mic92 / ansible-lxc Goto Github PK

I wonder if there is any real reason for not submitting this to the ansible upstream repo. I've tried this, find it extremely useful, and have written a corresponding inventory script that I'd like to submit upstream. Any thoughts on pushing your connection driver plugin too?

I'm looking for a way to use Ansible to run tasks on lxc containers on a remote server. I usually use ssh to access the remote host, and lxc-attach to the containers. I don't want to run a sshd on each container.

Now, since I'm very new to Ansible, I'm having a hard time understanding if your plugin fits that need, or if it's only dedicated to work on local vm's?

I think it would be helpful if your "usage" section was a little more detailed to add more precise use cases.

Thank you for your work.

When running the controller in a vagrant vm with lxc installed locally, lxc creates a "/home/vagrant/.ansible" folder on the guest (chowned as root:root).
However, the "vagrant" user is not defined in the guest.

I suspect (but am not sure) that this is leading to some weird behaviours:

• executing "shell ssh-import-id" or " authorized_key:" on the lxc guest fails (see ansible.log extract below)

  2015-07-21 19:42:35,999 p=23545 u=root | failed: [h-db-mongo] => (item=lp:joaocc) => {"changed": true, "cmd": "ssh-import-id "lp:joaocc"", "delta": "0:00:00.424627", "end": "2015-07-21 19:42:35.979886", "item": "lp:joaocc", "rc": 1, "start": "2015-07-21 19:42:35.555259", "warnings": []}

• executing "apt_repository:" also fails (ansible log -vvvv below)
  THIS IS A LOCAL LXC DIR
  REMOTE_MODULE apt_repository repo=ppa:ondrej/php5
  EXEC ['/bin/sh', '-c', 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1437520463.28-182666014272512 && echo $HOME/.ansible/tmp/ansible-tmp-1437520463.28-182666014272512']
  PUT /tmp/tmpyuHbBQ TO /home/vagrant/.ansible/tmp/ansible-tmp-1437520463.28-182666014272512/apt_repository
  EXEC ['/bin/sh', '-c', u'LANG=C LC_CTYPE=C /usr/bin/python /home/vagrant/.ansible/tmp/ansible-tmp-1437520463.28-182666014272512/apt_repository; rm -rf /home/vagrant/.ansible/tmp/ansible-tmp-1437520463.28-182666014272512/ >/dev/null 2>&1']
  failed: [h-lemp-1] => {"failed": true}
  msg: Failed to connect to launchpad.net:443.

How can I change the account as which ansible connects to the guest?

Thanks

Hi @Mic92,
Have you tested this with unprivileged containers (https://help.ubuntu.com/lts/serverguide/lxc.html#lxc-unpriv)?
Thx

Hi,
I am trying to get this to run on Ubuntu 14.04 with LXC 1.0.6 and Ansible v1.8.2.
When I try to connect to a freshly installed guest (template ubuntu-cloud / trusty), I get the following error:

<lxc-demo> THIS IS A LOCAL LXC DIR
<lxc-demo> REMOTE_MODULE setup
<lxc-demo> EXEC ['/usr/bin/lxc-attach', '--name', 'lxc-demo', '--', '/bin/sh', '-c', 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1420214512.67-65457909308433 && echo $HOME/.ansible/tmp/ansible-tmp-1420214512.67-65457909308433']
<lxc-demo> PUT /tmp/tmpGYMeY7 TO overlayfs:/var/lib/lxc/LXC-Template-1404/rootfs:/var/lib/lxc/lxc-demo/delta0/home/vagrant/.ansible/tmp/ansible-tmp-1420214512.67-65457909308433/setup

Traceback (most recent call last):
  File "/usr/share/ansible_plugins/connection_plugins/lxc/lxc.py", line 87, in _copy
    shutil.copyfile(in_path, out_path)
  File "/usr/lib/python2.7/shutil.py", line 83, in copyfile
    with open(dst, 'wb') as fdst:

IOError: [Errno 2] No such file or directory: u'overlayfs:/var/lib/lxc/LXC-Template-1404/rootfs:/var/lib/lxc/lxc-demo/delta0/home/vagrant/.ansible/tmp/ansible-tmp-1420214512.67-65457909308433/setup'
fatal: [lxc-demo] => failed to transfer file to overlayfs:/var/lib/lxc/LXC-Template-1404/rootfs:/var/lib/lxc/lxc-demo/delta0/home/vagrant/.ansible/tmp/ansible-tmp-1420214512.67-65457909308433/setup

After this, I confirm that the /var/lib/lxc/lxc-demo/delta0/home/vagrant/.ansible/tmp/ansible-tmp-1420214512.67-65457909308433 folder exists, but is empty.

Any ideas on what might be going wrong?
Thanks

Hi,
I have been observing a weird behavior with ansible-lxc.

My playbook creates a set of containers, starting with a template based on "ubuntu-cloud" / trusty.

Everything runs fine when I do this in a running VM (in this case Vagrant) - LXC container is created with the right template.

