Ansible - 2.7.5
Foreman - 1.20.1
Katello - 3.10
OS - 7.6.1810
I have been having a fun time going through the documentation trying to get all this working. I have parts of it working but to be honest I am so lost now between the different ways to set this up. I found that there was one way for ansible 2.4 and older, another way for 2.4 - 2.5. 2.5.1 seemed to fix things. And anything after 2.5.2 seems to be different but I have not really found instructions on how to configure.
So here my config in /etc/ansible on the Foreman / Katello master server
/etc/ansible/ansible.cfg:
[defaults]
inventory = /etc/ansible
roles_path = /etc/ansible/roles/tds_config/roles
callback_whitelist = foreman
callback_plugins = /usr/share/ansible/plugins/callback
bin_ansible_callbacks = True
[inventory]
enable_plugins = foreman, script, host_list
ignore_extensions = .pyc, .pyo, .swp, .bak, ~, .rpm, .md, .txt, ~, .orig, .ini, .cfg, .retry
[privilege_escalation]
[paramiko_connection]
[ssh_connection]
[persistent_connection]
[accelerate]
[selinux]
[colors]
[diff]
[callback_foreman]
url = https://fm.XXXX.com
verify_certs = False
ssl_cert = /etc/foreman-proxy/ssl_cert.pem
ssl_key = /etc/foreman-proxy/ssl_key.pem
verify_certs = /etc/foreman-proxy/ssl_ca.pem
ssl_ca = /etc/foreman-proxy/ssl_ca.pem
[foreman]
url = https://fm.XXXX.com/
user = admin
password = XXXX
ssl_verify = True
[ansible]
group_patterns = ["{app_param}-{tier_param}-{dc_param}",
"{app_param}-{tier_param}",
"{app_param}",
"{subnet_name}-{provision_method}"]
group_prefix = foreman_
want_facts = True
want_hostcollections = True
rich_params = True
want_ansible_ssh_host = True
[cache]
path = .
max_age = 60
scan_new_hosts = True
filename = foreman_ansible_inventory
/etc/ansible/my.foreman.yml
plugin: foreman
url: https://fm.XXXX.com/
user: admin
password: XXXX
ssl_verify: True
want_facts: True
want_params: True
I got my foreman.py from https://github.com/ansible/ansible/tree/devel/contrib/inventory and put it in /etc/ansible. And through a lot of searching and reading I finally figured out that I needed a foreman_callback.py which I go from here: https://github.com/theforeman/foreman_ansible/blob/master/extras/foreman_callback.py.
The problems I am having are:
- When I first started setting this up and testing I was able to run ansible-inventory -i ./my.foreman.yml --graph and get a listing that included all my host collections in Katello. Now for some reason I see only one host collection and rather then have the 10 machines its supposed to have in it I only see one. The only other group I see is @ungroupped and even that is missing many many hosts.
- I am not 100% positive that when I run ansible -m setup hostname for a host thats already in Katello that ansible is sending data back to Katello
- Try as I might I am not sure which ssl certs I am supposed to be using. I connect to my host via hostname:443. So I looked in /etc/httpd/conf.d/05-foreman-ssl.conf for the ssl certs but even with ssl_verify = True I get the same results regardless of the ssl_certs I am using.
- If I run the foreman.py --list to create the inventory files nothing I do with ansible seems to let it read the inventory files.