cisco.radkit.radkit inventory – Ansible dynamic inventory plugin for RADKIT.

Note

This inventory plugin is part of the cisco.radkit collection (version 2.0.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install git+https://wwwin-github.cisco.com/scdozier/cisco.radkit-ansible.git. You need further requirements to be able to use this inventory plugin, see Requirements for details.

To use it in a playbook, specify: cisco.radkit.radkit.

Synopsis

  • Reads inventories from the RADKit service and creates dynamic Ansible inventory.

  • Supports SSH proxy configurations and host/port overrides for network devices.

Requirements

The below requirements are needed on the local controller node that executes this inventory.

  • radkit-client

Parameters

Parameter

Comments

ansible_host_overrides

dictionary

Dictionary mapping device names to specific ansible_host values

Useful for SSH proxy configurations where devices connect to localhost

Default: {}

ansible_port_overrides

dictionary

Dictionary mapping device names to specific ansible_port values

Useful for SSH proxy or port forwarding configurations

Default: {}

compose

dictionary

Create vars from jinja2 expressions.

Default: {}

filter_attr

string

Filter RADKit inventory by this attribute (ex name)

Configuration:

filter_pattern

string

Filter RADKit inventory by this pattern combined with filter_attr

Configuration:

groups

dictionary

Add hosts to group based on Jinja2 conditionals.

Default: {}

keyed_groups

list / elements=dictionary

Add hosts to group based on the values of a variable.

Default: []

default_value

string

added in ansible-core 2.12

The default value when the host variable’s value is an empty string.

This option is mutually exclusive with keyed_groups[].trailing_separator.

key

string

The key from input dictionary used to generate groups.

parent_group

string

parent group for keyed group.

prefix

string

A keyed group name will start with this prefix.

Default: ""

separator

string

separator used to build the keyed group name.

Default: "_"

trailing_separator

boolean

added in ansible-core 2.12

Set this option to false to omit the keyed_groups[].separator after the host variable when the value is an empty string.

This option is mutually exclusive with keyed_groups[].default_value.

Choices:

  • false

  • true ← (default)

leading_separator

boolean

added in ansible-core 2.11

Use in conjunction with keyed_groups.

By default, a keyed group that does not have a prefix or a separator provided will have a name that starts with an underscore.

This is because the default prefix is "" and the default separator is "_".

Set this option to false to omit the leading underscore (or other separator) if no prefix is given.

If the group name is derived from a mapping the separator is still used to concatenate the items.

To not use a separator in the group name at all, set the separator for the keyed group to an empty string instead.

Choices:

  • false

  • true ← (default)

plugin

string / required

The name of this plugin, it should always be set to ‘cisco.radkit.radkit’ for this plugin to recognize it as it’s own.

Choices:

  • "cisco.radkit.radkit"

radkit_client_ca_path

string

The path to the issuer chain for the identity certificate

Configuration:

radkit_client_cert_path

string

The path to the identity certificate

Configuration:

radkit_client_key_path

string

The path to the private key for the identity certificate

Configuration:

radkit_client_private_key_password_base64

string / required

The private key password in base64 for radkit client

Configuration:

radkit_identity

string / required

The Client ID (owner email address) present in the RADKit client certificate.

Configuration:

radkit_service_serial

string / required

The serial of the RADKit service you wish to connect through

Configuration:

ssh_proxy_mode

boolean

Enable SSH proxy mode - sets ansible_host to 127.0.0.1 for all devices

When enabled, devices will connect through SSH proxy instead of direct connections

Choices:

  • false ← (default)

  • true

ssh_proxy_port

integer

Default SSH proxy port to use when ssh_proxy_mode is enabled

Can be overridden per device using ssh_proxy_port_overrides

Default: 2222

ssh_proxy_port_overrides

dictionary

Dictionary mapping device names to specific SSH proxy ports

Example- device1- 2223, device2- 2224

Default: {}

strict

boolean

If yes make invalid entries a fatal error, otherwise skip and continue.

Since it is possible to use facts in the expressions they might not always be available and we ignore those errors by default.

Choices:

  • false ← (default)

  • true

use_extra_vars

boolean

added in ansible-core 2.11

Merge extra vars into the available variables for composition (highest precedence).

Choices:

  • false ← (default)

  • true

Configuration:

Examples

# Basic radkit_devices.yml
plugin: cisco.radkit.radkit

# Enhanced configuration with SSH proxy support
plugin: cisco.radkit.radkit
strict: False

# Enable SSH proxy mode - all devices will use 127.0.0.1 as ansible_host
ssh_proxy_mode: True
ssh_proxy_port: 2222

# Override specific devices with different ports/hosts
ansible_host_overrides:
  special_device: "192.168.1.100"

ansible_port_overrides:
  router1: 2223
  router2: 2224

ssh_proxy_port_overrides:
  router1: 2223
  router2: 2224

# Group devices based on attributes
keyed_groups:
  # group devices based on device type (ex radkit_device_type_IOS)
  - prefix: radkit_device_type
    key: 'device_type'
  # group devices based on description
  - prefix: radkit_description
    key: 'description'
  # group devices for SSH proxy usage
  - prefix: radkit_ssh_proxy
    key: 'device_type'
    separator: '_'

# Compose additional variables for SSH proxy
compose:
  # Set ansible_user for SSH proxy format: device@service_serial
  ansible_user: inventory_hostname + '@' + radkit_service_serial
  # Set SSH connection args for proxy
  ansible_ssh_common_args: "'-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null'"

# Filter devices if needed
# filter_attr: 'device_type'
# filter_pattern: 'IOS'

Authors

  • Scott Dozier (@scdozier)

Hint

Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up.