{"id":186,"date":"2019-02-05T11:05:00","date_gmt":"2019-02-05T11:05:00","guid":{"rendered":""},"modified":"2019-08-02T07:12:41","modified_gmt":"2019-08-02T07:12:41","slug":"using-ansible-dynamic-inventory-with-azure-can-save-the-day-for-you","status":"publish","type":"post","link":"https:\/\/opstree.com\/blog\/2019\/02\/05\/using-ansible-dynamic-inventory-with-azure-can-save-the-day-for-you\/","title":{"rendered":"Using Ansible Dynamic Inventory with Azure can save the day for you."},"content":{"rendered":"<div dir=\"ltr\" style=\"text-align:left;\">\n<div class=\"separator\" style=\"clear:both;text-align:center;\"><\/div>\n<div class=\"separator\" style=\"clear:both;text-align:center;\"><a style=\"margin-left:1em;margin-right:1em;\" href=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2019\/02\/8988c-azureansibledynamicinventory.png\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2019\/02\/8988c-azureansibledynamicinventory.png?w=300\" width=\"640\" height=\"344\" border=\"0\"><\/a><\/div>\n<p>As a DevOps Engineer, I always love to make things simple and convenient by automating&nbsp;them. Automation can be done on many fronts like infrastructure, software, build and release etc.<\/p>\n<p>Ansible is primarily a software configuration management tool which can also be used as an infrastructure provisioning tool.<br \/>\nOne of the thing that I love about Ansible is its integration with different cloud providers. This integration makes things really loosely coupled, For ex:- we don&#8217;t require to manage whole information of cloud in Ansible (Like we don&#8217;t need instance metadata information for provisioning it).<\/p>\n<h3 style=\"text-align:left;\">Ansible Inventory<\/h3>\n<div>Ansible uses a term called inventory to refer to the set of systems or machines that our Ansible playbook or command work against. There are two ways to manage inventory:-<\/div>\n<div>\n<ul style=\"text-align:left;\">\n<li>Static Inventory<\/li>\n<li>Dynamic Inventory<\/li>\n<\/ul>\n<div>By default, the static inventory is defined in \/etc\/ansible\/hosts in which we provide information about the target system. In most of the cloud platform when the server gets reboot then it reassigns a new public address and again we have to update that in our static inventory, so this can&#8217;t be the lasting option.<\/div>\n<\/div>\n<div>Luckily Ansible supports the concept of dynamic inventory in which we have some python scripts and a <b>.ini&nbsp;<\/b>file through which we can provision machines dynamically without knowing its public or private address. Ansible Dynamic Inventory is fed by using external python scripts and .<b>ini<\/b> files provided by Ansible for cloud infrastructure platforms like Amazon, Azure, DigitalOcean, Rackspace.<\/div>\n<div><\/div>\n<div>In this blog, we will talk about how to configure dynamic inventory on the Azure Cloud Platform.<\/div>\n<div><\/div>\n<div>\n<h3 style=\"text-align:left;\">Ansible Dynamic Inventory on Azure<\/h3>\n<\/div>\n<div>The first thing that always required to run anything is software and its dependencies. So let&#8217;s install the software and its dependencies&nbsp;first. First, we need the python modules of azure that we can install via <b>pip.<\/b><\/div>\n<div><b>&nbsp;<\/b><\/div>\n<div>\n<pre>$ pip install <span class=\"s1\" style=\"box-sizing:border-box;color:#dd1144;\">'ansible[azure]'<\/span><\/pre>\n<\/div>\n<div>After this, we need to download <b>azure_rm.py<\/b><br \/>\n<b><br \/>\n<\/b><\/p>\n<pre style=\"background-color:#f6f8fa;border-radius:3px;box-sizing:border-box;line-height:1.45;overflow-wrap:normal;overflow:auto;padding:16px;word-break:normal;\">$ <span style=\"font-size:13.6px;\"><span style=\"color:#22863a;\">wget <\/span>https:\/\/raw.githubusercontent.com\/ansible\/ansible\/devel\/contrib\/inventory\/azure_rm.py<\/span><\/pre>\n<p>Change the permission of file using <b class=\"\">chmod<\/b> command.<\/p>\n<pre>$ chmod +x azure_rm.py<\/pre>\n<p>Then we have to log in to Azure account using azure-cli<\/p>\n<pre>$ az login\nTo sign in, use a web browser to open the page https:\/\/aka.ms\/devicelogin and enter the code XXXXXXXXX to authenticate.\n<\/pre>\n<p>The az login command output will provide you a unique code which you have to enter in the webpage i.e.<br \/>\n<a href=\"https:\/\/aka.ms\/devicelogin\" target=\"_blank\" rel=\"noopener\">https:\/\/aka.ms\/devicelogin<\/a><\/p>\n<p>As part of the best practice, we should always create an Active Directory for different services or apps to restrict privileges. Once you logged in Azure account you can create an Active Directory app for Ansible<\/p>\n<pre>$ az ad app create --password ThisIsTheAppPassword --display-name opstree-ansible --homepage ansible.opstree.com --identifier-uris ansible.opstree.com<\/pre>\n<p>Don&#8217;t forget to change your password ;). Note down the <b>appID <\/b>from the output of the above command.