Looking forward to this patch! For those testing vmware, i've added a few features to vmware.py dynamic inventory which ec2.py inventory comes with but were sorely missing in vmware.py. instance_filters and --refresh-cache. Plus a bug fix that allows cache_dir to be found.
https://github.com/ansible/ansible/pull/14136 If anyone is interested, i also added some hacky tag support by parsing the guest name and searching for specific tags that can be set in vmware.ini Then guests with correct names will be put into ansible groups that can be mapped to roles in a vmware_hosts file. I will make a separate PR for this if folks are interested, but it's sort of a hack until vsphere_guest supports tags. Right now it suggests that it has 'notes' but none showed up for me. def _get_vm_info(self, vm, prefix='vmware'): ''' Return a flattened dict with info about the given virtual machine. ''' vm_info = { 'name': vm.name, } vm_info['class_tag'] = self._parse_name_for_server_class(vm.name) def _parse_name_for_server_class(self, guest_name): ''' This is a hack to get around lack of support for tags. Embed the tag in the name and parse it to set the server class - worker, master, server Then map the simple group to the roles in the vmware_inventory/vmware_hosts file @param guest_name: name of vmware guest instance. Corresponds to guest field in vsphere_guest. ''' # this could probably be read in from vmware.ini file but fine for now DEFINED_SERVER_CLASS_TAGS = ['master', 'server', 'worker', 'solutions'] for class_tag in DEFINED_SERVER_CLASS_TAGS: if guest_name.find(class_tag) != -1: return class_tag return None at the bottom of def get_inventory(): # Group by class_tag # vm can only be in one class vm_class_tag = vm_info.get('vmware_class_tag', None) if vm_class_tag: self._add_child(inv, vm_group, 'class_tag') self._add_child(inv, 'class_tag', vm_class_tag) self._add_host(inv, vm_class_tag, vm.name) On Monday, January 25, 2016 at 9:29:32 PM UTC-6, Larry Smith wrote: > > Awesome...Looking forward to the outcome...I really do not want to hack > any python modules to make it work...But understand if that is the only way > short-term. > > On Friday, January 15, 2016 at 6:40:51 PM UTC-5, cp...@ansible.com wrote: >> >> I am currently testing a PR for module_utils/vmware.py which adds >> 'validate_certs' as an argument. >> >> On Friday, January 15, 2016 at 11:30:23 AM UTC-6, Kesten Broughton wrote: >>> >>> vsphere_guest is based on pysphere and the ansible-extra-modules vmware >>> modules are based on psphere, (both of which are largely abandoned) >>> but this PR for pyVmomi supported by VWmare should work. >>> https://github.com/vmware/pyvmomi-community-samples/pull/213/files >>> >>> A thing you could do, but shouldn't do for security reasons is note from >>> the error which site-packages directory it is failing at. >>> Then add the following to the bottom of the sitecustomize.py file therein >>> >>> import ssl >>> >>> try: >>> _create_unverified_https_context = ssl._create_unverified_context >>> except AttributeError: >>> # Legacy Python that doesn't verify HTTPS certificates by default >>> pass >>> else: >>> # Handle target environment that doesn't support HTTPS verification >>> ssl._create_default_https_context = _create_unverified_https_context >>> >>> >>> On Friday, January 15, 2016 at 12:25:42 AM UTC-6, Brian Coca wrote: >>>> >>>> we should add validate_certs=yes|no option as we do in other modules. >>>> >>>> On Fri, Jan 15, 2016 at 1:09 AM, Larry Smith <mrles...