ansible-community / molecule-vmware Goto Github PK
View Code? Open in Web Editor NEWMolecule VMware Driver
License: MIT License
Molecule VMware Driver
License: MIT License
A way to encrypt the secrets or a way to store them outside of the ansible collection/role source tree and reference them. I don't want to check in molecule.yml with my passwords in it but I do want to check in molec;ule.yml
The CI error started to occur because the ansible-lint was updated.
Hi, could we get an updated version available through pip install molecule-vmware
(currently 0.3.4) please?
In particular, I'd really like the PR that enables molecule login
to be live. TIA!
(Btw, I have this up and running and it replaces local vagrant tests that were slowing up my laptop so thank you for the project ๐ )
I've opened a bug at ansible-lint for the same problem. Can you please agree with them which structure molecule should be? I think molecule should be as is, all molecule related files under <repo_root>/roles/<rolename>/molecule/
, but I don't think they agree: ansible/ansible-lint#1622 (comment)
This says nothing about molecule or tests: https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse_roles.html#role-directory-structure so I think the whole thing should be kept together under <repo_root>/roles/<rolename>/molecule
, shouldn't it?
Problem:
We're using the latest Molecule (v3.3.4) to test our Ansible roles. Some roles require a full VM, so we're using Molecule tasks to create them. Ansible-lint latest thinks they're playbook files, but they should be considered as test files. Molecule puts their files to
<repo_root>/roles/<rolename>/molecule/<scenario:default>
. I know it should be under according to the collection layout:<repo_root>/tests/molecule
or<repo_root>/roles/<rolename>/tests/molecule/<scenario:default>
, but this is how it is generated still by molecule...The molecule itself will generate the files like
create_linux_instance.yml
. To generate an example file, install molecule, go to your roles dir (<repo_root>/roles/<rolename>
), then execute:
molecule init scenario default -d vmware
.
$ ansible --version
ansible 2.9.22
config file = ~/deploy/<repo_root>/ansible.cfg
configured module search path = ['~/deploy/<repo_root>/library']
ansible python module location = /usr/local/lib/python3.6/site-packages/ansible
executable location = /usr/local/bin/ansible
python version = 3.6.8 (default, Nov 16 2020, 16:55:22) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]
$ ansible-lint --version
ansible-lint 5.0.12 using ansible 2.9.22
$ molecule --version
3.3.4
molecule init scenario default -d vmware
$ uname -a
Linux 3.10.0-1127.18.2.el7.x86_64 #1 SMP Sun Jul 26 15:27:06 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ cat /etc/redhat-release
CentOS Linux release 7.8.2003 (Core)
To generate an example file, install molecule, go to any roles dir (<repo_root>/roles/), then execute:
molecule init scenario default -d vmware.
Snippet (register is used multiple times after):
- name: Create keypair
user:
name: "{{ lookup('env','USER') | default('root', true) }}"
generate_ssh_key: true
ssh_key_file: "{{ keypair_path }}"
register: keypair_result
Molecule files interpreted as test/task files, not playbooks.
$ ansible-lint -vvvv -c .ansible-lint roles
DEBUG Logging initialized to level 10
DEBUG Options: Namespace(cache_dir='~/.cache/ansible-lint/ccc58c', colored=True, config_file='~/deploy/<rep_root>/.ansible-lint', configured=True, cwd=PosixPath('~/deploy/<rep_root>'), display_relative_path=True, enable_list=[], exclude_paths=['.cache', '.git', '.hg', '.svn', '.tox'], extra_vars={'user_defined_hosts': ['localhost'], 'adhoc_ip_address': '127.0.0.1', 'inventory_target': 'localhost'}, format='rich', kinds=[{'jinja2': '**/*.j2'}, {'jinja2': '**/*.j2.*'}, {'requirements': '**/meta/requirements.yml'}, {'galaxy': '**/galaxy.yml'}, {'reno': '**/releasenotes/*/*.{yaml,yml}'}, {'playbook': '**/playbooks/*.{yml,yaml}'}, {'playbook': '**/*playbook*.{yml,yaml}'}, {'role': '**/roles/*/'}, {'tasks': '**/tasks/**/*.{yaml,yml}'}, {'handlers': '**/handlers/*.{yaml,yml}'}, {'vars': '**/{host_vars,group_vars,vars,defaults}/**/*.{yaml,yml}'}, {'meta': '**/meta/main.