The ansible pack is awesome. What could we do to make it more useful or usable in more situations?
Some long-standing issues to kick of the discussion:
- Issue #5: controller-side python requirements for actions, modules, inventories, or other ansible plugins.
- Issue #4: using a different version of ansible per playbook.
-
Issue #15: ansible-playbook runs with
sudo: true
(immutable default action parameter).
Issues 4,5
What if we added the concept of an ansible virtualenv
? You use one action to build the
virtualenv, and then you use an action parameter to select which ansible virtualenv
to use
for the given adhoc or playbook action. The default would be using the pack virtualenv. That would allow
specifying which version of ansible and any other requirements.
Maybe we could reuse the st2 virtualenv creation logic and use the scheme: /opt/StackStorm-controlled/virtualenvs/ansible-<ansible
virtualenv name>
. I think -
is not a valid char in pack names, so that should
prevent conflicts with pack virtualenvs.
Issue 15
Maybe the ansible pack could run actions as stanley
by default. That might require some
development in the action runner to switch users (st2actionrunner
service runs as root).
Then, we could use sudo
as needed to run as root instead of using the unprivileged stanley
.
What else does the ansible pack need to be more useful?