plugin: nmap
strict: False
address: 10.245.74.0/24
ports: no
Using this configuration, when I run ansible-inventory --list I get the list of hosts as expected.
On AWX I upload those 2 files in a git repository and add it as a project.
Then I add the project as an inventory source.
But when I run the inventory sync job, I can see the nmap command being run but the result is 0 hosts added.
One thing I noticed is the nmap command tries to scan the most common ports, even when I set the ports: no option in the inventory.yml
I suspect AWX is not parsing the inventory.yml correctly or is ignoring that specific parameter.
My second test was to change the network and scan the same network where the AWX is running (so there’s no firewall in between AWX and the scanned hosts) and in that case, I do get the list of hosts in AWX.
I would appreciate if you could share the output of the failed inventory update in this case. Also, basic information about the folder structure in your source control would be helpful.
You are correct that, if you can do it via the CLI, you should be able to do it as an inventory update in AWX. However, using Ansible on the CLI often comes with a couple of baked-in environment assumptions, absolute and relative file paths, etc. that have to be scrubbed before the action can be made portable. The thing that jumps out at me is your inventory which points to inventory.yml. When you made the SCM inventory source, you gave it a path relative to the project root to find the inventory file. Now we have the same thing specified in two different places. When Ansible sees inventory.yml, what should that be relative to? Relative to the project root? To the playbook (there is no playbook here)? Generally, I would discourage using this setting.
As a part of our work for the move to plugins, we are already planning to start setting a playbook directory in inventory updates. This is planned as a followup after this pull request lands on the Ansible core side: https://github.com/ansible/ansible/pull/51177
A lot of issues also come up regarding the current working directory, but that may or may not continue to be problem after the playbook directory is set. Your issue will probably be resolved by that, but I can’t say for sure now.
I see it’s related to relative paths, I was assuming AWX would use the project root as current working directory and use the ansible.cfg I put there instead of the global config file.
When I run the ansible-inventory directly on the project directory, this is the output
ansible-inventory 2.7.0
config file = /var/lib/awx/projects/_46__dev_inventario_raspberry_pis/ansible.cfg
configured module search path = [u’/root/.ansible/plugins/modules’, u’/usr/share/ansible/plugins/modules’]
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible-inventory
python version = 2.7.5 (default, Jul 13 2018, 13:06:57) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
Using /var/lib/awx/projects/_46__dev_inventario_raspberry_pis/ansible.cfg as config file
Parsed /var/lib/awx/projects/_46__dev_inventario_raspberry_pis/inventory.yml inventory source with nmap plugin
1.594 INFO Updating inventory 8: dev-raspis
1.617 DEBUG Using system install of ansible-inventory CLI: /usr/bin/ansible-inventory
1.617 INFO Reading Ansible inventory source: /var/lib/awx/projects/_46__dev_inventario_raspberry_pis/inventory.yml
1.621 DEBUG Using private credential data in ‘/tmp/awx_883_Q8tNDO’.
1.623 DEBUG Using fresh temporary directory ‘/tmp/awx_proot_Pky21k’ for isolation.
1.623 DEBUG Running from /var/lib/awx/projects/_46__dev_inventario_raspberry_pis working directory.
106.375 INFO Processing JSON output…
106.376 DEBUG Loaded group: all
106.376 DEBUG Finished loading from source: /var/lib/awx/projects/_46__dev_inventario_raspberry_pis/inventory.yml
106.376 INFO Loaded 0 groups, 0 hosts
106.676 DEBUG Inventory variables unmodified
106.738 INFO Inventory import completed for git-nmap in 105.2s
I did enable the nmap and yaml inventory plugins in the global /etc/ansible/ansible.cfg
The current working directory is the project directory. To find this you have to go into the API browser and see the job_cwd key, an example for an SCM update I ran:
“job_cwd”: “/projects/_1452__project_roomadvice”
(in my case, the inventory file was in a subdirectory)
I believe that you are assuming that Ansible uses ansible.cfg from the cwd, but this is not the case. Once the playbook directory is set to be the same as the working directory (for your simple case), it will probably be resolved because ansible.cfg will be recognized. This leaves off the problem of subdirectories within the repository. We have to consider that, but it will not apply to your case.
We don’t yet have an issue for this, so feel free to create one your self if you want updates as this is done.