Ansible learns to fly — 0mq that sets up itself

So one of my favorite things about Ansible is that it doesn’t require any daemons to be installed on the machines you manage.  It’s great for “brown field” deployments where you have to take over a lot of existing infrastructure, as well as cases where you have pristine cloud nodes running a bare-bones OS you want to start configuring and deploying software on it.

While we’re still in the process of optimizing the SSH internals of Ansible (Paramiko and native SSH with ControlPersist are both pretty good, but we can do more to reduce the number of ops we have to call, and in Paramiko’s case, to try to leave connections open a bit longer to emulate ControlPersist) — I had an interesting idea today which somehow I managed to code up in a few hours :)

That idea is this — We can bootstrap a temporary message bus daemon over SSH. 

The result is you have a systems management program that can achieve message-bus style speed and efficiency without the pain of keysigning and the NTP/DNS issues that often come along for the ride.   Func’s certmaster for instance was pretty annoying as if your DNS or NTP was fscked up, things usually didn’t work.  This is true of other systems management apps as well, and reprovisioning can cause problems.  Here, we completely avoid this problem.

While what I have now is just a very rough prototype (meaning we can probably eke out some more speed still and we need to do things to make it nicer in multi-tenant cases), the Ansible-playbook syntax looks like this:

---
- hosts: all
  gather_facts: False
  tasks:
    - action: fireball


- hosts: all
  connection: fireball
  tasks:
    - action: shell echo 'I am running over a message bus now'

The first step deploys the ephemeral daemon (so you don’t eat resources when you aren’t managing the machine) and then you can address it however.   The fireball will run as whatever user you tell it to.  What’s pretty cool is it’s a pretty lightweight implementation, with fireball implemented as a connection plugin and module combo with only minimal tweaks to the core.

Stay tuned for more details and upgrades on this.

Recent comments

Blog comments powered by Disqus