@gmail.com> >>>> wrote: >>>> > Yup. I know about the default self-signed but I would assume that >>>> either >>>> > pyvmomi module and/or the Ansible documentation might explain on how >>>> to get >>>> > around this error. Especially just for testing purposes. Thanks for >>>> the >>>> > reply though. >>>> > >>>> > On Thursday, January 14, 2016 at 3:35:47 AM UTC-5, Marcus Franke >>>> wrote: >>>> >> >>>> >> Hi, >>>> >> >>>> >> by default VMware uses a self signed certificate for the vcenter web >>>> >> interface. >>>> >> >>>> >> You could change this against an official one with a trust anchor >>>> your >>>> >> system can verify or configure your play not to verify the >>>> certificate. If >>>> >> that is possible, never used that module myself. >>>> >> >>>> >> Regards, >>>> >> Marcus >>>> >> >>>> >> >>>> >> Larry Smith <mrles...@gmail.com> schrieb am Mi., 13. Jan. 2016 >>>> 18:54: >>>> >>> >>>> >>> Just getting started messing with these new 2.0 VMWare modules and >>>> seem >>>> >>> to be stuck on an SSL error. Anyone know how to get around this? >>>> Any info >>>> >>> would be much appreciated. >>>> >>> >>>> >>> fatal: [localhost -> localhost]: FAILED! => {"apierror": "[Errno 1] >>>> >>> _ssl.c:510: error:14090086:SSL >>>> >>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed", >>>> "changed": >>>> >>> false, "failed": true, "msg": "Unable to connect to vCenter or ESXi >>>> API on >>>> >>> TCP/443."} >>>> >>> >>>> >>> >>>> >>> --- >>>> >>> >>>> >>> - hosts: all >>>> >>> >>>> >>> connection: local >>>> >>> >>>> >>> become: false >>>> >>> >>>> >>> vars: >>>> >>> >>>> >>> - datacenter_name: 'LAB' >>>> >>> >>>> >>> - esxi_user: 'root' >>>> >>> >>>> >>> - esxi_pass: 'vmware' >>>> >>> >>>> >>> - pri_domain_name: 'everythingshouldbevirtual.local' >>>> >>> >>>> >>> - vcenter_host: 'vcsa.{{ pri_domain_name }}' >>>> >>> >>>> >>> tasks: >>>> >>> >>>> >>> - name: create DataCenter >>>> >>> >>>> >>> local_action: > >>>> >>> >>>> >>> vmware_datacenter >>>> >>> >>>> >>> hostname="{{ vcenter_host }}" >>>> >>> >>>> >>> username="{{ esxi_user }}" >>>> >>> >>>> >>> password="{{ esxi_pass }}" >>>> >>> >>>> >>> datacenter_name="{{ datacenter_name }}" >>>> >>> >>>> >>> state=present >>>> >>> >>>> >>> -- >>>> >>> You received this message because you are subscribed to the Google >>>> Groups >>>> >>> "Ansible Project" group. >>>> >>> To unsubscribe from this group and stop receiving emails from it, >>>> send an >>>> >>> email to ansible-proje...@googlegroups.com. >>>> >>> To post to this group, send email to ansible...@googlegroups.com. >>>> >>> To view this discussion on the web visit >>>> >>> >>>> https://groups.google.com/d/msgid/ansible-project/e3090414-fe2a-47e6-b8dd-77be4a19285e%40googlegroups.com. >>>> >>>> >>>> >>> For more options, visit https://groups.google.com/d/optout. >>>> > >>>> > -- >>>> > You received this message because you are subscribed to the Google >>>> Groups >>>> > "Ansible Project" group. >>>> > To unsubscribe from this group and stop receiving emails from it, >>>> send an >>>> > email to ansible-proje...@googlegroups.com. >>>> > To post to this group, send email to ansible...@googlegroups.com. >>>> > To view this discussion on the web visit >>>> > >>>> https://groups.google.com/d/msgid/ansible-project/2d8a7b53-e845-4e81-9ac5-cae386b64b1e%40googlegroups.com. >>>> >>>> >>>> > >>>> > For more options, visit https://groups.google.com/d/optout. >>>> >>>> >>>> >>>> -- >>>> Brian Coca >>>> >>> -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/8d5cbc76-733a-49db-9d0a-dc55f38d22dc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
