Inventory from kubernetes?

[kurr...@gmail.com]

Hello

Im new to awx - and am wondering if it is possible to have a dynamic inventory where the hosts are containers from kubernetes?

Thanks

[Alan Rominger]

Oh, you know what, I forgot an important details. If you're using any decently recent version of Ansible, these Kubernetes plugins are already shipped with Ansible. All you need to do is put in the plugin form of the file into your source control.

https://docs.ansible.com/ansible/2.6/plugins/inventory/openshift.html

Actually, I had an open question of what the best way to encrypt the token for OpenShift is doing this. I don't think the vault tricks with with the inventory plugin files.

Alan

github: AlanCoding

On Wed, Dec 12, 2018 at 4:51 PM Alan Rominger <arom...@redhat.com> wrote:

You could make a SCM inventory and throw in https://github.com/ansible/ansible/blob/devel/contrib/inventory/openshift.py

However, I believe that the current state of inventory plugins are dramatically further advanced than this, and in my experience gives a lot of out-of-the-box functionality. You should still be able to use inventory plugins in SCM inventory by using the related folder (inventory_plugins I believe). However, there are some gotchas you may run into.

I'm working on the transition of inventory plugins for the builtin sources (of which k8s are not one), but OpenShift will probably be my go-to example for making a user-defined inventory plugin in AWX. If you have any feedback from using plugins in AWX now, certainly let me know.

Alan

github: AlanCoding

--
You received this message because you are subscribed to the Google Groups "AWX Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to awx-project...@googlegroups.com.
To post to this group, send email to awx-p...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/awx-project/8a3b5417-75b6-47bc-843d-1bdedbd5ce97%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Anton Hughes]

Thanks Alan

This looks very promising.

I'm missing a piece of the puzzle though. 

I see that, in order to enable the k8s plugin I need to add it to the ansible.cfg file. So I have the following in a local ansible.cfg file:

[inventory]

enable_plugins = k8s

For the plugin settings, as specified by https://docs.ansible.com/ansible/2.5/plugins/inventory/k8s.html, I have the following:

A file named k8s.yaml, with the following contents:

plugin: k8s
connections:
    host: https://192.168.64.4:8443
    token: xxxxxxxxxxxxxxxx
    ssl_verify: false

So, my question is, assuming the plugin is enabled, and the settings are correct, how do I write an inventory file - or specify in a playbook - to use this plugin?

I have the following playbook. I've set the hosts to default, as I have a k8s namespace called default. However, when I run this it doesnt work

---

- name: Hello World!

hosts: default

tasks:

- name: Hello World!

shell: echo "Hi! Tower is working."

 

[Alan Rominger]

The main thing you need to do is create an inventory source for an inventory which sources from a project. For this source, provide the relative location for k8s.yaml inside of your repo. Then click the button to sync that source, and after its finished you should be able to see logs from the inventory update.

You don't actually need to modify ansible.cfg here. Ansible tries a series of standard plugins by default. One of those is a router for all other officially shipped plugins, that plugin sees "plugin: k8s" inside your file (with that file name) and then sends it to the k8s plugin.

I still anticipate further pain points after you've done this. See:

https://github.com/ansible/ansible/pull/49901

In my own personal testing, I've been having authentication problems when counting on the provided parameters to be used. I suspect that it may have to be used via providing a kube config file, and pointing the inventory file to that file.

Alan

github: AlanCoding

[Anton]

Thanks Alan

This does make it a bit clearer.

However, I'm unable to select the k8s.yaml file in the source editor window.

I have the k8s.yaml in git:

But I'm unable to select this in the Awx:

[Anton]

So it looks like the problem is the awx docker image doesnt have the openshift python module installed:

2018-12-16 21:05:43,544 INFO     awx.main.commands.inventory_import Updating inventory 2: dev-rancher

2

2018-12-16 21:05:43,557 INFO     awx.main.commands.inventory_import Reading Ansible inventory source: /var/lib/awx/projects/_6__k8s_inventory

3

Traceback (most recent call last):

4

 File "/usr/bin/awx-manage", line 9, in <module>

5

   load_entry_point('awx==2.1.2.0', 'console_scripts', 'awx-manage')()

6

 File "/usr/lib/python2.7/site-packages/awx/__init__.py", line 150, in manage

7

   execute_from_command_line(sys.argv)

8

 File "/var/lib/awx/venv/awx/lib/python2.7/site-packages/django/core/management/__init__.py", line 364, in execute_from_command_line

9

   utility.execute()

10

 File "/var/lib/awx/venv/awx/lib/python2.7/site-packages/django/core/management/__init__.py", line 356, in execute

11

   self.fetch_command(subcommand).run_from_argv(self.argv)

12

 File "/var/lib/awx/venv/awx/lib/python2.7/site-packages/django/core/management/base.py", line 283, in run_from_argv

13

   self.execute(*args, **cmd_options)

14

 File "/var/lib/awx/venv/awx/lib/python2.7/site-packages/django/core/management/base.py", line 330, in execute

