I am using Ansible to modify properties of a running Kubernetes cluster. I do not have Ansible installed on the cluster, but rather, externally use an Ansible Docker image to run the playbooks that operate on the cluster nodes. I run the container and pass it the necessary arguments to run playbooks that are configured to operate on K8s cluster nodes.
When a playbook task is executed, it is meant to affect some aspect of the specified host(s) (e.g. a cluster node), correct? That seems rather obvious.
My question:
For a given playbook task, does the software that performs the task need to be present (i.e. installed) on the host, or is it being run remotely from the Ansible "node" (the Docker container in this case)? This is not entirely clear to me.
The reason behind this question is that it appears that I need to install (or have previously installed) certain pieces of software on the K8s cluster node in order for some playbook tasks to execute.
I don't want to have Ansible (or other "task" software) installed on my cluster nodes. Do I have no choice in the matter? Is there a way around this?
Here is an example task that fails, unless I have previously installed (via a prior task) a specific module:
- name: "Get kube-proxy ConfigMap"
kubernetes.core.k8s_info:
kind: ConfigMap
name: kube-proxy
namespace: kube-system
kubeconfig: "{{ lookup('env', 'K8S_AUTH_KUBECONFIG') }}"
register: kube_proxy_data
For this to execute, I need add the tasks below ahead of this:
- name: "Install pip"
become: true
ansible.builtin.shell:
cmd: "apt-get update && apt-get install -y python3-pip"
- name: "Install kubernetes Ansible module"
become: true
ansible.builtin.pip:
name:
kubernetes
CodePudding user response:
It's not clear what you're asking. Is it (A) does Ansible itself need software to be installed on the node? Or is it (B) Does the node need software to be installed for a particular task to run?
If (A) then per Domenico's answer, the node will need SSH and the correct Python version.
If (B) then it depends on that task. For example, if the task is to install software via a package manager then obviously the node will need that package manager installed. If the task is to add a user to a Postgres database, then the node will need Postgres installed. Etc. In general, the node will need whatever it would have needed if you were to perform the task manually on that node.
If you're asking something different then please edit the question to clarify. It may also be helpful to give an example of the type of task you are trying to run.
CodePudding user response:
From the redhat website:
"Since Ansible is agentless, it can still communicate with devices without requiring an application or service to be installed on the managed node. "
Answer is, then, no. There is no need to install anything on the managed node, apart from a regular ssh-server daemon and python.