summaryrefslogtreecommitdiffstats
path: root/ansible_collections/cisco/intersight/playbooks
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--ansible_collections/cisco/intersight/playbooks/claim_device.yml31
-rw-r--r--ansible_collections/cisco/intersight/playbooks/cos_server_policies_and_profiles.yml353
-rw-r--r--ansible_collections/cisco/intersight/playbooks/deploy_server_profiles.yml38
-rw-r--r--ansible_collections/cisco/intersight/playbooks/derive_profiles.yml72
-rw-r--r--ansible_collections/cisco/intersight/playbooks/devnet_inventory23
-rw-r--r--ansible_collections/cisco/intersight/playbooks/example_hx_host_vars91
-rw-r--r--ansible_collections/cisco/intersight/playbooks/example_imm_inventory15
-rw-r--r--ansible_collections/cisco/intersight/playbooks/example_inventory14
-rw-r--r--ansible_collections/cisco/intersight/playbooks/firmware_direct_download.yml85
-rw-r--r--ansible_collections/cisco/intersight/playbooks/hcl_status.yml46
-rw-r--r--ansible_collections/cisco/intersight/playbooks/hyperflex_cluster_profiles.yml172
-rw-r--r--ansible_collections/cisco/intersight/playbooks/hyperflex_edge_cluster_profiles.yml148
-rw-r--r--ansible_collections/cisco/intersight/playbooks/intersight_boot_order_policy.yml32
-rw-r--r--ansible_collections/cisco/intersight/playbooks/intersight_domain_profile.yml140
-rw-r--r--ansible_collections/cisco/intersight/playbooks/intersight_imc_access_policy.yml25
-rw-r--r--ansible_collections/cisco/intersight/playbooks/intersight_lan_connectivity_policy.yml134
-rw-r--r--ansible_collections/cisco/intersight/playbooks/intersight_local_user_policy.yml55
-rw-r--r--ansible_collections/cisco/intersight/playbooks/intersight_ntp_policy.yml27
-rw-r--r--ansible_collections/cisco/intersight/playbooks/intersight_port_policy.yml88
-rw-r--r--ansible_collections/cisco/intersight/playbooks/intersight_server_profile.yml51
-rw-r--r--ansible_collections/cisco/intersight/playbooks/intersight_server_profile_template.yml94
-rw-r--r--ansible_collections/cisco/intersight/playbooks/intersight_virtual_media_policy.yml30
-rw-r--r--ansible_collections/cisco/intersight/playbooks/only_new_server_profiles.yml72
-rw-r--r--ansible_collections/cisco/intersight/playbooks/os_install.yml142
-rw-r--r--ansible_collections/cisco/intersight/playbooks/ova_workflow.yml72
-rw-r--r--ansible_collections/cisco/intersight/playbooks/profile_inventory4
-rw-r--r--ansible_collections/cisco/intersight/playbooks/profile_with_buckets.yml28
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/auto_support/tasks/main.yml31
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/cluster_network/tasks/main.yml50
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/cluster_profile/defaults/main.yml8
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/cluster_profile/tasks/main.yml33
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/cluster_storage/tasks/main.yml34
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/deploy/tasks/main.yml43
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_cluster_network/tasks/main.yml38
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_cluster_profile/defaults/main.yml6
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_cluster_profile/tasks/main.yml31
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_cluster_storage/tasks/main.yml31
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_software_version/tasks/main.yml30
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/fc/tasks/main.yml52
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/intersight_org/tasks/main.yml17
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/iscsi/tasks/main.yml38
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/local_credential/tasks/main.yml33
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/node_config/tasks/main.yml42
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/node_profiles/tasks/main.yml49
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/proxy/tasks/main.yml31
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/software_version/tasks/main.yml31
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/sys_config/tasks/main.yml33
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/vcenter/tasks/main.yml33
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/policies/server_policies/tasks/main.yml40
-rw-r--r--ansible_collections/cisco/intersight/playbooks/roles/servers/actions/tasks/main.yml30
-rw-r--r--ansible_collections/cisco/intersight/playbooks/server_actions.yml23
-rw-r--r--ansible_collections/cisco/intersight/playbooks/server_firmware.yml115
-rw-r--r--ansible_collections/cisco/intersight/playbooks/servers_to_file.yml14
-rw-r--r--ansible_collections/cisco/intersight/playbooks/update_all_inventory.yml57
-rw-r--r--ansible_collections/cisco/intersight/playbooks/update_hx_edge_inventory.yml61
-rw-r--r--ansible_collections/cisco/intersight/playbooks/update_hx_inventory.yml61
-rw-r--r--ansible_collections/cisco/intersight/playbooks/update_standalone_inventory.yml67
-rw-r--r--ansible_collections/cisco/intersight/playbooks/vault_intersight_server_profile.yml88
58 files changed, 3332 insertions, 0 deletions
diff --git a/ansible_collections/cisco/intersight/playbooks/claim_device.yml b/ansible_collections/cisco/intersight/playbooks/claim_device.yml
new file mode 100644
index 00000000..06d397c6
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/claim_device.yml
@@ -0,0 +1,31 @@
+---
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight_Servers'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+- hosts: "{{ group | default('Intersight_Servers') }}"
+ connection: local
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ tasks:
+ # Claim device
+ - name: Claim device
+ cisco.intersight.intersight_rest_api:
+ <<: *api_info
+ resource_path: /asset/DeviceClaims
+ api_body: {
+ "SecurityToken": "{{ SecurityToken }}",
+ "SerialNumber": "{{ SerialNumber }}"
+ }
+ update_method: post
+ delegate_to: localhost
+ run_once: true
diff --git a/ansible_collections/cisco/intersight/playbooks/cos_server_policies_and_profiles.yml b/ansible_collections/cisco/intersight/playbooks/cos_server_policies_and_profiles.yml
new file mode 100644
index 00000000..9adc3ebd
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/cos_server_policies_and_profiles.yml
@@ -0,0 +1,353 @@
+---
+#
+# Configure Server Profiles and Policies
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight_Servers'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+- hosts: "{{ group | default('Intersight_Servers') }}"
+ connection: local
+ collections:
+ - cisco.intersight
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ # Server Profile name default
+ profile_name: "SP-{{ inventory_hostname }}"
+ # Organization name
+ org_name: DevNet
+ tasks:
+ # Get the Organization Moid used by all profiles and policies
+ - name: "Get Organization {{ org_name }} Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /organization/Organizations
+ query_params:
+ $filter: "Name eq '{{ org_name }}'"
+ register: org_resp
+ delegate_to: localhost
+ tags: always
+ #
+ # Configure profiles specific to server (run for each server in the inventory)
+ # Server Profiles role will register a profile_resp and profile_resp list (from all hosts) can be used by policy tasks
+ #
+ - name: "Configure {{ profile_name }} Server Profile"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /server/Profiles
+ query_params:
+ $filter: "Name eq '{{ profile_name }}'"
+ api_body: {
+ "Name": "{{ profile_name }}",
+ "AssignedServer": {
+ "Moid": "{{ server_moid }}",
+ "ObjectType": "compute.RackUnit"
+ },
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ }
+ }
+ register: profile_resp
+ when: server_moid is defined
+ delegate_to: localhost
+ tags: server_profiles
+ #
+ # Enclose policy tasks in a block that runs once
+ # Policy API body is specified in a role specific vars section for each role import
+ # See https://intersight.com/apidocs/ or https://intersight.com/mobrowser/ for information on setting resource_path and api_body
+ #
+ - block:
+ # Boot Order policy
+ - import_role:
+ name: policies/server_policies
+ vars:
+ resource_path: /boot/PrecisionPolicies
+ api_body: {
+ "Name": "COS-Boot",
+ "ConfiguredBootMode": "Legacy",
+ "BootDevices": [
+ {
+ "ObjectType": "boot.LocalDisk",
+ "Enabled": true,
+ "Name": "Disk",
+ "Slot": "MRAID"
+ },
+ {
+ "ObjectType": "boot.VirtualMedia",
+ "Enabled": true,
+ "Name": "VM",
+ "Subtype": "cimc-mapped-dvd"
+ }
+ ],
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ }
+ }
+ tags: boot_order
+ # Adapter Configuration policy
+ - import_role:
+ name: policies/server_policies
+ vars:
+ resource_path: /adapter/ConfigPolicies
+ api_body: {
+ "Name":"COS-Adapter",
+ "Settings":[
+ {
+ "SlotId":"MLOM",
+ "EthSettings":{
+ "LldpEnabled":true
+ },
+ "FcSettings":{
+ "FipEnabled":false
+ }
+ }
+ ],
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ }
+ }
+ tags: adapter_configuration
+ # LAN Connectivity and related policies
+ - block:
+ # Ethernet Adapter
+ - name: "Configure Ethernet Adapter Policy"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /vnic/EthAdapterPolicies
+ query_params:
+ $filter: "Name eq 'COS-EthernetAdapter'"
+ api_body: {
+ "Name": "COS-EthernetAdapter",
+ "InterruptSettings": {
+ "Count": 32,
+ "Mode": "MSIx",
+ "CoalescingTime": 125,
+ "CoalescingType": "MIN"
+ },
+ "RxQueueSettings": {
+ "Count": 8,
+ "RingSize": 4096
+ },
+ "TxQueueSettings": {
+ "Count": 8,
+ "RingSize": 4096
+ },
+ "CompletionQueueSettings": {
+ "Count": 16
+ },
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ }
+ }
+ register: eth_adapter_resp
+ # Ethernet Network
+ - name: "Configure Ethernet Network Policy"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /vnic/EthNetworkPolicies
+ query_params:
+ $filter: "Name eq 'COS-EthernetNetwork'"
+ api_body: {
+ "Name": "COS-EthernetNetwork",
+ "VlanSettings": {
+ "Mode": "TRUNK",
+ "DefaultVlan": 10
+ },
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ }
+ }
+ register: eth_network_resp
+ # Ethernet QoS
+ - name: "Configure Ethernet QoS Policy"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /vnic/EthQosPolicies
+ query_params:
+ $filter: "Name eq 'COS-QoS'"
+ api_body: {
+ "Name": "COS-QoS",
+ "Mtu": 9000,
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ }
+ }
+ register: eth_qos_resp
+ # Import role for LAN Connectivity will register a policy_resp
+ - import_role:
+ name: policies/server_policies
+ vars:
+ resource_path: /vnic/LanConnectivityPolicies
+ api_body: {
+ "Name": "COS-LAN",
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ }
+ }
+ # vNIC configuration
+ # Ideally this would be in a loop, but Uplink is converted to a string (instead of the required int) when in a loop
+ - name: "Configure eth0"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /vnic/EthIfs
+ query_params:
+ $filter: "LanConnectivityPolicy.Moid eq '{{ policy_resp.api_response.Moid }}' and Name eq 'eth0'"
+ api_body: {
+ "Name": "eth0",
+ "Placement": {
+ "Id": "MLOM",
+ "Uplink": 0
+ },
+ "Order": 0,
+ "EthAdapterPolicy": {
+ "Moid": "{{ eth_adapter_resp.api_response.Moid }}"
+ },
+ "EthNetworkPolicy": {
+ "Moid": "{{ eth_network_resp.api_response.Moid }}"
+ },
+ "EthQosPolicy": {
+ "Moid": "{{ eth_qos_resp.api_response.Moid }}"
+ },
+ "LanConnectivityPolicy": {
+ "Moid": "{{ policy_resp.api_response.Moid }}"
+ },
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ }
+ }
+ - name: "Configure eth1"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /vnic/EthIfs
+ query_params:
+ $filter: "LanConnectivityPolicy.Moid eq '{{ policy_resp.api_response.Moid }}' and Name eq 'eth1'"
+ api_body: {
+ "Name": "eth1",
+ "Placement": {
+ "Id": "MLOM",
+ "Uplink": 1
+ },
+ "Order": 1,
+ "EthAdapterPolicy": {
+ "Moid": "{{ eth_adapter_resp.api_response.Moid }}"
+ },
+ "EthNetworkPolicy": {
+ "Moid": "{{ eth_network_resp.api_response.Moid }}"
+ },
+ "EthQosPolicy": {
+ "Moid": "{{ eth_qos_resp.api_response.Moid }}"
+ },
+ "LanConnectivityPolicy": {
+ "Moid": "{{ policy_resp.api_response.Moid }}"
+ },
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ }
+ }
+ tags: lan_connectivity
+ # NTP policy config
+ - import_role:
+ name: policies/server_policies
+ vars:
+ resource_path: /ntp/Policies
+ api_body: {
+ "Name": "COS-NTP",
+ "Enabled": true,
+ "NtpServers": [
+ "173.38.201.115"
+ ],
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ }
+ }
+ tags: ntp
+ # Storage and related policies
