Ansible pack: the next generation?


(Jacob Floyd) #1

The ansible pack is awesome. What could we do to make it more useful or usable in more situations?

Some long-standing issues to kick of the discussion:

  • Issue #5: controller-side python requirements for actions, modules, inventories, or other ansible plugins.
  • Issue #4: using a different version of ansible per playbook.
  • Issue #15: ansible-playbook runs with sudo: true (immutable default action parameter).

Issues 4,5

What if we added the concept of an ansible virtualenv? You use one action to build the virtualenv, and then you use an action parameter to select which ansible virtualenv to use for the given adhoc or playbook action. The default would be using the pack virtualenv. That would allow specifying which version of ansible and any other requirements.

Maybe we could reuse the st2 virtualenv creation logic and use the scheme: /opt/StackStorm-controlled/virtualenvs/ansible-<ansible virtualenv name>. I think - is not a valid char in pack names, so that should prevent conflicts with pack virtualenvs.

Issue 15

Maybe the ansible pack could run actions as stanley by default. That might require some development in the action runner to switch users (st2actionrunner service runs as root). Then, we could use sudo as needed to run as root instead of using the unprivileged stanley.

What else does the ansible pack need to be more useful?

(Jacob Floyd) #2

PS: Yes, I’ll be devoting some dev resources to making it work better, probably after 3.0. No, I don’t work for StackStorm, and this is not an official ST2 priority/initiative. It’s my initiative as a community member. :grinning:

(Lindsay Hill) #3

I’ve been wondering about AWX integration. Probably a separate pack. But might be worth doing now that AWX is ‘free’