An Inventory is a collection of hosts against which jobs may be launched, the same as an Ansible inventory file. Inventories are divided into groups and these groups contain the actual hosts. Groups may be sourced manually, by entering host names into Tower, or from one of Ansible Tower’s supported cloud providers.
Note
If you have a custom dynamic inventory script, or a cloud provider that is not yet supported natively in Tower, you can also import that into Tower. Refer to the Tower Administration Guide.
This tab displays a list of the inventories that are currently available. The inventory list may be sorted and searched by Name or Organization. This list may also be filtered by selecting Cloud Sourced, Failed Hosts, or Sync Failures.
The list of Inventory details includes:
Inventory Sync: If configured, you can “Sync” to fetch the project details from the configured source control.
Status Dot: This shows the status of recent jobs for this inventory.
Name: The inventory name. Clicking the Inventory name navigates to the properties screen for the selected inventory, which shows the inventory’s groups and hosts. (This view is also accessible from the Action menu.)
Organization: The organization to which the inventory belongs.
Actions: The following actions are available for the selected inventory:
- Edit: Edit the properties for the selected inventory
- Delete: Delete the selected inventory. This operation cannot be reversed!
To create a new inventory:
After clicking save, the Groups and Hosts Management screen appears.
Inventories are divided into groups, which may contain hosts and other groups, and hosts. There are several actions available for inventories.
Under Groups, you can view which groups belong to this inventory, easily filtered or searched by group name.
Additional actions may be performed on the group by selecting the buttons to the right of the group name:
To create a new group for an inventory:
In prior versions of Ansible Tower, the Source default was manual, meaning that the hosts must be entered into Tower manually. Beginning with Ansible Tower 3.0, host can be added via multiple methods/credential sources. (Refer to Add a new host for more information on managing hosts individually.)
Note
Starting with version 2.2, Ansible Tower supports Amazon Web Services EC2, Rackspace Cloud Servers, Google Compute Engine, VMware vCenter, Microsoft Azure, OpenStack, and custom scripts added by the administrator. With Ansible Tower version 3.0, Microsoft Azure Classic (deprecated) and Microsoft Azure Resource Manager were added to expand upon the support offered for Microsoft Azure, and support for Red Hat Satellite 6 and RH Cloudforms credentials were also added.
The “Update on Launch” setting refers to a dependency system for projects and inventory, and it will not specifically exclude two jobs from running at the same time. If a cache timeout is specified, then the dependencies for the second job is created and it uses the project and inventory update that the first job spawned. Both jobs then wait for that project and/or inventory update to finish before proceeding. If they are different job templates, they can then both start and run at the same time, if the system has the capacity to do so.
Note
If you intend to use Tower’s provisioning callback feature with a dynamic inventory source, “Update on Launch” should be set for the inventory group.
Topics:
Choose a source which matches the credential type against which a host can be entered.
Note
Rackspace inventory sync has been deprecated in Tower 3.1.0 and support for Rackspace will be removed in a future release.
To configure a group for Rackspace, select Rackspace Cloud Servers and enter the following details:
You can also configure Update Options.
To configure a group for AWS, select Amazon EC2 and enter the following details:
Cloud Credential: Choose from an existing credential (for more information, refer to Credentials).
If Tower is running on an EC2 instance with an assigned IAM Role, the credential may be omitted, and the security credentials from the instance metadata will be used instead. For more information on using IAM Roles, refer to the IAM_Roles_for_Amazon_EC2_documentation_at_Amazon.
Regions: Click on the regions field to see a list of regions for your cloud provider. You can select multiple regions, or choose “All” to include all regions. Tower will only be updated with Hosts associated with the selected regions.
Instance Filters: Rather than importing your entire Amazon EC2 inventory, filter the instances returned by the inventory script based on a variety of metadata. Hosts are imported if they match any of the filters entered here.
Examples:
- To limit to hosts having the tag
TowerManaged
: Entertag-key=TowerManaged
- To limit to hosts using either the key-name
staging
orproduction
: Enterkey-name=staging, key-name=production
- To limit to hosts where the
Name
tag begins withtest
: Entertag:Name=test*
For more information on the filters that can be used here, refer to the Describe Instances documentation at Amazon.
Only Group By: By default, Tower creates groups based on the following Amazon EC2 parameters:
If you do not want all these groups created, select from the dropdown the list of groups that you would like created by default. You can also select Instance ID
to create groups based on the Instance ID of your instances.
Variables: Enter definitions and values to be applied to all hosts in this group. Enter variables using either JSON or YAML syntax. Use the radio button to toggle between the two.
Source Variables: Override variables found in ec2.ini
and used by the inventory update script. Enter variables using either JSON or YAML syntax. Use the radio button to toggle between the two. For a detailed description of these variables view ec2.ini in the Ansible GitHub repo.
You can also configure Update Options.
To configure a group for Google Compute Engine, select Google Compute Engine and enter the following details:
You can also configure Update Options.
To configure a group for Microsoft Azure Classic, select Microsoft Azure Classic (deprecated) and enter the following details:
You can also configure Update Options.
To configure a group for Microsoft Azure Resource Manager, select Microsoft Azure Resource Managee and enter the following details:
You can also configure Update Options.
To configure a group for VMware vCenter, select VMware and enter the following details:
vmware.ini
and used by the inventory update script. For a detailed description of these variables view vmware.ini in the Ansible GitHub repo. Enter variables using either JSON or YAML syntax. Use the radio button to toggle between the two.You can also configure Update Options.
To configure a group for Red Hat Satellite 6, select Red Hat Satellite 6 and enter the following details:
You can also configure Update Options.
To configure a group for Red Hat CloudForms, select Red Hat CloudForms and enter the following details:
You can also configure Update Options.