+ - block:
+ # Disk Group policy
+ - name: "Configure Disk Group Policy"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /storage/DiskGroupPolicies
+ query_params:
+ $filter: "Name eq 'COS-Disk'"
+ api_body: {
+ "Name":"COS-Disk",
+ "RaidLevel":"Raid1",
+ "SpanGroups":[
+ {
+ "Disks":[
+ {
+ "SlotNumber":13
+ },
+ {
+ "SlotNumber":14
+ }
+ ]
+ }
+ ],
+ "UseJbods":true,
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ }
+ }
+ register: disk_group_resp
+ # Storage policy
+ - import_role:
+ name: policies/server_policies
+ vars:
+ resource_path: /storage/StoragePolicies
+ api_body: {
+ "Name": "COS-Storage",
+ "RetainPolicyVirtualDrives": true,
+ "UnusedDisksState": "Jbod",
+ "VirtualDrives": [
+ {
+ "Name": "Boot",
+ "DiskGroupPolicy": "{{ disk_group_resp.api_response.Moid }}",
+ "AccessPolicy": "ReadWrite",
+ "ReadPolicy": "Default",
+ "WritePolicy": "WriteBackGoodBbu",
+ "IoPolicy": "Default",
+ "DriveCache": "Default",
+ "ExpandToAvailable": true,
+ "BootDrive": true
+ }
+ ],
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ }
+ }
+ tags: storage
+ # Virtual Media policy config
+ - import_role:
+ name: policies/server_policies
+ vars:
+ resource_path: /vmedia/Policies
+ api_body: {
+ "Name": "COS-VM",
+ "Mappings": [
+ {
+ "MountProtocol": "http",
+ "VolumeName": "COS.3.13.6",
+ "DeviceType": "cdd",
+ "HostName": "sjc02dmz-rhel.sjc02dmz.net",
+ "RemotePath": "ibm",
+ "RemoteFile": "clevos-3.13.6.33-allinone-usbiso.iso"
+ }
+ ],
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ }
+ }
+ tags: virtual_media
+ # Policies are common, so only run this block once and not for every host
+ run_once: true
+ delegate_to: localhost
diff --git a/ansible_collections/cisco/intersight/playbooks/deploy_server_profiles.yml b/ansible_collections/cisco/intersight/playbooks/deploy_server_profiles.yml
new file mode 100644
index 00000000..6e9a3892
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/deploy_server_profiles.yml
@@ -0,0 +1,38 @@
+---
+#
+# Deploy Server Profiles
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight_Servers'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+- hosts: "{{ group | default('Intersight_Servers') }}"
+ connection: local
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ # if api_key vars are omitted, INTERSIGHT_API_KEY_ID, INTERSIGHT_API_PRIVATE_KEY,
+ # and INTERSIGHT_API_URI environment variables used for API key data
+ api_private_key: "{{ api_private_key | default(omit) }}"
+ api_key_id: "{{ api_key_id | default(omit) }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ # Server Profile name default
+ profile_name: "SP-{{ inventory_hostname }}"
+ tasks:
+ # Deploy (or perform other action)
+ # action can be given on the command line if needed, e.g., ansible-playbook ... -e action=Unassign
+ # to delete a profile (profile must 1st be unassigned): ansible-playbook ... -e state=absent -e action=No-op
+ - name: Deploy (or user defined action) Server Profile
+ cisco.intersight.intersight_rest_api:
+ <<: *api_info
+ resource_path: /server/Profiles
+ query_params:
+ $filter: "Name eq '{{ profile_name }}'"
+ api_body: {
+ "Action": "{{ profile_action | default('Deploy') }}"
+ }
+ delegate_to: localhost
diff --git a/ansible_collections/cisco/intersight/playbooks/derive_profiles.yml b/ansible_collections/cisco/intersight/playbooks/derive_profiles.yml
new file mode 100644
index 00000000..9f8ef51f
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/derive_profiles.yml
@@ -0,0 +1,72 @@
+---
+#
+# include_tasks for deriving profiles from a template
+#
+# Get the Organization Moid
+- name: "Get {{ template_name }}_DERIVED-{{ item }} Profile Moid"
+ intersight_rest_api:
+ api_private_key: "{{ api_private_key | default(omit) }}"
+ api_key_id: "{{ api_key_id | default(omit) }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ resource_path: /server/Profiles
+ query_params:
+ $filter: "Name eq '{{ template_name }}_DERIVED-{{ item }}'"
+ register: profile_resp
+# Derive profiles from template (if profiles don't already exist)
+- name: "POST to derive {{ template_name }}_DERIVED-{{ item }}"
+ intersight_rest_api:
+ api_private_key: "{{ api_private_key | default(omit) }}"
+ api_key_id: "{{ api_key_id | default(omit) }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ resource_path: /bulk/MoCloners
+ update_method: post
+ api_body: {
+ "Sources": [
+ {
+ "ClassId": "mo.MoRef",
+ "ObjectType": "server.ProfileTemplate",
+ "Moid": "{{ template_resp.api_response.Moid }}"
+ }
+ ],
+ "Targets": [
+ {
+ "Name": "{{ template_name }}_DERIVED-{{ item }}",
+ "ObjectType": "server.Profile",
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ },
+ "ClassId": "server.Profile"
+ }
+ ]
+ }
+ when: profile_resp.api_response is not defined or not profile_resp.api_response
+# POST updates to derived profiles if template was changed
+- name: "POST to update {{ template_name }}_DERIVED-{{ item }}"
+ intersight_rest_api:
+ api_private_key: "{{ api_private_key | default(omit) }}"
+ api_key_id: "{{ api_key_id | default(omit) }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ resource_path: /bulk/MoMergers
+ update_method: post
+ api_body: {
+ "Sources": [
+ {
+ "ObjectType": "server.ProfileTemplate",
+ "Moid": "{{ template_resp.api_response.Moid }}"
+ }
+ ],
+ "Targets": [
+ {
+ "ObjectType": "server.Profile",
+ "Moid": "{{ profile_resp.api_response.Moid }}"
+ }
+ ],
+ "MergeAction":"Replace"
+ }
+ when: profile_resp.api_response and template_resp.changed
diff --git a/ansible_collections/cisco/intersight/playbooks/devnet_inventory b/ansible_collections/cisco/intersight/playbooks/devnet_inventory
new file mode 100644
index 00000000..aa3b889a
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/devnet_inventory
@@ -0,0 +1,23 @@
+[Intersight_HX]
+# Note: at least one host (e.g., sjc07-r13-501) must be present for update_*_inventory.yml to work
+sjc07-r13-501
+sjc07-r13-503
+
+[Intersight_Servers]
+C220M5-WZP23230LJ6 server_moid=5f0736dc6176752d37dbe9f4 model=UCSC-C220-M5SX
+C220M5-WZP23230LJC server_moid=5ec59a786176752d377205f1 model=UCSC-C220-M5SX
+C240M4-FCH1906V37P server_moid=5e8c974d6176752d332f44c9 model=UCSC-C240-M4S2
+C220-FCH2050V0LB server_moid=5dee9ce46176752d332eb867 model=UCSC-C220-M4L
+
+[Intersight:children]
+Intersight_HX
+Intersight_Servers
+
+[all:vars]
+api_private_key=~/Downloads/DevNetSecretKey.txt
+api_key_id=596cc79e5d91b400010d15ad/5db71f977564612d30cc3860/5f0f42d47564612d3363b87b
+organization=DevNet
+boot_order_policy=COS-Boot
+local_user_policy=devnet-guest-admin
+ntp_policy=lab-ntp
+virtual_media_policy=COS-VM
diff --git a/ansible_collections/cisco/intersight/playbooks/example_hx_host_vars b/ansible_collections/cisco/intersight/playbooks/example_hx_host_vars
new file mode 100644
index 00000000..34ea804d
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/example_hx_host_vars
@@ -0,0 +1,91 @@
+# HX Cluster Profile Settings
+intersight_org_name: Test-Org
+hx_cluster_name: M5-Hybrid
+hx_mgmt_platform: FI
+hx_hypervisor_type: ESXi
+hxdp_version: 4.5(1a)
+ucs_firmware_version: 4.2(1a)
+hx_mgmt_mac_prefix: 00:25:B5:7F
+#hx_replication_factor: 3
+#hx_vdi_optimization: false
+hx_disk_cleanup: true
+#hx_laz_autoconfig: false
+
+# VCenter Settings
+hx_vcenter_hostname: vcenter.hx.lab.cisco.com
+hx_vcenter_username: administrator@vsphere.local
+hx_vcenter_datacenter: Datacenter
+
+# HX Credentials
+hx_hypervisor_admin: root
+hx_hypervisor_factory_password: true
+#hx_hypervisor_password:
+#hx_dp_root_password:
+#hx_vcenter_password:
+
+# HX Network Services Settings
+hx_sys_config_timezone: America/Los_Angeles
+hx_sys_config_dns_servers:
+ - 10.29.133.110
+hx_sys_config_ntp_servers:
+ - ntp1.hx.lab.cisco.com
+ - ntp2.hx.lab.cisco.com
+hx_sys_config_dns_domain: hx.lab.cisco.com
+
+# HX Networking Settings
+hx_mgmt_ip: 10.29.133.237
+hx_mgmt_vm_ip_start: 10.29.133.238
+hx_mgmt_vm_ip_end: 10.29.133.241
+hx_mgmt_netmask: 255.255.255.0
+hx_mgmt_gateway: 10.29.133.1
+hx_jumbo_frames: true
+hx_mgmt_vlan_name: hx-mgmt-133
+hx_mgmt_vlan_id: 133
+hx_migration_vlan_name: vmotion-200
+hx_migration_vlan_id: 200
+hx_data_vlan_name: storage-51
+hx_data_vlan_id: 51
+#hx_vm_vlan_name: vm-network-100
+#hx_vm_vlan: 100
+hx_guest_vm_vlans:
+ - {"Name": vm-network-100, "VlanId": 100}
+ - {"Name": vm-network-101, "VlanId": 101}
+
+# HX Auto Support Settings
+#hx_auto_support_enable: false
+hx_auto_support_receipient: beveritt@cisco.com
+
+# HX Proxy Settings
+hx_proxy_setting_hostname: proxy-wsa.esl.cisco.com
+hx_proxy_setting_port: 80
+
+# FC Settings
+hx_vsan_a_name: vsan-10
+hx_vsan_a_id: 10
+hx_vsan_b_name: vsan-20
+hx_vsan_b_id: 20
+hx_fc_wwxn_range_start: 20:00:00:25:B5:7F
+hx_fc_wwxn_range_end: 20:00:00:25:B5:7F
+
+# iSCSI Settings
+hx_iscsi_vlan_a_name: iscsi-110
+hx_iscsi_vlan_a_id: 110
+hx_iscsi_vlan_b_name: iscsi-111
+hx_iscsi_vlan_b_id: 111
+
+# HX Node Settings
+hx_node_profile_prefix: hx220m5
+esx_mgmt_ip_start: 10.29.133.246
+esx_mgmt_ip_end: 10.29.133.249
+ucs_kvm_start_ip: 10.29.133.242
+ucs_kvm_end_ip: 10.29.133.245
+ucs_kvm_gateway: 10.29.133.1
+ucs_kvm_netmask: 255.255.255.0
+hx_mac_start: 00:25:B5:7F
+hx_mac_end: 00:25:B5:7F
+
+hx_servers:
+ - SJC2-151-K27-6332-9
+ - SJC2-151-K27-6332-10
+ - SJC2-151-K27-6332-11
+ - SJC2-151-K27-6332-12 \ No newline at end of file
diff --git a/ansible_collections/cisco/intersight/playbooks/example_imm_inventory b/ansible_collections/cisco/intersight/playbooks/example_imm_inventory
new file mode 100644
index 00000000..fcbd3583
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/example_imm_inventory
@@ -0,0 +1,15 @@
+[Intersight_Servers]
+SJC07-R14-FI-1-1-7
+SJC07-R14-FI-1-1-8
+
+# Examples can use Intersight or Intersight_Servers host group
+[Intersight:children]
+Intersight_Servers
+
+# For examples that use localhost, all:vars allows key lookup
+[all:vars]
+api_key_id=596cc79e5d91b400010d15ad/5db71f977564612d30cc3860/5e9217a57564612d302f475b
+# Policies to use with profiles
+boot_order_policy=tf-module-boot-policy
+imc_access_policy=tf-module-SJC07-R14-15-access
+lan_connectivity_policy=tf-module-lan-connectivity-policy \ No newline at end of file
diff --git a/ansible_collections/cisco/intersight/playbooks/example_inventory b/ansible_collections/cisco/intersight/playbooks/example_inventory
new file mode 100644
index 00000000..af8c4100
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/example_inventory
@@ -0,0 +1,14 @@
+[Intersight_HX]
+# Note: at least one host (e.g., sjc07-r13-501) must be present for update_*_inventory.yml to work
+sjc07-r13-501
+sjc07-r13-503
+
+[Intersight_Servers]
+
+[Intersight:children]
+Intersight_HX
+Intersight_Servers
+
+[all:vars]
+api_private_key=~/Downloads/SecretKey.txt
+api_key_id=596cc79e5d91b400010d15ad/5f0ce0ad7564612d3311a1f3/5f0ea8eb7564612d334ccb5a
diff --git a/ansible_collections/cisco/intersight/playbooks/firmware_direct_download.yml b/ansible_collections/cisco/intersight/playbooks/firmware_direct_download.yml
new file mode 100644
index 00000000..4277f930
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/firmware_direct_download.yml
@@ -0,0 +1,85 @@
+---
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight_Servers'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+- hosts: "{{ group | default('Intersight_Servers') }}"
+ connection: local
+ collections:
+ - cisco.intersight
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ # if api_key vars are omitted, INTERSIGHT_API_KEY_ID, INTERSIGHT_API_PRIVATE_KEY,
+ # and INTERSIGHT_API_URI environment variables used for API key data
+ api_private_key: "{{ api_private_key | default(omit) }}"
+ api_key_id: "{{ api_key_id | default(omit) }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ # Firmware Version
+ fw_version: 4.2(2d)
+ tasks:
+ # Set the distributable type based on the management mode and server type
+ - set_fact:
+ dist_type: IMMHOST
+ when: mode == 'Intersight' or mode == 'IntersightStandalone'
+ - set_fact:
+ dist_type: UMMBLADE
+ when: mode == 'UCSM' and object_type == 'Blade'
+ - set_fact:
+ dist_type: UMMRACK
+ when: mode == 'UCSM' and object_type == 'RackUnit'
+ # Get a user defined FW version
+ - name: Get Moid of user defined FW version
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /firmware/Distributables
+ query_params:
+ $filter: "SupportedModels eq '{{ model }}' and Version eq '{{ fw_version }}' and Tags.Key eq 'cisco.meta.distributabletype' and Tags.Value eq '{{ dist_type }}' and Tags.Key eq 'cisco.meta.repositorytype' and Tags.Value eq 'IntersightCloud'"
