VMware Aria Automation 8.16 - Chinese - China

8.18 8.17 8.16 8.14 8.13 all
Português (Brasil) 简体中文 Deutsch Español Français Italiano 日本語 한국어 Nederlands Русский 繁體中文 English

Use Case: How do I deploy minions using the API in a Windows environment

The goal of this use case is to programmatically install the Salt minion service on a minion by connecting a Windows VM to your
Automation Config
 environment.
Before you can deploy a minion using the API in a Windows environment you must:
  • Have a
    Automation Config
     environment with RaaS deployed.
  • Have a Salt master and Salt minion installed.
  • Have a Windows VM deployed.
Going forward,
Automation Config
 is no longer included in the Aria Automation suite of products. The new name of this product is VMware Tanzu Salt and this product is available as part of the VMware Tanzu Platform suite of products. See Using and Managing Tanzu Salt for more information.
  1. Verify that the folder
    etc/salt/cloud.deploy.d
     on the Salt master contains these files.
    A list of the required files in the cloud.deploy.d directory on a Salt Master
    If you do not see the files, contact support.
    The xxxx in the filename, for example,
    salt-xxxx-windows--x86.tar.gz
    , should match the version of the Salt master. To verify the version of the Salt master, run the
    salt-master -V
     command on the Salt master.
  2. If your environment is air-gapped, complete these steps:
    1. Open the RaaS configuration file in
      /etc/raas/raas
      .
    2. Add these lines to the configuration file:
      minion_deployment:
airgap_install: true
    3. Restart the RaaS service using the
      service raas restart
       command.
    If you are using a hardened Linux VM, there are some situations where scripts cannot be run from
    /tmp
     on the VM.
    • If you are using Automation Assembler version 8.10.2 or higher: Add the
      additionalAuthParams
       property to the Automation Config resource in your cloud template. For more information, see Add the Automation Config resource to the cloud template. 
      additionalAuthParams:
profile:
  tmp_dir: /var/cache/salt
    • If you are using Automation Assembler version 8.10.1 or lower: Modify the
      /etc/salt/cloud.providers.d/ssc_saltify_provider.conf
       file with 
      ssc_saltify_provider:
driver: saltify
tmp_dir: /var/cache/salt
      If this configuration file does not exist, create it and add the setting above.
  3. In the Salt master's terminal, install the following libraries by running the
    pip3 install pypsexec smbprotocol
     and
    pip3 install impacket --ignore-installed
     commands.
    This step is not required when using LCM to install the
    Automation Config
     appliance that includes the Salt Master. However, this step is necessary when manually installing the Salt Master.
  4. To identify the FQDN of the Salt master, run the
    salt saltmaster grains.get fqdn
     command in the Salt master's terminal.
  5. On your Windows machine, verify that the
    C: \Windows\System32\drivers\etc\hosts
     file is configured with the Salt master's IP and FQDN.
  6. Open PowerShell on the Windows machine and run the following command to open the required ports:
    Port
    Commands
    445
    New-NetFirewallRule -Name "SMB445" - DisplayName "SMB445" -Protocol TCP - LocalPort 445
    Enable-Psremoting
  7. In the Salt master's terminal, use this command to open ports 4505 and 4506 on the Salt master:
    Port
    Commands
    4505-4506
    netsh advfirewall firewall add rule name="Salt" dir=in action=allow protocol=TCP localport=4505-4506
    See Understanding
    Automation Config
     for more information about the Salt communication model.
  8. Ensure that the FQDN is configured for the Salt master by running the
    ping [FQDN]
     command on your Windows machine.
    The results of running the ping FQDN command on a Windows machine
  9. Make this API call using an SSEAPI client with the correct credentials for your environment.
    If you integrated
    Automation Config
     with
    VMware Aria Automation
    , the
    VMware Aria Automation
     service makes this API call for you when you deploy minions using a cloud template.
    from sseapiclient import APIClient

client = APIClient('https://<master-ip>', '<ssc-username>', '<sscpassword>', ssl_validate_cert=False)


client.api.minions.deploy_minion(

master_id = '<master-id>',

host_name_ip = '<prospective minion’s ip>',

os = ‘<prospective minion’s os>’,

minion_id = '<desired-minion-name-for-prospective-minion>',

username = '<ssh-username-for-prospective-minion>',

password = '<ssh-password-for-prospective-minion>',

)
    The
    deploy.minion
     function begins running in your
    Automation Config
     environment. You can verify that the job is running in the
    Activity
     tab of the
    Automation Config
     user interface or by running the
    python3
     command, followed by
    client.api.minions.get_minion_deployments()
    .
The minion was successfully deployed and configured from your Windows environment and API call.
Verify that the minion was deployed successfully by running a
test.ping
 command against the minion using the
Run Command
 window or by running the
\* test.ping
 and
\* test.versions
 commands in the Salt master command window.

Content feedback and comments