<\/p>\n<p>Once the app is created, create a service principal to associate it with.<\/p>\n<pre>$ az ad sp create --id <b>appID<\/b><\/pre>\n<p>Replace the <b>appID <\/b>with actual app id and copy the <b>objectID <\/b>from the output of the above command.<br \/>\nNow we just need the subscription id and tenant id, which we can get by a simple command<\/p>\n<pre>$ az account show<\/pre>\n<p>Note down the <b>id <\/b>and <b>tenantID&nbsp;<\/b>from the output of the above command.<\/p>\n<p>Let&#8217;s assign a contributor role to service principal which is created above.<\/p>\n<pre>$ az role assignment create --assignee <b>objectID<\/b> --role contributor<\/pre>\n<p>Replace the <b>objectID <\/b>with the actual object id output.<\/p>\n<p>All the azure side setup is done. Now we have to make some changes to your system.<\/p>\n<p>Let&#8217;s start with creating <b>an azure <\/b>home directory<\/p>\n<pre>$ mkdir ~\/.azure<\/pre>\n<p>In that directory, we have to create a credentials file<\/p>\n<pre>$ vim ~\/.azure\/credentials\n\n[default]\nsubscription_id=<b>id<\/b>\nclient_id=<b>appID<\/b>\nsecret=<b>ThisIsTheAppPassword<\/b>\ntenant=<b>tenantID<\/b>\n<\/pre>\n<p>Please replace the <b>id, appID, password and tenantID <\/b>with the above-noted things.<\/p>\n<p>All set !!!! Now we can test it by below command<\/p>\n<pre>$ python .\/azure_rm.py --list | jq<\/pre>\n<p>and the output should be like this:-<\/p>\n<pre style=\"background-color:#f6f8fa;border-radius:3px;box-sizing:border-box;line-height:1.45;overflow-wrap:normal;overflow:auto;padding:16px;word-break:normal;\"><span style=\"font-size:13.6px;\">{\n  \"azure\": [\n    \"ansibleMaster\"\n  ],\n  \"westeurope\": [\n    \"ansibleMaster\"\n  ],\n  \"ansibleMasterNSG\": [\n    \"ansibleMaster\"\n  ],\n  \"ansiblelab\": [\n    \"ansibleMaster\"\n  ],\n  \"_meta\": {\n    \"hostvars\": {\n      \"ansibleMaster\": {\n        \"powerstate\": \"running\",\n        \"resource_group\": \"ansiblelab\",\n        \"tags\": {},\n        \"image\": {\n          \"sku\": \"7.3\",\n          \"publisher\": \"OpSTree\",\n          \"version\": \"latest\",\n          \"offer\": \"CentOS\"\n        },\n        \"public_ip_alloc_method\": \"Dynamic\",\n        \"os_disk\": {\n          \"operating_system_type\": \"Linux\",\n          \"name\": \"osdisk_vD2UtEJhpV\"\n        },\n        \"provisioning_state\": \"Succeeded\",\n        \"public_ip\": \"52.174.19.210\",\n        \"public_ip_name\": \"masterPip\",\n        \"private_ip\": \"192.168.1.4\",\n        \"computer_name\": \"ansibleMaster\",\n        ...\n      }\n    }\n  }\n}<\/span><\/pre>\n<p>Now you are ready to use Ansible in Azure with dynamic inventory. Good Luck \ud83d\ude42<\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>As a DevOps Engineer, I always love to make things simple and convenient by automating&nbsp;them. Automation can be done on many fronts like infrastructure, software, build and release etc. Ansible is primarily a software configuration management tool which can also be used as an infrastructure provisioning tool. One of the thing that I love about &hellip; <a href=\"https:\/\/opstree.com\/blog\/2019\/02\/05\/using-ansible-dynamic-inventory-with-azure-can-save-the-day-for-you\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Using Ansible Dynamic Inventory with Azure can save the day for you.&#8221;<\/span><\/a><\/p>\n","protected":false},"author":89038429,"featured_media":29900,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[1],"tags":[768739304,676319250,507460981,335778,768739308,12793557],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/opstree.com\/blog\/wp-content\/uploads\/2025\/11\/DevSecOps-1.jpg","jetpack_likes_enabled":true,"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pfDBOm-30","jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/186"}],"collection":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/users\/89038429"}],"replies":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/comments?post=186"}],"version-history":[{"count":4,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/186\/revisions"}],"predecessor-version":[{"id":998,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/186\/revisions\/998"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/media\/29900"}],"wp:attachment":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/media?parent=186"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/categories?post=186"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/tags?post=186"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}