travier
commented
1 year ago Fedora CoreOS explicitly does not include Python (or other interpreters beyond Bash which is mostly here for convenience) as you should setup you system via Ignition / Butane. You can add files, setup quadlet / podman to pull containers, etc. all via Igntion.
If you really want to use Ansible, you can:
- consider Fedora IoT which includes Python
- look at the raw Ansible modules that do not require Python: https://stackoverflow.com/questions/62714153/does-ansible-shell-module-need-python-on-target-server
- layer the required Python packages on first boot via your Ignition config (or via the raw module) and then use Ansible
- build a custom image using the Ansible examples from https://github.com/coreos/layering-examples/tree/main/ansible-firewalld
millerthegorilla
cgwalters
What, if any, are the additional dependencies on the package? (i.e. does it pull in Python, Perl, etc)
rpm-ostree db diffafter adding python. libb2-0.98.1-7.fc37.aarch64 libgomp-12.2.1-4.fc37.aarch64 mpdecimal-2.5.1-4.fc37.aarch64 python-pip-wheel-22.2.2-3.fc37.noarch python-setuptools-wheel-62.6.0-2.fc37.noarch python-unversioned-command-3.11.2-1.fc37.noarch python3-3.11.2-1.fc37.aarch64 python3-libs-3.11.2-1.fc37.aarch64What is the size of the package and its dependencies?
libb2 - 76326 libgomp - 478910 mpdecimal - 276739 python-pip-wheel - 1533793 python-setuptools-wheel - 877431 python-unversioned-command - 23 python3 - 87074 python3-libs - 48783352
What problem are you trying to solve with this package? Or what functionality does the package provide?
I am trying to provision a rpi4b with coreos using ansible to install and configure a number of packages including some podman containers. But ansible will not interact with a remote host if it doesn't contain python.
Can the software provided by the package be run from a container? Explain why or why not.
Because ansible can't interact that way, unless I use ignition to pull the python container, and write some sort of alias for the command that will allow ansible to see it. it hadn't occurred, so I will try it tomorrow am and update this issue.
Can the tool(s) provided by the package be helpful in debugging container runtime issues?
not necessarily.
Can the tool(s) provided by the package be helpful in debugging networking issues?
no.
Is it possible to layer the package onto the base OS as a day 2 operation? Explain why or why not.
that is what I am doing currently, using a systemd oneshot service specified in the ignition file.
In the case of packages providing services and binaries, can the packaging be adjusted to just deliver binaries?
perhaps. I am no expert, but it has been suggested that I could simply copy in the binaries necessary via ignition copy operation but I would prefer the package to either be layered or available via podman as described above.
Can the tool(s) provided by the package be used to do things we’d rather users not be able to do in FCOS?
hmm. not sure what you're goals are. But I don't think so, although a podman container may work hopefully.
Does the software provided by the package have a history of CVEs?
yes.