How to create a hello world Ansible module with Documentation

If you cannot locate a plugin that suits your needs by using Ansible, you can easily extend the default functionality by creating your own python module. In this article I will explain the procedure for the creation of a module.

First of all you should create a python code and use Ansible SDK. A detailed description for the creation of the development environment can be found on official documentation.

The example module is a hello world, that gets as an input your name, surname and prints a hello message.

Copy your on ansible modules location. On my working machine this is the path /usr/local/lib/python3.9/site-packages/ansible/modules

When you include your documentation on the python file, you can explore it with:

ansible-doc hello
Documentation for module

If you try a module run without the required parameters, it will fail as shown below:

Plugin run without required parameters

Run your custom module by using the below playbook:

Input with only name as parameter:

- name: test playbook using custom code
  hosts: localhost
    - name: using my custom module
        name: Gerasimos
      register: result
    - name: show output
        var: result

Input with name and surname as parameters:

- name: test playbook using custom code
  hosts: localhost
    - name: using my custom module
        name: Gerasimos
        surname: Alexiou
      register: result
    - name: show output
        var: result

Code for the example module can be found on my github repo.

Ansible loop over nested dictionary subelements – list object has no attribute

Sometimes it could be tricky in Ansible to loop over a nested key-value list. Take for example the below dictionary which includes a nested list of disks. The upper element of the .yml file is vms which includes name, folder, cpus, sockets, memory and disk.

The disk element consists of disksize and disktype. This .yml file has been created on a previous post which explains how to automatically provision VMware servers.

 name: test1-ansible
 folder: ansible
 cpus: 1
 sockets: 1
 memory: 64
  - disksize: 64
    disktype: thin
  - disksize: 100
    disktype: thin 

If you try to loop over this list you will probably get an error like list object has no attribute.

With the subelements command you can loop over your main list (vms) and access your nested one (disk) with a different index.

In order to retrieve the vm name you should use item.0. The nested values are placed under item.1

- name: test playbook 
  hosts: localhost 
  vars_files: vms.yml
    - name: loop over nested
        msg: '"{{ item.1.disksize }}"  "{{ item.1.disktype }}"'
      loop: "{{ vms| subelements('disk') }}" 

By performing a debug print, we can successfully get the nested keys values.

Automate VMware deployments with RedHat Ansible

This article will guide you implement automation on the deployment procedure of a VMware infrastructure. In more detail the ansible project that is listed on the bottom of the page will deploy VMs from a list that you provide on your VMware hypervisor.

The dependencies that are necessary for this solution to work are:

The community.vmware plugin which can be installed with:

ansible-galaxy collection install community.vmware

the PyVmomi package which can be installed with pip or pip3 with the command:

sudo pip3 install pyvmomi

The project consists of the below components:

  • deploy.yml which is the base script that performs the deployment.
  • ansible.cfg and inventory which are not useful for this example
  • secrets.yml which is an ansible vault that contains secrets and passwords
  • vms.yml which is the list of the VMs that we want to create.

You can run the example by using prompt so that you input the ansible vault password.

ansible-playbook deploy.yml --vault-id=@prompt

After the successful run you will get the newly created vms on the folder you specified (in my example ansible folder within the vcenter server)

Authenticate windows servers with Ansible domain user – kerberos configuration

If you try to connect with Ansible on a Windows machine with your active directory account you will get the error -> the specified credentials were rejected by the server

In order to connect through a domain account you should add some inventory variables and also install some additional components.

If you do not have the appropriate libraries installed, you should get the error shown on the below screenshot.

By trying to install kerberos and requests-kerberos through pip3 I got the error that is listed below.

sudo pip3 install requests-kerberos
Command "/usr/bin/python3.6 -u -c "import setuptools, tokenize;file='/tmp/pip-build-2v_1srr8/pykerberos/';f=getattr(tokenize, 'open', open)(file);'\r\n', '\n');f.close();exec(compile(code, file, 'exec'))" install --record /tmp/pip-nkj0fa0v-record/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-build-2v_1srr8/pykerberos/

In order to resolve, first upgrade your pip3 setup tools

pip3 install --upgrade setuptools

Install python3-devel package and other required packages

yum -y install gcc python-devel krb5-devel krb5-libs krb5-workstation

Run setup with pip3 once again. The result should be successful.

Your inventory file should contain the below variables:

ansible_user = admin@DOMAIN.COM (capital letters)
ansible_connection = winrm
ansible_winrm_server_cert_validation = ignore
ansible_password = 
ansible_become_user= admin@DOMAIN.COM
ansible_become_method= runas
ansible_winrm_transport = kerberos

You should also edit Kerberos config file:

vi /etc/krb5.conf


                 // nothing to edit here
     default_realm = DOMAIN.COM (capital letters)
  DOMAIN.COM (capital letters) = {
      kdc =
      kdc =
      admin_server =
 [domain_realm] = DOMAIN.COM

Grap a session for your user:

kinit -C admin@EXAMPLE.COM

And you finally can communicate with your Windows machines through an Active Directory account.