+ delegate_to: localhost
+ register: fw_resp
+ # Update server firmware with a post based on server moid
+ - name: Update server firmware
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /firmware/Upgrades
+ query_params:
+ $filter: "Server.Moid eq '{{ server_moid }}'"
+ update_method: post
+ api_body: {
+ "DirectDownload": {
+ "Upgradeoption": "upgrade_mount_only"
+ },
+ "Distributable": {
+ "Moid": "{{ fw_resp.api_response.Moid }}"
+ },
+ "Server": {
+ "Moid": "{{ server_moid }}",
+ "ObjectType": "compute.{{ object_type }}"
+ },
+ "UpgradeType": "direct_upgrade",
+ "SkipEstimateImpact": true
+ }
+ delegate_to: localhost
+ register: update_resp
+ when:
+ - server_moid is defined
+ - fw_resp.api_response.Moid is defined
+ # Wait for download/update to complete
+ - name: Check firmware download/update status
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /firmware/UpgradeStatuses
+ query_params:
+ $filter: "Moid eq '{{ update_resp.api_response.UpgradeStatus.Moid }}'"
+ delegate_to: localhost
+ register: status_resp
+ until: status_resp.api_response.Overallstatus == 'pending' or status_resp.api_response.Overallstatus == 'success'
+ # 60 minutes to allow download/update to complete
+ retries: 60
+ delay: 60
+ when:
+ - update_resp.api_response is defined
diff --git a/ansible_collections/cisco/intersight/playbooks/hcl_status.yml b/ansible_collections/cisco/intersight/playbooks/hcl_status.yml
new file mode 100644
index 00000000..7281c259
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/hcl_status.yml
@@ -0,0 +1,46 @@
+---
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight_Servers'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+- hosts: "{{ group | default('Intersight_Servers') }}"
+ collections:
+ - cisco.intersight
+ connection: local
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ tasks:
+ # Get HclStatus
+ - name: Get HCL Status for Server
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /cond/HclStatuses
+ query_params:
+ $filter: "ManagedObject.Moid eq '{{ server_moid }}'"
+ delegate_to: localhost
+ register: hcl_resp
+ when:
+ - server_moid is defined
+ # Create .csv file with version and status information
+ - copy:
+ content: |
+ Name, FW version, OS vendor, OS version, HW status, SW status, Overall Status
+ {% for host in hostvars %}
+ {% set vars = hostvars[host|string] %}
+ {% if vars.hcl_resp.api_response is defined %}
+ {{ vars.inventory_hostname }}, {{ vars.hcl_resp.api_response.HclFirmwareVersion }}, {{ vars.hcl_resp.api_response.HclOsVendor }}, {{ vars.hcl_resp.api_response.HclOsVersion }}, {{ vars.hcl_resp.api_response.HardwareStatus }}, {{ vars.hcl_resp.api_response.SoftwareStatus }}, {{ vars.hcl_resp.api_response.Status }} {{ vars.hcl_resp.api_response.ServerReason }}
+ {% endif %}
+ {% endfor %}
+ dest: /tmp/hcl_status.csv
+ backup: false
+ run_once: true
+ delegate_to: localhost
diff --git a/ansible_collections/cisco/intersight/playbooks/hyperflex_cluster_profiles.yml b/ansible_collections/cisco/intersight/playbooks/hyperflex_cluster_profiles.yml
new file mode 100644
index 00000000..d70523db
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/hyperflex_cluster_profiles.yml
@@ -0,0 +1,172 @@
+---
+#
+# Configure HyperFlex Cluster Profiles
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight_HX'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+- hosts: "{{ group | default('Intersight_HX') }}"
+ connection: local
+ gather_facts: false
+ vars:
+ # If your inventory or host/group_vars don't specify required api key information, you can set directly below:
+ # api_private_key: ~/Downloads/SecretKey.txt
+ # api_key_id: 5a3404ac3768393836093cab/5b02fa7e6d6c356772394170/5b02fad36d6c356772394449
+ vars_prompt:
+
+ - name: "hx_vcenter_password"
+ prompt: "Enter the vCenter administrative password"
+ private: yes
+ confirm: yes
+ unsafe: yes
+
+ - name: "hx_hypervisor_password"
+ prompt: "Enter the new ESXi nodes' administrative password"
+ private: yes
+ confirm: yes
+ unsafe: yes
+
+ - name: "hx_dp_root_password"
+ prompt: "Enter the HyperFlex administrative password"
+ private: yes
+ confirm: yes
+ unsafe: yes
+
+ - name: "execute_auto_support"
+ prompt: "Do you need to enable Auto Support settings? (yes/no)"
+ private: no
+
+ - name: "execute_proxy"
+ prompt: "Do you need to configure proxy settings? (yes/no)"
+ private: no
+
+ - name: "execute_iscsi"
+ prompt: "Do you need to configure additional vNICs for iSCSI settings? (yes/no)"
+ private: no
+
+ - name: "execute_fc"
+ prompt: "Do you need to configure additional vHBAs for FC settings? (yes/no)"
+ private: no
+
+ tasks:
+ # Intersight Org
+ - import_role:
+ name: policies/hyperflex_policies/intersight_org
+ vars:
+ org_name: "{{ intersight_org_name }}"
+ tags: ['org']
+ # Cluster Profile
+ - import_role:
+ name: policies/hyperflex_policies/cluster_profile
+ vars:
+ hx_cluster_profile: "{{ hx_cluster_name }}"
+ tags: ['cluster_profile']
+ # Software Version
+ - import_role:
+ name: policies/hyperflex_policies/software_version
+ vars:
+ hx_software_policy: "{{ hx_cluster_name }}-software-version-policy"
+ tags: ['software']
+ # DNS
+ - import_role:
+ name: policies/hyperflex_policies/sys_config
+ vars:
+ hx_sys_config_policy: "{{ hx_cluster_name }}-sys-config-policy"
+ tags: ['dns']
+ # Security
+ - import_role:
+ name: policies/hyperflex_policies/local_credential
+ vars:
+ hx_local_credential_policy: "{{ hx_cluster_name }}-local-credential-policy"
+ tags: ['security']
+ # vCenter
+ - import_role:
+ name: policies/hyperflex_policies/vcenter
+ vars:
+ hx_vcenter_config_policy: "{{ hx_cluster_name }}-vcenter-config-policy"
+ tags: ['vcenter']
+ # Storage Config
+ - import_role:
+ name: policies/hyperflex_policies/cluster_storage
+ vars:
+ hx_cluster_storage_policy: "{{ hx_cluster_name }}-cluster-storage-policy"
+ tags: ['storage']
+ # Auto Support
+ - import_role:
+ name: policies/hyperflex_policies/auto_support
+ vars:
+ hx_auto_support_policy: "{{ hx_cluster_name }}-auto-support-policy"
+ hx_auto_support_enable: true
+ when: execute_auto_support|bool
+ tags: ['autosupport']
+ # Proxy
+ - import_role:
+ name: policies/hyperflex_policies/proxy
+ vars:
+ hx_proxy_setting_policy: "{{ hx_cluster_name }}-proxy-setting-policy"
+ when: execute_proxy|bool
+ tags: ['proxy']
+ # FC
+ - import_role:
+ name: policies/hyperflex_policies/fc
+ vars:
+ hx_fc_setting_policy: "{{ hx_cluster_name }}-ext-fc-storage-policy"
+ hx_fc_setting_enable: true
+ when: execute_fc|bool
+ tags: ['fc']
+ # iSCSI
+ - import_role:
+ name: policies/hyperflex_policies/iscsi
+ vars:
+ hx_iscsi_setting_policy: "{{ hx_cluster_name }}-ext-iscsi-storage-policy"
+ hx_iscsi_setting_enable: true
+ when: execute_iscsi|bool
+ tags: ['iscsi']
+ # Network Config
+ - import_role:
+ name: policies/hyperflex_policies/cluster_network
+ vars:
+ hx_cluster_network_policy: "{{ hx_cluster_name }}-cluster-network-policy"
+ tags: ['network']
+ # Node IP and Hostname
+ - import_role:
+ name: policies/hyperflex_policies/node_config
+ vars:
+ hx_node_config_policy: "{{ hx_cluster_name }}-node-config-policy"
+ tags: ['nodes']
+
+ - debug:
+ msg: "All policies and the HyperFlex cluster profile have been created."
+
+ - name: "Prompt to assign"
+ pause:
+ prompt: "Proceed with physical node assignment? (yes/no)"
+ echo: yes
+ register: assign_response
+ run_once: true
+ tags: ['prompt_assign']
+
+ # Assign servers to cluster profile and set deployment action
+ - import_role:
+ name: policies/hyperflex_policies/node_profiles
+ tags: ['assign']
+ when: assign_response.user_input|bool
+
+ - name: "Prompt to deploy"
+ pause:
+ prompt: "Proceed with cluster deployment? (yes/no)"
+ echo: yes
+ register: deploy_response
+ run_once: true
+ tags: ['prompt_deploy']
+
+ # Set cluster profile deployment action
+ - import_role:
+ name: policies/hyperflex_policies/deploy
+ tags: ['deploy']
+ when: deploy_response.user_input|bool
+
+ - debug:
+ msg: "HyperFlex cluster creation is complete."
diff --git a/ansible_collections/cisco/intersight/playbooks/hyperflex_edge_cluster_profiles.yml b/ansible_collections/cisco/intersight/playbooks/hyperflex_edge_cluster_profiles.yml
new file mode 100644
index 00000000..c0144a0a
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/hyperflex_edge_cluster_profiles.yml
@@ -0,0 +1,148 @@
+---
+#
+# Configure HyperFlex Edge Cluster Profiles
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight_HX'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+- hosts: "{{ group | default('Intersight_HX') }}"
+ connection: local
+ gather_facts: false
+ vars:
+ # If your inventory or host/group_vars don't specify required api key information, you can set directly below:
+ # api_private_key: ~/Downloads/SecretKey.txt
+ # api_key_id: 5a3404ac3768393836093cab/5b02fa7e6d6c356772394170/5b02fad36d6c356772394449
+ vars_prompt:
+
+ - name: "hx_vcenter_password"
+ prompt: "Enter the vCenter administrative password"
+ private: yes
+ confirm: yes
+ unsafe: yes
+
+ - name: "hx_hypervisor_password"
+ prompt: "Enter the new ESXi nodes' administrative password"
+ private: yes
+ confirm: yes
+ unsafe: yes
+
+ - name: "hx_dp_root_password"
+ prompt: "Enter the HyperFlex administrative password"
+ private: yes
+ confirm: yes
+ unsafe: yes
+
+ - name: "execute_auto_support"
+ prompt: "Do you need to enable Auto Support settings? (yes/no)"
+ private: no
+
+ - name: "execute_proxy"
+ prompt: "Do you need to configure proxy settings? (yes/no)"
+ private: no
+
+ tasks:
+ # Intersight Org
+ - import_role:
+ name: policies/hyperflex_policies/intersight_org
+ vars:
+ org_name: "{{ intersight_org_name }}"
+ tags: ['org']
+ # Cluster Profile
+ - import_role:
+ name: policies/hyperflex_policies/edge_cluster_profile
+ vars:
+ hx_cluster_profile: "{{ hx_cluster_name }}"
+ tags: ['cluster_profile']
+ # Software Version
+ - import_role:
+ name: policies/hyperflex_policies/edge_software_version
+ vars:
+ hx_software_policy: "{{ hx_cluster_name }}-software-version-policy"
+ tags: ['software']
+ # DNS
+ - import_role:
+ name: policies/hyperflex_policies/sys_config
+ vars:
+ hx_sys_config_policy: "{{ hx_cluster_name }}-sys-config-policy"
+ tags: ['dns']
+ # Security
+ - import_role:
+ name: policies/hyperflex_policies/local_credential
+ vars:
+ hx_local_credential_policy: "{{ hx_cluster_name }}-local-credential-policy"
+ tags: ['security']
+ # vCenter
+ - import_role:
+ name: policies/hyperflex_policies/vcenter
+ vars:
+ hx_vcenter_config_policy: "{{ hx_cluster_name }}-vcenter-config-policy"
+ tags: ['vcenter']
+ # Storage Config
+ - import_role:
+ name: policies/hyperflex_policies/edge_cluster_storage
+ vars:
+ hx_cluster_storage_policy: "{{ hx_cluster_name }}-cluster-storage-policy"
+ tags: ['storage']
+ # Auto Support
+ - import_role:
+ name: policies/hyperflex_policies/auto_support
+ vars:
+ hx_auto_support_policy: "{{ hx_cluster_name }}-auto-support-policy"
+ hx_auto_support_enable: true
+ when: execute_auto_support|bool
+ tags: ['autosupport']
+ # Proxy
+ - import_role:
+ name: policies/hyperflex_policies/proxy
+ vars:
+ hx_proxy_setting_policy: "{{ hx_cluster_name }}-proxy-setting-policy"
+ when: execute_proxy|bool
+ tags: ['proxy']
+ # Network Config
+ - import_role:
+ name: policies/hyperflex_policies/edge_cluster_network
+ vars:
+ hx_cluster_network_policy: "{{ hx_cluster_name }}-cluster-network-policy"
+ tags: ['network']
+ # Node IP and Hostname
+ - import_role:
+ name: policies/hyperflex_policies/node_config
+ vars:
+ hx_node_config_policy: "{{ hx_cluster_name }}-node-config-policy"
+ tags: ['nodes']
+
+ - debug:
+ msg: "All policies and the HyperFlex cluster profile have been created."
+
+ - name: "Prompt to assign"
+ pause:
+ prompt: "Proceed with physical node assignment? (yes/no)"
+ echo: yes
+ register: assign_response
+ run_once: true
+ tags: ['prompt_assign']
+
+ # Assign servers to cluster profile and set deployment action
+ - import_role:
+ name: policies/hyperflex_policies/node_profiles
+ tags: ['assign']
+ when: assign_response.user_input|bool
+
+ - name: "Prompt to deploy"
+ pause:
+ prompt: "Proceed with cluster deployment? (yes/no)"
+ echo: yes
+ register: deploy_response
+ run_once: true
+ tags: ['prompt_deploy']
+
+ # Set cluster profile deployment action
+ - import_role:
+ name: policies/hyperflex_policies/deploy
+ tags: ['deploy']
+ when: deploy_response.user_input|bool
+
+ - debug:
+ msg: "HyperFlex Edge cluster creation is complete."