However, when I run the exact same playbook as part of vagrant.provision.shell, the template reverts back to "ubuntu" (the default).

Some snippets.

container_cloudinit_userdata: ""
my_containers: 
 - name: Template-1404
    template: "ubuntu-cloud"
    template_options: --release trusty {{container_cloudinit_userdata}}

- name: create containers 
  sudo: yes
  lxc-container: 
    name: "{{ item.name }}"
    template: ubuntu-cloud
    backing_store: "{{item.backing_store|default('dir') }}"
    template_options: "{{ item.template_options|default('') }}"
    state: "stopped"
    container_log: true
  with_items: my_containers

The host VM is "ubuntu/trusty64" from Vagrant.

Any ideas?
Thx

Hi,
I am trying to connect with ansible to lxc-guests in the control machine.

The playbook is as simple as:

- name: gather facts from guests...
  sudo: true
  hosts: all-my-guests
  gather_facts: yes
  roles:
    - { role: debug-dump-all }

This playbook runs perfectly both with remote guests (via SSH) or lxc-guests also via SSH.
It also runs ok when I run "ansible-playbook" via sudo.

sudo bash run--ansible.sh provision--guests.yml

(in this case, I am calling a script that calls "ansible-playbook")
However, if I do...

    bash run--ansible.sh provision--guests.yml

... then I get the following errors:

TASK: [debug-dump-all | Dump All Vars] **************************************** 
Process SyncManager-1:
Traceback (most recent call last):
  File "/usr/lib/python2.7/multiprocessing/process.py", line 250, in _bootstrap
    sys.stdin = open(os.devnull)
IOError: [Errno 13] Permission denied: '/dev/null'
Traceback (most recent call last):
  File "/usr/bin/ansible-playbook", line 324, in <module>
    sys.exit(main(sys.argv[1:]))
  File "/usr/bin/ansible-playbook", line 264, in main
    pb.run()
  File "/usr/lib/pymodules/python2.7/ansible/playbook/__init__.py", line 348, in run
    if not self._run_play(play):
  File "/usr/lib/pymodules/python2.7/ansible/playbook/__init__.py", line 789, in _run_play
    if not self._run_task(play, task, False):
  File "/usr/lib/pymodules/python2.7/ansible/playbook/__init__.py", line 497, in _run_task
    results = self._run_task_internal(task, include_failed=include_failed)
  File "/usr/lib/pymodules/python2.7/ansible/playbook/__init__.py", line 439, in _run_task_internal
    results = runner.run()
  File "/usr/lib/pymodules/python2.7/ansible/runner/__init__.py", line 1485, in run
    results = self._parallel_exec(hosts)
  File "/usr/lib/pymodules/python2.7/ansible/runner/__init__.py", line 1369, in _parallel_exec
    manager = multiprocessing.Manager()
  File "/usr/lib/python2.7/multiprocessing/__init__.py", line 99, in Manager
    m.start()
  File "/usr/lib/python2.7/multiprocessing/managers.py", line 528, in start
    self._address = reader.recv()
EOFError

Any idea?
Is this supposed to work only in sudo on the command line (even if I have sudo in the tasks themselves)?
Can I workaround this by adding the user under which ansible runs on the control machine to some group?

Thanks

Hi,
I started having these messages.
Any idea on what may be the cause?
This happens when running ansible on a lxc-host (local connection) an trying to gather facts in lxc-guests (via lxc connection).

´´´´
lxc_container: console.c: lxc_console: 700 stdin is not a tty
fatal: [h-piwik] => Traceback (most recent call last):
File "/usr/lib/pymodules/python2.7/ansible/runner/init.py", line 582, in _executor
exec_rc = self._executor_internal(host, new_stdin)
File "/usr/lib/pymodules/python2.7/ansible/runner/init.py", line 785, in _executor_internal
return self._executor_internal_inner(host, self.module_name, self.module_args, inject, port, complex_args=complex_args)
File "/usr/lib/pymodules/python2.7/ansible/runner/init.py", line 1032, in _executor_internal_inner
result = handler.run(conn, tmp, module_name, module_args, inject, complex_args)
File "/usr/lib/pymodules/python2.7/ansible/runner/action_plugins/normal.py", line 57, in run
return self.runner._execute_module(conn, tmp, module_name, module_args, inject=inject, complex_args=complex_args)
File "/usr/lib/pymodules/python2.7/ansible/runner/init.py", line 470, in _execute_module
tmp = self._make_tmp_path(conn)
File "/usr/lib/pymodules/python2.7/ansible/runner/init.py", line 1288, in _make_tmp_path
result = self._low_level_exec_command(conn, cmd, None, sudoable=False)
File "/usr/lib/pymodules/python2.7/ansible/runner/init.py", line 1169, in _low_level_exec_command
in_data=in_data)
File "/usr/share/ansible_plugins/connection_plugins/lxc/lxc.py", line 63, in exec_command
(pid, returncode) = os.waitpid(pid, 0)
OSError: [Errno 10] No child processes
´´´´

Thanks