satellite6_want_hostcollection not working

Good day,

I’m trying to synchronize my host collections from Satellite6.6 to AWX 11.2, using Ansible 2.9.7.

I’ve set inventory source variable satellite6_want_hostcollections: true, but I get no host collections, and I don’t get any information on why I don’t get any host collections… is there anything I can look at to troubleshoot?

Hi Kaleb,

We recently moved from the foreman script (previously vendored in awx) to the foreman plugin (now included in a foreman collection that awx vendors). I did a quick check and verified that:

  • awx passes along the want_hostcollections option to the plugin, and
  • the foreman plugin has support for want_hostcollections

That’s just a basic sanity check. It doesn’t ensure that the option actually works with the plugin. I’ll do some more digging in the morning to try to see if this is an issue on the awx side or with the plugin itself. Thanks for reporting what you’re seeing.

-Jim

Thank you Jim!

If it helps, I’ve also tried some of the other satellite6_ options (such as changing the group_prefix) and that doesn’t seem to take effect either.

If there’s anything I can do to help troubleshoot, or if you need additional information from my setup, please let me know.

Regards,

Kaleb

Kaleb,

I went back to the old foreman script to see how hostcollections were used there and confirmed that my satellite instance’s hostcollection was being rendered as a group and was populated with the expected instances. I then went back to awx, set satellite6_want_hostcollections: true and confirmed that tower also returned the same hostcollection group, populated with the same instances. So, in this case, I’m not able to reproduce the issue.

Could you share the source vars that you’re using? Maybe some other sourcevars are creating issues for the hostcollection option? This is a blind guess, but maybe something interesting will show up.

Also, if you hop over to the API browser and look at the details for the inventory update (https://tower/api/v2/inventory_updates/123/), what does ANSIBLE_COLLECTIONS_PATHS show you? If you’re using the default setup for the collections we’re pulling down, it should show “/vendor/inventory_collections”.

I would be curious to see if you run into issues using the new foreman plugin by itself:
https://github.com/theforeman/foreman-ansible-modules

I looked into the group_prefix option and did find an issue there. Looks like we have some awx code responsible for bridging some differences between the foreman script and plugin that isn’t taking into account the group_prefix. Tracking that issue here: https://github.com/ansible/awx/issues/7031

-Jim

Hi Jim,

I’ve gone through a few things… deleting and recreating the Inventory object… my current Source has just a single variable - I’ve taken a screen capture so I don’t miss anything that might be helpful:

I checked the API and you are correct that the ansible_collections_path does indeed show /var/lib/awx/vendor/inventory_collections

How would I go about using the foreman plugin directly without awx? Sorry if that seems a silly question, but I am open to trying anything out that might make this work, as I use host_collections to help organize my patching and reboot rounds.

I took a look at the bug you created and it may indeed be related… I have checked the container when the inventory update is running, and there is no foreman.ini or anything that seems to reference the want_hostcollections or the prefix.I’m not sure if the models/inventory.py is responsible for creating that file, or if that’s missing elsewhere… but I think if the .ini file isn’t being created, the foreman plugin might not be getting configured/controlled properly…?

Let me know if there’s anything I can do to help… I am new to python, but am learning. :slight_smile:

Thanks for your help!

Kaleb

Hi again,

I have a fix up for the group_prefix issue here: https://github.com/ansible/awx/pull/7044

my current Source has just a single variable
Weird, okay, it’s good to know that we’re just dealing with this one sourcevar, though.

I have checked the container when the inventory update is running, and there is no foreman.ini or anything

  • The foreman inventory plugin uses a foreman.yml file instead of the old foreman.ini file.
  • The machinery that is in charge of building the config file and running the job will erase the *.yml file that’s created unless
  • … you add AWX_CLEANUP_PATHS = False in awx/settings/local_settings.py
  • … after which you could go to the inventory update job, find where it reports the yml file it referenced (e.g. “Parsed /tmp/awx_12_cc1ia4mv/foreman.yml”)
  • … which, when you open it up inside the container, should look something like this.

Which brings up a good point… are you seeing the job reference foreman.ini or foreman.yml? If you’re seeing the ini file mentioned that likely means that you’re running a pre-2.9 version of ansible, in which case awx falls back to using the inv. script. This is probably the first thing we should have checked up on. Let me know if you’re seeing the ini file referenced.

Back to plugins… the move to plugins really represents a pretty big change in how inventory updates happen. The inventory plugins build on top of an entire plugin framework that ansible laid out a little while ago.

These docs provide an overview of inventory plugins, what they are, and how to use them:
https://docs.ansible.com/ansible/latest/plugins/inventory.html

… and these docs provide detailed information for the foreman plugin specifically:
https://docs.ansible.com/ansible/latest/plugins/inventory/foreman.html

Those docs should give you a good starting point for trying to run your inventory sync using the plugins directly. Roughly speaking, though, you’ll need to:

  • hop on ansible 2.9.* (pre-2.9 may not have good support for collections, 2.10 on the other hand is going through a pretty big refactor right now and may not work)
  • use ansible-galaxy collection install theforeman.foreman to install the foreman collection
  • create a foreman.yml config file, like the one I mentioned earlier
  • … but add in server config info (url, user, password, validate_certs) - awx omits this from the config (I assume we’re using env vars instead to keep the file free from creds)
  • then run ansible-inventory -i foreman.yml --list
  • which should print your inventory to stdout

I’m not sure if the models/inventory.py is responsible for creating that file,
models/inventory.py does play a major role in building out the contents of foreman.yml, yes. This method specifically.

