Running Ansible in the SmartOS global zone
None of the machines I currently run SmartOS on are big enough to run SDC/Triton, so I looked at Rundeck for creating zone definitions. and provisioning new zones as jobs. However Rundeck is unable to dynamically add new option fields. This is required for example in order to manage fields with an arbitrary number of keys, such as the network interfaces or disks.
In the meantime I’ve wanted to be able to run Ansible on my SmartOS nodes for a while now. So on Christmas eve I installed pkgsrc in the Global Zone so that I could run Python and thus target it as an Ansible managed node.
However I quickly found out that Ansible had no idea how to manage packages because it claimed not to be able to find pkgin
:
calafate-gz | SUCCESS => {
"ansible_facts": {
"ansible_pkg_mgr": "unknown"
},
"changed": false
}
One pull request later and it correctly set ansible_pkg_mgr
to pkgin
.
Another roadblock revealed itself:
fatal: [calafate-gz]: FAILED! => {"changed": false, "failed": true, "msg":
"Failed to find required executable pkgin in paths: /usr/ccs/bin:/usr/bin:/bin:/usr/sbin:/sbin"}
Ok, makes sense as the tools packages are installed into /opt/tools
. So I added a persistent ~/.profile to add the required paths to $PATH
; no luck still.
Note, the “tools” set of packages that can be installed into the GZ is fairly limited; there are 369 packages available. It’s called tools for a reason!
A small trick is needed in order to set an environment variable for a playbook. Eventually I ended up with a small playbook to demonstrate the usage of pkgin
in the GZ:
---
- name: install a package in the global zone
environment:
PATH: "/opt/tools/sbin:/opt/tools/bin:{{
(ansible_env|default({})).PATH|default('/usr/bin:/usr/sbin') }}"
become: True
become_user: root
hosts: all
tasks:
- name: install apcupsd
package:
name: apcupsd
state: present
Of course the whole purpose of getting Ansible to run in the global zone is only to only be able to install apcupsd. Since last week I’ve started to work on two new modules to manage imgadm(1M)
and vmadm(1M)
!
The imgadm
module is finished and has been submitted upstream, awaiting review. The vmadm
module is almost finished and will be submitted shortly. These modules are a major improvement for managing SmartOS hosts so they warrant a write-up of their own…soon!
update: the imgadm module has been merged upstream too now!