Get Automating Infoblox DDI with Ansible
Networking world is rapidly evolving, driven by trends in security, virtualization, cloud, SDN, IPv6 adoption, and the Internet of Things (IoT). These demands require advanced solutions for managing DNS, DHCP, and IP address management, critical network services collectively known as DDI. Infoblox DDI, can be used to simmer down network engineer tedious tasks via atomating DNS, DHCP and IPAM.
Automating Infoblox DDI with Ansible can make an engineer/administrator a Networking Ninja. Ansible integrated Infoblox DDI modules starting from version 2.5.
Ansible 2.5 supports 5 modules, lookup pluggin, and dynamic inventory script and more modules and other required scripts are supposed to be added in Ansible future releases to support all the features supported by Infoblox DDI.
Image source from Link
Without further ado, I'll now dive and work with Ansible yaml based playbooks to automate Infoblox using the 5 modules that I have talked earlier in the section. (If confused about terms like playbook and yaml, kindly go through basics of Ansible.)
Pre-requisites
- Infoblox DDI Server
- Ansible Version 2.5+ installed on client
- Infoblox Client installed on client
How to implement?
I'll follow a seqence to ultimately create a New Host Record via Ansible Playbooks in Infoblox DDI server and it as follows:
- Create a New Network view via NIOS_NETWORK_VIEW module
- Create a New DNS view via NIOS_DNS_VIEW module
- Create a New Zone via NIOS_ZONE module
- Create a New IPV4/V6 Network(range) via NIOS_NETWORK moduls
- Create a New Host Record using the IPV4/V6 address create in previous step via NIOS_HOST_RECORD moduls
It's time to dive in and actually write some Ansible playbooks to perform action on Infoblox DDI server.
First, off I have written the playbook example as to how we can go ahead and write Ansible playbook to create Network view. Infoblox Network view gives you Network insight which ultimately ensures that you can see every network asset with unmatched clarity, context, and insight—every device, IP address, and switch port. It consolidates all your core network infrastructure and service data into a single, comprehensive, authoritative database. The agility you gain through its extensive automation, centralized visibility, and integrated management capabilities empowers you to meet the evolving needs of your business, while reaping substantial savings in time and expense, to check more info about: Infoblox DDI
1. Ansible Playbook Nios_Network_View Example:
/* Network_View module to create New Network_View */
---
- name: Nios_Network_View
hosts: localhost
connection: local
vars:
nios_provider:
host: infoblox_server_ip_or_hostname
username: test
password: test
tasks:
- name: Create Nios Network_View
nios_network_view:
name: ansible-network-view
state: present
comment: test comment
provider: "{{ nios_provider }}"
Above playbook file will go ahead and create new network view in Infoblox DDI server with the name: ansible-network-view. As mentioned in the playbook here I am calling NIOS Network View Ansible module via the keyword nios_network_view, then I have given name to the new network view and I have kept state as present and it's because I have to create the netowrk view if I had to delete the network view I would have given state as absent, I'll not discuss in depth of generic Ansible Playbook modules as that will stretch beyond the scope of this article. And, lastly I have called provider which has the information of credentials needed to connect to Infoblox DDI server. Now, if I'll run this playbook new network view will get created in Infoblox DDI server
Network_View Playbook Run Output:
2. Ansible Playbook Nios_Dns_View Example:
/* DNS view module to create New DNS */
---
- name: Nios_Dns_View
hosts: localhost
connection: local
vars:
nios_provider:
host: infoblox_server_ip_or_hostname
username: test
password: test
tasks:
- name: Create DNS View
nios_dns_view:
name: ansible-dns
comment: test comment
state: present
provider: "{{ nios_provider }}"
This playbook example will go ahead and create new DNS view in Infoblox DDI server with the name: ansible-dns. As, you can follow from previous playbook example that here I am calling NIOS DNS View Ansible module via the keyword nios_dns_view. Now, if I'll run this playbook new DNS view will get created in Infoblox DDI server
DNS_View Playbook Run Output:
3. Ansible Playbook Nios_Zone Example:
/* Zone module to create New Zone */
---
- name: Nios_Zone
hosts: localhost
connection: local
vars:
nios_provider:
host: infoblox_server_ip_or_hostname
username: test
password: test
tasks:
- name: Create Nios Zone
nios_zone:
name: ansible.com
state: present
comment: test comment
provider: "{{ nios_provider }}"
I hope now you get the hang of how I am writing these playbooks, this playbook example will go ahead and create new Zone in Infoblox DDI server with the name: ansible.com. Here I am calling NIOS Zone Ansible module via the keyword nios_zone. Upon running this playbook new Zone view will get created in Infoblox DDI server
Zone Playbook Run Output:
In the above playbook run output, you can see in playbook recap section that ok=1, but changed=0 and this is because ansible.com is already present in Infoblox DDI server and this is because of Ansible idempotencey feature where Ansible will not try to change/overwrite to already existing objects.