{yaml,yml}'}, {'yaml': '.config/molecule/config.{yaml,yml}'}, {'requirements': '**/molecule/*/{collections,requirements}.{yaml,yml}'}, {'yaml': '**/molecule/*/{base,molecule}.{yaml,yml}'}, {'requirements': '**/requirements.yml'}, {'playbook': '**/molecule/*/*.{yaml,yml}'}, {'yaml': '**/{.ansible-lint,.yamllint}'}, {'yaml': '**/*.{yaml,yml}'}, {'yaml': '**/.*.{yaml,yml}'}], lintables=['roles'], listrules=False, listtags=False, loop_var_prefix=None, mock_modules=[], mock_roles=[], offline=False, parseable=False, parseable_severity=False, progressive=False, project_dir='.', quiet=False, rules={}, rulesdir=[], rulesdirs=['/usr/local/lib/python3.6/site-packages/ansiblelint/rules'], skip_action_validation=True, skip_list=['yaml', '204', 'var-spacing', 'risky-file-permissions', 'risky-file-permissions', 'package-latest', 'package-latest', 'partial-become', 'partial-become', 'empty-string-compare', 'empty-string-compare', 'meta-no-info', 'meta-no-info', 'experimental'], tags=[], use_default_rules=False, var_naming_pattern='^[a-z_][a-z0-9_]*$', verbosity=4, version=False, warn_list=['experimental', 'role-name'])
INFO Added ANSIBLE_ROLES_PATH=~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:roles:roles
DEBUG Loading rules from /usr/local/lib/python3.6/site-packages/ansiblelint/rules
INFO Added ANSIBLE_ROLES_PATH=~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:roles:roles
Loading custom .yamllint config file, this extends our internal yamllint config.
INFO Discovered files to lint using: git ls-files -z
INFO Executing syntax check on roles/<rolename>/molecule/default/create_linux_instance.yml (3.03s)
[... a long list of files here...]
INFO Executing syntax check on roles/grafana/molecule/default/converge.yml (3.44s)
WARNING Listing 4 violation(s) that are fatal
syntax-check: 'register' is not a valid attribute for a Play
roles/<rolename>/molecule/default/create_linux_instance.yml:2:3 ERROR! 'register' is not a valid attribute for a Play
The error appears to be in '~/deploy/<rep_root>/roles/docker/molecule/default/create_linux_instance.yml': line 2, column 3, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
---
- name: Create keypair
^ here
[... 3 more ...]
ansible [core 2.11.2]
config file = None
configured module search path = ['/home/user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/user/.local/lib/python3.8/site-packages/ansible
ansible collection location = /home/user/.ansible/collections:/usr/share/ansible/collections
executable location = /home/user/.local/bin/ansible
python version = 3.8.10 (default, Jun 2 2021, 10:49:15) [GCC 9.4.0]
jinja version = 2.10.1
libyaml = True
dependency:
name: galaxy
driver:
name: vmware
vcenter_hostname: vcenter_hostname
vcenter_username: vcenter_username
vcenter_password: vcenter_password
validate_certs: false
datacenter: datacenter
esxi_hostname: esxi_hostname
folder: "/folder"
vm_username: root
vm_password: password
instance_os_type: linux
platforms:
- name: molecule-test
template: "rhel_template_vm"
resource_pool: rpool
hardware:
num_cpus: 2
memory_mb: 4096
networks:
- name: VM_168.1.0/24_ID1
ip: 192.168.1.100
netmask: 255.255.255.0
gateway: 192.168.1.1
provisioner:
name: ansible
verifier:
name: ansible
lint: |
set -e
yamllint .
ansible-lint
flake8
- hosts: all
tasks:
- debug: var=ansible_user
- hosts: all
remote_user: ansible
tasks:
- debug: var=ansible_user
TASK [debug] *******************************************************************
ok: [molecule-test] => {
"ansible_user": "root"
}
TASK [debug] *******************************************************************
ok: [molecule-test] => {
"ansible_user": "ansible"
}
TASK [debug] *******************************************************************
ok: [molecule-test] => {
"ansible_user": "root"
}
TASK [debug] *******************************************************************
ok: [molecule-test] => {
"ansible_user": "root"
}
The driver will be a useful tool more when we can specify the NIC option to use for SSH connection if an instance has multiple NICs.
Ref: https://github.com/sky-joker/molecule-vmware/issues/6
The current driver uses the first NIC of the instance when SSH connection.
