certificate used for https communication and assign in the Ansible server. For information on how to assign certificates, refer to "3.1.1 Preparation" in "FUJITSU Software Infrastructure Manager V2.2 REST API Reference Manual".

4. Setting config file

Set the account information of Infrastructure Manager for the confg file (ism_config.json). Execute config_setting.sh with Ansible server as follows.The config file is created in the current directory when executing it.
Refer from [Note1] to [Note5].

Example

$ cd /etc/ansible/ism-ansible/
$ chmod +x ./config_setting.sh
$ ./config_setting.sh

> Enter IP address or FQDN:
  <IP address> or <FQDN>
> Enter port number:
  <Port No>
> Enter user name:
  <Login user name>
> Enter password:
  <Login password>
> Enter full path of certificate file:
  <full path of certificate file>
> completed

In each example in the above < >, specify the information of Infrastructure Manager.
Refer to [Note6].

Confirm the config file was created.

Example of execution with IP address

$ cat ./ism_config.json
  {"ip":"192.168.1.10","portNo":"25566",
    "credentials":{"userName":"administrator",
    "password":"U2FsdGVkX18iGtLsngKkgWtQQ3+j0s5W1aSTizoWny8="},
    "certificate": "/etc/ansible/ism-ansible/certificate.crt"}

Describe the path of the config file in playbook.
Refer to [Note7] and [Note8].

Playbook example

- name: Firmware update
  hosts: servers
  connection: local

  tasks:
   - name: Execution of ism_firmware_update
     ism_firmware_update:
       config: "/etc/ansible/ism-ansible/ism_config.json"

5. Setting inventory file

The inventory file describes the IP address (OS, hardware) and hostname (OS, hardware) of the operation target node. Specify the operation target for the inventory file.
Allocate the inventory file in Ansible server.

INI Format

[<Host group name1>]
<Operation target node1> ism_profile_name=<profile name>
<Operation target node2> ism_node_name=<Node Name> ism_node_type=<Node type> ism_node_model=<Model name>
<Operation target node3> ism_profile_name=<Profile name> ism_computer_name=<Computer name> ism_os_ip_address=<OS IP Address>
<Operation target node4>
...
[<Host group name2>]
<Operation target server>

YAML Format

all:
  children:
    <Host group name1>:
      hosts:
        <Operation target node1>:
          ism_profile_name: <Profile name>
        <Operation target node2>:
          ism_node_name: <Node name>
          ism_node_type: <Node type>
          ism_node_model: <Model name>
        <Operation target node3>:
          ism_profile_name: <Profile name>
          ism_computer_name: <Computer name>
          ism_os_ip_address: <OS IP Address>
        <Operation target node4>:
        ...
    <Host group name2>:
      hosts:
        <Operation target server>:

Settings

Name	Value	Remarks
Host group name	Any host group name	Specifies an arbitrary host group name. The host group is defined the multiple hosts as one group. In Ansible, the playbook can be executed for the host group unit.
Operation target node	One of the following - IP address - Host name (FQDN)	Multiple specifications are available. Specifies the IP address of the operation target node registered in Infrastructure Manager or the host name (FQDN) for its IP address. When the OS information of the operation target node is registered in Infrastructure Manager, the host name (FQDN) for the IP address of the OS information or the IP address can be specified. [Note9] [Note10] [Note11]
Profile name	The name of the profile to apply to the operation target node. Or, the new profile name when you copy the profile.	Optional. Specifies to run the profile assignment, copy profile module. Otherwise, it is ignored. If omitted, no key part ("ism_profile_name=", "ism_profile_name:") should be specified.
OS IP Address	The OS IP address to specify when copying the profile	Optional. Specifies to run the copy profile module. Otherwise, it is ignored. If omitted, no key part ("ism_os_ip_address=","ism_os_ip_address:") should be specified.
Computer name	Computer name to specify when copying the profile	Optional. Specifies to run the copy profile module. Otherwise, it is ignored. If omitted, no key part ("ism_computer_name=","ism_computer_name:") should be specified.
Operation target server	One of the following - IP address - Host name (FQDN)	Specifies the IP address of the ISM server or the hostname (FQDN) for its IP address. Use this value when performing unique operations with ISM, such as updating downloadable firmware information.
Node name	The name of the node to be registered with the operation target node	Optional. Specifies to run the node registration module. It is ignored for modules other than node registration. If omitted, no key part ("ism_node_name=","ism_node_name:") should be specified.
Node type	Node type to be registered in the operation target node	Optional Specifies to run the node registration module. It is ignored for modules other than node registration. If omitted, no key part ("ism_node_type=","ism_node_type:") should be specified.
Model name	Model name to be registered in the operation target node	Optional. Specifies to run the node registration module. It is ignored for modules other than node registration. If omitted, no key part ("ism_node_model=","ism_node_model:") should be specified.

