Customizing lab nodes with Ansible
Introduction
During a lab execution, one might need to deploy different files or softwares on running virtual machines. This is helpful to customize a scenario, experiment an agent before its release, and so on. This tutorial aims at customizing nodes of a running lab. By the end of the tutorial, you will be able to provision documents or binaries and even install a software.
Playbook preparation
Deployment is performed using ansible which is integrated in M&NTIS Platform. Deploying on nodes requires a dedicated folder. This folder has to contain at least a playbook.yaml file. One playbook has the ansible operations to be executed. The dedicated folder can contain additional files which can be used by playbook.yaml in order to deploy them on the remote machine.
Playbook for data deployment
It is possible to deploy different files to a node of a running lab. You have to know what is the name of the node you want to deploy to. In this example, KAPE.zip will be copied and then extracted on a Windows virtual machine. Keep in mind that in ansible, deploying to a Linux machine might differ from a Windows machine.
---
tasks:
- name: Copying KAPE
ansible.windows.win_copy:
src: kape.zip
dest: "%TMP%\\kape.zip"
register: kape_copy
# Unzipping
- name: Unzipping KAPE
community.windows.win_unzip:
src: "{{ kape_copy.dest }}"
dest: "%TMP%"
register: kape_unzip
- name: Setting the variable KAPE
set_fact:
kape_dir: "{{ kape_unzip.dest }}\\kape"Playbook for software deployment
In this example, the nginx web server is installed, then started. Based on the previous section, it is possible to upload a nginx configuration file before starting the web server. As you can see, the proxy address is an environment variable set at deployment time. This is required to enable internet on the machine during the playbook deployment (if necessary).
---
tasks:
- name: apt-get update
ansible.builtin.apt:
update_cache: true
environment:
http_proxy: "{{ proxy_address }}"
- name: ensure nginx is at the latest version
ansible.builtin.apt:
name: nginx
state: latest
environment:
http_proxy: "{{ proxy_address }}"
- name: start nginx
service:
name: nginx
state: startedPlaybook execution
This example focuses on the software deployment from a playbook execution. Playbook execution in the lab is performed using M&NTIS CLI. It is possible to set environment variable, such as proxy_address as a parameter. Such variable expects the proxy URL such as http://xxx.xxx.xxx.xxx:3128. The proxy shall exists in the lab in order to use it. If a proxy is available on a topology, its IP address can be retrieved with the following command:
$ mantis lab 2f603ea7-98aa-40dd-8f21-e2ee299a02e9 nodes --json | jq '.[] | select(.name == "internetproxy") | .network_interfaces[0].ip_address_runtime'
"192.168.250.1"You have to provide at least one virtual machine name for the playbook execution. It is possible to retrieve the machine names from the M&NTIS Platform frontend directly or via the M&NTIS CLI. Once you have your lab id, you can perform the following command to retrieve virtual machines nodes:
mantis lab 92035f84-2aed-4ec4-b7e3-3ec2210a05bc nodes
[+] Lab nodes
[+] Router1 (router)
[+] network interfaces
- 192.168.250.254/24
- 192.168.33.10/24
[+] RouterGateway (router)
[+] network interfaces
- 192.168.251.1/24
- 192.168.250.253/24
[+] TARGET (virtual_machine)
[+] network interfaces
- 192.168.33.11
[+] Credentials
- username: adurand - password: ecw2020
- admin_username: root - admin_password: Beezh35;Playbooks can be executed on virtual_machines only. In this example, the playbook is executed on the TARGET virtual machine. Then, in order to run the playbook on a specific target node, use this command:
$ mantis lab 2f603ea7-98aa-40dd-8f21-e2ee299a02e9 provisioning ansible --stream-ansible -c ./deploy-nginx/ -n TARGET -e "proxy_address=http://192.168.250.1:3128"
2024-07-29 13:49:08.450 | INFO | [+] Starting provisioning ansible playbook(s) ./deploy-nginx/ on simulation ID '1'
2024-07-29 13:49:08.522 | INFO | [+] Provisioning task ID: f73f740f-c464-465f-a644-25093bf86850
2024-07-29 13:49:09.587 | INFO | [+] Provisioning task starting...
2024-07-29 13:49:10.644 | INFO | [+] Execute playbook: '/data_ansible/2024_07_29_11_49_08-/playbooks/2024_07_29_11_49_08/playbook.yaml'
2024-07-29 13:49:10.644 | INFO | [+]
2024-07-29 13:49:10.644 | INFO | [+] PLAY [TARGET] ******************************************************************
2024-07-29 13:49:10.644 | INFO | [+]
2024-07-29 13:49:10.644 | INFO | [+] TASK [apt-get update] **********************************************************
2024-07-29 13:49:13.854 | INFO | [+]
2024-07-29 13:49:13.855 | INFO | [+] TASK [ensure nginx is at the latest version] ***********************************
2024-07-29 13:49:14.926 | INFO | [+]
2024-07-29 13:49:14.926 | INFO | [+] TASK [start nginx] *************************************************************
2024-07-29 13:49:15.989 | INFO | [+]
2024-07-29 13:49:15.990 | INFO | [+] PLAY RECAP *********************************************************************
2024-07-29 13:49:15.990 | INFO | [+] TARGET : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
2024-07-29 13:49:15.990 | INFO | [+]
2024-07-29 13:49:16.128 | INFO | [+] Provisioning was correctly executed in 7 secondsThe provisioning ansible command parameters are:
--stream-ansible: to display real time logs of ansible.-c: expects a path to a directory containing an ansible file namedplaybook.yaml.-n: allows to specify the target name (multiple use of this option are allowed in order to run the ansible playbook on several targets).-e: allows to pass extra args to the ansible playbook.
A user can assess if the playbook executed with success by either:
- checking the
failedandskippedvalues of the ansible playbook execution's output or - from the M&NTIS Platform directly, by connecting with VNC or Spice access.
Conclusion
You are now able to deploy different kind of files and data or even softwares on a running lab.