15

   output = self.handle(*args, **options)

16

 File "/usr/lib/python2.7/site-packages/awx/main/management/commands/inventory_import.py", line 994, in handle

17

   self.is_custom)

18

 File "/usr/lib/python2.7/site-packages/awx/main/management/commands/inventory_import.py", line 245, in load_inventory_source

19

   is_custom=is_custom).load()

20

 File "/usr/lib/python2.7/site-packages/awx/main/management/commands/inventory_import.py", line 180, in load

21

   data = self.command_to_json(base_args + ['--list'])

22

 File "/usr/lib/python2.7/site-packages/awx/main/management/commands/inventory_import.py", line 163, in command_to_json

23

   self.method, proc.returncode, stdout, stderr))

24

RuntimeError: ansible-inventory failed (rc=1) with stdout:

26

stderr:

27

[WARNING]:  * Failed to parse /var/lib/awx/projects/_6__k8s_inventory/k8s.yaml

28

with k8s plugin: This module requires the OpenShift Python client. Try `pip

29

install openshift`

30

31

[WARNING]: Unable to parse /var/lib/awx/projects/_6__k8s_inventory/k8s.yaml as

32

an inventory source

33

34

[WARNING]:  * Failed to parse

35

/var/lib/awx/projects/_6__k8s_inventory/playbook.yaml with k8s plugin:

36

'AnsibleSequence' object has no attribute 'get'

37

38

[WARNING]: Unable to parse

39

/var/lib/awx/projects/_6__k8s_inventory/playbook.yaml as an inventory source

40

41

[WARNING]: Unable to parse /var/lib/awx/projects/_6__k8s_inventory as an

42

inventory source

43

44

ERROR! No inventory was parsed, please check your configuration and options.

[Alan Rominger]

Yes, if it's not officially vendored, as in this case, you have to shell into the container, active the Ansible virtual environment (or a custom venv) and install it there.

Alan

github: AlanCoding

--
You received this message because you are subscribed to the Google Groups "AWX Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to awx-project...@googlegroups.com.
To post to this group, send email to awx-p...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/awx-project/c86a026e-5fac-40bd-a5fd-e88eaa3c3889%40googlegroups.com.

[Anton]

Thanks Alan

It looks like the docker container is hardened, so I do not have the permissions.

pip install openshift

Collecting openshift

  Using cached https://files.pythonhosted.org/packages/5d/e4/b63be784c69be189f7902ace3251c1c1c78701f8c57f1318a9daaea4cfa8/openshift-0.8.1.tar.gz

    Complete output from command python setup.py egg_info:

    Traceback (most recent call last):

      File "<string>", line 1, in <module>

      File "/tmp/pip-build-tP31DU/openshift/setup.py", line 50, in <module>

        packages=find_packages(include='openshift.*'),

    TypeError: find_packages() got an unexpected keyword argument 'include'

    ----------------------------------------

Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-tP31DU/openshift/

You are using pip version 8.1.2, however version 18.1 is available.

You should consider upgrading via the 'pip install --upgrade pip' command.

bash-4.2$ pip install --upgrade setuptools

Cache entry deserialization failed, entry ignored

Collecting setuptools

  Cache entry deserialization failed, entry ignored

  Downloading https://files.pythonhosted.org/packages/37/06/754589caf971b0d2d48f151c2586f62902d93dc908e2fd9b9b9f6aa3c9dd/setuptools-40.6.3-py2.py3-none-any.whl (573kB)

    100% |################################| 573kB 1.7MB/s

Installing collected packages: setuptools

  Found existing installation: setuptools 0.9.8

    Uninstalling setuptools-0.9.8:

Exception:

Traceback (most recent call last):

  File "/usr/lib/python2.7/site-packages/pip/basecommand.py", line 215, in main

    status = self.run(options, args)

  File "/usr/lib/python2.7/site-packages/pip/commands/install.py", line 326, in run

    strip_file_prefix=options.strip_file_prefix,

  File "/usr/lib/python2.7/site-packages/pip/req/req_set.py", line 736, in install

    requirement.uninstall(auto_confirm=True)

  File "/usr/lib/python2.7/site-packages/pip/req/req_install.py", line 742, in uninstall

    paths_to_remove.remove(auto_confirm)

  File "/usr/lib/python2.7/site-packages/pip/req/req_uninstall.py", line 115, in remove

    renames(path, new_path)

  File "/usr/lib/python2.7/site-packages/pip/utils/__init__.py", line 267, in renames

    shutil.move(old, new)

  File "/usr/lib64/python2.7/shutil.py", line 302, in move

    os.unlink(src)

OSError: [Errno 13] Permission denied: '/usr/bin/easy_install'

You are using pip version 8.1.2, however version 18.1 is available.

You should consider upgrading via the 'pip install --upgrade pip' command.

Yesterday I was inspecting the docs on Awx to see if I could find out how to build the docker image.

I'l spend some more time today looking into this.

If anyone has a working awx docker image with Openshift support, please let me know.