Ansible as first-class means of sandbox deployment

Question

Ansible as first-class means of sandbox deployment

Closed this issue 2 years ago · 10 comments

Expected Behaviour

Well, I'm not sure if I really have any expectations beyond what is already provided.

Current Behaviour

Sandbox ships a number of deployment methods but an ansible playbook/role is not one of them. Particularly, docker-compose is a method that's attractive for small scale "dip your toes in" deployments but is not super friendly to those of us who plan to use podman instead of docker.

Possible Solution

Develop an ansible role that deploys the sandbox using either docker or podman. Along the lines of what is done with ceph-ansible.

Steps to Reproduce (for bugs)

Evaluate sandbox repo.
Draw conclusions from observation.

Context

We're attempting to use tinkerbell but we're not very interested in using docker. We've developed quite a liking for podman though and seeing as they can pretty much run the same containers, plan to develop a method for getting the sandbox up with podman. Recent versions of podman do support docker-compose via the podman unix socket but compose is a pretty fragile format it seems. Different versions of docker-compose support different directives in the yaml format (ex: service_completed_successfully was removed and later added back to docker-compose) and support varies a bit across podman versions. The use of docker-compose also implicitly suggests deployment is favored towards docker as opposed to other container runtimes like podman. Ansible would allow development of a more runtime neutral deployment method.

Your Environment

Operating System and version (e.g. Linux, Windows, MacOS): Fedora 34 and Debian testing
How are you running Tinkerbell? Using Vagrant & VirtualBox, Vagrant & Libvirt, on Packet using Terraform, or give details: rootless podman containers
Link to your project or a code example to reproduce issue:

Answer 1 · 2021-08-30T15:53:47.000Z

Hey @jmpolom, this seems very doable. For the docker-compose to podman hopefully should only require some minor modifications to the existing docker-compose.yml file. If you've got anything started please do submit a regular or draft PR or a repo branch and we can collaborate.

Answer 2 · 2021-09-01T19:38:38.000Z

Thanks for the response. I think we're going to start working on this and we'll definitely send over a PR when we have something we feel is worth your time.

Answer 3 · 2021-09-10T14:48:15.000Z

Feel free to take a look at https://code.spamasaurus.com/djpbessems/Packer.Images/src/branch/Tinkerbell.Appliance/ansible to see how I'm deploying the sandbox through Ansible (though it does use docker-compose).

Answer 4 · 2021-10-10T19:35:36.000Z

Hey @djpbessems, any chance there are any docs to help me understand how to use this? my Ansible is quite rusty and I'm having some difficulty finding where the code is for deploying the sandbox.

Answer 5 · 2021-10-11T07:08:34.000Z

Sorry, apparently I linked to the wrong branch (updated my comment with correct link now https://code.spamasaurus.com/djpbessems/Packer.Images/src/branch/Tinkerbell.Appliance/ansible)

The playbook has 4 roles, out of which tinkerbell and firstboot are relevant:
Within those roles, the sandbox.yml does the initial setup of the Tink stack, while the ansible playbook that is run as payload upon first boot then also has a role tinkerbell (that brings up the tink stack up with the last configuration applied).

Answer 6 · 2021-10-12T16:59:27.000Z

Just want to put out there that we are working on an ansible role that deploys the 'sandbox' with podman using the ansible podman_container module. This does not directly consume the sandbox docker compose file which is a primary objective for us since we do not intend to deploy with docker-compose. Our overarching objective is to enable us to host the sandbox using rootless podman containers.

My thought is that it would be most beneficial if the tinkerbell project supported a similar type of ansible deployment method (using docker_container and podman_container so both runtimes are supported) that doesn't directly rely on docker-compose. We haven't yet sent any kind of a PR for what we have as we're also looking to implement systemd service units to host the sandbox as well and would prefer to include that in a PR.

Answer 7 · 2021-10-13T06:54:30.000Z

I'm super interested in your efforts.

Just a heads-up: Installing ansible through apt on Ubuntu 20.xx will result in ansible 2.9.x which doesn't properly support galaxy collections. The better installation method (this goes for all distro's I think) is to install it through pip:

apt install python3-pip python3-wheel python3-setuptools -y
pip3 install --upgrade pip
pip3 install ansible-core

Answer 8 · 2021-11-28T14:09:40.000Z

ditto here. I'm interested in a non-docker solution too, & familiar with ansible.

Answer 9 · 2022-02-10T20:47:50.000Z

Any updates with this?

Answer 10 · 2022-12-16T14:51:58.000Z

We recently adopted a minimalist approach to deployment options. We're very open to adding more but its unlikely we'll prioritize investing in this any time soon.

If you have time to develop and support this option don't hesitate to leave a comment.

Dubbing the issue as stale and closing for now.