Character code

UTF-8

File Location

Anywhere on the management server(Ansible).

Example

• Host group name: servers
  • Operation node1
    • IP address of OS information: 192.168.1.11
    • Profile name: profileA
  • Operation node2
    • Node IP address: 192.168.1.12
  • Operation node3
    • Host name for IP address of OS information: node3-os.test.local
  • Operation node4
    • Host name for IP address of node: node4
  • Operation node5
    • Node IP address: 192.168.1.13
    • Profile name: profileB
    • Computer name: node5
    • Host name for IP address of OS information: 192.168.1.23
• Host group name: ism_server
  • Operation server: 192.168.1.10

INI Format

[servers]
192.168.1.11 ism_profile_name=profileA
192.168.1.12 ism_node_name=nodeA ism_node_type=server ism_node_model="PRIMERGY RX300S8"
node3-os.test.local
node4
192.168.1.13 ism_profile_name=profileB ism_computer_name=node5 ism_os_ip_address=192.168.1.23

[ism_server]
192.168.1.10

YAML Format

all:
  children:
    servers:
      hosts:
        192.168.1.11:
          ism_profile_name: profileA
        192.168.1.12:
          ism_node_name: node_A
          ism_node_type: server
          ism_node_model: PRIMERGY RX300 S8
        node3-os.test.local:
        node4:
        192.168.1.13:
          ism_profile_name: profileB
          ism_computer_name: node5
          ism_os_ip_address: 192.168.1.23
    ism_server:
      hosts:
        192.168.1.10:

6. Modules and license check

The following is a list of modules available and unavailable in Essential.

Module name	Operation Mode [Note13]
	Other than Essential [Note14]	Essential
ism_backup.py	Yes	Yes
ism_copy_profile.py	Yes	No
ism_download_firmware.py	Yes	Yes
ism_firmware_list.py	Yes	Yes
ism_firmware_update.py	Yes	Yes
ism_get_download_firmware_list.py	Yes	Yes
ism_get_inventory_info.py	Yes	Yes
ism_get_power_status.py	Yes	Yes
ism_get_profile_info.py	Yes	No
ism_get_report_info.py	Yes	Yes
ism_maintenance_mode_setting.py	Yes	Yes
ism_power_on.py	Yes	Yes
ism_profile_assignment.py	Yes	No
ism_refresh_node_info.py	Yes	Yes
ism_retrieve_download_firmware_info.py	Yes	Yes

Yes:Available
No:Unavailable
[Note15]

7. Playbook execution

The following commands are executed with Ansible server.

ansible-playbook <playbook file path> -i <inventory file path>

Example

playbook file path: /etc/ansible/ism-ansible/examples/ism_firmware_list.yml
inventory file path: /etc/ansible/hosts

ansible-playbook /etc/ansible/ism-ansible/examples/ism_firmware_list.yml -i /etc/ansible/hosts

Report information comparison tool

A tool that compares the output files of the report information retrieval module.

Deployment path

By default, it is placed in the following path:
<Directory checked out from Git>/ism-ansible/tools/ism_report_diff.py

Tool execution command

python  ism_report_diff.py <FILE1> [<FILE2>]

Options

Parameter	Required	Description
FILE1	Yes	Specifies an old report information file to be compared.
FILE2	No	Specifies a new report information file to compare with. If this parameter is omitted, FILE1 and FILE2 are not compared and only the information of the file specified in FILE1 is output.

