What Does This Guide Cover for Infoblox Ansible Lookup?
In the first post, “Getting started with Infoblox and Ansible”, I showed you how to set up an Ubuntu box and install Ansible. I also started with your first “playbook” to talk to your Infoblox NIOS (Network Identity Operating System) Grid Master to return all of the “members” in your Infoblox Grid.
Now, let’s configure your Ubuntu box to use variables and store your username and password in a separate file. While we’re at it, we’ll also give you some examples of using Infoblox and Ansible “lookup”.
How Do You Store and Use Infoblox Credentials in Ansible?
To use the Infoblox nios modules in playbooks, you need to configure the credentials to access your Infoblox system. The examples in this guide use credentials stored in <playbookdir>/group_vars/nios.yml. Replace these values with your Infoblox credentials:
---
nios_provider:
host: 192.168.0.200
username: admin
password: infoblox
Now, let’s add “nios” to the static host
sudo vi /etc/ansible/hosts
<shift-G> (move to the bottom of the file)
"i" (to enter interactive mode) and the following
[nios]
192.168.0.200
<esc>
:wq
How Do You Use the nios Lookup Module in Ansible?
Let’s start building playbooks using the “lookup” module. We will name all the playbooks starting with “lk_” to keep them separate from the others we will build later. Fire up your favorite Ubuntu editor and get started with Infoblox and Ansible nios “lookup”:
We are going to create an “alias” for the “ansible-playbook” (because I can’t see typing ansible-playbook over and over):
alias ap=ansible-playbook
Ok, now open your favorite editor and create your first playbook using nios “lookup” following file “lk_member.yml”:
---
- hosts: nios
connection: local
tasks:
- name: fetch all member objects
set_fact:
members: "{{ lookup('nios', 'member', provider=nios_provider) }}"
- name: check the members
debug:
var: members
Run the playbook to get all the members using “lk_member.yml”:
$ ap lk_member.yml
PLAY [nios] ***************************************************************************************************************************
TASK [Gathering Facts] ****************************************************************************************************************
ok: [192.168.0.200]
TASK [fetch all member objects] **************************************************************************************************
ok: [192.168.0.200]
TASK [check the members] *********************************************************************************************************
ok: [192.168.0.200] => {
"members": [
{
"_ref": "member/b25lLnZpcnR1YWxfbm9kZSQw:infoblox.localdomain",
"host_name": "infoblox.localdomain"
},
{
"_ref": "member/b25lLnZpcnR1YWxfbm9kZSQx:m1.tiamat.net",
"host_name": "m1.tiamat.net"
}
]
}
PLAY RECAP ****************************************************************************************************************************
192.168.0.200 : ok=3 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Now we have the script from the previous post without credentials. Let’s create a new file called “lk_hosts.yml”. We are going to “lookup” a host record by FQDN (Fully Qualified Domain Name) — “sif1.ansible.com” — with the following playbook.