diff --git a/ansible_collections/cisco/intersight/playbooks/intersight_boot_order_policy.yml b/ansible_collections/cisco/intersight/playbooks/intersight_boot_order_policy.yml
new file mode 100644
index 00000000..ea20cc06
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/intersight_boot_order_policy.yml
@@ -0,0 +1,32 @@
+---
+# Example Playbook: cisco.intersight.intersight_boot_order_policy
+# Runs on localhost since policies are only configured once
+# Author: Tse Kai "Kevin" Chan (@BrightScale)
+- hosts: localhost
+ connection: local
+ collections:
+ - cisco.intersight
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ tasks:
+ - name: Configure Boot Order Policy
+ intersight_boot_order_policy:
+ <<: *api_info
+ organization: "{{ organization | default(omit) }}"
+ name: COS-Boot
+ description: Boot Order policy for lab use
+ tags:
+ - Key: Site
+ Value: RCDN
+ configured_boot_mode: Legacy
+ boot_devices:
+ - device_type: Local Disk
+ device_name: Boot-Lun
+ controller_slot: MRAID
+ - device_type: Virtual Media
+ device_name: vmedia
diff --git a/ansible_collections/cisco/intersight/playbooks/intersight_domain_profile.yml b/ansible_collections/cisco/intersight/playbooks/intersight_domain_profile.yml
new file mode 100644
index 00000000..f8c5eae9
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/intersight_domain_profile.yml
@@ -0,0 +1,140 @@
+---
+#
+# Configure UCS Domain Profiles
+#
+- hosts: localhost
+ connection: local
+ collections:
+ - cisco.intersight
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ # if api_key vars are omitted, INTERSIGHT_API_KEY_ID, INTERSIGHT_API_PRIVATE_KEY,
+ # and INTERSIGHT_API_URI environment variables used for API key data
+ api_private_key: "{{ api_private_key | default(omit) }}"
+ api_key_id: "{{ api_key_id | default(omit) }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ # Domain Profile name
+ profile_name: emulator
+ org_name: dsoper-DevNet
+ port_policy: server-1-6-eth-pc-47-48
+ qos_policy: required-qos
+ # Fabric Intersight A and B Serial Numbers
+ fia_sn: FDO23021WJ6
+ fib_sn: FDO23070UA2
+ tasks:
+ # Get the Organization Moid
+ - name: "Get {{ org_name }} Organization Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /organization/Organizations
+ query_params:
+ $filter: "Name eq '{{ org_name }}'"
+ register: org_resp
+ # Get the Port Policy
+ - name: "Get {{ port_policy }} Port Policy Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /fabric/PortPolicies
+ query_params:
+ $filter: "Name eq '{{ port_policy }}'"
+ register: port_resp
+ # Get the QoS Policy
+ - name: "Get {{ qos_policy }} Qos Policy Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /fabric/SystemQosPolicies
+ query_params:
+ $filter: "Name eq '{{ qos_policy }}'"
+ register: qos_resp
+ # Get FI A Moid
+ - name: "Get FI A {{ fia_sn }} Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /network/Elements
+ query_params:
+ $filter: "Serial eq '{{ fia_sn }}'"
+ register: fia_resp
+ # Get FI B Moid
+ - name: "Get FI B {{ fib_sn }} Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /network/Elements
+ query_params:
+ $filter: "Serial eq '{{ fib_sn }}'"
+ register: fib_resp
+ # Config Domain (SwitchCluster) Profile
+ - name: "Configure {{ profile_name }} Domain Profile"
+ intersight_rest_api:
+ <<: *api_info
+ state: "{{ state | default('present') }}"
+ resource_path: /fabric/SwitchClusterProfiles
+ query_params:
+ $filter: "Name eq '{{ profile_name }}'"
+ api_body: {
+ "Name": "{{ profile_name }}",
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ }
+ }
+ register: profile_resp
+ # Config Switch Profile A with Policy Bucket
+ # Command line arg -e profile_action=Unassign can be used to unassign the profile
+ # Command line arg -e profile_action=Deploy can be used to deploy the profile
+ - name: "Configure {{ profile_name }}-A Switch Profile"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /fabric/SwitchProfiles
+ query_params:
+ $filter: "Name eq '{{ profile_name }}-A'"
+ api_body: {
+ "Name": "{{ profile_name }}-A",
+ "SwitchClusterProfile": {
+ "Moid": "{{ profile_resp.api_response.Moid }}"
+ },
+ "PolicyBucket": [
+ {
+ "Moid": "{{ port_resp.api_response.Moid }}",
+ "ObjectType": "fabric.PortPolicy"
+ },
+ {
+ "Moid": "{{ qos_resp.api_response.Moid }}",
+ "ObjectType": "fabric.SystemQosPolicy"
+ }
+ ],
+ "AssignedSwitch": {
+ "Moid": "{{ fia_resp.api_response.Moid }}"
+ },
+ "Action": "{{ profile_action | default('No-op') }}"
+ }
+ when: profile_resp.api_response is defined and profile_resp.api_response
+ # Config Switch Profile B with Policy Bucket
+ - name: "Configure {{ profile_name }}-B Switch Profile"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /fabric/SwitchProfiles
+ query_params:
+ $filter: "Name eq '{{ profile_name }}-B'"
+ api_body: {
+ "Name": "{{ profile_name }}-B",
+ "SwitchClusterProfile": {
+ "Moid": "{{ profile_resp.api_response.Moid }}"
+ },
+ "PolicyBucket": [
+ {
+ "Moid": "{{ port_resp.api_response.Moid }}",
+ "ObjectType": "fabric.PortPolicy"
+ },
+ {
+ "Moid": "{{ qos_resp.api_response.Moid }}",
+ "ObjectType": "fabric.SystemQosPolicy"
+ }
+ ],
+ "AssignedSwitch": {
+ "Moid": "{{ fib_resp.api_response.Moid }}"
+ },
+ "Action": "{{ profile_action | default('No-op') }}"
+ }
+ when: profile_resp.api_response is defined and profile_resp.api_response
diff --git a/ansible_collections/cisco/intersight/playbooks/intersight_imc_access_policy.yml b/ansible_collections/cisco/intersight/playbooks/intersight_imc_access_policy.yml
new file mode 100644
index 00000000..070d0027
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/intersight_imc_access_policy.yml
@@ -0,0 +1,25 @@
+---
+# Example Playbook: cisco.intersight.intersight_..._policy
+# Runs on localhost since policies are only configured once
+- hosts: localhost
+ connection: local
+ collections:
+ - cisco.intersight
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ tasks:
+ - name: Configure IMC Access policy
+ intersight_imc_access_policy:
+ <<: *api_info
+ name: "{{ imc_access_name | default('sjc02-d23-access') }}"
+ tags:
+ - Key: Site
+ Value: SJC02
+ description: Updated IMC access for SJC labs
+ vlan_id: "{{ imc_access_vlan | default(131) }}"
+ ip_pool: "{{ ip_pool | default('sjc02-d23-ext-mgmt') }}"
diff --git a/ansible_collections/cisco/intersight/playbooks/intersight_lan_connectivity_policy.yml b/ansible_collections/cisco/intersight/playbooks/intersight_lan_connectivity_policy.yml
new file mode 100644
index 00000000..91c1446e
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/intersight_lan_connectivity_policy.yml
@@ -0,0 +1,134 @@
+---
+#
+# Configure LAN Connectivity Policy
+#
+- hosts: localhost
+ connection: local
+ collections:
+ - cisco.intersight
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ # if api_key vars are omitted, INTERSIGHT_API_KEY_ID, INTERSIGHT_API_PRIVATE_KEY,
+ # and INTERSIGHT_API_URI environment variables used for API key data
+ api_private_key: "{{ api_private_key | default(omit) }}"
+ api_key_id: "{{ api_key_id | default(omit) }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ # LAN Connectivity Policy name
+ lcp_name: SJC07-R14-R15-lan-conn
+ eth_net_group: sjc07-248-net-group
+ eth_net_control: default-eth-net-control
+ eth_qos: default-eth-qos
+ eth_adapter: eth-adapter
+ mac_pool: sjc07-de31-mac
+ vnic_name: eth0
+ org_name: dsoper-DevNet
+ tasks:
+ # Get the Organization Moid
+ - name: "Get {{ org_name }} Organization Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /organization/Organizations
+ query_params:
+ $filter: "Name eq '{{ org_name }}'"
+ register: org_resp
+ # Get the Ethernet Network Group Policy
+ - name: "Get {{ eth_net_group }} Ethernet Network Group Policy Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /fabric/EthNetworkGroupPolicies
+ query_params:
+ $filter: "Name eq '{{ eth_net_group }}'"
+ register: eth_net_group_resp
+ # Get the Ethernet Network Control Policy
+ - name: "Get {{ eth_net_control }} Ethernet Network Control Policy Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /fabric/EthNetworkControlPolicies
+ query_params:
+ $filter: "Name eq '{{ eth_net_control }}'"
+ register: eth_net_control_resp
+ # Get the Ethernet QoS Policy
+ - name: "Get {{ eth_qos }} Ethernet QoS Policy Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /vnic/EthQosPolicies
+ query_params:
+ $filter: "Name eq '{{ eth_qos }}'"
+ register: eth_qos_resp
+ # Get the Ethernet Network Group Policy
+ - name: "Get {{ eth_adapter }} Ethernet Adapter Policy Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /vnic/EthAdapterPolicies
+ query_params:
+ $filter: "Name eq '{{ eth_adapter }}'"
+ register: eth_adapter_resp
+ # Get MAC Address Pool
+ - name: "Get {{ mac_pool }} MAC Address Pool Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /macpool/Pools
+ query_params:
+ $filter: "Name eq '{{ mac_pool }}'"
+ register: mac_resp
+ # Config LAN Connectivity Policy
+ - name: "Configure {{ lcp_name }} LAN Connectivity Policy"
+ intersight_rest_api:
+ <<: *api_info
+ state: "{{ state | default('present') }}"
+ resource_path: /vnic/LanConnectivityPolicies
+ query_params:
+ $filter: "Name eq '{{ lcp_name }}'"
+ api_body: {
+ "Name": "{{ lcp_name }}",
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ },
+ "PlacementMode": "auto",
+ "TargetPlatform": "FIAttached"
+ }
+ register: lcp_resp
+ # Config vNIC with LAN Connectivity Policy
+ - name: "Configure {{ vnic_name }} vNIC"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /vnic/EthIfs
+ query_params:
+ $filter: "Name eq '{{ vnic_name }}'"
+ api_body: {
+ "Name": "{{ vnic_name }}",
+ "MacAddressType": "POOL",
+ "MacPool": {
+ "Moid": "{{ mac_resp.api_response.Moid }}",
+ },
+ "Placement": {
+ "SwitchId": "A",
+ "AutoSlotId": false,
+ "AutoPciLink": false
+ },
+ "Cdn": {
+ "Source": "vnic"
+ },
+ "FailoverEnabled": true,
+ "FabricEthNetworkGroupPolicy": [
+ {
+ "Moid": "{{ eth_net_group_resp.api_response.Moid }}"
+ }
+ ],
+ "FabricEthNetworkControlPolicy": {
+ "Moid": "{{ eth_net_control_resp.api_response.Moid }}"
+ },
+ "EthQosPolicy": {
+ "Moid": "{{ eth_qos_resp.api_response.Moid }}"
+ },
+ "EthAdapterPolicy": {
+ "Moid": "{{ eth_adapter_resp.api_response.Moid }}"
+ },
+ "LanConnectivityPolicy": {
+ "Moid": "{{ lcp_resp.api_response.Moid }}"
+ }
+ }
+ when: lcp_resp.api_response is defined and lcp_resp.api_response
diff --git a/ansible_collections/cisco/intersight/playbooks/intersight_local_user_policy.yml b/ansible_collections/cisco/intersight/playbooks/intersight_local_user_policy.yml
new file mode 100644
index 00000000..a387a95c
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/intersight_local_user_policy.yml
@@ -0,0 +1,55 @@
+---
+# Example Playbook: cisco.intersight.intersight_..._policy
+# Runs on localhost since policies are only configured once
+- hosts: localhost
+ connection: local
+ collections:
+ - cisco.intersight
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ # if api_key vars are omitted, INTERSIGHT_API_KEY_ID, INTERSIGHT_API_PRIVATE_KEY,
+ # and INTERSIGHT_API_URI environment variables used for API key data
+ api_private_key: "{{ api_private_key | default(omit) }}"
+ api_key_id: "{{ api_key_id | default(omit) }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ #
+ # Example using vault:
+ # 1. Place the vault password into a plain text file (this is the password for vault access - do not check this into any repos!)
+ # $ cat vault_password_file
+ # ...
+ # 2. Encrypt a string (e.g., 'notagoodpassword'). You will later decrypt using your vault password file
+ # $ ansible-vault encrypt_string --vault-id tme@vault_password_file 'notagoodpassword' --name 'vault_password'
+ # (response is the encrypting string)
+ # 3. Place the vault variable in your playbook (example below):
+ # 4. Run the playbook and supply the vault password file (used to decrypt the vaulted password in the playbook)
+ # $ ansible-playbook -i inventory --vault-id tme@vault_password_file intersight_local_user_policy.yml
+ #
+ vault_password: !vault |
+ $ANSIBLE_VAULT;1.2;AES256;tme
+ 36656264656638646566313633353832396138616264313032303433656636643638363864653936
+ 6532646363303435633965383432633630306566323838640a363566376234303366313064306162
+ 39326331373231643333616335393232353633393834653161633032383539383537656336666639
+ 3635306535366233660a356235393664653538386136626439646137626531663135363636326131
+ 3538
+ tasks:
+ - name: Configure Local User policy
+ intersight_local_user_policy:
+ <<: *api_info
+ name: "{{ local_user_policy | default('guest-admin') }}"
+ tags:
+ - Key: username
+ Value: guest
+ description: Username guest with admin role
+ enforce_strong_password: true
+ enable_password_expiry: false
+ password_history: 5
+ purge: true
+ always_update_password: true
+ local_users:
+ - username: guest
+ role: admin
+ password: "{{ vault_password }}"
diff --git a/ansible_collections/cisco/intersight/playbooks/intersight_ntp_policy.yml b/ansible_collections/cisco/intersight/playbooks/intersight_ntp_policy.yml
new file mode 100644
index 00000000..9f4661b8
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/intersight_ntp_policy.yml
@@ -0,0 +1,27 @@
+---
+# Example Playbook: cisco.intersight.intersight_ntp_policy
+# Runs on localhost since policies are only configured once
+- hosts: localhost
+ connection: local
+ collections:
+ - cisco.intersight
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ tasks:
+ - name: Configure NTP Policy
+ intersight_ntp_policy:
+ <<: *api_info
+ organization: "{{ organization | default(omit) }}"
+ name: lab-ntp
+ description: NTP policy for lab use
+ tags:
+ - Key: Site
+ Value: RCDN
+ ntp_servers:
+ - ntp.esl.cisco.com
+ timezone: America/Chicago
diff --git a/ansible_collections/cisco/intersight/playbooks/intersight_port_policy.yml b/ansible_collections/cisco/intersight/playbooks/intersight_port_policy.yml
new file mode 100644
index 00000000..83ba5a57
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/intersight_port_policy.yml
@@ -0,0 +1,88 @@
+---
+#
+# Configure Fabric Port Policies
+#
+- hosts: localhost
+ connection: local
+ collections:
+ - cisco.intersight
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ # if api_key vars are omitted, INTERSIGHT_API_KEY_ID, INTERSIGHT_API_PRIVATE_KEY,
+ # and INTERSIGHT_API_URI environment variables used for API key data
+ api_private_key: "{{ api_private_key | default(omit) }}"
+ api_key_id: "{{ api_key_id | default(omit) }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ # Port Policy name
+ port_name: server-1-6-eth-pc-47-48
+ org_name: dsoper-DevNet
+ tasks:
+ # Get the Organization Moid
+ - name: "Get {{ org_name }} Organization Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /organization/Organizations
+ query_params:
+ $filter: "Name eq '{{ org_name }}'"
+ register: org_resp
+ # Config Port Policy
+ - name: "Configure {{ port_name }} Port Policy"
+ intersight_rest_api:
+ <<: *api_info
+ state: "{{ state | default('present') }}"
+ resource_path: /fabric/PortPolicies
+ query_params:
+ $filter: "Name eq '{{ port_name }}'"
+ api_body: {
+ "Name": "{{ port_name }}",
+ "DeviceModel": "UCS-FI-6454",
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ }
+ }
+ register: port_resp
+ # Config Server Roles
+ - name: "Configure Server Roles"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /fabric/ServerRoles
+ query_params:
+ $filter: "PortPolicy.Moid eq '{{ port_resp.api_response.Moid }}' and PortId eq {{ item }}"
+ api_body: {
+ "Fec": "Auto",
+ "PortId": "{{ item }}",
+ "PortPolicy": {
+ "Moid": "{{ port_resp.api_response.Moid }}"
+ },
+ "SlotId": 1
+ }
