From 131bc768c7b0c66e56fd0a0a0982efa301af892d Mon Sep 17 00:00:00 2001 From: David Wilson Date: Fri, 27 Apr 2018 04:40:56 +0100 Subject: [PATCH] ansible: implement LXC support. --- ansible_mitogen/connection.py | 22 +++++++- .../plugins/connection/mitogen_lxc.py | 56 +++++++++++++++++++ ansible_mitogen/strategy.py | 2 +- docs/ansible.rst | 15 ++++- 4 files changed, 88 insertions(+), 7 deletions(-) create mode 100644 ansible_mitogen/plugins/connection/mitogen_lxc.py diff --git a/ansible_mitogen/connection.py b/ansible_mitogen/connection.py index fcb5851d..6e192720 100644 --- a/ansible_mitogen/connection.py +++ b/ansible_mitogen/connection.py @@ -88,6 +88,17 @@ def _connect_docker(spec): } +def _connect_lxc(spec): + return { + 'method': 'lxc', + 'kwargs': { + 'container': spec['remote_addr'], + 'python_path': spec['python_path'], + 'connect_timeout': spec['ansible_ssh_timeout'] or spec['timeout'], + } + } + + def _connect_sudo(spec): return { 'method': 'sudo', @@ -103,10 +114,11 @@ def _connect_sudo(spec): CONNECTION_METHOD = { - 'sudo': _connect_sudo, - 'ssh': _connect_ssh, - 'local': _connect_local, 'docker': _connect_docker, + 'local': _connect_local, + 'lxc': _connect_lxc, + 'ssh': _connect_ssh, + 'sudo': _connect_sudo, } @@ -494,3 +506,7 @@ class LocalConnection(Connection): class DockerConnection(Connection): transport = 'docker' + + +class LxcConnection(Connection): + transport = 'lxc' diff --git a/ansible_mitogen/plugins/connection/mitogen_lxc.py b/ansible_mitogen/plugins/connection/mitogen_lxc.py new file mode 100644 index 00000000..48d4e03d --- /dev/null +++ b/ansible_mitogen/plugins/connection/mitogen_lxc.py @@ -0,0 +1,56 @@ +# Copyright 2017, David Wilson +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# 1. Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# +# 2. Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# 3. Neither the name of the copyright holder nor the names of its contributors +# may be used to endorse or promote products derived from this software without +# specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. + +import os.path +import sys + +# +# This is not the real Connection implementation module, it simply exists as a +# proxy to the real module, which is loaded using Python's regular import +# mechanism, to prevent Ansible's PluginLoader from making up a fake name that +# results in ansible_mitogen plugin modules being loaded twice: once by +# PluginLoader with a name like "ansible.plugins.connection.mitogen", which is +# stuffed into sys.modules even though attempting to import it will trigger an +# ImportError, and once under its canonical name, "ansible_mitogen.connection". +# +# Therefore we have a proxy module that imports it under the real name, and +# sets up the duff PluginLoader-imported module to just contain objects from +# the real module, so duplicate types don't exist in memory, and things like +# debuggers and isinstance() work predictably. +# + +try: + import ansible_mitogen +except ImportError: + base_dir = os.path.dirname(__file__) + sys.path.insert(0, os.path.abspath(os.path.join(base_dir, '../../..'))) + del base_dir + +from ansible_mitogen.connection import LxcConnection as Connection +del os +del sys diff --git a/ansible_mitogen/strategy.py b/ansible_mitogen/strategy.py index ef6a37ac..27584eb3 100644 --- a/ansible_mitogen/strategy.py +++ b/ansible_mitogen/strategy.py @@ -68,7 +68,7 @@ def wrap_connection_loader__get(name, play_context, new_stdin, **kwargs): 'mitogen' connection type, passing the original transport name into it as an argument, so that it can emulate the original type. """ - if name in ('ssh', 'local', 'docker'): + if name in ('ssh', 'local', 'docker', 'lxc'): name = 'mitogen_' + name return connection_loader__get(name, play_context, new_stdin, **kwargs) diff --git a/docs/ansible.rst b/docs/ansible.rst index 662004ae..12f3cbc7 100644 --- a/docs/ansible.rst +++ b/docs/ansible.rst @@ -116,8 +116,8 @@ Noteworthy Differences * The ``sudo`` become method is available and ``su`` is planned. File bugs to register interest in additional methods. -* The ``ssh``, ``local`` and ``docker`` connection types are available, with - more planned. File bugs to register interest. +* The ``docker``, ``local``, ``lxc`` and ``ssh`` connection types are + available, with more planned. File bugs to register interest. * Local commands execute in a reuseable interpreter created identically to interpreters on targets. Presently one interpreter per ``become_user`` @@ -167,7 +167,7 @@ Connection Delegation Included is a preview of **Connection Delegation**, a Mitogen-specific implementation of `stackable connection plug-ins`_. This enables multi-hop -connections via a bastion, or Docker connections delegated via their host +connections via a bastion, or Docker/LCX connections delegated via their host machine, where reaching the host may itself entail recursive delegation. .. _Stackable connection plug-ins: https://github.com/ansible/proposals/issues/25 @@ -473,6 +473,15 @@ Docker support is fairly new, expect increased surprises for now. * ``ansible_user``: Name of user within the container to execute as. +LXC +~~~ + +LXC support is fairly new, expect increased surprises for now. The +``lxc-attach`` command is required to be available on the host machine. + +* ``ansible_host``: Name of LXC container. + + Debugging ---------