---
- hosts: nios
connection: local
tasks:
- name: get host list using FQDN string
set_fact:
host_list: "{{ lookup('nios', 'record:host', filter={'name':'sif1.ansible.com'}, provider=nios_provider) }}"
- name: display host list using FQDN string
debug:
msg: "{{ host_list }}"
Now run the “lk_hosts.yml”:
$ ap lk_hosts.yml
PLAY [nios] ***************************************************************************************************************************
TASK [Gathering Facts] ****************************************************************************************************************
ok: [192.168.0.200]
TASK [get host list using FQDN string] *********************************************************************************************
ok: [192.168.0.200]
TASK [display host list using FQDN string] *****************************************************************************************
ok: [192.168.0.200] => {
"msg": {
"_ref": "record:host/ZG5zLmhvc3QkLl9kZWZhdWx0LmNvbS5hbnNpYmxlLnNpZjE:sif1.ansible.com/default",
"ipv4addrs": [
{
"_ref": "record:host_ipv4addr/ZG5zLmhvc3RfYWRkcmVzcyQuX2RlZmF1bHQuY29tLmFuc2libGUuc2lmMS4xOTIuMTY4LjIwMC4xNC4:192.168.200.14/sif1.ansible.com/default",
"configure_for_dhcp": false,
"host": "sif1.ansible.com",
"ipv4addr": "192.168.200.14"
}
],
"name": "sif1.ansible.com",
"view": "default"
}
}
PLAY RECAP ****************************************************************************************************************************
192.168.0.200 : ok=3 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Let’s say you want to search for all your host records that start with “sif”. Create a new playbook and call it “lk_search_hosts.yml”:
---
- hosts: nios
connection: local
tasks:
- name: get host list using partial string
set_fact:
host_list: "{{ lookup('nios', 'record:host', filter={'name~':'sif'}, provider=nios_provider) }}"
- name: display host list using partial string
debug:
msg: "{{ host_list }}"
Once we run this playbook it will return everything that starts with “sif” in the host name:
$ ap lk_search_hosts.yml
PLAY [nios] **************************************************************************************************************************************************
TASK [Gathering Facts] ***************************************************************************************************************************************
ok: [192.168.0.200]
TASK [get host list using partial string] ********************************************************************************************************************
ok: [192.168.0.200]
TASK [display host list using partial string] ****************************************************************************************************************
ok: [192.168.0.200] => {
"msg": [
{
"_ref": "record:host/ZG5zLmhvc3QkLl9kZWZhdWx0LmNvbS5hbnNpYmxlLnNpZjE:sif1.ansible.com/default",
"ipv4addrs": [
{
"_ref": "record:host_ipv4addr/ZG5zLmhvc3RfYWRkcmVzcyQuX2RlZmF1bHQuY29tLmFuc2libGUuc2lmMS4xOTIuMTY4LjIwMC4xNC4:192.168.200.14/sif1.ansible.com/default",
"configure_for_dhcp": false,
"host": "sif1.ansible.com",
"ipv4addr": "192.168.200.14"
}
],
"name": "sif1.ansible.com",
"view": "default"
},
{
"_ref": "record:host/ZG5zLmhvc3QkLl9kZWZhdWx0LmNvbS5hbnNpYmxlLnNpZjI:sif2.ansible.com/default",
"ipv4addrs": [
{
"_ref": "record:host_ipv4addr/ZG5zLmhvc3RfYWRkcmVzcyQuX2RlZmF1bHQuY29tLmFuc2libGUuc2lmMi4xOTIuMTY4LjIwMC4xNS4:192.168.200.15/sif2.ansible.com/default",
"configure_for_dhcp": false,
"host": "sif2.ansible.com",
"ipv4addr": "192.168.200.15"
}
],
"name": "sif2.ansible.com",
"view": "default"
},
{
"_ref": "record:host/ZG5zLmhvc3QkLl9kZWZhdWx0LmNvbS5hbnNpYmxlLnNpZjM:sif3.ansible.com/default",
"ipv4addrs": [
{
"_ref": "record:host_ipv4addr/ZG5zLmhvc3RfYWRkcmVzcyQuX2RlZmF1bHQuY29tLmFuc2libGUuc2lmMy4xOTIuMTY4LjIwMC4xNi4:192.168.200.16/sif3.ansible.com/default",
"configure_for_dhcp": false,
"host": "sif3.ansible.com",
"ipv4addr": "192.168.200.16"
}
],
"name": "sif3.ansible.com",
"view": "default"
},
{
"_ref": "record:host/ZG5zLmhvc3QkLl9kZWZhdWx0LmxvY2FsLmJha3NoLnNpZi1uZXRtcmk:sif-netmri.baksh.local/default",
"ipv4addrs": [