+ loop: "{{ range(1, 6+1) | list }}"
+ when: port_resp.api_response is defined and port_resp.api_response
+ # Config Uplink Port Channel Roles
+ - name: "Configure Uplink Port Channel Roles"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /fabric/UplinkPcRoles
+ query_params:
+ $filter: "PortPolicy.Moid eq '{{ port_resp.api_response.Moid }}'"
+ api_body: {
+ "AdminSpeed": "Auto",
+ "PcId": 47,
+ "PortPolicy": {
+ "Moid": "{{ port_resp.api_response.Moid }}"
+ },
+ "Ports": [
+ {
+ "PortId": 47,
+ "SlotId": 1
+ },
+ {
+ "PortId": 48,
+ "SlotId": 1
+ }
+ ]
+ }
+ when: port_resp.api_response is defined and port_resp.api_response
diff --git a/ansible_collections/cisco/intersight/playbooks/intersight_server_profile.yml b/ansible_collections/cisco/intersight/playbooks/intersight_server_profile.yml
new file mode 100644
index 00000000..27787344
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/intersight_server_profile.yml
@@ -0,0 +1,51 @@
+---
+#
+# Configure Server Profiles
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight_Servers'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+- hosts: "{{ group | default('Intersight_Servers') }}"
+ connection: local
+ collections:
+ - cisco.intersight
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ # if api_key vars are omitted, INTERSIGHT_API_KEY_ID, INTERSIGHT_API_PRIVATE_KEY,
+ # and INTERSIGHT_API_URI environment variables used for API key data
+ api_private_key: "{{ api_private_key | default(omit) }}"
+ api_key_id: "{{ api_key_id | default(omit) }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ # Server Profile name default
+ profile_name: "SP-{{ inventory_hostname }}"
+ tasks:
+ #
+ # Configure profiles specific to server (run for each server in the inventory)
+ #
+ - set_fact:
+ mode: Standalone
+ when: mode is not defined or mode == 'IntersightStandalone'
+ - set_fact:
+ mode: FIAttached
+ when: mode == 'Intersight'
+ - name: "Configure {{ profile_name }} Server Profile"
+ intersight_server_profile:
+ <<: *api_info
+ organization: "{{ organization | default(omit) }}"
+ name: "{{ profile_name }}"
+ target_platform: "{{ mode | default(omit) }}"
+ description: "Updated Profile for server name {{ inventory_hostname }}"
+ assigned_server: "{{ server_moid | default(omit) }}"
+ boot_order_policy: "{{ boot_order_policy | default(omit) }}"
+ imc_access_policy: "{{ imc_access_policy | default(omit) }}"
+ lan_connectivity_policy: "{{ lan_connectivity_policy | default(omit) }}"
+ local_user_policy: "{{ local_user_policy | default(omit) }}"
+ ntp_policy: "{{ ntp_policy | default(omit) }}"
+ virtual_media_policy: "{{ virtual_media_policy | default(omit) }}"
+ delegate_to: localhost
diff --git a/ansible_collections/cisco/intersight/playbooks/intersight_server_profile_template.yml b/ansible_collections/cisco/intersight/playbooks/intersight_server_profile_template.yml
new file mode 100644
index 00000000..b64d60d4
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/intersight_server_profile_template.yml
@@ -0,0 +1,94 @@
+---
+#
+# Configure Server Profile Templates
+#
+- hosts: localhost
+ connection: local
+ collections:
+ - cisco.intersight
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ # if api_key vars are omitted, INTERSIGHT_API_KEY_ID, INTERSIGHT_API_PRIVATE_KEY,
+ # and INTERSIGHT_API_URI environment variables used for API key data
+ api_private_key: "{{ api_private_key | default(omit) }}"
+ api_key_id: "{{ api_key_id | default(omit) }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ # Server Profile Template name
+ template_name: sp-devnet
+ org_name: dsoper-DevNet
+ imc_access_policy: access-devnet
+ ntp_policy: LabNTP
+ uuid_pool: uuid-devnet
+ num_profiles: 3
+ tasks:
+ # Get the Organization Moid
+ - name: "Get {{ org_name }} Organization Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /organization/Organizations
+ query_params:
+ $filter: "Name eq '{{ org_name }}'"
+ register: org_resp
+ # Get the Access Policy
+ - name: "Get {{ imc_access_policy }} Access Policy Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /access/Policies
+ query_params:
+ $filter: "Name eq '{{ imc_access_policy }}'"
+ register: access_resp
+ # Get the NTP Policy
+ - name: "Get {{ ntp_policy }} NTP Policy Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /ntp/Policies
+ query_params:
+ $filter: "Name eq '{{ ntp_policy }}'"
+ register: ntp_resp
+ # Get the UUID Pool
+ - name: "Get {{ uuid_pool }} UUID Pool Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /uuidpool/Pools
+ query_params:
+ $filter: "Name eq '{{ uuid_pool }}'"
+ register: uuid_resp
+ # Config SP Template using Policy Buckets
+ - name: "Configure {{ template_name }} Server Profile Template"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /server/ProfileTemplates
+ query_params:
+ $filter: "Name eq '{{ template_name }}'"
+ api_body: {
+ "Name": "{{ template_name }}",
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ },
+ "PolicyBucket": [
+ {
+ "Moid": "{{ ntp_resp.api_response.Moid }}",
+ "ObjectType": "ntp.Policy"
+ },
+ {
+ "Moid": "{{ access_resp.api_response.Moid }}",
+ "ObjectType": "access.Policy"
+ }
+ ],
+ "Tags": [],
+ "TargetPlatform": "FIAttached",
+ "UuidAddressType": "POOL",
+ "UuidPool": {
+ "Moid": "{{ uuid_resp.api_response.Moid }}",
+ "ObjectType": "uuidpool.Pool"
+ }
+ }
+ register: template_resp
+ # Derive profiles from template (if profiles don't already exist)
+ - name: "Derive Profiles from {{ template_name}}"
+ include_tasks: derive_profiles.yml
+ loop: "{{ range(1, num_profiles+1) | list }}"
diff --git a/ansible_collections/cisco/intersight/playbooks/intersight_virtual_media_policy.yml b/ansible_collections/cisco/intersight/playbooks/intersight_virtual_media_policy.yml
new file mode 100644
index 00000000..7064a06d
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/intersight_virtual_media_policy.yml
@@ -0,0 +1,30 @@
+---
+# Example Playbook: cisco.intersight.intersight_virtual_media_policy
+# Runs on localhost since policies are only configured once
+- hosts: localhost
+ connection: local
+ collections:
+ - cisco.intersight
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ tasks:
+ - name: Configure Virtual Media Policy
+ intersight_virtual_media_policy:
+ <<: *api_info
+ organization: DevNet
+ name: COS-VM
+ description: Virtual Media policy for lab use
+ tags:
+ - Key: Site
+ Value: RCDN
+ cdd_virtual_media:
+ mount_type: nfs
+ volume: nfs-cdd
+ remote_hostname: 172.28.224.77
+ remote_path: /mnt/SHARE/ISOS/CENTOS
+ remote_file: CentOS7.iso
diff --git a/ansible_collections/cisco/intersight/playbooks/only_new_server_profiles.yml b/ansible_collections/cisco/intersight/playbooks/only_new_server_profiles.yml
new file mode 100644
index 00000000..e3b0d1d8
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/only_new_server_profiles.yml
@@ -0,0 +1,72 @@
+---
+#
+# Configure Server Profiles
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight_Servers'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+- hosts: "{{ group | default('Intersight_Servers') }}"
+ connection: local
+ collections:
+ - cisco.intersight
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ # Key can be directly specified, and vault should be used to encrypt:
+ # Ex. ansible-vault encrypt_string --vault-id tme@/Users/dsoper/Documents/vault_password_file '-----BEGIN EC PRIVATE KEY-----
+ # <your private key data>
+ # -----END EC PRIVATE KEY-----'
+ # To use with vault:
+ # ansible-playbook -i inventory --vault-id tme@vault_password_file intersight_server_profile.yml
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ # Server Profile name default
+ profile_name: "{{ inventory_hostname | regex_replace('-r$', '') }}"
+ tasks:
+ #
+ # Configure profiles specific to server (run for each server in the inventory)
+ #
+ - set_fact:
+ mode: Standalone
+ when: mode is not defined or mode == 'IntersightStandalone'
+ - set_fact:
+ mode: FIAttached
+ when: mode == 'Intersight'
+ # Get server moid when not defined in inventory
+ - block:
+ - name: "Get {{ inventory_hostname }} Server Moid"
+ intersight_info:
+ <<: *api_info
+ server_names: "{{ inventory_hostname }}"
+ register: server
+ - set_fact:
+ server_moid: "{{ server.intersight_servers[0].Moid }}"
+ when: server_moid is not defined
+ delegate_to: localhost
+ - name: "Get current profile assignment"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /server/Profiles
+ query_params:
+ $filter: "AssignedServer.Moid eq '{{ server_moid }}' or AssociatedServer.Moid eq '{{ server_moid }}'"
+ when: server_moid is defined
+ register: profile
+ delegate_to: localhost
+ - name: "Configure {{ profile_name }} Server Profile"
+ intersight_server_profile:
+ <<: *api_info
+ organization: "{{ organization | default(omit) }}"
+ name: "{{ profile_name }}"
+ target_platform: "{{ mode | default(omit) }}"
+ description: "Updated Profile for server name {{ inventory_hostname }}"
+ assigned_server: "{{ server_moid }}"
+ when:
+ - server_moid is defined
+ - profile is not defined or profile.api_response.Moid is not defined
+ delegate_to: localhost
diff --git a/ansible_collections/cisco/intersight/playbooks/os_install.yml b/ansible_collections/cisco/intersight/playbooks/os_install.yml
new file mode 100644
index 00000000..b151a98c
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/os_install.yml
@@ -0,0 +1,142 @@
+---
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight_Servers'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+- hosts: "{{ group | default('Intersight_Servers') }}"
+ connection: local
+ collections:
+ - cisco.intersight
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ # if api_key vars are omitted, INTERSIGHT_API_KEY_ID, INTERSIGHT_API_PRIVATE_KEY,
+ # and INTERSIGHT_API_URI environment variables used for API key data
+ api_private_key: "{{ api_private_key | default(omit) }}"
+ api_key_id: "{{ api_key_id | default(omit) }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ # OS and SCU Versions
+ os_version: ESXi 7.0 U3
+ os_config: ESXi7.0ConfigFile
+ scu_version: 6.2.2a
+ org_name: default
+ #
+ # Example using vault:
+ # 1. Place the vault password into a plain text file (this is the password for vault access - do not check this into any repos!)
+ # $ cat vault_password_file
+ # ...
+ # 2. Encrypt a string (e.g., 'notagoodpassword'). You will later decrypt using your vault password file
+ # $ ansible-vault encrypt_string --vault-id tme@vault_password_file 'notagoodpassword' --name 'vault_password'
+ # (response is the encrypting string)
+ # 3. Place the vault variable in your playbook (example below):
+ # 4. Run the playbook and supply the vault password file (used to decrypt the vaulted password in the playbook)
+ # $ ansible-playbook -i inventory --vault-id tme@vault_password_file os_install.yml
+ #
+ vault_password: !vault |
+ $ANSIBLE_VAULT;1.2;AES256;tme
+ 36656264656638646566313633353832396138616264313032303433656636643638363864653936
+ 6532646363303435633965383432633630306566323838640a363566376234303366313064306162
+ 39326331373231643333616335393232353633393834653161633032383539383537656336666639
+ 3635306535366233660a356235393664653538386136626439646137626531663135363636326131
+ 3538
+ tasks:
+ # Get the Organization Moid
+ - name: "Get {{ org_name }} Organization Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /organization/Organizations
+ query_params:
+ $filter: "Name eq '{{ org_name }}'"
+ register: org_resp
+ delegate_to: localhost
+ # Get the OS File Moid
+ - name: "Get {{ os_version }} OS File Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /softwarerepository/OperatingSystemFiles
+ query_params:
+ $filter: "Version eq '{{ os_version }}' and PermissionResources.Moid eq '{{ org_resp.api_response.Moid }}'"
+ register: os_resp
+ delegate_to: localhost
+ # Get the SCU File Moid
+ - name: "Get {{ scu_version }} SCU File Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /firmware/ServerConfigurationUtilityDistributables
+ query_params:
+ $filter: "Version eq '{{ scu_version }}' and PermissionResources.Moid eq '{{ org_resp.api_response.Moid }}'"
+ register: scu_resp
+ delegate_to: localhost
+ # Get the OS Config File Moid
+ - name: "Get {{ os_config }} OS Config File Moid"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /os/ConfigurationFiles
+ query_params:
+ $filter: "Name eq '{{ os_config }}'"
+ register: os_config_resp
+ delegate_to: localhost
+ # Install OS
+ - name: Install OS
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /bulk/Requests
+ update_method: post
+ api_body: {
+ "Verb": "POST",
+ "Uri": "/v1/os/Installs",
+ "Requests": [
+ {
+ "ObjectType": "bulk.RestSubRequest",
+ "Body": {
+ "InstallMethod": "vMedia",
+ "Image": {
+ "Moid": "{{ os_resp.api_response.Moid }}",
+ "ObjectType": "softwarerepository.OperatingSystemFile"
+ },
+ "OsduImage": {
+ "ObjectType": "firmware.ServerConfigurationUtilityDistributable",
+ "Moid": "{{ scu_resp.api_response.Moid }}"
+ },
+ "OverrideSecureBoot": true,
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ },
+ "Answers": {
+ "Hostname": "sjc07-r14-1-1-6",
+ "IpConfigType": "DHCP",
+ "RootPassword": "{{ vault_password }}",
+ "IsRootPasswordCrypted": false,
+ "Source": "Template",
+ "IpConfiguration": {
+ "ObjectType": "os.Ipv4Configuration"
+ }
+ },
+ "ConfigurationFile": {
+ "Moid": "{{ os_config_resp.api_response.Moid }}",
+ "ObjectType": "os.ConfigurationFile"
+ },
+ "AdditionalParameters": null,
+ "InstallTarget": {
+ "ObjectType": "os.PhysicalDisk",
+ "Name": "Disk 1",
+ "StorageControllerSlotId": "1",
+ "SerialNumber": "99B0A05NFJXF"
+ },
+ "Server": {
+ "ObjectType": "compute.{{ object_type }}",
+ "Moid": "{{ server_moid }}"
+ }
+ }
+ }
+ ],
+ "Organization": {
+ "Moid": "{{ org_resp.api_response.Moid }}"
+ }
+ }
+ delegate_to: localhost
+ register: install_resp
diff --git a/ansible_collections/cisco/intersight/playbooks/ova_workflow.yml b/ansible_collections/cisco/intersight/playbooks/ova_workflow.yml
new file mode 100644
index 00000000..3f4eea66
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/ova_workflow.yml
@@ -0,0 +1,72 @@
+---
+# Execute Orchestration Workflow
+- hosts: localhost
+ collections:
+ - cisco.intersight
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ image_url: "{{ image_url | default('http://172.28.224.62/UCSPE_4.0.4e.ova') }}"
+ vm_name: "{{ vm_name | default('ucspe-4-0-4e-orch') }}"
+ tasks:
+ - name: Get vCenter Moid
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /asset/DeviceRegistrations
+ query_params:
+ $filter: DeviceIpAddress eq '172.28.225.220'
+ register: vcenter
+ - name: Execute OVA deploy workflow
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /workflow/WorkflowInfos
+ update_method: post
+ api_body: {
+ "Name": "ucspe_vm",
+ "Organization": {
+ # "Selector": "Name eq 'default'",
+ # "ObjectType": "organization.Organization"
+ "Moid": "5dde9f116972652d33539d39"
+ },
+ "Action": "Start",
+ "Input": {
+ "Vcenter": {
+ "Moid": "{{ vcenter.api_response.Moid }}",
+ "ObjectType":"asset.DeviceRegistration"
+ },
+ "Datastore": "Atlanta Data",
+ "Image": "{{ image_url }}",
+ "VmName": "{{ vm_name }}",
+ "PowerOn": false,
+ "Datacenter": "SJC07",
+ "Cluster": "Atlanta"
+ },
+ "WorkflowDefinition": {
+ "Selector": "Name eq 'ucspe_vm'",
+ "ObjectType":"workflow.WorkflowDefinition"
+ },
+ "WorkflowCtx": {
+ "InitiatorCtx": {
+ "InitiatorName":"ucspe_vm",
+ "InitiatorType":"workflow.WorkflowDefinition"
+ }
+ }
+ }
+ register: workflow
+ - name: Get status of OVA deploy workflow
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /workflow/WorkflowInfos
+ query_params:
