kubevirt – Inventory source for KubeVirt VirtualMachines and VirtualMachineInstances
Note
This inventory plugin is part of the kubevirt.core collection.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install kubevirt.core
.
You need further requirements to be able to use this inventory plugin,
see Requirements for details.
To use it in a playbook, specify: kubevirt.core.kubevirt
.
Synopsis
Fetch virtual machines from one or more namespaces with an optional label selector.
Groups by cluster name, namespaces and labels.
Uses
*.kubevirt.[yml|yaml]
YAML configuration file to set parameter values.By default it uses the active context in ~/.kube/config and will return all virtual machines for all namespaces the active user is authorized to access.
Requirements
The below requirements are needed on the local controller node that executes this inventory.
python >= 3.9
kubernetes >= 28.1.0
PyYAML >= 3.11
Parameters
Parameter |
Comments |
---|---|
Token used to authenticate with the API. Can also be specified via |
|
Specify the used KubeVirt API version. Default: |
|
Append the base domain of the cluster to host names constructed from SSH Choices:
|
|
Override the base domain used to construct host names. Used in case of |
|
Path to a CA certificate used to authenticate with the API. The full certificate chain must be provided to avoid certificate validation errors. Can also be specified via |
|
Toggle to enable/disable the caching of the inventory's source data, requires a cache plugin setup to work. Choices:
Configuration:
|
|
Cache connection data or path, read cache plugin documentation for specifics. Configuration:
|
|
Cache plugin to use for the inventory's source data. Default: Configuration:
|
|
Prefix to use for cache plugin files/tables. Default: Configuration:
|
|
Cache duration in seconds. Default: Configuration:
|
|
Path to a certificate used to authenticate with the API. Can also be specified via |
|
Path to a key file used to authenticate with the API. Can also be specified via |
|
Create vars from jinja2 expressions. Default: |
|
Optional list of cluster connection settings. This parameter is deprecated. Split your connections into multiple configuration files and move parameters of each connection to the configuration top level. Deprecated in version |
|
The name of a context found in the config file. Can also be specified via |
|
Enable the creation of groups from labels on Choices:
|
|
Add hosts to group based on Jinja2 conditionals. Default: |
|
Provide a URL for accessing the API. Can also be specified via |
|
Specify the format of the host in the inventory group. Available specifiers: Default: |
|
Group(s) to impersonate for the operation. Can also be specified via |
|
Username to impersonate for the operation. Can also be specified via |
|
Add hosts to group based on the values of a variable. Default: |
|
The default value when the host variable's value is an empty string. This option is mutually exclusive with |
|
The key from input dictionary used to generate groups. |
|
parent group for keyed group. |
|
A keyed group name will start with this prefix. Default: |
|
separator used to build the keyed group name. Default: |
|
Set this option to This option is mutually exclusive with Choices:
|
|
Enable Choices:
|
|
Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from ~/.kube/config. Can also be specified via Multiple Kubernetes config file can be provided using separator The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version >= 17.17.0. |
|
Define a label selector to select a subset of the fetched virtual machines. |
|
Use in conjunction with By default, a keyed group that does not have a prefix or a separator provided will have a name that starts with an underscore. This is because the default prefix is Set this option to If the group name is derived from a mapping the separator is still used to concatenate the items. To not use a separator in the group name at all, set the separator for the keyed group to an empty string instead. Choices:
|
|
Optional name to assign to the cluster. If not provided, a name is constructed from the server and port. |
|
List of namespaces. If not specified, will fetch virtual machines from all namespaces the user is authorized to access. |
|
In case multiple networks are attached to a virtual machine, define which interface should be returned as primary IP address. |
|
The comma separated list of hosts/domains/IP/CIDR that shouldn't go through proxy. Can also be specified via Please note that this module does not pick up typical proxy settings from the environment (e.g. This feature requires Example value is |
|
Provide a password for authenticating with the API. Can also be specified via Please read the description of the |
|
Whether or not to save the kube config refresh tokens. Can also be specified via When the k8s context is using a user credentials with refresh tokens (like oidc or gke/gcloud auth), the token is refreshed by the k8s python client library but not saved by default. So the old refresh token can expire and the next auth might fail. Setting this flag to true will tell the k8s python client to save the new refresh token to the kube config file. Disabled by default. Choices:
|
|
Token that ensures this is a source file for the kubevirt.core.kubevirt plugin. Choices:
|
|
The URL of an HTTP proxy to use for the connection. Can also be specified via Please note that this module does not pick up typical proxy settings from the environment (e.g. |
|
The Header used for the HTTP proxy. Documentation can be found here https://urllib3.readthedocs.io/en/latest/reference/urllib3.util.html?highlight=proxy_headers#urllib3.util.make_headers. |
|
Colon-separated username:password for basic authentication header. Can also be specified via |
|
Colon-separated username:password for proxy basic authentication header. Can also be specified via |
|
String representing the user-agent you want, such as foo/1.0. Can also be specified via |
|
If Since it is possible to use facts in the expressions they might not always be available and we ignore those errors by default. Choices:
|
|
Merge extra vars into the available variables for composition (highest precedence). Choices:
Configuration:
|
|
Enable the use of Services are only used if no Choices:
|
|
Provide a username for authenticating with the API. Can also be specified via |
|
Whether or not to verify the API server's SSL certificates. Can also be specified via Choices:
|
Notes
Note
To avoid SSL certificate validation errors when
validate_certs=yes
, the full certificate chain for the API server must be provided viaca_cert
or in thekubeconfig
file.
Examples
# Filename must end with kubevirt.[yml|yaml]
# Authenticate with token and return all virtual machines from all accessible namespaces
- plugin: kubevirt.core.kubevirt
host: https://192.168.64.4:8443
api_key: xxxxxxxxxxxxxxxx
validate_certs: false
# Use default ~/.kube/config and return virtual machines from namespace testing connected to network bridge-network
- plugin: kubevirt.core.kubevirt
namespaces:
- testing
network_name: bridge-network
# Use default ~/.kube/config and return virtual machines from namespace testing with label app=test
- plugin: kubevirt.core.kubevirt
namespaces:
- testing
label_selector: app=test
# Use a custom config file and a specific context
- plugin: kubevirt.core.kubevirt
kubeconfig: /path/to/config
context: 'awx/192-168-64-4:8443/developer'