{
"_ref": "record:host_ipv4addr/ZG5zLmhvc3RfYWRkcmVzcyQuX2RlZmF1bHQubG9jYWwuYmFrc2guc2lmLW5ldG1yaS4xNjkuMjU0LjEuMS4:169.254.1.1/sif-netmri.baksh.local/default",
"configure_for_dhcp": false,
"host": "sif-netmri.baksh.local",
"ipv4addr": "169.254.1.1",
"mac": "00:0c:29:55:91:11"
},
{
"_ref": "record:host_ipv4addr/ZG5zLmhvc3RfYWRkcmVzcyQuX2RlZmF1bHQubG9jYWwuYmFrc2guc2lmLW5ldG1yaS4xOTIuMTY4LjAuMjAxLg:192.168.0.201/sif-netmri.baksh.local/default",
"configure_for_dhcp": false,
"host": "sif-netmri.baksh.local",
"ipv4addr": "192.168.0.201",
"mac": "00:0c:29:55:91:11"
}
],
"ipv6addrs": [
{
"_ref": "record:host_ipv6addr/ZG5zLmhvc3RfYWRkcmVzcyQuX2RlZmF1bHQubG9jYWwuYmFrc2guc2lmLW5ldG1yaS5mZTgwOjoyMGM6MjlmZjpmZTU1OjkxMTEu:fe80%3A%3A20c%3A29ff%3Afe55%3A9111/sif-netmri.baksh.local/default",
"configure_for_dhcp": false,
"host": "sif-netmri.baksh.local",
"ipv6addr": "fe80::20c:29ff:fe55:9111"
}
],
"name": "sif-netmri.baksh.local",
"view": "default"
}
]
}
PLAY RECAP ***************************************************************************************************************************************************
192.168.0.200 : ok=3 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
As you can see, the above returned everything that started with “sif”. Now let’s work on my favorite thing: regex! We are going to use a regex to return “sif1,sif2, and sif3”. This playbook is called “lk_search_hosts_regex.yml”:
---
- hosts: nios
connection: local
tasks:
- name: get host list using partial string
set_fact:
host_list: "{{ lookup('nios', 'record:host', filter={'name~':'sif[1,2,3]'}, provider=nios_provider) }}"
- name: display host list using partial string
debug:
msg: "{{ host_list }}"
This will return sif1 to sif3. Now, in my case, I only have three entries with sif(1,2,3).ansible.com. If I had more, for example, sif(1,2).infoblox.com, it would return those as well.
$ ap lk_search_hosts_regex.yml
PLAY [nios] **************************************************************************************************************************************************
TASK [Gathering Facts] ***************************************************************************************************************************************
ok: [192.168.0.200]
TASK [get host list using partial string] ********************************************************************************************************************
ok: [192.168.0.200]
TASK [display host list using partial string] ****************************************************************************************************************
ok: [192.168.0.200] => {
"msg": [
{
"_ref": "record:host/ZG5zLmhvc3QkLl9kZWZhdWx0LmNvbS5hbnNpYmxlLnNpZjE:sif1.ansible.com/default",
"ipv4addrs": [
{
"_ref": "record:host_ipv4addr/ZG5zLmhvc3RfYWRkcmVzcyQuX2RlZmF1bHQuY29tLmFuc2libGUuc2lmMS4xOTIuMTY4LjIwMC4xNC4:192.168.200.14/sif1.ansible.com/default",
"configure_for_dhcp": false,
"host": "sif1.ansible.com",
"ipv4addr": "192.168.200.14"
}
],
"name": "sif1.ansible.com",
"view": "default"
},
{
"_ref": "record:host/ZG5zLmhvc3QkLl9kZWZhdWx0LmNvbS5hbnNpYmxlLnNpZjI:sif2.ansible.com/default",
"ipv4addrs": [
{
"_ref": "record:host_ipv4addr/ZG5zLmhvc3RfYWRkcmVzcyQuX2RlZmF1bHQuY29tLmFuc2libGUuc2lmMi4xOTIuMTY4LjIwMC4xNS4:192.168.200.15/sif2.ansible.com/default",
"configure_for_dhcp": false,
"host": "sif2.ansible.com",
"ipv4addr": "192.168.200.15"
}
],
"name": "sif2.ansible.com",
"view": "default"
},
{
"_ref": "record:host/ZG5zLmhvc3QkLl9kZWZhdWx0LmNvbS5hbnNpYmxlLnNpZjM:sif3.ansible.com/default",
"ipv4addrs": [
{
"_ref": "record:host_ipv4addr/ZG5zLmhvc3RfYWRkcmVzcyQuX2RlZmF1bHQuY29tLmFuc2libGUuc2lmMy4xOTIuMTY4LjIwMC4xNi4:192.168.200.16/sif3.ansible.com/default",
"configure_for_dhcp": false,
"host": "sif3.ansible.com",
"ipv4addr": "192.168.200.16"
}
],
"name": "sif3.ansible.com",
"view": "default"
}
]
}
PLAY RECAP ***************************************************************************************************************************************************
192.168.0.200 : ok=3 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
What Can You Do with the Infoblox nios Lookup Module?
