top of page

TechBobbles

tech logo with triangle shape.jpg
  • Writer's pictureAdmin

Azure automation using Ansible (DevOps)

azure
ansible

Managing cloud resources can often be a complex and time-consuming task. However, with tools like Ansible, you can automate many aspects of your Azure infrastructure, making it easier and more efficient within a DevOps environment. This blog will guide you through the steps to set up and run Ansible playbooks to manage your Azure resources.




Steeps to connect Ansible with azure:

1. Azure Account: If you don't have one, you can get a free account here.

2. Azure Service Principal: You need to generate a service principal and expose the credentials either as environment variables or store them in a file.


Commands to configure service principal:


# Step 1: Login to Azure

az login


# Step 2: Create an Azure AD Application

az ad app create --display-name "my-app1”


# Retrieve the appId of the created application

appId=$(az ad app list --display-name "my-app1” --query "[].appId" -o tsv)


# Step 3: Create a Service Principal for the Application

az ad sp create --id $appId


# Step 4: Create a Client Secret

az ad app credential reset --id $appId --append --years 1


# Retrieve the service principal Object ID

spId=$(az ad sp list --display-name "my-app1” --query "[].appId" -o tsv)


# Retrieve the subscription ID

subscriptionId=$(az account show --query "{subscriptionId:id}" -o tsv)


# Step 5: Assign a Role to the Service Principal

az role assignment create --assignee $spId --role "Contributor" --scope "/subscriptions/$subscriptionId"



3. Ansible: Install Ansible on your local machine. You can follow the official Ansible installation guide here.


4. Azure Dependencies Package: Install the Azure dependencies package for Ansible.


pip install ansible[azure]


5. Azure Preview Modules Role: Install the azure_preview_modules role and its dependencies.


ansible-galaxy role install azure.azure_preview_modules


pip install -r ~/.ansible/roles/azure.azure_preview_modules/files/requirements-azure.txt


Azure requirements file holds all the python module that needs to install. This packages are version sensitive which needs extra attention to the administrator.


Please find my the package details if your Ansible/Python version matches below.


ansible [core 2.17.1]

Python version = 3.10.13 (main, Jul 9 2024, 21:32:52) [GCC 9.4.0] (/usr/local/python/3.10.13/bin/python3)

Jinja version = 3.1.4


Please find the below require Python modules and their version. If require update the requirement.txt file before installing.


packaging

requests[security]

xmltodict

azure-cli-core==2.0.35

azure-cli-nspkg==3.0.2

azure-common==1.1.11

azure-mgmt-authorization==0.51.1

azure-mgmt-batch==5.0.1

azure-mgmt-cdn==3.0.0

azure-mgmt-compute==4.4.0

azure-mgmt-containerinstance==1.4.0

azure-mgmt-containerregistry==2.0.0

azure-mgmt-containerservice==4.4.0

azure-mgmt-dns==2.1.0

azure-mgmt-keyvault==1.1.0

azure-mgmt-marketplaceordering==0.1.0

azure-mgmt-monitor==0.5.2

azure-mgmt-network==2.3.0

azure-mgmt-nspkg==2.0.0

azure-mgmt-redis==5.0.0

azure-mgmt-resource==2.1.0

azure-mgmt-rdbms==1.4.1

azure-mgmt-servicebus==0.5.3

azure-mgmt-sql==0.10.0

azure-mgmt-storage==3.1.0

azure-mgmt-trafficmanager==0.50.0

azure-mgmt-web==0.41.0

azure-nspkg==2.0.0

azure-storage==0.35.1

msrest==0.6.1

msrestazure==0.5.0

azure-keyvault==1.0.0

azure-graphrbac==0.40.0

azure-mgmt-cosmosdb==0.5.2

azure-mgmt-hdinsight==0.1.0

azure-mgmt-devtestlabs==3.0.0

azure-mgmt-loganalytics==0.2.0

azure-mgmt-automation==0.1.1

azure-mgmt-iothub==0.7.0



Add the following content to the file $HOME/.azure/credentials:


[default]

subscription_id=xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

client_id=xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

secret=xxxxxxxxxxxxxxxxx

tenant=xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx



Now we are ready to run any playbook. Please find some ad-hoc commands to check your connection.


Get Azure Resource Groups:

ansible localhost -m azure.azcollection.azure_rm_resourcegroup_info


Get Azure Virtual Machines:

ansible localhost -m azure.azcollection.azure_rm_virtualmachine_info


Get Azure Virtual Networks:

ansible localhost -m azure.azcollection.azure_rm_virtualnetwork_info


Get Azure Network Security Groups:

ansible localhost -m azure.azcollection.azure_rm_securitygroup_info


Get Azure Network Security Groups:

ansible localhost -m azure.azcollection.azure_rm_securitygroup_info


Get Azure Subnets:

ansible localhost -m azure.azcollection.azure_rm_subnet_info


Get Azure Public IP Addresses:

ansible localhost -m azure.azcollection.azure_rm_publicipaddress_info



For more help please use the below git repo.





Comentarios


Thanks for visiting 

Bangalore,

Siddartha1192@gmail.com

+919148014455

  • Linkedin
  • Wix Facebook page
  • Wix Twitter page

Subscribe to get exclusive updates

bottom of page