The following error occurs in creating a windows instance.
failed: [localhost] (item={'started': 1, 'finished': 0, 'ansible_job_id': '456403331430.30619', 'results_file': '/root/.ansible_async/456403331430.30619', 'changed': True, 'failed': False, 'item': {'hardware': {'memory_mb': 4096, 'num_cpus': 2}, 'name': 'instance02', 'networks': [{'gateway': '192.168.10.1', 'ip': '192.168.10.220', 'name': 'hp01', 'netmask': '255.255.255.0'}], 'snapshot_src': 'linked_clone', 'template': 'Windows2016_TMP'}, 'ansible_loop_var': 'item'}) => {"ansible_job_id": "456403331430.30619", "ansible_loop_var": "item", "attempts": 1, "changed": false, "finished": 1, "item": {"ansible_job_id": "456403331430.30619", "ansible_loop_var": "item", "changed": true, "failed": false, "finished": 0, "item": {"hardware": {"memory_mb": 4096, "num_cpus": 2}, "name": "instance02", "networks": [{"gateway": "192.168.10.1", "ip": "192.168.10.220", "name": "hp01", "netmask": "255.255.255.0"}], "snapshot_src": "linked_clone", "template": "Windows2016_TMP"}, "results_file": "/root/.ansible_async/456403331430.30619", "started": 1}, "msg": "Unsupported parameters for (vmware_guest) module: autlogon found in customization. Supported parameters include: autologon, autologoncount, dns_servers, dns_suffix, domain, domainadmin, domainadminpassword, existing_vm, fullname, hostname, hwclockUTC, joindomain, joinworkgroup, orgname, password, productid, runonce, timezone"}
The cause of the issue is a typo of the autologon parameter.
pip show ansible molecule molecule-vmware pyvmomi | grep -i -e version -e name
Name: ansible
Version: 2.10.7
Name: molecule
Version: 3.2.3
Name: molecule-vmware
Version: 0.3.4.dev3+gc5091bb
Name: pyvmomi
Version: 7.0.1
The vmware driver dose not work when running on Rocky Linux 9.1.
ansible [core 2.13.3]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/ben/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.9/site-packages/ansible
ansible collection location = /home/ben/.ansible/collections:/usr/share/ansible/collections
executable location = /home/ben/.local/bin/ansible
python version = 3.9.14 (main, Nov 7 2022, 00:00:00) [GCC 11.3.1 20220421 (Red Hat 11.3.1-2)]
jinja version = 3.1.2
libyaml = True
molecule 4.0.3 using python 3.9
ansible:2.13.3
delegated:4.0.3 from molecule
podman:2.0.3 from molecule_podman requiring collections: containers.podman>=1.7.0 ansible.posix>=1.3.0
---
dependency:
name: galaxy
driver:
name: vmware
vcenter_hostname: $VCURL
vcenter_username: $VCUSER
vcenter_password: $VCPASS
validate_certs: false
datacenter: CHPC
#esxi_hostname: change me to esxi hostname of deploying an instance. need it if not cluster specified
cluster: Playground cluster
folder: Playground cluster
vm_username: root
vm_password: $VMPASS
instance_os_type: linux # is possible only specify [linux or windows]
# The below are possible parameters to be specified if using the windows template.
#winrm_port: 5986 # is WinRM port
#connection: winrm # is the connection type
#winrm_transport: ntlm # is the authentication type
#winrm_server_cert_validation: ignore # is the server certificate validation mode
# The below list is possible to define DNS nameservers
dns_servers:
- "10.240.150.3"
# - "8.8.8.8"
# - "8.8.4.4"
platforms:
- name: instance # is an instance name
template: Rocky86Template # is to be used as a template when cloning an instance
#resource_pool: change me to resource pool
#snapshot_src: change me to snapshot name # is a snapshot name to be possible specified if you want to use linked clone.
hardware:
num_cpus: 2 # is cpu number to be configured to an instance
memory_mb: 2048 # is memory size(MB) to be configured to an instance
networks:
- name: vlan 16 # is a port group to be assigned to an instance
ip: 10.240.150.111 # is ip address to be configured to an instance
netmask: 255.255.255.0 # is netmask to be configured to an instance
gateway: 10.240.150.1 # is gateway to be configured to an instance
# The below are possible parameters to be specified if using the windows template.
#customization:
# fullname: molecule # is the server owner name
# orgname: molecule # is the organization name
provisioner:
name: ansible
verifier:
name: ansible
5.14.0-162.6.1.el9_1.0.1.x86_64
NAME="Rocky Linux"
VERSION="9.1 (Blue Onyx)"
ID="rocky"
ID_LIKE="rhel centos fedora"
VERSION_ID="9.1"
PLATFORM_ID="platform:el9"
PRETTY_NAME="Rocky Linux 9.1 (Blue Onyx)"
ROCKY_SUPPORT_PRODUCT="Rocky-Linux-9"
ROCKY_SUPPORT_PRODUCT_VERSION="9.1"
Rocky Linux release 9.1 (Blue Onyx)
Install the driver per the instructions in the read me and try running a vmware molecule scenario.
