`realm_join` module fails if not explicitly setting `ansible_python_interpreter` to point "into" the virtual environment.

[reenberg]

Running the realm_config task, it requires one to set the virtualenv as documented in the README. However when running the realm_join module, it fails, as the module is run with the hosts default python interpreter. I had to enforce the ansible_python_interpreter as a variable when referencing the module like seen below.

I kind of like installing dependencies in a virtual environment, as to not pollute the remote nodes environments. However it would be nice if it was optional, and if it was a tiny bit better documented, how to actually use it.

What are the deeper thoughts about this?

- name: AD join the node
  ogratwicklcs.realmd_ipa_ad.realm_join:
    state: "present" 
    domain: "{{ domain_name }}"
    ou_location: "{{ domain_ou }}"
    username: "{{ bind_user }}"
    password: "{{ bind_password }}"
  vars:
    # We need to use the python enterpretor in the venv, as it needs to import
    # the pexpect modules
    ansible_python_interpreter: "{{ virtual_env }}/bin/python"

[reenberg]

Another pain point with the virtual environment, is that the realm_join module requires the rpm Python package. If you don't manually create the virtual environment before running the realm_config task, and setting the venv to include site packages, in order to get the rpm package, then it will also fail as the rpm package is not available from PyPi. There are the rpm-py-installer package which tries to build the rpm package, but it failed for me.

    - name: Install dependent Python packages (in venv)
      ansible.builtin.pip:
        name:
          - pip  # just reference pip, as we need to specify at least one package
        virtualenv: "{{ virtual_env }}"
        virtualenv_site_packages: true

One could of cause just install the pexpect package here instead of referencing pip which is installed by default.

[ogratwicklcs]

I think you make some great points. I can try taking a look at updating all of that, however at this point I won't have much bandwidth for this.

[reenberg]

@ogratwicklcs, if you drop some pointers on how/where you want this to go, then I could take a crack at it. I think this could be usefull for some work I'm doing, so I might be able to allocate some time.

I guess I was just initially baffled at how you were using it, or how it was intended. I guess a first attempt could very well just be an update to the README.

[ogratwicklcs]

The module was really just designed to be a workaround for requiring each remote host to have a pexpect module installed.
The role that was attached with this repo installs package dependencies for realmd package on the remote hosts.

So the role should install package dependencies for realmd and configure resolv.conf file to point to the DNS servers that can resolve the domain you want to join.
The module uses realmd on the backend to manage the membership of the host to to FreeIPA or Active Directory.

This was a side project for me, for a use-case I no longer have. So feel free to fork and do whatever, or I can merge any additional features.