Hope that helps,
Jim

(attachments)

Hi Jim,

I’ll reply below to keep the replies together

Hi again,

I have a fix up for the group_prefix issue here: https://github.com/ansible/awx/pull/7044

Awesome!

my current Source has just a single variable
Weird, okay, it’s good to know that we’re just dealing with this one sourcevar, though.

Yeah - I’ve got a very basic setup right now… it’ll get more involved with time, but I either need to change my patching / rebooting process or I need to get hostcollections synching so I can use them to segregate my reboot schedules. :slight_smile:

I have checked the container when the inventory update is running, and there is no foreman.ini or anything

Sorry - I should have been more specific… I do have a foreman.yml file, but I was seeing foreman.ini referenced everywhere I was looking when I was troubleshooting on my own and assumed that’s what I was missing (specifically from ansible docs). I managed to grab the ansible files mid-inventory update, so I actually have the foreman.yml file and have put it up here. Interesting note, though…my version of foreman.yml doesn’t have the want_hostcollections at all like yours does. I didn’t install the foreman collection manually - just installed awx through a yaml file using oc apply -f inventory.yml and it had the Satellite Inventory available.

  • The foreman inventory plugin uses a foreman.yml file instead of the old foreman.ini file.
  • The machinery that is in charge of building the config file and running the job will erase the *.yml file that’s created unless
  • … you add AWX_CLEANUP_PATHS = False in awx/settings/local_settings.py
  • … after which you could go to the inventory update job, find where it reports the yml file it referenced (e.g. “Parsed /tmp/awx_12_cc1ia4mv/foreman.yml”)
  • … which, when you open it up inside the container, should look something like this.

Which brings up a good point… are you seeing the job reference foreman.ini or foreman.yml? If you’re seeing the ini file mentioned that likely means that you’re running a pre-2.9 version of ansible, in which case awx falls back to using the inv. script. This is probably the first thing we should have checked up on. Let me know if you’re seeing the ini file referenced.

I’m on Openshift 3.11, and awx is running ansible 2.9.7 so I do see it referencing foreman.yml…I just didn’t fully realize that was the correct file for it to be looking for… some of the documentation on docs is still referencing foreman.ini

Back to plugins… the move to plugins really represents a pretty big change in how inventory updates happen. The inventory plugins build on top of an entire plugin framework that ansible laid out a little while ago.

These docs provide an overview of inventory plugins, what they are, and how to use them:
https://docs.ansible.com/ansible/latest/plugins/inventory.html

Looking at my install, I’ve got a basic ansible.cfg file, so I can definitely see that I haven’t specifically enabled the foreman plugin… is that something I would have to do post-install directly on the container?

I can see in the awx requirements/collections_requirements.yml that it’s installing theforeman.foreman v0.7.0 but it specifically says more patches are needed… lol Not sure what specifically is meant by that statement. Should I try using v.0.8.0 by modifying the collections_requirements.yml and re-deploying my containers?

… and these docs provide detailed information for the foreman plugin specifically:
https://docs.ansible.com/ansible/latest/plugins/inventory/foreman.html

Those docs should give you a good starting point for trying to run your inventory sync using the plugins directly. Roughly speaking, though, you’ll need to:

  • hop on ansible 2.9.* (pre-2.9 may not have good support for collections, 2.10 on the other hand is going through a pretty big refactor right now and may not work)
  • use ansible-galaxy collection install theforeman.foreman to install the foreman collection
  • create a foreman.yml config file, like the one I mentioned earlier
  • … but add in server config info (url, user, password, validate_certs) - awx omits this from the config (I assume we’re using env vars instead to keep the file free from creds)
  • then run ansible-inventory -i foreman.yml --list
  • which should print your inventory to stdout

I’m not sure if the models/inventory.py is responsible for creating that file,
models/inventory.py does play a major role in building out the contents of foreman.yml, yes. This method specifically.

I’m not overly familiar with git… but if I look at the inventory_as_dict method in the devel branch vs the 11.2.0 branch… I see some differences… am I understanding that correctly? am I trying a feature that’s slightly too new in the conversion to using collections and I need to wait for the next version of awx to come out?

Hope that helps,
Jim

You’ve been exceptionally helpful and I appreciate your patience Jim!

Thanks,

Kaleb

I’m not overly familiar with git… but if I look at the inventory_as_dict method in the devel branch vs the 11.2.0 branch

Bingo, that’s it. The head of ansible/awx has a fix that isn’t included in the latest awx release. I think you have two options - you could either move up to the tip of devel or wait for the next release.

-Jim

Thanks Jim - your willingness to help me find the (eventual) solution to my problem is greatly appreciated!

Sorry it took a bit to respond…I was offline for a bit. Any idea when the next release is likely to be? I’m not sure I can swing a dev install to my awx right now…

Thank you again,

Kaleb

Kaleb,

You’re welcome! Not sure when the next release will be. We have the change teed up in the release notes, but that doesn’t necessarily mean the next release will be soon. If you needed the patch now, but couldn’t move to the head of devel, you could also drop in a hotfix of the changes, switching out the specific file that was changed.