fix role on CentOS and Fedora

[ltalirz]

in PR #15 I've enabled travis builds on centos and fedora.

The travis build fails immediately, since they don't have /usr/bin/python3. https://travis-ci.org/marvel-nccr/ansible-role-aiida/jobs/636646808#L494

@espenfl Can I leave this for you?

[espenfl]

Happy to try to solve this. We need to run ansible with the ansible_python_interpreter (on the systems where Python 3 is not default, i.e. CentOS and Redhat). Usually what I do is just the path for the environment variable. The problem is that on the setup we have in #15 the python version is part of the path for the virtual environment and as such makes it a bit difficult. /usr/bin/python3 is present og Fedora 31 and python points to python3 (user can add Python 2, but we start from vanilla). Problem is CentOS and Redhat. An alternative is of course to install our own version of Python 3 using make altinstall and not care so much about the container config. But this diverts the purpose of the container a bit maybe. Also, this should function with Vagrant and I am not sure how it works there. Perfect opportunity to fiddle with that a bit then. @ltalirz I will have a look and check both CentOS and Fedora in the next hours.

[espenfl]

CentOS 8 does not come with Python at all and we need to support that. It makes sense to put the responsibility of the admin to make sure Python is present at the system where provisioning is supposed to take place. However, we need to be able to run tests on deploying AiiDA on CentOS 8, so we will try to install Python 3 when necessary in order to complete the tests.

[espenfl]

We need to create new containers due to issues with too compact locale. Right now the generation of this is stuck in molecule due to what seems like SELinux issues.

For future reference here is some info with respect to SELinux issues related to ansible and molecule:

https://github.com/ansible/molecule/issues/1724 https://github.com/ansible/ansible/issues/34340

We get the Aborting, target uses selinux but python bindings (libselinux-python) aren't installed on the Create Dockerfiles from image names step of molecule.

There is a PR on ansible to enable ignore of SELinux, but not sure how that would work in our case: https://github.com/ansible/ansible/pull/53015. This should basically make it possible to ignore SELinux on any task. Right now, when we are using a templated Dockerfile it fails at this step. Having such an option would most likely solve all these issues.

Also and maybe the key point is the fact that if we force Ansible to run on Python 3 (which we do now) we will hit the SELinux problem on CentOS 7: https://github.com/ansible/ansible/issues/53929. I am unsure if there is still issues related to this on CentOS 8 (in fact it seems so). The post above also indicates that ansible 2.8 is going to offer auto detection of Python.

Also note that the vanilla containers are usually shipped with very compact locale and we typically need en_US.UTF-8 for postgresql and click. We either need to maintain wrappers that adds this locale or try to convince other maintainers to add a more general set of locale (or at least this). We opened a request for this here: https://github.com/geerlingguy/docker-centos8-ansible/issues/4 https://github.com/geerlingguy/docker-fedora31-ansible/issues/1

[espenfl]

At this point I am tempted to create new containers that offer extended locale as it seems fixing the SELinux issues to make molecule create those containers is not going to be easy across all combinations of distros. @ltalirz what do you think?

[ltalirz]

The post above also indicates that ansible 2.8 is going to offer auto detection of Python.

Ansible 2.8 is out since May last year https://github.com/ansible/ansible/releases/tag/v2.8.0

[espenfl]

Sure, but lts Ubuntu and CentOS is not there yet. Fedora and non-lts, no problem.

[espenfl]

At this point I am tempted to create new containers that offer extended locale as it seems fixing the SELinux issues to make molecule create those containers is not going to be easy across all combinations of distros. @ltalirz what do you think?

Wrappers are now located here: https://hub.docker.com/repository/docker/marvelnccr/docker-ubuntu1604-ansible https://hub.docker.com/repository/docker/marvelnccr/docker-ubuntu1804-ansible https://hub.docker.com/repository/docker/marvelnccr/docker-centos8-ansible https://hub.docker.com/repository/docker/marvelnccr/docker-fedora31-ansible

We will use those until there is a fix for SELinux or other containers with a broad enough locale.