To configure a group for OpenStack, select OpenStack and enter the following details:
openstack.yml
and used by the inventory update script. For a detailed description of these variables view openstack.yml in the Ansible GitHub repo. Enter variables using either JSON or YAML syntax. Use the radio button to toggle between the two.You can also configure Update Options.
Tower allows you to use a custom dynamic inventory script, if your administrator has added one.
To configure a group to use a Custom Inventory Script, select Custom Script and enter the following details:
Custom Inventory Script: Choose from an existing Inventory Script.
Environment Variables: Set variables in the environment to be used by the inventory update script. The variables would be specific to the script that you have written.
Enter variables using either JSON or YAML syntax. Use the radio button to toggle between the two.
You can also configure Update Options.
For more information on syncing or using custom inventory scripts, refer to Custom Inventory Scripts in the Ansible Tower Administration Guide.
For groups sourced from a cloud service, the inventory update process may be scheduled via the Schedule view. To access the Schedule view, click the Schedule () button beside the Inventory Group name to open the Edit Group dialog.
This screen displays a list of the schedules that are currently available for the selected Group. The schedule list may be sorted and searched by Name.
The list of schedules includes:
Buttons located in the upper right corner of the Schedules screen provide the following actions:
To create a new schedule:
- None
- Minute, Hour, or Day
- Week
- Month
- Year
The Schedule Description panel displays an detailed overview of the schedule and a list of the scheduled occurrences in the selected Local Time Zone or in UTC (be sure to select Local Time or UTC as based on your needs).
Note
When using UTC time settings, repeating jobs that runs at a specific time of day may move relative to a local timezone when Daylight Saving Time shifts occur.
Once you have saved the schedule, it can be viewed by clicking on the Schedule () tab beside the group name.
There are server actions available for schedules:
Hosts are listed on the right side of the Inventory display screen.
The host list may be sorted and searched by Name or Groups, and filtered by hosts that are disabled, by hosts with failed jobs, and by hosts synchronized with an external source.
This list displays information about each host and provides for several actions:
Hosts can be added manually, by IP address, or hostname. Tower can also sync inventory directly from AWS EC2, Google Compute Engine, MS Azure, VMware, Rackspace Open Cloud, or OpenStack.
To create a new host and add it to an existing group:
This opens the Create Host dialog.
To run an ad hoc command:
Then, click the button.
Enter the details for the following fields:
Module: Select one of the modules that Tower supports running commands against.
command | apt_repository | mount | win_service |
shell | apt_rpm | ping | win_updates |
yum | service | selinux | win_group |
apt | group | setup | win_user |
apt_key | user | win_ping |
Arguments: Provide arguments to be used with the module you selected.
Limit: Enter the limit used to target hosts in the inventory. To target all hosts in the inventory enter all
or *
, or leave the field blank. This is automatically populated with whatever was selected in the previous view prior to clicking the launch button.
Machine Credential: Select the credential to use when accessing the remote hosts to run the command. Choose the credential containing the username and SSH key or password that Ansbile needs to log into the remote hosts.
Enable Privilege Escalation: If enabled, the playbook is run with administrator privileges. This is the equivalent of passing the --become
option to the ansible
command.
Verbosity: Select a verbosity level for the standard output.
Forks: If needed, select the number of parallel or simultaneous processes to use while executing the command.
Click the button to run this ad hoc command.
Note
System Tracking, introduced as a new feature in Ansible Tower 2.2, is only available to those with Enterprise-level licenses.
System Tracking offers the ability to compare the results of two scan runs from different dates on one host or the same date on two hosts.
Data is grouped by fact modules:
- Packages
- Services
- Files
- Ansible
- Custom
Tower is designed to make every attempt to find your data. If you select a date without any scan runs, Tower gathers the previous year’s worth of scan runs to verify possible data to include. Successful comparisons display results from the available dates instead of the specified dates. Unsuccessful comparisons display a message indicating why they did not work.
Note
Service scan jobs should not run against an inventory with hosts that point to the same physical machine.
Select a single host in an inventory to compare against two dates and click the button.
Note
If you have not already created a job template set to scan, you will not be able to proceed until the correct job template has been created.
Select two dates on which you have scan data for the host, with the earliest date to compare on the left and the latest date to compare on the right.
Select the module (Packages, Services, or Ansible) for which you want to compare differences. To change modules, click on the module button with the button navigation to filter by different types of facts. Note that differences among the “ansible” and “files” modules changes are highlighted in red, while only changes for “packages” and “services” are shown.
You may also choose the same date in both date selectors if you want to compare multiple scan runs against a single date. If two or more scan jobs runs are discovered on a particular day, Tower compares the most recent and the second-most recent. If there is only one run for the selected date, Tower may display a message saying it could not find any scan job runs in one of the columns. (Also noted in Known Issues in the Ansible Tower Release Notes manual.)
Please note that if the scans found for the selected date are identical, Tower displays a single result of all facts scanned.
As an example, say that a user selects “7/7/2015” for both dates and selects the “packages” module. And say that two runs occurred on this date, but there were no changes to packages on the selected host. The user sees a message indicating the scans were identical as well as a single column containing all package versions, instead of a two-column listing of differences.
To compare two hosts, select the hosts and click the button.
Select a single date on which to compare the two hosts. Next, select the module for which you want to view differences.
Although Tower only supports picking a single date for both hosts, you may notice different dates in the results. Remember that Tower is designed to make every attempt to find your data. If a date is selected without any scan runs, Tower gathers the previous year’s worth of scan runs to verify possible data to include. Note that differences among the “ansible” and “files” modules changes are highlighted in red, while only changes for “packages” and “services” are shown.