Contact Us

Opensource Configuration Management tools integration with vRealize Automation Cloud – Part 2


name: Ansible Control Machine

version: 1

formatVersion: 1



    type: string

    description: The username for the ansible user account

    default: ansible


    type: string

    description: ‘The password for the ansible user. The connection from Cloud Assembly currently uses password based auth, so this is a mandatory requirement.’


    type: string

    description: The password that will be written to the Vault file.


    type: string

    encrypted: true

    description: The public half of SSH key used for authentication to this box. Not to be confused with the SSH key that will be used by the ansible user account to SSH into managed instances.


    type: string

    description: A webhook for Slack notifications. This will be used to send the public key details of the generated keypair that ansible will use to connect to remote hosts.



    type: Cloud.Machine


      image: ddeswartUbuntu

      flavor: ddeswartsmall


         tag: ‘platform:vsphere’

      cloudConfig: |


        repo_update: true




              source: “ppa:ansible/ansible”

              keyserver: ‘’

              keyid: 7BB9C367




           path: /etc/ansible/playbooks/ansiblecn.yml

            content: |


               name: Install and Configure Ansible Control Node for use with VMware vRA Cloud

                hosts: localhost

                gather_facts: true


                  ansible_username: “${input.ansible_username}”

                  ansible_user_password: “${input.ansible_user_password}”

                  ansible_vault_password: “${input.ansible_vault_password}”

                  ansible_ssh_key: “${input.ansible_ssh_key}”

                  slack_notification_content: “{{ lookup(‘file’, ‘/home/ansible/.ssh/’) }}”

                  slack_notification_webhook: “${input.slack_webhook}”


                   name: Create Ansible User

                    become: true


                      name: “{{ ansible_username }}”

                      groups: sudo

                      shell: /bin/bash

                      generate_ssh_key: yes

                      password: “{{ ansible_user_password | password_hash(‘sha512’) }}”


                   name: Set Authorised Key for Ansible User


                      user: “{{ ansible_username }}”

                      key: “{{ ansible_ssh_key }}”


                   name: Set Ansible Directory Permissions


                      owner: “{{ ansible_username }}”

                      path: /etc/ansible

                      recurse: yes

                      state: directory


                   name: Create Cleartext Vault Pass File


                      create: yes

                      owner: “{{ ansible_username }}”

                      path: /etc/ansible/vault_pass.txt

                      line: “{{ ansible_vault_password }}”


                   name: Create Ansible Log file


                      create: yes

                      owner: “{{ ansible_username }}”

                      path: /var/log/ansible.log

                      line: “ansible_log_file”


                   name: Update Config with Pass File Location


                      owner: “{{ ansible_username }}”

                      path: /etc/ansible/ansible.cfg

                      regexp: “vault_password_file”

                      line: “vault_password_file = /etc/ansible/vault_pass.txt”


                   name: Update Config with Private Key Location


                      owner: “{{ ansible_username }}”

                      path: /etc/ansible/ansible.cfg

                      regexp: “private_key_file”

                      line: “private_key_file = /home/{{ ansible_username }}/.ssh/id_rsa”


                   name: Update Config with Host Key Check Setting


                      owner: “{{ ansible_username }}”

                      path: /etc/ansible/ansible.cfg

                      regexp: “host_key_checking”

                      line: “host_key_checking = False”


                   name: Update Config with Roles path


                      owner: “{{ ansible_username }}”

                      path: /etc/ansible/ansible.cfg

                      regexp: “roles_path”

                      line: “roles_path = /etc/ansible/roles”


                   name: Update Config with Ansible Log location


                      owner: “{{ ansible_username }}”

                      path: /etc/ansible/ansible.cfg

                      regexp: “log_path”

                      line: “log_path = /var/log/ansible.log”


                   name: Create localhost entry in Hosts File


                      create: yes

                      owner: “{{ ansible_username }}”

                      path: /etc/ansible/hosts

                      line: “localhost”


                   name: Enable Password Based Auth

                    become: true


                      path: /etc/ssh/sshd_config

                      state: present

                      regexp: “PasswordAuthentication no”

                      line: “PasswordAuthentication yes”


                   name: Restart sshd

                    become: True


                      name: sshd

                      state: restarted


                   name: Send Ansible Public Key to Slack


                      method: POST

                      url: “{{ slack_notification_webhook }}”

                      body: {“text”: “Your ansible public key is “`{{ slack_notification_content | regex_replace(‘ansible-generated on.*’) }}“`”}

                      body_format: json



           ansibleplaybook connection=local inventory, /etc/ansible/playbooks/ansiblecn.yml


         network: ‘${}’


    type: Cloud.Network


      name: VM network

      networkType: existing

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Consent to display content from Youtube
Consent to display content from Vimeo
Google Maps
Consent to display content from Google
Consent to display content from Spotify
Sound Cloud
Consent to display content from Sound