Posted   by 

Python Ansible Runner

An OpenBSD-focused Ansible playbook embedded in type-annotated Python

openbsd-run is an Ansible playbookembedded in type-annotated Python which allows for running the Ansibleplaybooks directly or via command line. The goal is to trivialize deploying andmaintaining OpenBSD-based services.

NOTE: This is a work-in-progress that at times may require you are well-versedin Ansible, Python, and OpenBSD. Things are likely to not work at all or beextremely awkward, and until I get Ansible Molecule working with vmm(4) theprospect of verifying anything involves manual action.

Ansible Runner is a tool and python library that helps when interfacing with Ansible directly or as part of another system whether that be through a container image interface, as a standalone tool, or as a Python module that can be imported. The goal is to provide a stable and consistent interface abstraction to Ansible. The Top 2 Python Ansible Runner Open Source Projects on Github. Topic Ansible Runner. Download the file for your platform. If you're not sure which to choose, learn more about installing packages. Files for ansible-playbook-runner, version 0.1.2.

This project only supports OpenBSD. You may test it by using the includedVagrantfile or by setting up an instance on a hosting provider. If you arelooking for a hosting provider that offers OpenBSD hosts, consider usingOpenBSD.Amsterdam which donates some proceeds toThe OpenBSD Foundation.

Playbook

A tool and python library for interfacing with Ansible. Pulls 1M+ Overview Tags. Ansible Runner is a tool and python library that helps when interfacing with Ansible f. Ansible Runner¶ Ansible Runner is a tool and python library that helps when interfacing with Ansible directly or as part of another system whether that be through a container image interface, as a standalone tool, or as a Python module that can be imported. The goal is to provide a stable and consistent interface abstraction to Ansible.

The raw playbook can be used without any atypicalAnsible setup or intrinsic dependencies to the command line interface for thosewho might prefer it.

Command Line Interface

The command line interface provides familiar commands for performing actionsagainst hosts defined in an inventory. The mainbenefit of this is that you may define a simple inventory that can bedynamically acted upon without also needing to define or consume playbooks.

Installing

As shown in the following example, we suggest using --system-site-packages asthis will greatly reduce the total installation size if you already haveAnsible, and build time if you already have py3-cryptography. If you intend tohack on openbsd-run, please see Developing for more info.

The primary goal of this project is to make doing native OpenBSD “things” froma remote system trivially possible. General administration and setting up amirror are two good examples, and you’re likely to see scaffolding in theraw playbook.

  • If anything seems weird, definitely report it
  • For starting new work, please file an issue so it may be discussed

Developing

For development, please use poetry as outlined inthe following example:

Also, when testing the raw playbook please ensureyou are in the same directory as theansible.cfg and using Ansible 2.9 orlater.

This site is open source. Improve this page.

Why?

You might want to run Ansible commands directly from the Ansible Tower server itself to debug a specific issue. While it’s generally not recommended to have manual projects that are not at all tied to a version control system like Git, there are rare moments you might need it. I certainly did!

I hit an issue with a specific AWS Ansible module and nothing seemed to get it working. From my laptop directly to AWS, the module worked great. So something was clearly different.

You might think… “Don’t I just run ansible-playbook from the server and that’s it?”. Yes, this works for the basic modules that don’t require special Python modules. For those that do, such as AWS modules require the boto3 Python module, you will need a little magic.

So let’s get into it!

The Problem

As previously stated, running ansible-playbook command should work but sadly it doesn’t include the extra Python modules necessary for Ansible modules like those for AWS where it needs the boto3 Python module.

Let’s login directly to our Ansible Tower server and go to the default projects folder where we can create a folder for our playbook.

As an example, let’s use this simple playbook that gets all AWS regions. You can of course use an existing playbook that you created or want to test.

And notice the error we get when we run it - boto3 is missing and required.

Let’s check which Python interpreter ansible-playbook is using.

So let’s now see if python2 has the boto3 module. We run the same Python interpreter and check by importing the boto3 module.

However, when we run this same playbook within Ansible Tower it succeeds without any errors. What is Ansible Tower doing that is different?

Do not install pip and install the boto3 module yourself! It is not a good idea to make changes like this to the Ansible Tower server. Read below for the right solution.

Let’s keep going…

Let’s search for the boto3 module on the server.

So now we have found the location where Ansible Tower holds these extra Python modules. Now what?

Well, we could tell Python where to find these modules by using the environment variable PYTHONPATH and setting it to both of the site-packages paths as shown below, but this is not the best solution!

The Solution

Python Ansible Runner Online

So how does it work within Ansible Tower?

Ansible Tower 3.0 and later uses virtualenv. Virtualenv creates isolated Python environments to avoid problems caused by conflicting dependencies and differing versions.

Virtualenv works by simply creating a folder which contains all of the necessary executables and dependencies for a specific version of Python. (In our case, the boto3 module!)

Ansible Tower creates two virtualenvs during installation – one is used to run Tower, while the other is used to run Ansible. This allows Tower to run in a stable environment, while allowing you to add or update modules to your Ansible Python environment as necessary to run your playbooks. For more information on virtualenv, see the Python Guide to Virtual Environments.

Runner

So how do we access this virtualenv?

On the Ansible Tower server, run the following command as root:

You will then get a new prompt looking similar to this:

Now when we run the ansible-playbook command the Python interpreter in the virtual environment will be invoked with all the necessary modules and dependencies that come included with Ansible Tower.

Ansible Runner Python Example

This is exactly the error I saw in Ansible Tower and now I have finally reproduced the problem I originally saw in Ansible Tower. Now I can properly debug it and figure out what is wrong. In fact, this was how I eventually logged the following Ansible issue.

I hope this has helped you get to know Ansible Tower a bit better.

Advanced

Call Ansible Playbook From Python

As a bonus, you can additionally use this virtual environment to properly add new Python modules that you might need that did not come included with Ansible Tower. To do so, start in the virtual environment and then run the pip command to install the required module.

Be careful! Note the modules you install because you will need to make sure they are installed on each Ansible Tower node! Additionally it is good to document this somewhere so you can install Ansible Tower again on another environment one day. Otherwise you will forget you ever installed that module.

Good luck!