Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add k8s_exec module to execute command through the API #55029

Open
wants to merge 1 commit into
base: devel
from

Conversation

Projects
None yet
3 participants
@TristanCacqueray
Copy link
Contributor

commented Apr 9, 2019

SUMMARY

This change adds a new module to execute command in a container through the API:
https://docs.okd.io/latest/dev_guide/executing_remote_commands.html#protocol

ISSUE TYPE
  • New Module Pull Request
COMPONENT NAME

k8s_exec

ADDITIONAL INFORMATION

Test playbook:

- hosts: localhost
  gather_facts: no
  vars:
    pod: example-sf-zuul-scheduler-84bf645594-kw9lr
    namespace: myproject
  tasks:
    - name: Test Exec
      k8s_exec:
        pod: "{{ pod }}"
        namespace: "{{ namespace }}"
        command: zuul --version

    - name: Test Stderr
      k8s_exec:
        pod: "{{ pod }}"
        namespace: "{{ namespace }}"
        command: sh -c "echo toto > /dev/stderr"

Results in:

$ ansible-playbook -v test-exec.yaml
PLAY [localhost] *************************************************************

TASK [Test Exec] *************************************************************
changed: [localhost] => {
  "changed": true, "stderr": "", "stderr_lines": [],
  "stdout": "Zuul version: 3.7.2.dev37\n",
  "stdout_lines": ["Zuul version: 3.7.2.dev37"]
}

TASK [Test Stderr] ***********************************************************
changed: [localhost] => {
  "changed": true, "stderr": "toto\n", "stderr_lines": ["toto"],
  "stdout": "", "stdout_lines": []
}

PLAY RECAP *******************************************************************
localhost                  : ok=2    changed=2    unreachable=0    failed=0
@ansibot

This comment has been minimized.

@ansibot

This comment has been minimized.

Copy link
Contributor

commented Apr 9, 2019

The test ansible-test sanity --test import --python 2.6 [explain] failed with 1 error:

lib/ansible/modules/clustering/k8s/k8s_exec.py:69:0: ImportError: No module named kubernetes.client.apis

The test ansible-test sanity --test import --python 2.7 [explain] failed with 1 error:

lib/ansible/modules/clustering/k8s/k8s_exec.py:69:0: ImportError: No module named kubernetes.client.apis

The test ansible-test sanity --test import --python 3.5 [explain] failed with 1 error:

lib/ansible/modules/clustering/k8s/k8s_exec.py:69:0: ImportError: No module named 'kubernetes'

The test ansible-test sanity --test import --python 3.6 [explain] failed with 1 error:

lib/ansible/modules/clustering/k8s/k8s_exec.py:69:0: ModuleNotFoundError: No module named 'kubernetes'

The test ansible-test sanity --test import --python 3.7 [explain] failed with 1 error:

lib/ansible/modules/clustering/k8s/k8s_exec.py:69:0: ModuleNotFoundError: No module named 'kubernetes'

The test ansible-test sanity --test import --python 3.8 [explain] failed with 1 error:

lib/ansible/modules/clustering/k8s/k8s_exec.py:69:0: ModuleNotFoundError: No module named 'kubernetes'

The test ansible-test sanity --test shebang [explain] failed with 1 error:

lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: module should not be executable

The test ansible-test sanity --test validate-modules [explain] failed with 24 errors:

lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E305 DOCUMENTATION.author: Invalid author for dictionary value @ data['author']. Got 'Tristan de Cacqueray'
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E307 version_added should be '2.8'. Currently '2.9'
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'api' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'api_key' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'api_version' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'ca_cert' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'cert_file' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'client_cert' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'client_key' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'command' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'context' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'host' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'key_file' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'kubeconfig' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'name' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'namespace' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'password' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'pod' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'ssl_ca_cert' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'username' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'validate_certs' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'verify_ssl' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E322 Argument 'version' is listed in the argument_spec, but not documented in the module documentation
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E324 Argument 'api_version' in argument_spec defines default as ('v1') but documentation defines default as (None)

click here for bot help

@TristanCacqueray TristanCacqueray force-pushed the TristanCacqueray:devel branch from 930ee42 to ab7718b Apr 9, 2019

@ansibot

This comment has been minimized.

Copy link
Contributor

commented Apr 9, 2019

The test ansible-test sanity --test shebang [explain] failed with 1 error:

lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: module should not be executable

The test ansible-test sanity --test validate-modules [explain] failed with 2 errors:

lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E305 DOCUMENTATION.author: Invalid author for dictionary value @ data['author']. Got 'Tristan de Cacqueray'
lib/ansible/modules/clustering/k8s/k8s_exec.py:0:0: E307 version_added should be '2.8'. Currently '2.9'

click here for bot help

@TristanCacqueray TristanCacqueray force-pushed the TristanCacqueray:devel branch from ab7718b to 3a5504b Apr 9, 2019

Add k8s_exec module to execute command through the API
This change adds a new module to execute command in a container
through the API:
https://docs.okd.io/latest/dev_guide/executing_remote_commands.html#protocol

@ansibot ansibot removed the ci_verified label Apr 9, 2019

@ansibot

This comment has been minimized.

Copy link
Contributor

commented Apr 9, 2019

@erjohnso @fabianvf @flaper87 @kubevirt @supertom

As a maintainer of a module in the same namespace this new module has been submitted to, your vote counts for shipits. Please review this module and add shipit if you would like to see it merged.

click here for bot help

@fabianvf

This comment has been minimized.

Copy link
Contributor

commented Apr 9, 2019

This is really awesome. Out of curiousity, did you consider instead writing a k8s connection plugin (similar to the kubectl connection plugin but based on python instead of shelling out)? I think generally Ansible prefers to use connection plugins when executing against another host, rather than having modules that open a connection to another host and execute a command.

This is pretty clean and simple though so I don't have any personal opposition to it, but I'm curious to hear @willthames more expert opinion.

https://docs.ansible.com/ansible/latest/plugins/connection/kubectl.html
https://github.com/ansible/ansible/blob/devel/lib/ansible/plugins/connection/kubectl.py

@ansibot ansibot removed the needs_triage label Apr 9, 2019

@TristanCacqueray

This comment has been minimized.

Copy link
Contributor Author

commented Apr 9, 2019

I haven't consider a connection plugin because that exec api is rather limited and it will be hard to use it with generic task like shell or command. Moreover in the context of the k8s ansible operator, it would be easier to use such task instead of add_host followed by delegated action.

Another improvement to consider is to use a lookup('k8s', kind='Pod') object as a k8s_exec argument.

@ansibot ansibot added the stale_ci label Apr 17, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.