+ $expand: ParentTaskInfo($select=WorkflowInfo;$expand=WorkflowInfo($select=WorkflowDefinition))
+ $filter: "Moid eq '{{ workflow.api_response.Moid }}'"
+ register: status
+ until: status.api_response.Status != 'RUNNING' and status.api_response.Status != 'WAITING'
+ retries: 10
+ delay: 60
+ ignore_errors: true
+ - debug:
+ msg: "Final workflow status: {{ status.api_response.Status }}"
diff --git a/ansible_collections/cisco/intersight/playbooks/profile_inventory b/ansible_collections/cisco/intersight/playbooks/profile_inventory
new file mode 100644
index 00000000..9e6e25dc
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/profile_inventory
@@ -0,0 +1,4 @@
+# example group to create profiles with no server assignment
+[Intersight_Servers]
+demo1 mode=Intersight
+demo2 mode=Intersight
diff --git a/ansible_collections/cisco/intersight/playbooks/profile_with_buckets.yml b/ansible_collections/cisco/intersight/playbooks/profile_with_buckets.yml
new file mode 100644
index 00000000..4fde5991
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/profile_with_buckets.yml
@@ -0,0 +1,28 @@
+---
+# Server profile config using policy buckets
+- hosts: localhost
+ gather_facts: false
+ vars:
+ profile_name: SP-SJC07-R14-FI-1-1-6
+ tasks:
+ - name: "Get {{ profile_name }}"
+ cisco.intersight.intersight_rest_api:
+ resource_path: /server/Profiles
+ query_params:
+ $filter: "Name eq '{{ profile_name }}'"
+ register: results
+ - debug:
+ msg: "{{ results.api_response.PolicyBucket | selectattr('ObjectType', 'eq', 'access.Policy') }}"
+ - name: "Config {{ profile_name }}"
+ cisco.intersight.intersight_rest_api:
+ resource_path: "/server/Profiles/{{ results.api_response.Moid }}/PolicyBucket"
+ # should be moid for tf-k8s-SJC07-R14-15-access
+ list_body:
+ [
+ {
+ "Moid": "60a6e26f6275722d31f8e278",
+ "ObjectType": "access.Policy",
+ },
+ ]
+ update_method: post
+ when: not (results.api_response.PolicyBucket | selectattr('ObjectType', 'eq', 'access.Policy') | selectattr('Moid', 'eq', '60a6e26f6275722d31f8e278'))
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/auto_support/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/auto_support/tasks/main.yml
new file mode 100644
index 00000000..f25e8857
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/auto_support/tasks/main.yml
@@ -0,0 +1,31 @@
+---
+- name: "Configure Auto Support Policy"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/AutoSupportPolicies
+ query_params:
+ $filter: "Name eq '{{ hx_auto_support_policy }}'"
+ api_body: {
+ "Organization": {
+ "Moid": "{{ intersight_org.api_response.Moid }}"
+ },
+ "Name": "{{ hx_auto_support_policy }}",
+ "AdminState":"{{ hx_auto_support_enable }}",
+ "ServiceTicketReceipient":"{{ hx_auto_support_receipient }}",
+ "ClusterProfiles": [
+ {
+ "Moid": "{{ cluster_profile.api_response.Moid }}"
+ }
+ ]
+ }
+ register: auto_support_policy
+
+- debug: msg="HyperFlex Autosupport Policy named {{ hx_auto_support_policy }} has been created successfully." \ No newline at end of file
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/cluster_network/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/cluster_network/tasks/main.yml
new file mode 100644
index 00000000..8209117f
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/cluster_network/tasks/main.yml
@@ -0,0 +1,50 @@
+---
+- name: "Configure Cluster Network Policy"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/ClusterNetworkPolicies
+ query_params:
+ $filter: "Name eq '{{ hx_cluster_network_policy }}'"
+ api_body: {
+ "Organization": {
+ "Moid": "{{ intersight_org.api_response.Moid }}"
+ },
+ "Name":"{{ hx_cluster_network_policy }}",
+ "JumboFrame":"{{ hx_jumbo_frames }}",
+ "KvmIpRange":{
+ "StartAddr":"{{ ucs_kvm_start_ip }}",
+ "EndAddr":"{{ ucs_kvm_end_ip }}",
+ "Gateway":"{{ ucs_kvm_gateway }}",
+ "Netmask":"{{ ucs_kvm_netmask }}"
+ },
+ "MacPrefixRange":{
+ "StartAddr":"{{ hx_mac_start }}",
+ "EndAddr":"{{ hx_mac_end }}"
+ },
+ "MgmtVlan":{
+ "Name":"{{ hx_mgmt_vlan_name }}",
+ "VlanId":"{{ hx_mgmt_vlan_id }}"
+ },
+ "VmMigrationVlan":{
+ "Name":"{{ hx_migration_vlan_name }}",
+ "VlanId":"{{ hx_migration_vlan_id }}"
+ },
+ "VmNetworkVlans":"{{ hx_guest_vm_vlans }}",
+ "UplinkSpeed": "default",
+ "ClusterProfiles": [
+ {
+ "Moid": "{{ cluster_profile.api_response.Moid }}"
+ }
+ ]
+ }
+ register: cluster_network
+
+- debug: msg="HyperFlex Cluster Network Policy named {{ hx_cluster_network_policy }} has been created successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/cluster_profile/defaults/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/cluster_profile/defaults/main.yml
new file mode 100644
index 00000000..a7a0ca66
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/cluster_profile/defaults/main.yml
@@ -0,0 +1,8 @@
+---
+# Default variable values for HyperFlex Cluster Profiles
+hx_mgmt_platform: FI
+hx_hypervisor_type: ESXi
+hx_replication_factor: 3
+hx_vdi_optimization: false
+hx_disk_cleanup: false
+hx_laz_autoconfig: false
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/cluster_profile/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/cluster_profile/tasks/main.yml
new file mode 100644
index 00000000..877f41f1
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/cluster_profile/tasks/main.yml
@@ -0,0 +1,33 @@
+---
+- name: "Configure Cluster Profile"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/ClusterProfiles
+ query_params:
+ $filter: "Name eq '{{ hx_cluster_profile }}'"
+ api_body: {
+ "Organization": {
+ "Moid": "{{ intersight_org.api_response.Moid }}"
+ },
+ "Name":"{{ hx_cluster_profile }}",
+ "MgmtPlatform":"{{ hx_mgmt_platform }}",
+ "HypervisorType":"{{ hx_hypervisor_type }}",
+ "MgmtIpAddress":"{{ hx_mgmt_ip }}",
+ "MacAddressPrefix":"{{ hx_mgmt_mac_prefix }}",
+ "Replication":"{{ hx_replication_factor }}",
+ "StorageDataVlan":{
+ "Name":"{{ hx_data_vlan_name }}",
+ "VlanId":"{{ hx_data_vlan_id }}"
+ }
+ }
+ register: cluster_profile
+
+- debug: msg="HyperFlex Cluster Profile named {{ hx_cluster_profile }} has been created successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/cluster_storage/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/cluster_storage/tasks/main.yml
new file mode 100644
index 00000000..efd14093
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/cluster_storage/tasks/main.yml
@@ -0,0 +1,34 @@
+---
+- name: "Configure Cluster Storage Policy"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/ClusterStoragePolicies
+ query_params:
+ $filter: "Name eq '{{ hx_cluster_storage_policy }}'"
+ api_body: {
+ "Organization": {
+ "Moid": "{{ intersight_org.api_response.Moid }}"
+ },
+ "Name":"{{ hx_cluster_storage_policy }}",
+ "VdiOptimization":"{{ hx_vdi_optimization }}",
+ "DiskPartitionCleanup":"{{ hx_disk_cleanup }}",
+ "LogicalAvalabilityZoneConfig":{
+ "AutoConfig":"{{ hx_laz_autoconfig }}"
+ },
+ "ClusterProfiles": [
+ {
+ "Moid": "{{ cluster_profile.api_response.Moid }}"
+ }
+ ]
+ }
+ register: storage_setting
+
+- debug: msg="HyperFlex Cluster Storage Policy named {{ hx_cluster_storage_policy }} has been created successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/deploy/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/deploy/tasks/main.yml
new file mode 100644
index 00000000..13b598b6
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/deploy/tasks/main.yml
@@ -0,0 +1,43 @@
+---
+# Get cluster profile
+- name: Get Cluster Profile
+ vars:
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/ClusterProfiles
+ query_params:
+ $filter: "Name eq '{{ hx_cluster_name }}'"
+ register: profile
+# Prompt for cluster deployment action
+- name: "Prompt for deployment action"
+ pause:
+ prompt: "Set the deployment action. Valid choices are Validate, Deploy, Continue or Retry."
+ echo: yes
+ register: hx_action
+ run_once: true
+# Set cluster deployment action
+- name: Set Cluster Action
+ vars:
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/ClusterProfiles
+ query_params:
+ $filter: "Name eq '{{ hx_cluster_name }}'"
+ api_body: {
+ "Action": "{{ hx_action.user_input }}"
+ }
+ when:
+ - profile.api_response.ConfigContext.ConfigState != 'Configuring'
+ - profile.api_response.ConfigContext.ConfigState != 'Associated'
+# Can optionally wait for subsequent tasks if needed
+# register: result
+# until: result.api_response.config_context.config_state == 'Associated'
+# retries: 20
+# delay: 30
+- debug: msg="HyperFlex Cluster Profile deployment action has been triggered successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_cluster_network/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_cluster_network/tasks/main.yml
new file mode 100644
index 00000000..7dcc57a5
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_cluster_network/tasks/main.yml
@@ -0,0 +1,38 @@
+---
+- name: "Configure Cluster Network Policy"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/ClusterNetworkPolicies
+ query_params:
+ $filter: "Name eq '{{ hx_cluster_network_policy }}'"
+ api_body: {
+ "Organization": {
+ "Moid": "{{ intersight_org.api_response.Moid }}"
+ },
+ "Name":"{{ hx_cluster_network_policy }}",
+ "JumboFrame":"{{ hx_jumbo_frames }}",
+ "MacPrefixRange":{
+ "StartAddr":"{{ hx_mac_start }}",
+ "EndAddr":"{{ hx_mac_end }}"
+ },
+ "MgmtVlan":{
+ "VlanId":"{{ hx_mgmt_vlan_id }}"
+ },
+ "UplinkSpeed":"{{ hx_uplink_speed }}",
+ "ClusterProfiles": [
+ {
+ "Moid": "{{ cluster_profile.api_response.Moid }}"
+ }
+ ]
+ }
+ register: cluster_network
+
+- debug: msg="HyperFlex Cluster Network Policy named {{ hx_cluster_network_policy }} has been created successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_cluster_profile/defaults/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_cluster_profile/defaults/main.yml
new file mode 100644
index 00000000..7ace5ad5
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_cluster_profile/defaults/main.yml
@@ -0,0 +1,6 @@
+---
+# Default variable values for HyperFlex Cluster Profiles
+hx_mgmt_platform: EDGE
+hx_hypervisor_type: ESXi
+hx_vdi_optimization: false
+hx_disk_cleanup: false
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_cluster_profile/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_cluster_profile/tasks/main.yml
new file mode 100644
index 00000000..6beef6e5
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_cluster_profile/tasks/main.yml
@@ -0,0 +1,31 @@
+---
+- name: "Configure Cluster Profile"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/ClusterProfiles
+ query_params:
+ $filter: "Name eq '{{ hx_cluster_profile }}'"
+ api_body: {
+ "Organization": {
+ "Moid": "{{ intersight_org.api_response.Moid }}"
+ },
+ "Name":"{{ hx_cluster_profile }}",
+ "MgmtPlatform":"{{ hx_mgmt_platform }}",
+ "HypervisorType":"{{ hx_hypervisor_type }}",
+ "MgmtIpAddress":"{{ hx_mgmt_ip }}",
+ "MacAddressPrefix":"{{ hx_mgmt_mac_prefix }}",
+ "StorageDataVlan":{
+ "VlanId":"{{ hx_data_vlan_id }}"
+ }
+ }
+ register: cluster_profile
+
+- debug: msg="HyperFlex Cluster Profile named {{ hx_cluster_profile }} has been created successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_cluster_storage/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_cluster_storage/tasks/main.yml
new file mode 100644
index 00000000..ee984928
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_cluster_storage/tasks/main.yml
@@ -0,0 +1,31 @@
+---
+- name: "Configure Cluster Storage Policy"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/ClusterStoragePolicies
+ query_params:
+ $filter: "Name eq '{{ hx_cluster_storage_policy }}'"
+ api_body: {
+ "Organization": {
+ "Moid": "{{ intersight_org.api_response.Moid }}"
+ },
+ "Name":"{{ hx_cluster_storage_policy }}",
+ "VdiOptimization":"{{ hx_vdi_optimization }}",
+ "DiskPartitionCleanup":"{{ hx_disk_cleanup }}",
+ "ClusterProfiles": [
+ {
+ "Moid": "{{ cluster_profile.api_response.Moid }}"
+ }
+ ]
+ }
+ register: storage_setting
+
+- debug: msg="HyperFlex Cluster Storage Policy named {{ hx_cluster_storage_policy }} has been created successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_software_version/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_software_version/tasks/main.yml
new file mode 100644
index 00000000..32db3b01
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/edge_software_version/tasks/main.yml
@@ -0,0 +1,30 @@
+---
+- name: "Configure Software Version Policy"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/SoftwareVersionPolicies
+ query_params:
+ $filter: "Name eq '{{ hx_software_policy }}'"
+ api_body: {
+ "Organization": {
+ "Moid": "{{ intersight_org.api_response.Moid }}"
+ },
+ "Name":"{{ hx_software_policy }}",
+ "HxdpVersion":"{{ hxdp_version }}",
+ "ClusterProfiles": [
+ {
+ "Moid": "{{ cluster_profile.api_response.Moid }}"
+ }
+ ]
+ }
+ register: software_policy
+
+- debug: msg="HyperFlex Software Version Policy named {{ hx_software_policy }} has been created successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/fc/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/fc/tasks/main.yml
new file mode 100644
index 00000000..073cf38e
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/fc/tasks/main.yml
@@ -0,0 +1,52 @@
+---
+- name: "Configure External FC Storage Policy"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/ExtFcStoragePolicies
+ query_params:
+ $filter: "Name eq '{{ hx_fc_setting_policy }}'"
+ api_body: {
+ "Organization": {
+ "Moid": "{{ intersight_org.api_response.Moid }}"
+ },
+ "AdminState":"{{ hx_fc_setting_enable }}",
+ "Name":"{{ hx_fc_setting_policy }}",
+ "ExtaTraffic":{
+ "Name":"{{ hx_vsan_a_name }}",
+ "VsanId":"{{ hx_vsan_a_id }}"
+ },
+ "ExtbTraffic":{
+ "Name":"{{ hx_vsan_b_name }}",
+ "VsanId":"{{ hx_vsan_b_id }}"
+ },
+ "WwxnPrefixRange":{
+ "StartAddr":"{{ hx_fc_wwxn_range_start }}",
+ "EndAddr":"{{ hx_fc_wwxn_range_end }}"
+ },
+ "ClusterProfiles": [
+ {
+ "Moid": "{{ cluster_profile.api_response.Moid }}"
+ }
+ ]
+ }
+ register: fc_settings
+# Set WWXN prefix for the cluster profile when additional FC HBAs are configured
+- name: "Perform Action on {{ hx_profile_name }} Profile"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/ClusterProfiles
+ query_params:
+ $filter: "Name eq '{{ hx_cluster_name }}'"
+ api_body: {
+ "WwxnPrefix": "{{ hx_fc_wwxn_range_start }}"
+ }
+
+- debug: msg="HyperFlex External FC Storage Policy named {{ hx_fc_setting_policy }} has been created successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/intersight_org/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/intersight_org/tasks/main.yml
new file mode 100644
index 00000000..fcef95a8
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/intersight_org/tasks/main.yml
@@ -0,0 +1,17 @@
+---
+- name: "Retrieve Intersight Org"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /organization/Organizations
+ query_params:
+ $filter: "Name eq '{{ org_name }}'"
+
+ register: intersight_org
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/iscsi/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/iscsi/tasks/main.yml
new file mode 100644
index 00000000..45b7548d
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/iscsi/tasks/main.yml
@@ -0,0 +1,38 @@
+---
+- name: "Configure External iSCSI Storage Policy"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/ExtIscsiStoragePolicies
+ query_params:
+ $filter: "Name eq '{{ hx_iscsi_setting_policy }}'"
+ api_body: {
+ "Organization": {
+ "Moid": "{{ intersight_org.api_response.Moid }}"
+ },
+ "AdminState":"{{ hx_iscsi_setting_enable }}",
+ "Name":"{{ hx_iscsi_setting_policy }}",
+ "ExtaTraffic":{
+ "Name":"{{ hx_iscsi_vlan_a_name }}",