Examples

• To compare the old and new report information files

python ism_report_diff.py 2019-11-04_14-35-31.json 2019-12-04_09-01-02.json

• To output the information of only FILE1 without comparison

python ism_report_diff.py 2019-12-04_09-01-02.json

Output

Name				Description
Total				Number of nodes registered in ISM.
Diff				Number of nodes added and deleted by comparing the old and new report information files [Note16] Format: +<Number of adding nodes>, -<Number of deleting nodes> Example: Adding two nodes and deleting one node +2, -1
Status				Number of nodes in each status.
	Error			Number of nodes that the status is Error.
	Warning			Number of nodes that the status is Warning.
	Unknown			Number of nodes that the status is Unknown.
	Updating			Number of nodes that the status is Updating.
	Normal			Number of nodes that the status is Normal.
Alarm status				Number of nodes in each alarm status
	Error			Number of nodes that the alarm status is Error.
	Warning			Number of nodes that the alarm status is Warning.
	Info			Number of nodes that the alarm status is Info.
	Normal			Number of nodes that the alarm status is Normal.
Added node				Added node information for old and new report information files
	Node <N>			Node Information <N> is an integer, starting with 1
		Name		Node name
		Type		Node type
		Model		Model name
		IP		IP address Displays None for nodes that do not have an IP address
Firmware				Firmware Information that can be updated. If there is no firmware that can be updated, it will not be output.
	Node <N>			Node Information where existing the updatable firmware. <N> is an integer, starting with 1
		Name		Node name
		Type		Node type
		Model		Model name
		IP		IP address Displays None for nodes that do not have an IP address.
		Firmware <N>		Currently applied firmware information. <N> is an integer, starting with 1
			Name	Firmware name
			Type	Firmware type
			Version	Version
		Updatable firmware <N>		Firmware information that can be updated <N> is an integer, starting with 1
			Name	Firmware Name
			Type	Firmware type
			Version	Version
			RepositoryName	Repository
			OperationMode	Supported mode

Notes

• Sample playbook using ism_report_diff.py
  examples/ism_diff_report.yml

Changing processing time of Update Firmware and Profile Assignment settings

In the module of Update Firmware or Profile Assignment, waiting to complete the task in the internal processing.
The timeout period for the process of waiting to complete the task can be changed with the following ism_user_settings file.
Refer to [Note12].

ism_user_settings file path: /etc/ansible/ism-ansible/module_utils/ism_user_settings.py

Example

Timeout period of firmware update: 14400 (second) (= 4hours)
Timeout period of application of profile: 18000 (second) (= 5hours)

#!/usr/bin/python
#coding: UTF-8

# user_settings_value

'''
Set time confirmation for task confirmation
'''
FIRMWARE_UPDATE_TIME_OUT = 14400

PROFILE_ASSIGNMENT_TIME_OUT = 18000

Notes

[Note1]
When the config file already exists, it will be overwritten.

[Note2]
Specify the input values in single-byte upper-case, lower-case alphabetic letters, numbers, and symbols.

[Note3]
When re-setting by changing the input information, make sure that the playbook and module are stopped, and that the proper procedure is executed again.

[Note4]
When FQDN is used for the connection with Infrastructure Manager, confirm beforehand whether FQDN of Infrastructure Manager is available for name resolution on the Ansible server.

[Note5]
Presently IPv6 is not supported. For the connection with Infrastructure Manager, specify the IP address of IPv4 or host name (FQDN) that are available for name resolution of IPv4.

[Note6]
If the following error occurs when FQDN of Infrastructure Manager is specified with config_setting.sh, name resolution of FQDN of Infrastructure Manager has failed on the Ansible server. Ensure the action for name resolution and re-execute.

Example (For FQDN ism.test.local):

$ ./ism-ansible/config_setting.sh
Enter IP address or FQDN:
ism.test.local
Traceback (most recent call last):
  File "<string>", line 1, in <module>
socket.gaierror: [Errno -2] Name or service not known

[Note7]
Specify the config path in single-byte upper-case, lower-case alphabetic letters, numbers and symbols.

[Note8]
Ansible Modules for Infrastructure Manager is executed on the Ansible server. Therefore, the specification for "Connection: local" of the playbook is mandatory.

[Note9]
Presently IPv6 is not supported. Specify the IP address of IPv4 or host name (FQDN) that are available for name resolution of IPv4.

[Note10]
When the host name (FQDN) is specified, confirm beforehand whether the host name (FQDN) is available for name resolution on the Ansible server is confirmed.

[Note11]
When operating the node registration module, specify the target server to operate by specifying the IP or host name (FQDN) of iRMC.

[Note12]
Since the time-out time of 10800(second)(For = three hours), which sufficient for waiting for the task to complete, is specified in the default setting, it is not normally required to be changed.

[Note13]
This is the "Operation Mode" value output by "ismadm license show" command.

[Note14]
The "Operation Mode" other than Essential are as follows.

• Advanced
• Advanced (Trial)
• Advanced for PRIMEFLEX
• Advanced for PRIMEFLEX (Trial)
• NFLEX
• NFLEX (Trial)

[Note15]
The following error is output when executing an unavailable module.
This module is not supported on Essential mode.

[Note16]
Output only if FILE2 is specified as a tool option.

Software support

The software in this project is not supported.

License

This project is licensed under the GPL v3 license. See the LICENSE for more information.

Copyright

Copyright FUJITSU LIMITED 2017-2020

API

• FUJITSU Software Infrastructure Manager REST API Reference Manual
  http://www.fujitsu.com/jp/products/software/infrastructure-software/infrastructure-software/serverviewism/technical/