Get Started with NetScaler Automation using Ansible
NetScaler provides Ansible modules to support configuration of different NetScaler use cases, from load balancing to web application firewall policies. NetScaler automation through Ansible enables simplicity and agility, helping IT admins to maintain distributed IT infrastructure and even migrate across different environments.
In this tutorial, we will go through Ansible installation and configure our first basic use-case of setting up load balancing vserver on NetScaler:
Pre-requisite : NetScaler is installed, its NSIP, VIP and SNIP configured and ready to receive user traffic.
- Setting up pre-requisite for Ansible
sudo apt-get install virtualenvwrapper
Edit the .bashrc file last line with “---"
source /usr/share/virtualenvwrapper/virtualenvwrapper.sh
After editing it, reload the startup file by running
source ~/.bashrc
Now create a virtual env
mkvirtualenv -p `which python3` venv_python3
- Install Ansible and NetScaler Ansible modules
workon venv_python3
Install Ansible
pip install ansible
Install NetScaler collections for Ansible
ansible-galaxy collection install git+https://github.com/citrix/citrix-adc-ansible-modules.git#/ansible-collections/adc
Clone NetScaler GitHub Repo
git clone https://github.com/citrix/citrix-adc-ansible-modules
Install Python Nitro API SDK as shown below
(venv_python3) nsroot@autsvr1:~/automation-repos/ansible-ctxadc/citrix-adc-ansible-modules/$ pip install deps/nitro-python-1.0_kamet.tar.gz
- Define NetScaler configurations in Ansible Playbook
Create a new playbook – my_lb_vserver.yaml with the content as below:
---- hosts: citrix_adc vars: max_clients: 5 remote_user: root gather_facts: False collections: - citrix.adc tasks: - name: Set service 1 delegate_to: localhost citrix_adc_service: nsip: "{{ nsip }}" nitro_user: "{{ nitro_user }}" nitro_pass: "{{ nitro_pass }}" validate_certs: "{{ validate_certs }}" state: present name: ans-service-1 servicetype: HTTP ipaddress: 10.217.107.86 port: 80 - name: Set service 2 delegate_to: localhost citrix_adc_service: nsip: "{{ nsip }}" nitro_user: "{{ nitro_user }}" nitro_pass: "{{ nitro_pass }}" validate_certs: "{{ validate_certs }}" state: present name: ans-service-2 servicetype: HTTP ipaddress: 10.217.107.87 port: 80 - name: lb vserver 1 delegate_to: localhost citrix_adc_lb_vserver: nsip: "{{ nsip }}" nitro_user: "{{ nitro_user }}" nitro_pass: "{{ nitro_pass }}" validate_certs: "{{ validate_certs }}" state: present name: ans-lb-vserver-1 servicetype: HTTP timeout: 12 ipv46: 10.217.107.100 port: 80 servicebindings: - servicename: ans-service-1 weight: "1" - servicename: ans-service-2 weight: "1" disabled: no
In above playbook, we are creating simple HTTP load balancing vserver named ans-lb-vserver-1 that will load balance user traffic across group of your backend services named ans-service-1 and ans-service-2.
You can configure the ipv46 of ans-lb-vserver-1 to the IP where you want to receive client traffic and define the ip of your backend app services in the ipaddress of ans-service-1 and ans-service-2.
Now create an inventory file such as here with your NetScaler credentials as follows:
[citrix_adc]myadc_1 nsip=10.78.60.200 nitro_user=adcusername nitro_pass=adcpassword validate_certs=no
- Run Ansible Commands to apply configuration to NetScaler
ansible-playbook -i vpx_inventory.txt my_lb_vserver.yaml
We will get above response where all the 3 tasks in playbook are executed successfully and lb vserver 1 configuration is updated.
To delete configurations you need to edit the state variable in playbook to absent state : absent for each resources that you want to delete. And then run the above ansible-playbook command again.
That’s the power of using Ansible with NetScaler, where various NetScaler configurations are defined as code in playbooks and executed as set of tasks with just one ansible commands. Explore various example playbooks here and build your desired NetScaler config easily.
Recommended Comments
There are no comments to display.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now