+ "VlanId":"{{ hx_iscsi_vlan_a_id }}"
+ },
+ "ExtbTraffic":{
+ "Name":"{{ hx_iscsi_vlan_b_name }}",
+ "VlanId":"{{ hx_iscsi_vlan_b_id }}"
+ },
+ "ClusterProfiles": [
+ {
+ "Moid": "{{ cluster_profile.api_response.Moid }}"
+ }
+ ]
+ }
+ register: iscsi_settings
+
+- debug: msg="HyperFlex External iSCSI Storage Policy named {{ hx_iscsi_setting_policy }} has been created successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/local_credential/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/local_credential/tasks/main.yml
new file mode 100644
index 00000000..901dac0f
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/local_credential/tasks/main.yml
@@ -0,0 +1,33 @@
+---
+- name: "Configure Local Credential Policy"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/LocalCredentialPolicies
+ query_params:
+ $filter: "Name eq '{{ hx_local_credential_policy }}'"
+ api_body: {
+ "Organization": {
+ "Moid": "{{ intersight_org.api_response.Moid }}"
+ },
+ "Name": "{{ hx_local_credential_policy }}",
+ "HypervisorAdmin":"{{ hx_hypervisor_admin }}",
+ "FactoryHypervisorPassword":"{{ hx_hypervisor_factory_password }}",
+ "HypervisorAdminPwd":"{{ hx_hypervisor_password | default(omit) }}",
+ "HxdpRootPwd":"{{ hx_dp_root_password | default(omit) }}",
+ "ClusterProfiles": [
+ {
+ "Moid": "{{ cluster_profile.api_response.Moid }}"
+ }
+ ]
+ }
+ register: local_credential
+
+- debug: msg="HyperFlex Local Credential Policy named {{ hx_local_credential_policy }} has been created successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/node_config/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/node_config/tasks/main.yml
new file mode 100644
index 00000000..5910f951
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/node_config/tasks/main.yml
@@ -0,0 +1,42 @@
+---
+- name: "Configure Node Configuration Policy"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/NodeConfigPolicies
+ query_params:
+ $filter: "Name eq '{{ hx_node_config_policy }}'"
+ api_body: {
+ "Organization": {
+ "Moid": "{{ intersight_org.api_response.Moid }}"
+ },
+ "Name":"{{ hx_node_config_policy }}",
+ "NodeNamePrefix":"{{ hx_node_profile_prefix }}",
+ "MgmtIpRange":{
+ "StartAddr":"{{ esx_mgmt_ip_start }}",
+ "EndAddr":"{{ esx_mgmt_ip_end }}",
+ "Netmask":"{{ hx_mgmt_netmask }}",
+ "Gateway":"{{ hx_mgmt_gateway }}"
+ },
+ "HxdpIpRange":{
+ "StartAddr":"{{ hx_mgmt_vm_ip_start }}",
+ "EndAddr":"{{ hx_mgmt_vm_ip_end }}",
+ "Netmask":"{{ hx_mgmt_netmask }}",
+ "Gateway":"{{ hx_mgmt_gateway }}"
+ },
+ "ClusterProfiles": [
+ {
+ "Moid": "{{ cluster_profile.api_response.Moid }}"
+ }
+ ]
+ }
+ register: node_config
+
+- debug: msg="HyperFlex Node Configuration Policy named {{ hx_node_config_policy }} has been created successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/node_profiles/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/node_profiles/tasks/main.yml
new file mode 100644
index 00000000..4c7ae35c
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/node_profiles/tasks/main.yml
@@ -0,0 +1,49 @@
+---
+# Get server Moids
+- name: Get server Moid
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ cisco.intersight.intersight_info:
+ <<: *api_info
+ server_names:
+ - "{{ item }}"
+ loop: "{{ hx_servers }}"
+ register: inventory
+# Get Cluster Profile Attributes
+- name: "Get HyperFlex Cluster Profile"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/ClusterProfiles
+ query_params:
+ $filter: "Name eq '{{ hx_cluster_name }}'"
+ register: profile
+# Assign servers and profile to node profile
+- name: "Configure Node Profile"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/NodeProfiles
+ query_params:
+ $filter: "Name eq '{{ hx_node_profile_prefix }}-{{ '%02d' % (idx + 1) }}'"
+ api_body: {
+ "Name":"{{ hx_node_profile_prefix }}-{{ '%02d' % (idx + 1) }}",
+ "AssignedServer": {
+ "Moid": "{{ item.intersight_servers[0].Moid }}",
+ "ObjectType": "compute.RackUnit"
+ },
+ "ClusterProfile": {
+ "Moid": "{{ profile.api_response.Moid }}"
+ }
+ }
+ when: item.intersight_servers is not none
+ loop: "{{ inventory.results }}"
+ loop_control:
+ index_var: idx
+ label: "{{ item.intersight_servers[0].Name }}"
+
+- debug: msg="HyperFlex Node Profiles have been created successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/proxy/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/proxy/tasks/main.yml
new file mode 100644
index 00000000..6023907a
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/proxy/tasks/main.yml
@@ -0,0 +1,31 @@
+---
+- name: "Configure Proxy Policy"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/ProxySettingPolicies
+ query_params:
+ $filter: "Name eq '{{ hx_proxy_setting_policy }}'"
+ api_body: {
+ "Organization": {
+ "Moid": "{{ intersight_org.api_response.Moid }}"
+ },
+ "Name":"{{ hx_proxy_setting_policy }}",
+ "Hostname":"{{ hx_proxy_setting_hostname }}",
+ "Port":"{{ hx_proxy_setting_port }}",
+ "ClusterProfiles": [
+ {
+ "Moid": "{{ cluster_profile.api_response.Moid }}"
+ }
+ ]
+ }
+ register: proxy_setting
+
+- debug: msg="HyperFlex Proxy Policy named {{ hx_proxy_setting_policy }} has been created successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/software_version/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/software_version/tasks/main.yml
new file mode 100644
index 00000000..878c1bf5
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/software_version/tasks/main.yml
@@ -0,0 +1,31 @@
+---
+- name: "Configure Software Version Policy"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/SoftwareVersionPolicies
+ query_params:
+ $filter: "Name eq '{{ hx_software_policy }}'"
+ api_body: {
+ "Organization": {
+ "Moid": "{{ intersight_org.api_response.Moid }}"
+ },
+ "Name":"{{ hx_software_policy }}",
+ "HxdpVersion":"{{ hxdp_version }}",
+ "ServerFirmwareVersion":"{{ ucs_firmware_version }}",
+ "ClusterProfiles": [
+ {
+ "Moid": "{{ cluster_profile.api_response.Moid }}"
+ }
+ ]
+ }
+ register: software_policy
+
+- debug: msg="HyperFlex Software Version Policy named {{ hx_software_policy }} has been created successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/sys_config/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/sys_config/tasks/main.yml
new file mode 100644
index 00000000..d5354c11
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/sys_config/tasks/main.yml
@@ -0,0 +1,33 @@
+---
+- name: "Configure System Config Policy"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/SysConfigPolicies
+ query_params:
+ $filter: "Name eq '{{ hx_sys_config_policy }}'"
+ api_body: {
+ "Organization": {
+ "Moid": "{{ intersight_org.api_response.Moid }}"
+ },
+ "Name": "{{ hx_sys_config_policy }}",
+ "Timezone":"{{ hx_sys_config_timezone }}",
+ "DnsServers":"{{ hx_sys_config_dns_servers }}",
+ "NtpServers":"{{ hx_sys_config_ntp_servers }}",
+ "DnsDomainName":"{{ hx_sys_config_dns_domain }}",
+ "ClusterProfiles": [
+ {
+ "Moid": "{{ cluster_profile.api_response.Moid }}"
+ }
+ ]
+ }
+ register: sys_config
+
+- debug: msg="HyperFlex System Config Policy named {{ hx_sys_config_policy }} has been created successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/vcenter/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/vcenter/tasks/main.yml
new file mode 100644
index 00000000..d7720e13
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/hyperflex_policies/vcenter/tasks/main.yml
@@ -0,0 +1,33 @@
+---
+- name: "Configure vCenter Config Policy"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /hyperflex/VcenterConfigPolicies
+ query_params:
+ $filter: "Name eq '{{ hx_vcenter_config_policy }}'"
+ api_body: {
+ "Organization": {
+ "Moid": "{{ intersight_org.api_response.Moid }}"
+ },
+ "Name":"{{ hx_vcenter_config_policy }}",
+ "Hostname":"{{ hx_vcenter_hostname }}",
+ "Username":"{{ hx_vcenter_username }}",
+ "Password":"{{ hx_vcenter_password | default(omit) }}",
+ "DataCenter":"{{ hx_vcenter_datacenter }}",
+ "ClusterProfiles": [
+ {
+ "Moid": "{{ cluster_profile.api_response.Moid }}"
+ }
+ ]
+ }
+ register: vcenter
+
+- debug: msg="HyperFlex vCenter Config Policy named {{ hx_vcenter_config_policy }} has been created successfully."
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/policies/server_policies/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/policies/server_policies/tasks/main.yml
new file mode 100644
index 00000000..427b45d5
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/policies/server_policies/tasks/main.yml
@@ -0,0 +1,40 @@
+---
+- name: "Configure {{ api_body.Name }} Server Policy"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ cisco.intersight.intersight_rest_api:
+ <<: *api_info
+ resource_path: "{{ resource_path }}"
+ query_params:
+ $filter: "Name eq '{{ api_body.Name }}'"
+ api_body: "{{ api_body }}"
+ register: policy_resp
+# Append profile_resp list to policy
+- block:
+ # Create a list of all host's profile Moids
+ - set_fact:
+ # See the Ansible docs on json_query for info on how the Moid data is being extracted
+ profile_list: "{{ ansible_play_hosts | map('extract', hostvars, 'profile_resp') | list | json_query(moid_query) }}"
+ vars:
+ moid_query: "[*].api_response.{Moid: Moid, ObjectType: 'server.Profile'}"
+ - name: "Update Server Profiles used by {{ api_body.Name }} Server Policy (change may always be reported)"
+ cisco.intersight.intersight_rest_api:
+ <<: *api_info
+ resource_path: "{{ resource_path }}"
+ query_params:
+ $filter: "Name eq '{{ api_body.Name }}'"
+ api_body: {
+ "Profiles": "{{ profile_list + policy_resp.api_response.Profiles }}"
+ }
+ # Do not update if the profile isn't available
+ when:
+ - profile_resp is defined
+ - profile_resp.api_response.Moid is defined
+ - policy_resp is defined
+ - policy_resp.api_response.Profiles is defined
diff --git a/ansible_collections/cisco/intersight/playbooks/roles/servers/actions/tasks/main.yml b/ansible_collections/cisco/intersight/playbooks/roles/servers/actions/tasks/main.yml
new file mode 100644
index 00000000..0fb1ae9c
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/roles/servers/actions/tasks/main.yml
@@ -0,0 +1,30 @@
+---
+- name: "Configure {{ inventory_hostname }} power state"
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ cisco.intersight.intersight_rest_api:
+ <<: *api_info
+ resource_path: /compute/ServerSettings
+ query_params:
+ $filter: "Server.Moid eq '{{ server_moid }}'"
+ api_body: {
+ "AdminPowerState": "{{ power_state }}"
+ }
+ when: power_state is defined
+# Configure LED locator state
+- name: "Configure {{ inventory_hostname }} locator state"
+ cisco.intersight.intersight_rest_api:
+ <<: *api_info
+ resource_path: /compute/ServerSettings
+ query_params:
+ $filter: "Server.Moid eq '{{ server_moid }}'"
+ api_body: {
+ "AdminLocatorLedState": "{{ locator_state }}"
+ }
+ when: locator_state is defined
diff --git a/ansible_collections/cisco/intersight/playbooks/server_actions.yml b/ansible_collections/cisco/intersight/playbooks/server_actions.yml
new file mode 100644
index 00000000..87b2477e
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/server_actions.yml
@@ -0,0 +1,23 @@
+---
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight_Servers'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+- hosts: "{{ group | default('Intersight_Servers') }}"
+ connection: local
+ gather_facts: false
+ tasks:
+ - import_role:
+ name: servers/actions
+ vars:
+ # power and reset state
+ # options: Policy, PowerOn, PowerOff, PowerCycle, HardReset, Shutdown, Reboot
+ # Can override on the command line: ansible-playbook ... -e power_state=PowerCycle
+ power_state: PowerOn
+ # led locator state
+ # options: On, Off, None
+ # Can override on the command line: ansible-playbook ... -e locator_state=Off
+ # locator_state: On
+ delegate_to: localhost
diff --git a/ansible_collections/cisco/intersight/playbooks/server_firmware.yml b/ansible_collections/cisco/intersight/playbooks/server_firmware.yml
new file mode 100644
index 00000000..6888fa78
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/server_firmware.yml
@@ -0,0 +1,115 @@
+---
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight_Servers'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+- hosts: "{{ group | default('Intersight_Servers') }}"
+ connection: local
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ fw_version: 4.1(2b)
+ file_share: 172.28.224.77/mnt/SHARE/ISOS/HUU
+ tasks:
+ # Edit FW to be used as needed for server type below
+ - set_fact:
+ file_name: "ucs-c220m4-huu-{{ fw_version | replace('(','.') | replace(')','') }}.iso"
+ supported_models:
+ - UCSC-C220-M4L
+ - UCSC-C220-M4S
+ when: model is search("UCSC-C220-M4.*")
+ - set_fact:
+ file_name: "ucs-c240m4-huu-{{ fw_version | replace('(','.') | replace(')','') }}.iso"
+ supported_models:
+ - UCSC-C240-M4L
+ - UCSC-C240-M4S
+ - UCSC-C240-M4SX
+ - UCSC-C240-M4SNEBS
+ - UCSC-C240-M4S2
+ when: model is search("UCSC-C240-M4.*")
+ - set_fact:
+ file_name: "ucs-c240m5-huu-{{ fw_version | replace('(','.') | replace(')','') }}.iso"
+ supported_models:
+ - UCSC-C240-M5S
+ - UCSC-C240-M5L
+ - UCSC-C240-M5SX
+ - UCSC-C240-M5SN
+ - UCSC-C240-M5SD
+ - HX240C-M5SX
+ - HXAF240C-M5SX
+ - HX240C-M5L
+ - HX240C-M5SD
+ - HXAF240C-M5SD
+ when: model is search("UCSC-C240-M5.*")
+ - set_fact:
+ file_name: "ucs-c220m5-huu-{{ fw_version | replace('(','.') | replace(')','') }}.iso"
+ supported_models:
+ - UCSC-C220-M5SX
+ - UCSC-C220-M5L
+ - UCSC-C220-M5SN
+ - HX220C-M5SX
+ - HXAF220C-M5SX
+ when: model is search("UCSC-C220-M5.*")
+ - set_fact:
+ file_location: "{{ file_share }}/{{ file_name }}"
+ # Set the distributable type based on the management mode and server type
+ - set_fact:
+ dist_type: STANDALONE
+ when: mode == 'Intersight' or mode == 'IntersightStandalone'
+ # Get a user defined FW version
+ - name: Get Moid of user defined FW version
+ intersight_rest_api:
+ <<: *api_info
+ resource_path: /firmware/Distributables
+ query_params:
+ $filter: "FileLocation eq '{{ file_location }}'"
+ update_method: post
+ api_body: {
+ "Catalog": {
+ "Moid": "5cd993686567612d30aaa762"
+ },
+ "ImportAction": "None",
+ "Name": "{{ file_name }}",
+ "Origin": "User",
+ "Source": {
+ "ObjectType": "softwarerepository.NfsServer",
+ "FileLocation": "{{ file_location }}"
+ },
+ "SupportedModels": "{{ supported_models }}",
+ "Version": "{{ fw_version }}"
+ }
+ delegate_to: localhost
+ register: fw_resp
+ - name: Update server firmware
+ cisco.intersight.intersight_rest_api:
+ <<: *api_info
+ resource_path: /firmware/Upgrades
+ query_params:
+ $filter: "Server.Moid eq '{{ server_moid }}'"
+ update_method: post
+ # nw_upgrade_full supported in UI, nw_upgrade_mount_only has partial API support
+ api_body: {
+ "UpgradeType": "network_upgrade",
+ "Distributable": {
+ "Moid": "{{ fw_resp.api_response.Moid }}"
+ },
+ "DirectDownload": {},
+ "NetworkShare": {
+ "Upgradeoption": "nw_upgrade_mount_only",
+ "MapType":"nfs"
+ },
+ "Server": {
+ "ObjectType": "compute.{{ object_type }}",
+ "Moid": "{{ server_moid }}"
+ }
+ }
+ delegate_to: localhost
+ when: server_moid is defined
diff --git a/ansible_collections/cisco/intersight/playbooks/servers_to_file.yml b/ansible_collections/cisco/intersight/playbooks/servers_to_file.yml
new file mode 100644
index 00000000..72c88783
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/servers_to_file.yml
@@ -0,0 +1,14 @@
+---
+# Update standalone servers (IMC) in the file
+- lineinfile:
+ path: "{{ filepath }}"
+ insertafter: "^\\[{{ host_group }}\\]"
+ regexp: "^{{ item.Name }} "
+ # Each line of the inventory has the following:
+ # Name server_moid=<Moid value> model=<Model value> ...
