How to automate basic Thunder ADC config using Ansible ?
gokulpokuri
Member, Administrator admin
Ansible is an open-source software tool facilitating configuration management, application deployment, IT, and infrastructure automation.
The playbook used in this article provides the steps on how to configure basic Layer 4 VIP (virtual server) on Thunder ADC using Ansible. The playbook contains four “tasks” and uses acos_axapi modules. A10 acos_axapi module set consists of more than 1,600 modules. Module set can be downloaded from GitHub Repository: https://github.com/a10networks/a10-acos-axapi
The four modules that are used in the playbook are below:
1. a10.acos_axapi.a10_ip_nat_pool
2. a10.acos_axapi.a10_health_monitor
3. a10.acos_axapi.a10_slb_service_group
4. a10.acos_axapi.a10_slb_virtual_server
Using the modules, configure the NAT pool and health monitor settings as these parameters are used in the service group and virtual server modules. Then configure servers, service groups, and virtual server.
Here is the sample setup:
The playbook example below configures 2 servers ( 10.10.15.1 and 10.10.15.2), a service group with a health monitor, a Virtual server ( VIP= 10.11.0.1) with a NAT pool, and a service group attached to it. Host value vthunder2 points to the Thunder ADC host variables ansible_host, ansible_port, ansible_username, ansible_password defined in the inventory file inventory.txt.
For example:
vthunder ansible_host=10.64.4.160 ansible_port=443 ansible_username=admin ansible_password=a10
To learn more about A10 Ansible module parameters, refer to module documentation by running the command ansible-doc <modulename> on the Ansible server.
Playbook Example:
- name: Basic ADC Configuration example playbook
connection: local
hosts: vthunder2
tasks:
- name: Configure NAT pool
a10.acos_axapi.a10_ip_nat_pool:
ansible_host: "{{ ansible_host }}"
ansible_port: "{{ ansible_port }}"
ansible_username: "{{ ansible_username }}"
ansible_password: "{{ ansible_password }}"
state: present
pool_name: natpool
start_address: 10.10.15.111
end_address: 10.10.15.111
netmask: 255.255.255.0
- name: Configure Health Monitor
a10.acos_axapi.a10_health_monitor:
ansible_host: "{{ ansible_host }}"
ansible_port: "{{ ansible_port }}"
ansible_username: "{{ ansible_username }}"
ansible_password: "{{ ansible_password }}"
state: present
up_retry: 1
retry: 3
timeout: 5
interval: 5
method:
tcp:
method_tcp: 1
tcp_port: 80
name: health_monitor1
- name: Configure Servers and Service Group
a10.acos_axapi.a10_slb_service_group:
ansible_host: "{{ ansible_host }}"
ansible_port: "{{ ansible_port }}"
ansible_username: "{{ ansible_username }}"
ansible_password: "{{ ansible_password }}"
protocol: tcp
health_check: health_monitor1
member_list:
- host: 10.10.15.1
name: server-1
port: 80
- host: 10.10.15.2
name: server-2
port: 80
lb_method: dst-ip-hash
name: Ansible-servicegroup
- name: Configure Virtual Server
a10.acos_axapi.a10_slb_virtual_server:
ansible_host: "{{ ansible_host }}"
ansible_port: "{{ ansible_port }}"
ansible_username: "{{ ansible_username }}"
ansible_password: "{{ ansible_password }}"
state: present
name: VIP-TCP
ip_address: 10.11.0.1
netmask: 255.255.255.0
enable_disable_action: enable
stats_data_action: stats-data-enable
port_list:
- name: vport_ansible_demo
protocol: tcp
port_number: 80
action: enable
pool: natpool
service_group: Ansible-servicegroup
Let’s say the name of the playbook file is ADC_config.yaml. Run the following command to execute the playbook.
ansible-playbook ADC_config.yaml -i inventory.txt
Below is the output from the playbook execution, showing the status OK with all 4 configuration changes done.
On CLI, the Thunder ADC configuration created by the “ADC_config.yaml” playbook will look as follows:
ip nat pool natpool 10.10.15.111 10.10.15.111 netmask /24 ! health monitor health_monitor1 method tcp port 80 ! slb server server-1 10.10.15.1 port 80 tcp ! slb server server-2 10.10.15.2 port 80 tcp ! slb service-group Ansible-servicegroup tcp method dst-ip-hash health-check health_monitor1 member server-1 80 member server-2 80 ! slb virtual-server VIP-TCP 10.11.0.1 /24 port 80 tcp name vport_ansible_demo source-nat pool natpool service-group Ansible-servicegroup !