Chapter 15. Automating Configuration Tasks using Ansible

Ansible is an automation tool used to configure systems, deploy software, and perform rolling updates. Ansible includes support for Red Hat Virtualization, and Ansible modules are available to allow you to automate post-installation tasks such as data center setup and configuration, managing users, or virtual machine operations.
Ansible provides an easier method of automating Red Hat Virtualization configuration compared to REST APIs and SDKs, and allows you to integrate with other Ansible modules. For more information about the Ansible modules available for Red Hat Virtualization, see the Ovirt modules in the Ansible documentation.


Ansible Tower is a graphically enabled framework accessible through a web interface and REST APIs for Ansible. If you want support for Ansible Tower, then you must have an Ansible Tower license, which is not part of the Red Hat Virtualization subscription.
Ansible is shipped with Red Hat Virtualization. To install Ansible ensure that you have enabled the required repositories. See Subscribing to the Required Entitlements in the Installation Guide, and run the following command:
# yum install ansible
See the Ansible Documentation for alternate installation instructions, and information about using Ansible.

15.1. Ansible Roles

Multiple Ansible roles are available to help configure and manage various parts of the Red Hat Virtualization infrastructure. Ansible roles provide a method of modularizing Ansible code by breaking up large playbooks into smaller, reusable files that can be shared with other users.
The Ansible roles available for Red Hat Virtualization are categorized by the various infrustructure components. For more information about the Ansible roles, see the oVirt Ansible Roles documentation, or the documentation installed with Ansible roles, see Section 15.1.1, “Installing Ansible Roles”.

15.1.1. Installing Ansible Roles

You can install Ansible roles for Red Hat Virtualization from the rhel-7-server-rhv-4.1-rpms repository. See Subscribing to the Required Entitlements in the Installation Guide for more information.
Use the following command to install the Ansible roles:
# yum install ovirt-ansible-roles
By default the roles are installed to /usr/share/ansible/roles. The structure of the ovirt-ansible-roles package is as follows:
  • /usr/share/ansible/roles - stores the roles.
  • /usr/share/doc/ovirt-ansible-roles/ - stores the examples, a basic overview, and the licence.
  • /usr/share/doc/ansible/roles/role_name - stores the documentation specific to the role.

15.1.2. Using Ansible Roles to Configure Red Hat Virtualization

The following procedure guides you through creating and running a playbook that uses Ansible roles to configure Red Hat Virtualization. This example uses Ansible to connect to the Manager on the local machine and create a new data center.


  • Ensure the roles_path option in /etc/ansible/ansible.cfg points to the location of your Ansible roles (/usr/share/ansible/roles).
  • Ensure that you have the Python SDK installed on the machine running the playbook.

Procedure 15.1. Configuring Red Hat Virtualization using Ansible Roles

  1. Create a file in your working directory to store the Red Hat Virtualization Manager user password:
    # cat passwords.yml
      engine_password: youruserpassword
  2. Encrypt the user password. You will be asked for a vault password.
    # ansible-vault encrypt passwords.yml
    New Vault password: 
    Confirm New Vault password:
  3. Create a file that stores the Manager details such as the url, certificate location, and user.
    # cat engine_vars.yml 
    engine_user: admin@internal
    engine_cafile: /etc/pki/ovirt-engine/ca.pem


    If you prefer, these variables can be added directly to the playbook instead.
  4. Create your playbook. To simplify this you can copy and modify an example in /usr/share/doc/ovirt-ansible-roles/examples.
    # cat rhv_infra.yml
    - name: RHV infrastructure
      hosts: localhost
      connection: local
      gather_facts: false
        # Contains variables to connect to the Manager
        - engine_vars.yml
        # Contains encrypted `engine_password` variable using ansible-vault
        - passwords.yml
        - name: Login to RHV
            url: "{{ engine_url }}"
            username: "{{ engine_user }}"
            password: "{{ engine_password }}"
            ca_file: "{{ engine_cafile | default(omit) }}"
            insecure: "{{ engine_insecure | default(true) }}"
            - always
        data_center_name: mydatacenter
        data_center_description: mydatacenter
        data_center_local: false
        compatibility_version: 4.1
        - ovirt-datacenters
        - name: Logout from RHV
            state: absent
            ovirt_auth: "{{ ovirt_auth }}"
            - always
  5. Run the playbook.
    # ansible-playbook --ask-vault-pass rhv_infra.yml
You have successfully used the ovirt-datacenters Ansible role to create a data center named mydatacenter.