I have tried with without a venv and with a venv that works on rocky 8
molecule converge
Molecule converge run and create the instance in the vcenter
CRITICAL Failed to validate /home/ben/Development/ansible/roles/zfs_install/molecule/default/molecule.yml
["Additional properties are not allowed ('cluster', 'datacenter', 'dns_servers', 'folder', 'instance_os_type', 'validate_certs', 'vcenter_hostname', 'vcenter_password', 'vcenter_username', 'vm_password', 'vm_username' were unexpected)"]
with this change to molecule.yml file
---
dependency:
name: galaxy
driver:
name: vmware
options:
vcenter_hostname: sawmill.int.chpc.utah.edu
vcenter_username: xxxx
vcenter_password: xxxx
validate_certs: false
and running molecule lint this is the output.
$ molecule lint
WARNING The scenario config file ('/home/agriffith/repos/chpc-ansible/zfs_install/molecule/default/molecule.yml') has been modified since the scenario was created. If recent changes are important, reset the scenario with 'molecule destroy' to clean up created items or 'molecule reset' to clear current configuration.
DEBUG Validating schema /home/agriffith/repos/chpc-ansible/zfs_install/molecule/default/molecule.yml.
CRITICAL Failed to validate /home/agriffith/repos/chpc-ansible/zfs_install/molecule/default/molecule.yml
["'vmware' is not one of ['azure', 'ec2', 'delegated', 'docker', 'containers', 'openstack', 'podman', 'vagrant', 'digitalocean', 'gce', 'libvirt', 'lxd']"]
ansible = 2.9.12
molecule = 3.2.3
molecule-vmware==0.3.3
esxi = 6.7.0, 15160138
Firstly thanks for this new project, looking forward to putting this to use however no instances are created (for me):
$ molecule converge
INFO default scenario test matrix: dependency, create, prepare, converge
INFO Running default > dependency
WARNING Skipping, missing the requirements file.
WARNING Skipping, missing the requirements file.
INFO Running default > create
WARNING Skipping, create action has no playbook.
INFO Running default > prepare
WARNING Skipping, prepare playbook not configured.
INFO Running default > converge
PLAY [Converge] **********************************************************************************************
TASK [Gathering Facts] ***************************************************************************************
fatal: [my-target.under.test]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname my-target.under.test: nodename nor servname provided, or not known", "unreachable": true}
PLAY RECAP ***************************************************************************************************
my-target.under.test : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
With molecule config:
driver:
name: vmware
vcenter_hostname: "my-vcenter-host"
vcenter_username: "my-vcenter-user"
vcenter_password: "my-vcenter-pass"
validate_certs: false
datacenter: "my-dc"
cluster: "my-host-cluster"
folder: "my-vm-folder"
vm_username: "my-target-under-test-user"
vm_password: "my-target-under-test-pass"
instance_os_type: "linux"
platforms:
- name: my-target.under.test
template: my-template-to-create-from
hardware:
num_cpus: 8
memory_mb: 16384
networks:
- name: net-one
ip: xx.xx.xx.xx
netmask: xx.xx.xx.xx
- name: net-two
ip: xx.xx.xx.xx
netmask: xx.xx.xx.xx
provisioner:
name: ansible
scenario:
name: default
test_sequence:
- destroy
- create
- converge
- idempotence
- destroy
What am i missing? I expected this driver to follow test sequence but vm is never created.
Are we expected to add create playbook to do this and destroy, in which case why do we need vcenter_*
vars?
Also I noticed vm_username
and vm_password
aren't used and tries to use public key, what are they intended for?
Thanks
The vmware driver can create a test instance than the linked clone fastly in creating a test instance by supporting the vmware_guest_instant_clone module.