I know my examples mostly focused around “lookup” and “host”, however you can use the above examples with the following modules and additional examples below:
- nios_a_record – Configure Infoblox NIOS A records
- nios_aaaa_record – Configure Infoblox NIOS AAAA records
- nios_cname_record – Configure Infoblox NIOS CNAME records
- nios_dns_view – Configure Infoblox NIOS DNS views
- nios_fixed_address – Configure Infoblox NIOS DHCP Fixed Address
- nios_host_record – Configure Infoblox NIOS host records
- nios_member – Configure Infoblox NIOS members
- nios_mx_record – Configure Infoblox NIOS MX records
- nios_naptr_record – Configure Infoblox NIOS NAPTR records
- nios_network – Configure Infoblox NIOS network object
- nios_network_view – Configure Infoblox NIOS network views
- nios_nsgroup – Configure InfoBlox DNS Nameserver Groups
- nios_ptr_record – Configure Infoblox NIOS PTR records
- nios_srv_record – Configure Infoblox NIOS SRV records
- nios_txt_record – Configure Infoblox NIOS txt records
- nios_zone – Configure Infoblox NIOS DNS zones
Some other examples:
Look up an A Record:
arecord: "{{ lookup('nios', 'record:a', filter={'name~':'sifbaksh'}
Lookup Fixed Address:
fixaddr: "{{ lookup('nios', 'fixedaddress', provider=nios_provider) }}"
fixaddr: "{{ lookup('nios', 'fixedaddress', filter {'ipv4addr':'10.10.0.3'},return_fields=['mac','options'], provider=nios_provider) }}"You get the idea. Post comments if you need additional examples.
Recommended Reading
If you found this post useful, continue the series or explore the Infoblox API from a different angle:
- Getting Started with Infoblox and Ansible — Set up Ansible on Ubuntu and write your first playbook to query the Infoblox Grid.
- Infoblox and Ansible using “nios_next_network” — Next in the series: use
nios_next_networkto find and create subnets automatically. - Introduction to Infoblox API (WAPI) using Python — Prefer Python over Ansible? This post covers the same Infoblox Grid queries using
requestsandinfoblox-client. - The Ultimate Guide to Infoblox DDI WAPI Examples — Hands-on curl examples for creating DNS zones, DHCP scopes, and more via the WAPI.
Frequently Asked Questions
How do you store Infoblox credentials in Ansible without hardcoding them in a playbook?
Create a file at <playbookdir>/group_vars/nios.yml containing a nios_provider dictionary with host, username, and password. Ansible automatically loads variables from group_vars/ at runtime, so your credentials never appear inside individual playbook files.
How do you search for a host record by FQDN using the Ansible nios lookup module?
Use the lookup plugin with record:host and a filter dictionary: host_list: "{{ lookup('nios', 'record:host', filter={'name':'sif1.ansible.com'}, provider=nios_provider) }}". For partial string matches, use filter={'name~':'sif'} — the ~ operator performs a substring search.
How do you use regex in an Infoblox Ansible lookup to match multiple host records at once?
Pass a regex pattern via the ~ operator in the filter: filter={'name~':'sif[1,2,3]'}. This returns all host records whose name matches the expression — for example sif1.ansible.com, sif2.ansible.com, and sif3.ansible.com — in a single lookup call.
The next post will be around using “nios_next_network” and “lookup” and also creating a network/networks. Files are located here: GitHub