Prerequisites - Adaptive Plugins - BlueCat Gateway - 2.9

Ansible Module Administration Guide

prodname
BlueCat Gateway
version_custom
2.9

Before you begin, ensure that the following prerequisites are met.

Software Prerequisites

Software Requirement
Address Manager You must be running one of the following versions of Address Manager software:
  • Address Manager v9.2.0
  • Address Manager v9.1.0
  • Address Manager v9.0.0
Ansible You must be running the following versions of Ansible software:
  • Ansible v2.9.7 or greater
    Note: You are required to use the latest version of BlueCat Ansible Module for full access to all resources.
BlueCat Gateway You must be running one of the following versions of BlueCat Gateway software:
  • BlueCat Gateway v20.6.1
  • BlueCat Gateway v20.3.1
  • BlueCat Gateway v20.1.1
Note: Either ports 80 or 443 must be open between your Ansible manager and the BlueCat Gateway server.

Python

You must install the requests Python module before running the BlueCat Ansible Module. To install the requests module, execute the following command in Ansible manager:

pip install requests

If you wish to utilize the dig functionality as part of a playbook (For example, the query_dns.yml playbook) you must also install the dnspython module. To install the dnspython module, execute the following command in Ansible manager:

pip install dnspython

Accessing BlueCat Gateway

When configuring the BlueCat Ansible Module, you must provide a username, password, and URL for accessing the BlueCat Gateway server.

BlueCat Gateway REST API workflow

The BlueCat Ansible Module must communicate with a BlueCat Gateway server running the REST API workflow. You must import the latest version of the REST API workflow into your Gateway server and set the permissions for the workflow to include a group that contains the API username specified by the “username” variable in playbooks or the files.

The REST API workflow is delivered as a container image published in a public BlueCat cloud registry on http://quay.io/bluecat/rest. Use Docker commands in the Linux CLI to pull the image and manage the container.

Before you Start

As is the case with all BlueCat Gateway containers, BlueCat recommends defining a workspace and logs directory. For more information on how to configure your environment, please refer to the Gateway Installation Guide.

To obtain the image from the public repository:

  1. Review the ports used on the host machine that is installing the Gateway instance using the following command:
    sudo docker ps -a
    In the following example output, ports 80 and 443 are used:
    STATUS          PORTS                                         NAMES
    Up 34 minutes   0.0.0.0:80->8000/tcp, 0.0.0.0:443->44300/tcp  gateway_20_3_1
  2. Run the custom Gateway image using the following command:
    sudo docker run -d \--name rest_api \ -e BAM_IP=<IP Address> \ 
    -p <http_port>:8000 \ -p <https_port>:44300 \ 
    -v <path_to_mapped_log_directory):/logs/ \quay.io/bluecat/rest:20.7.2

    Where <http_port> and <https_port> represent different ports than those used by the Gateway instance. For example, you can set port 81 as the <http_port> and port 444 as the <https_port> values.

  3. Run the following command to pull the image and start the container:
    docker run -d -p 80:8000 -p 443:44300 -v <path_to_workspace>:/
    bluecat_gateway/ -v <path_to_mapped_log_directory>:/logs/ -e BAM_IP=<your 
    bam ip> --name rest_api quay.io/bluecat/rest:20.7.2
Attention: If using RedHat Enterprise Linux-compiled Docker
If you are using RHEL-compiled Docker, you must add :Z at the end of the file path for any mapped directory. For example:
-v <path_to_workspace>:/bluecat_gateway/:Z
Tip: If you remove the container and wish to re-install it using the same server IP and the same workspace and logging directory, the environment variable does not need to be passed as part of the docker run command.
docker run -d -p 80:8000 -p 443:44300 -v <path_to_workspace>:/
bluecat_gateway/ -v <path_to_mapped_log_directory>:/logs/ --name 
rest_api quay.io/bluecat/rest:20.7.2

You can verify if the REST API is available here: http://BlueCatGatewayFQDN/api/v1/. If you can view the swagger documentation for the REST API, it is imported correctly.

The external_vars.yml file

You must update the external_vars.yml file provided with the appropriate information. Once this file has been modified, BlueCat recommends only updating this file when there is a necessary change.

Creating or modifying the external_vars.yml file

Before creating or modifying the external_vars.yml file, you must document the following information:

Table.
Variable Description
Username Used when accessing the BlueCat Gateway server or executing actions on the BlueCat Address Manager server.
Password Used when accessing the BlueCat Gateway server or executing actions on the BlueCat Address Manager server
Protocol Determines whether http or https is used when connecting to BlueCat Gateway server.
Domain URL or IP address of the BlueCat Gateway server running the REST API workflow.
Note: The BlueCat Gateway server must have the latest version of the REST API workflow implemented.
Version The API version to use for constructing URLs. The default value is 1.

The cli_path file

The cli_path file contains necessary data to execute commands against a DNS/DHCP Server. It should not be modified in any way.

Inventory hosts

If you use the BDDS playbooks, you must include the target BlueCat DNS/DHCP Servers in your inventory.