search

operator-framework / ansible-operator-plugins

Experimental extraction/refactoring of the Operator SDK's ansible operator plugin
Apache License 2.0
9 stars 20 forks source link

feature: dynamic inventory of resources created by a CR of an ansible operator #22

Open jobcespedes opened 3 years ago

jobcespedes commented 3 years ago

Feature Request

Dynamic inventory of resources created by a CR of an ansible operator

Describe the problem you need a feature to resolve.

Operating or running ansible tasks over pods generated by a CR of an ansible operator is kind of cumbersome. One could use kubectl connection plugin and add them dynamically during each reconciliation loop using variables. The existing dynamic k8s inventory plugin could be a better fit. However, adding it to an ansible operator requires some steps. In addition, when done, it shows all the pods and services the operator has access and groups them in a way, in my opinion, not intuitive for the operator scope. They could not be filter, for instance.

Describe the solution you'd like.

The operator sdk to already include a dynamic inventory plugin that groups and adds only the pods, and optionally other kind of resources, of the CR the reconciliation loop is running. I would like to run some complementary ansible tasks over some of those pods. How it groups them should be intuitive in order to reference hosts, or groups more probably, in playbooks inside the operator. For instance: the name of a default group of all pods of a CR could be used as: hosts: {{ ansible_operator_meta.namespace }}__{{ ansible_operator_meta.namespace }}__pods. In addition, it would be helpful to define custom group formats using labels and add extra ansible variables using annotations. The following example shows: a posible pod definition for it to be considered as part of a CR inventory, to define a custom group membership and extra ansible variables:

apiVersion: v1
kind: Pod
metadata:
  annotations:
    # Define a variable for this pod only
    ansible.sdk.operatorframework.io/inventory_variable: '{"ansible_python_interpreter": "/usr/libexec/platform-python"}'
  labels:
    # Define a label to be included in an specific inventory.  
    ansible.sdk.operatorframework.io/inventory: "mynamespace/mysample"  
    # A default group for all pods could be <mynamespace>__<mysample>__pods
    # Define a custom group membership to <mynamespace>__<mysample>__<mygroup>__pods could be defined with:
    ansible.sdk.operatorframework.io/inventory_group: "mygroup"

The custom CR could be:

apiVersion: sample.example.com/v1alpha1
kind: Sample
metadata:
  name: mysample
  namespace: mynamespace
  annotations:
    # Define which label selector identify resources of this specific inventory for this CR.  
    ansible.sdk.operatorframework.io/inventory: "mynamespace/mysample"  
    # Define a variable for each pod
    ansible.sdk.operatorframework.io/inventory_variable: '{"ansible_remote_tmp": "/var/tmp/.ansible"}'

Using ansible to manage pods could be considered an anti-patter for k8s.

However, it could complement k8s where some functionality is lacking or to add some logic to an operator.

/language ansible

openshift-bot commented 3 years ago

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close. Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

openshift-bot commented 3 years ago

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten. Rotten issues close after an additional 30d of inactivity. Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten /remove-lifecycle stale

fabianvf commented 3 years ago

/lifecycle frozen

openshift-ci[bot] commented 1 year ago

@jobcespedes: The label(s) language/ansible cannot be applied, because the repository doesn't have them.

In response to [this](https://github.com/operator-framework/ansible-operator-plugins/issues/22): >## Feature Request >Dynamic inventory of resources created by a CR of an ansible operator > >#### Describe the problem you need a feature to resolve. >Operating or running ansible tasks over pods generated by a CR of an ansible operator is kind of cumbersome. One could use kubectl connection plugin and add them dynamically during each reconciliation loop using variables. The existing dynamic k8s inventory plugin could be a better fit. However, adding it to an ansible operator requires some steps. In addition, when done, it shows all the pods and services the operator has access and groups them in a way, in my opinion, not intuitive for the operator scope. They could not be filter, for instance. > > >#### Describe the solution you'd like. > > >The operator sdk to already include a dynamic inventory plugin that groups and adds only the pods, and optionally other kind of resources, of the CR the reconciliation loop is running. I would like to run some complementary ansible tasks over some of those pods. How it groups them should be intuitive in order to reference hosts, or groups more probably, in playbooks inside the operator. For instance: the name of a default group of all pods of a CR could be used as: `hosts: {{ ansible_operator_meta.namespace }}__{{ ansible_operator_meta.namespace }}__pods`. In addition, it would be helpful to define custom group formats using labels and add extra ansible variables using annotations. The following example shows: a posible pod definition for it to be considered as part of a CR inventory, to define a custom group membership and extra ansible variables: >```yaml >apiVersion: v1 >kind: Pod >metadata: > annotations: > # Define a variable for this pod only > ansible.sdk.operatorframework.io/inventory_variable: '{"ansible_python_interpreter": "/usr/libexec/platform-python"}' > labels: > # Define a label to be included in an specific inventory. > ansible.sdk.operatorframework.io/inventory: "mynamespace/mysample" > # A default group for all pods could be ____pods > # Define a custom group membership to ______pods could be defined with: > ansible.sdk.operatorframework.io/inventory_group: "mygroup" >``` >The custom CR could be: >```yaml >apiVersion: sample.example.com/v1alpha1 >kind: Sample >metadata: > name: mysample > namespace: mynamespace > annotations: > # Define which label selector identify resources of this specific inventory for this CR. > ansible.sdk.operatorframework.io/inventory: "mynamespace/mysample" > # Define a variable for each pod > ansible.sdk.operatorframework.io/inventory_variable: '{"ansible_remote_tmp": "/var/tmp/.ansible"}' >``` >> Using ansible to manage pods could be considered an anti-patter for k8s. > >However, it could complement k8s where some functionality is lacking or to add some logic to an operator. > > > >/language ansible > > Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.