Skip to main content
Version: 8.2405.x.x RR

Defining Classic Inventory Files

You need classic inventory files if you operate nevisAdmin 4 in a classic deployment mode.

A classic inventory file consists of the sections hosts, groups and vars. In these sections, you define the hosts, host groups and variables valid for this specific inventory.

A Note about Variables

When you define the variables for your inventory, pay attention to the following points:

  • It is recommended that you define all inventory variables on a global level in the vars section. Only use host or group variables to overwrite global values.
  • When you deploy your project, all instance patterns including all referenced patterns are loaded. As a consequence, each variable defined in a pattern needs a value, even if the pattern is not needed during generation. For this, add all project variables to your inventory file. Replace the sample values with the correct values, if necessary.
  • For more details, read section Defining Variables in the Appendix.

Defining Hosts

You define the hosts available for deployment in the hosts section of the inventory file, as a list. The following movie shows you how to do this:

How to add hosts

There are three ways to define a host:

  • You can reference a host by its DNS name.
  • You can define an abstract name.
  • You can use the host's IP address as identifier.

Here is an example that illustrates all variants:

hosts:
- nevis-host1.muvonda.ch
- proxy-prod
- 192.168.136.1

Defining Host Variables

You can define variables in the inventory file on three levels:

  • On host level
  • On host group level
  • On inventory level

Variables defined on host level override variables defined on group level, which themselves override variables defined on inventory level.

This section explains how to define host variables. Host variables are defined in a list, right below the host identifier. The following movie shows you how to proceed:

How to add variables to hosts

Configuring Host Connections

You can configure the connection to a host using the following predefined variables:

  • __connection_host: Defines the name or IP address of the host. This variable must be defined if nevisAdmin 4 cannot resolve the primary host name.
  • __connection_port: Defines an alternative port to use for deployment. If this variable is not set, port 22 is used, which is the default port for SSH.

Set the following variables to define a username and password for the SSH connection:

  • __connection_user: Defines the user name to use for deployment. If not set, this defaults to root.
  • __connection_password: Defines the user's password. If this variable is not set, the configured SSH private key will be used for authentication.

Use the secret:// mechanism to hide the password from the inventory. See Working with Secrets for details. In general, we recommend using key-based authentication instead of a password for the SSH connection. See Deployment via SSH for details. Do not set the variable __connection_password if you use the key-based mechanism.

The following code block shows an example including two hosts with custom connection settings:

hosts:
- nevis-host3.muvonda.ch:
vars:
__connection_port: 5222
__connection_user: root

- proxy-prod:
vars:
__connection_host: nevis-host4.muvonda.ch
__connection_port: 5222
__connection_user: techuser
__connection_password: secret://ce3463466730c380fa2b3160

It is possible to globally set the host connection variables in the top-level vars section. This is useful if you use the same port or user for all hosts.

Defining Host Groups

You can organize the previously defined hosts into one or more groups. You do this in the groups section of the inventory file.

Consider the following when you want to organize your hosts in groups:

  • Groups allow you to organize your inventory logically.
  • You can structure the hosts in groups according to their functions within the Nevis Security Suite.
  • You can also group them according to their physical location (for example, geographically separated data centers).
  • A combination of both approaches is possible, too.

Adding Host Groups

You define host groups in a list, in the groups section of the inventory file. The following movie shows you the steps to perform.

You list the members of a host group by referencing the hosts defined in the hosts section.

How to add hosts to host groups

Adding Variables to Host Groups

Variables can also be defined at group level. The following movie shows you how to do this:

How to add a variable to a host group

Defining Global Variables

You can define global variables in the vars section of the inventory file. There are two ways to do this:

Inserting Variables from a Project

If you have created variables in a project, you can add these variables together with their sample values to an inventory. The following movie demonstrates how this is done:

How to add variables from a project

Perform the following steps to insert variables from a project into an inventory:

  1. First click in the inventory file, then click the triangle arrow icon on the Insert secret button. You find this button in the lower left corner of the inventory file.
  2. Select Insert variables from the drop-down menu.
  3. The Insert Variables dialog opens. Select a project from the dialog's drop-down list and click Insert variables. All variables from the selected project will be added to the inventory, even if they are already present in the inventory.
  4. The variables with their sample values are inserted at the bottom of the inventory file, commented out. You can copy-paste the variable, and its sample value pairs, to each level in the inventory file. Variables in the vars section are valid for the entire inventory. If you do not have a global vars section yet, you can uncomment the whole inserted section. To do this, select the section and press CTRL-/.
  5. Review the sample values and update them before saving.

Manually Defining Variables in an Inventory

Instead of inserting variables from a project, you can also manually define variables directly in the vars section of the inventory file. Variables that you define in the vars section are valid globally, that is, for the entire inventory.

File Format

See Classic Infrastructure Inventory YAML file format.