4. Ansible Playbook Nios_Network Example:
/* Network module to create New Network */
---
- name: Nios_Network
hosts: localhost
connection: local
vars:
nios_provider:
host: infoblox_server_ip_or_hostname
username: test
password: test
tasks:
- name: Create Nios Network
nios_network:
network: 192.168.10.0/24
state: present
comment: test comment
provider: "{{ nios_provider }}"
This playbook example will create new Network with IPV4 address with a range from 0-24 via 192.168.10.0/24. Here I am calling NIOS Network Ansible module via the keyword nios_network. Upon running this playbook Network with mentioned IPV4 address will get created in Infoblox DDI server. Also, in here I have taken example to create IPV4 address but from Ansible 2.6 onwards IPV6 address is also supported.
Network Playbook Run Output:
5. Ansible Playbook Nios_Host_Record Example:
/* Host Record module to create New Host_Record */
---
- name: Nios_Host_Record
hosts: localhost
connection: local
vars:
nios_provider:
host: infoblox_server_ip_or_hostname
username: test
password: test
tasks:
- name: Create Nios Host_Record
nios_host_record:
name: new_host.ansible.com
ipv4:
- address: 192.168.10.1
state: present
comment: test comment
provider: "{{ nios_provider }}"
Host Record Playbook Run Output:
Lookup Pluggins
-> Playbook Example for Next Available IP:
/* Use Lookup pluggin to Get Next available IP*/
---
- name: Get Next Available IP
hosts: localhost
connection: local
vars:
nios_provider:
host: infoblox_server_ip_or_hostname
username: test
password: test
tasks:
- name: get next available ip
set_fact:
ipaddr: "{{ lookup('nios_next_ip', '192.168.10.0/24', provider=nios_provider) }}"
Next Available IP Playbook Run Output:
As you can see the playbook output shows that the next availble IP in IPV4 network range of 192.168.10.0/24 is the ipaddress 192.168.10.2 and this is because we already have a host record new_host.ansible.com at ipaddr 192.168.10.1. This use case is very helpful for network administrator who can directly rely on Ansible + Infoblox IPAM to get the precised and correct result everytime they run the above playbook and this ulitmately remove the dependency of maintaining tedious spreadsheet of the network IP's.
-> Playbook Example for Searching Available Host Record:
/* Use Lookup pluggin to Search for Host Records*/
---
- name: Search from Input Host Record info
hosts: localhost
connection: local
vars:
nios_provider:
host: infoblox_server_ip_or_hostname
username: test
password: test
tasks:
- name: search and get the host_record info
set_fact:
ipaddr: "{{ lookup('nios', 'record:host', filter={'name':'new_host.ansible.com'}, provider=nios_provider) }}"
Search Host Record Playbook Run Output:
/* Use Lookup pluggin to Search for Host Records*/
---
- name: Search from Input Host Record info
hosts: localhost
connection: local
vars:
nios_provider:
host: infoblox_server_ip_or_hostname
username: test
password: test
tasks:
- name: search and get the host_record info
set_fact:
ipaddr: "{{ lookup('nios', 'record:host', filter={'name':'new_host.ansible.com'}, provider=nios_provider) }}"
As per the playbook output, user can get all the information with respect to searched Host record which can hep a network administrator in book keeping things.
You're either the one that creates the automation or you're getting automated. - Tom Preston
Make it more awesome
Now, as you have got the basic understanding of Ansible + Infoblox DDI integration next step at the ladder would be exploring other options exposed by Ansible with respective to Infoblox DDI and make the most of Netowrk automation.
Ansible is Lingua Franca of enterprise which means it's a universal language adopted at enterprise level and a language to communicate and facilitate Dev and OPS ~ DevOps. Networking Ninja, this is what Ansible and Infoblox DDI integration makes a Network Engineer and also helps enterprise to achieve round the clock Network DNS, DHCP and IPAM automation.
Article By Sumit Jaiswal
Currently works @ Ansible by Redhat as SSE.
Discuss about post