+ line: "{{ item.Name }} server_moid={{ item.Moid }} model={{ item.Model }}"
+ create: true
+ loop: "{{ outer_item.api_response }}"
+ loop_control:
+ label: "{{ item.Name }}"
+ when: outer_item.api_response is defined and outer_item.api_response
diff --git a/ansible_collections/cisco/intersight/playbooks/update_all_inventory.yml b/ansible_collections/cisco/intersight/playbooks/update_all_inventory.yml
new file mode 100644
index 00000000..f2b59349
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/update_all_inventory.yml
@@ -0,0 +1,57 @@
+---
+#
+# Summary: Auto generate (or update) the Ansible inventory file with all servers (Name and Moid or each discovered server)
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+# This playbook only runs once (and not for each server in the inventory), but the hosts group is used to get API key info
+#
+- hosts: "{{ group | default('Intersight') }}"
+ connection: local
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ # if api_key vars are omitted, INTERSIGHT_API_KEY_ID, INTERSIGHT_API_PRIVATE_KEY,
+ # and INTERSIGHT_API_URI environment variables used for API key data
+ api_private_key: "{{ api_private_key | default(omit) }}"
+ api_key_id: "{{ api_key_id | default(omit) }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ # Change filepath if you want to update a different inventory file
+ filepath: "{{ inventory_file }}"
+ # Change host_group if you want to use another group name for your servers in the created inventory
+ host_group: Intersight_Servers
+ tasks:
+ # Enclose tasks in a block that is only run once
+ - block:
+ # Find all servers
+ - cisco.intersight.intersight_info:
+ <<: *api_info
+ server_names:
+ register: all_results
+ # Place the servers in a group in the file
+ - debug:
+ msg: Inventory filepath "{{ filepath }}"
+ - lineinfile:
+ path: "{{ filepath }}"
+ line: "[{{ host_group }}]"
+ create: true
+ # Update servers in the file
+ - lineinfile:
+ path: "{{ filepath }}"
+ insertafter: "^\\[{{ host_group }}\\]"
+ regexp: "^{{ item.Name }} serial={{ item.Serial }} "
+ # Each line of the inventory has the following:
+ line: "{{ item.Name }} serial={{ item.Serial }} server_moid={{ item.Moid }} model={{ item.Model }} mode={{ item.ManagementMode }} object_type={{ item.SourceObjectType | regex_replace('compute.')}}"
+ create: true
+ loop: "{{ all_results.intersight_servers }}"
+ loop_control:
+ label: "{{ item.Name }}"
+ when: all_results.intersight_servers is defined
+ delegate_to: localhost
+ run_once: true
diff --git a/ansible_collections/cisco/intersight/playbooks/update_hx_edge_inventory.yml b/ansible_collections/cisco/intersight/playbooks/update_hx_edge_inventory.yml
new file mode 100644
index 00000000..6bc855ab
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/update_hx_edge_inventory.yml
@@ -0,0 +1,61 @@
+---
+#
+# Summary: Auto generate (or update) the Ansible inventory file with all servers (Name and Moid or each discovered server)
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+# This playbook only runs once (and not for each server in the inventory), but the hosts group is used to get API key info
+#
+- hosts: "{{ group | default('Intersight') }}"
+ connection: local
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ # Change filepath if you want to update a different inventory file
+ filepath: "{{ inventory_file }}"
+ # Change host_group if you want to use another group name for your servers in the created inventory
+ host_group: Intersight_Servers
+ tasks:
+ # Enclose tasks in a block that is only run once
+ - block:
+ # Find all servers
+ - cisco.intersight.intersight_info:
+ <<: *api_info
+ server_names:
+ register: all_results
+ # Place the servers in a group in the file
+ - debug:
+ msg: Inventory filepath "{{ filepath }}"
+ - lineinfile:
+ path: "{{ filepath }}"
+ line: "[{{ host_group }}]"
+ create: true
+ # Update servers in the file
+ - lineinfile:
+ path: "{{ filepath }}"
+ insertafter: "^\\[{{ host_group }}\\]"
+ regexp: "^{{ item.Name }} serial={{ item.Serial }} "
+ # Each line of the inventory has the following:
+ # Name server_moid=<Moid value> model=<Model value> boot_policy=<policy from tag> | 'na'
+ line: "{{ item.Name }} serial={{ item.Serial }} server_moid={{ item.Moid }} model={{ item.Model }}"
+ create: true
+ # Ansible and jmespath contains have type differences, so to/from_json used
+ loop: "{{ all_results.intersight_servers | json_query(platform_query) | to_json | from_json | json_query(model_query) }}"
+ loop_control:
+ label: "{{ item.Name }}"
+ vars:
+ # Filter for IMC and C-Series only (no HX)
+ platform_query: "[?PlatformType=='IMC']"
+ model_query: "[?contains(Model, 'HX')]"
+ when: all_results.intersight_servers is defined
+ delegate_to: localhost
+ run_once: true
diff --git a/ansible_collections/cisco/intersight/playbooks/update_hx_inventory.yml b/ansible_collections/cisco/intersight/playbooks/update_hx_inventory.yml
new file mode 100644
index 00000000..cb3e25ac
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/update_hx_inventory.yml
@@ -0,0 +1,61 @@
+---
+#
+# Summary: Auto generate (or update) the Ansible inventory file with all servers (Name and Moid or each discovered server)
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+# This playbook only runs once (and not for each server in the inventory), but the hosts group is used to get API key info
+#
+- hosts: "{{ group | default('Intersight') }}"
+ connection: local
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ api_private_key: "{{ api_private_key }}"
+ api_key_id: "{{ api_key_id }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ # Change filepath if you want to update a different inventory file
+ filepath: "{{ inventory_file }}"
+ # Change host_group if you want to use another group name for your servers in the created inventory
+ host_group: Intersight_Servers
+ tasks:
+ # Enclose tasks in a block that is only run once
+ - block:
+ # Find all servers
+ - cisco.intersight.intersight_info:
+ <<: *api_info
+ server_names:
+ register: all_results
+ # Place the servers in a group in the file
+ - debug:
+ msg: Inventory filepath "{{ filepath }}"
+ - lineinfile:
+ path: "{{ filepath }}"
+ line: "[{{ host_group }}]"
+ create: true
+ # Update servers in the file
+ - lineinfile:
+ path: "{{ filepath }}"
+ insertafter: "^\\[{{ host_group }}\\]"
+ regexp: "^{{ item.Name }} serial={{ item.Serial }} "
+ # Each line of the inventory has the following:
+ # Name server_moid=<Moid value> model=<Model value> boot_policy=<policy from tag> | 'na'
+ line: "{{ item.Name }} serial={{ item.Serial }} server_moid={{ item.Moid }} model={{ item.Model }}"
+ create: true
+ # Ansible and jmespath contains have type differences, so to/from_json used
+ loop: "{{ all_results.intersight_servers | json_query(platform_query) | to_json | from_json | json_query(model_query) }}"
+ loop_control:
+ label: "{{ item.Name }}"
+ vars:
+ # Filter for IMC and C-Series only (no HX)
+ platform_query: "[?PlatformType=='UCSFI']"
+ model_query: "[?contains(Model, 'HX')]"
+ when: all_results.intersight_servers is defined
+ delegate_to: localhost
+ run_once: true
diff --git a/ansible_collections/cisco/intersight/playbooks/update_standalone_inventory.yml b/ansible_collections/cisco/intersight/playbooks/update_standalone_inventory.yml
new file mode 100644
index 00000000..bd0bc166
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/update_standalone_inventory.yml
@@ -0,0 +1,67 @@
+---
+#
+# Summary: Auto generate (or update) the Ansible inventory file with Standalone C-Series servers (Name and Moid or each discovered server)
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+# This playbook only runs once (and not for each server in the inventory), but the hosts group is used to get API key info
+#
+- hosts: "{{ group | default('Intersight') }}"
+ connection: local
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ # if api_key vars are omitted, INTERSIGHT_API_KEY_ID, INTERSIGHT_API_PRIVATE_KEY,
+ # and INTERSIGHT_API_URI environment variables used for API key data
+ api_private_key: "{{ api_private_key | default(omit) }}"
+ api_key_id: "{{ api_key_id | default(omit) }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ # How many results to return per inventory file
+ per_page: 500
+ # Total servers to query
+ max_servers: 15000
+ # Change filepath if you want to update a different inventory file
+ filepath: "{{ inventory_file }}"
+ # Change host_group if you want to use another group name for your servers in the created inventory
+ host_group: Intersight_Servers
+ tasks:
+ # Enclose tasks in a block that is only run once
+ - block:
+ # Set an api response for the 1st loop iteration
+ - set_fact:
+ servers:
+ api_response:
+ - Moid: fake
+ run_once: true
+ # Find all servers
+ - cisco.intersight.intersight_rest_api:
+ <<: *api_info
+ resource_path: /compute/PhysicalSummaries
+ query_params:
+ $filter: "ManagementMode eq 'IntersightStandalone' and contains(Model, 'UCSC-C')"
+ $select: Name,Model,Serial
+ $top: "{{ per_page }}"
+ $skip: "{{ item }}"
+ return_list: true
+ loop: "{{ range(0, max_servers|int, per_page|int) | list }}"
+ register: servers
+ when: servers.api_response
+ # Place the servers in a group in the file
+ - debug:
+ msg: Inventory filepath "{{ filepath }}"
+ - lineinfile:
+ path: "{{ filepath }}"
+ line: "[{{ host_group }}]"
+ create: true
+ - include_tasks: servers_to_file.yml
+ loop: "{{ servers.results }}"
+ loop_control:
+ loop_var: outer_item
+ delegate_to: localhost
+ run_once: true
diff --git a/ansible_collections/cisco/intersight/playbooks/vault_intersight_server_profile.yml b/ansible_collections/cisco/intersight/playbooks/vault_intersight_server_profile.yml
new file mode 100644
index 00000000..7a9fd555
--- /dev/null
+++ b/ansible_collections/cisco/intersight/playbooks/vault_intersight_server_profile.yml
@@ -0,0 +1,88 @@
+---
+#
+# Configure Server Profiles
+#
+# The hosts group used is provided by the group variable or defaulted to 'Intersight_Servers'.
+# You can specify a specific host (or host group) on the command line:
+# ansible-playbook ... -e group=<your host group>
+# e.g., ansible-playbook server_profiles.yml -e group=TME_Demo
+#
+- hosts: "{{ group | default('Intersight_Servers') }}"
+ connection: local
+ collections:
+ - cisco.intersight
+ gather_facts: false
+ vars:
+ # Create an anchor for api_info that can be used throughout the file
+ api_info: &api_info
+ # Key can be directly specified, and vault should be used to encrypt:
+ # Ex. ansible-vault encrypt_string --vault-id tme@/Users/dsoper/Documents/vault_password_file '-----BEGIN EC PRIVATE KEY-----
+ # <your private key data>
+ # -----END EC PRIVATE KEY-----'
+ # To use with vault:
+ # ansible-playbook -i inventory --vault-id tme@vault_password_file intersight_server_profile.yml
+ api_private_key: !vault |
+ $ANSIBLE_VAULT;1.2;AES256;tme
+ 34376535353966373536386366646435643735636364373163343365623465343466393338386331
+ 3135633161333861386265393631616237623236643263620a613363396362386631613863643364
+ 65376635316232613561373761363633633034346138366165356561666462333562643065393332
+ 6631363239333332640a376632376434366461393039663530386161313864633265353839636337
+ 39393939363535376566333565666537666137366537396639623633643665363066646161633833
+ 35656430366665336334383435326239316333323631306237626432636361356166383466656362
+ 36626566643637366264393933353038653062373035306338663730383739336530313664646162
+ 30623337383832306665356433346331656164366638633563396532313463643032366537666639
+ 32383230633135373764623733653261326536626561656462343565613535386331643365343738
+ 62623631383135623539393538396435623064306636323165623661633466373664326130396663
+ 31333163643763616263623566353565363030383761366566613036616163343530663362313131
+ 32643737653063383330356436303437383966366163383461376236363563313264303833653631
+ 62613432303536386630646166346262636566303563646337653166303937333134356537656630
+ 39303363383262376237366565346638336139346363383634623333356639616538303366616634
+ 35666439356634353530363566313864333966386263623566323564656366356264313166353038
+ 66643566313361636231616338633939323131643061646664396264366538386230366364326633
+ 3831
+ api_key_id: "{{ api_key_id | default(omit) }}"
+ api_uri: "{{ api_uri | default(omit) }}"
+ validate_certs: "{{ validate_certs | default(omit) }}"
+ state: "{{ state | default(omit) }}"
+ # Server Profile name default
+ profile_name: "SP-{{ inventory_hostname }}"
+ tasks:
+ #
+ # Configure profiles specific to server (run for each server in the inventory)
+ #
+ - set_fact:
+ mode: Standalone
+ when: mode is not defined or mode == 'IntersightStandalone'
+ - set_fact:
+ mode: FIAttached
+ when: mode == 'Intersight'
+ # Get server moid when not defined in inventory
+ - block:
+ - name: "Get {{ inventory_hostname }} Server Moid"
+ cisco.intersight.intersight_info:
+ <<: *api_info
+ server_names: "{{ inventory_hostname }}"
+ register: server
+ - set_fact:
+ server_moid: "{{ server.intersight_servers[0].Moid }}"
+ when: server_moid is not defined
+ delegate_to: localhost
+ - name: "Configure {{ profile_name }} Server Profile"
+ intersight_server_profile:
+ <<: *api_info
+ organization: "{{ organization | default(omit) }}"
+ name: "{{ profile_name }}"
+ target_platform: "{{ mode | default(omit) }}"
+ tags:
+ - Key: Site
+ Value: SJC02
+ description: "Updated Profile for server name {{ inventory_hostname }}"
+ assigned_server: "{{ server_moid }}"
+ boot_order_policy: "{{ boot_order_policy | default(omit) }}"
+ imc_access_policy: "{{ imc_access_policy | default(omit) }}"
+ lan_connectivity_policy: "{{ lan_connectivity_policy | default(omit) }}"
+ local_user_policy: "{{ local_user_policy | default(omit) }}"
+ ntp_policy: "{{ ntp_policy | default(omit) }}"
+ virtual_media_policy: "{{ virtual_media_policy | default(omit) }}"
+ when: server_moid is defined
+ delegate_to: localhost