Executing "molecule create" using molecule-vmware clones the template just fine, but the new guest nic is not connected, therefore the machine never gets an IP. (DHCP)
ansible [core 2.12.5]
config file = /home/jvb/.ansible.cfg
configured module search path = ['/home/jvb/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/jvb/venv/vmware/lib/python3.8/site-packages/ansible
ansible collection location = /home/jvb/.ansible/collections:/usr/share/ansible/collections
executable location = /home/jvb/venv/vmware/bin/ansible
python version = 3.8.10 (default, Mar 15 2022, 12:22:08) [GCC 9.4.0]
jinja version = 3.1.1
libyaml = True
---
dependency:
name: galaxy
driver:
name: vmware
vcenter_hostname: $VSHOST
vcenter_username: $VCUSER
vcenter_password: $VCPW
validate_certs: false
datacenter: $DATACENTER
#esxi_hostname: change me to esxi hostname of deploying an instance. need it if not cluster specified
cluster: $CLUSTER
folder: $FOLDER
vm_username: $GUESTUSER
vm_password: $GUESTPW
instance_os_type: linux # is possible only specify [linux or windows]
platforms:
# - name: ${USER}-molecule-u16 # is an instance name
# template: molecule-u16
# hardware:
# num_cpus: 2 # is cpu number to be configured to an instance
# memory_mb: 2048 # is memory size(MB) to be configured to an instance
# networks:
# - name: $NETWORK
# - name: ${USER}-molecule-u18 # is an instance name
# template: molecule-u18
# hardware:
# num_cpus: 2 # is cpu number to be configured to an instance
# memory_mb: 2048 # is memory size(MB) to be configured to an instance
# networks:
# - name: $NETWORK
# - name: ${USER}-molecule-u20 # is an instance name
# template: molecule-u20
# hardware:
# num_cpus: 2 # is cpu number to be configured to an instance
# memory_mb: 2048 # is memory size(MB) to be configured to an instance
# networks:
# - name: $NETWORK
# - name: ${USER}-molecule-u22 # is an instance name
# template: molecule-u22
# hardware:
# num_cpus: 2 # is cpu number to be configured to an instance
# memory_mb: 2048 # is memory size(MB) to be configured to an instance
# networks:
# - name: $NETWORK
- name: ${USER}-molecule-cos8 # is an instance name
template: mole-centos-test
hardware:
num_cpus: 2 # is cpu number to be configured to an instance
memory_mb: 2048 # is memory size(MB) to be configured to an instance
networks:
- name: $NETWORK
provisioner:
name: ansible
verifier:
name: ansible
vSphere 7.0.3.00300 / VMware ESXi, 7.0.3, 19482537
Works: ubuntu 16,18,20,22, VMXNET3
Doesn't work: ubuntu 14, CentOS8, VMXNET3
I tried e1000 for laughs, same result.
Variables above are read from local ENV variables.
Also noted that cloned guest .vmx file contains 'ethernet0.startConnected = "FALSE"'. I inspected the templates vmtx file and that key/value is not present. I also edited the template vmtx file to contain 'ethernet0.startConnected = "TRUE"' and re-cloned, the resulting cloned guest still had 'ethernet0.startConnected = "FALSE"' in its vmx file despite the template having it "TRUE".
Could "networks:" be expanded to include a "start.connected: true" type option to pass to the virtual nic?
Playbook works fine on guests that start with nic connected, playbook never gets executed on guests with no nic connected.
Molecule output reaches the stage where it is looping while waiting for the newly cloned guests IP to populate to vSphere via VMware Tools but it never does because the nic is not connected to the guest so the loop continues forever, never reaches the playbook execution phase.
My Lab ESX server is on a isolated lan that I can only access by jumping through a bastion host. It would be nice if I could add a proxy for the vcenter connections and use ansible_ssh_extra_args with ProxyCommand to get to the individual hosts.
Following your sample in the README file I get the following error message
provision@ansible:~/git/workspace/ro_deploy_applicationsetup$ molecule test -s vmware
CRITICAL Failed to validate /var/home/provision/git/workspace/ro_deploy_applicationsetup/molecule/vmware/molecule.yml
["Additional properties are not allowed ('datacenter', 'folder', 'instance_os_type', 'validate_certs', 'vcenter_hostname', 'vcenter_password', 'vcenter_username', 'vm_password', 'vm_username' were unexpected)"]
molecule --version
molecule 4.0.4 using python 3.10
ansible:2.13.7
delegated:4.0.1 from molecule
vmware:0.3.6
Ubuntu 22.04
Molecule starts
provision@ansible:~/git/workspace/ro_deploy_applicationsetup$ molecule test -s vmware
CRITICAL Failed to validate /var/home/provision/git/workspace/ro_deploy_applicationsetup/molecule/vmware/molecule.yml
["Additional properties are not allowed ('datacenter', 'folder', 'instance_os_type', 'validate_certs', 'vcenter_hostname', 'vcenter_password', 'vcenter_username', 'vm_password', 'vm_username' were unexpected)"]
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.