In a previous post I showed how the ansible-vault can be used to keep passwords secure.  What about those locations that only get access to Ansible Tower, and aren’t able to run ansible-vault?   

 We are going to go through the steps to use the Tower credentials to store and use username/password entries that can be called in our playbooks by a variable. 

 The first thing that needs to be done is to create our credential entry.  Select the ‘Credentials’ section from the left-hand menu and click the green + button on the right to create a new credential entry. 

 

 Name your new credential something that makes sense and select the credential type of ‘Network’.  Fill in the username and password you want to use and click the green save button. 

 

 Let me explain what we did and why.  We created a credential entry of type Network, which is normally used for specific protocol links to network switches.  We did this because what using this credential does is creates two environmental variables that the called playbooks can access.  These variables are ANSIBLE_NET_USERNAME, and ANSIBLE_NET_PASSWORD. 

 Before we look at how to use this in a template in Tower, let’s look at how we prepare our playbook to use these variables.  Here is the var: section of one of my playbooks. 

By using the universial variable ‘ansible_env’ and calling its entry ANSIBLE_NET_USERNAME/PASSWORD, I can set my variables to these entries. 

 When you create your template, add the credential you created to the template.  Be sure to change the credential type to Network for it to show up in the list. 

  

 Now when this template is run those environmental variables will be created with the created username and password from the credential.  This keeps our password safe, and allows us to use different user/pass options without having to edit our playbook at all. 

 If you haven’t started your Ansible journey yet, or know someone who could use some help, this five-part series walks you through setting up the Ansible engine and creating a playbook for use with ONTAP. Getting Started with NetApp and Ansible 

 As always continue to check out netapp.io for more posts like this one, and if you aren’t already join us on slack to discuss configuration management and other Open Ecosystem solutions from NetApp.