LXD and Ansible

Tony_Anytime · August 26, 2019, 1:07am

Trying to figure out the best way to get ansible to do its magic within the containers. Was thinking of using ssh in each container, but then that is server-dependent. or I have to come via the proxy which seems like more work than should be necessary.
Again, I am already creating containers, deleting etc… I am talking about running commands within the container with ansible not via lxc exec containername bash which I can do now.
Anyone figure out the best way to do it.

thanks

bmullan · August 26, 2019, 5:16am

Don’t know if this helps as I don’t use ansible

https://docs.ansible.com/ansible/latest/modules/lxd_container_module.html

roka · August 26, 2019, 7:16am

It’s pretty easy to do.
The simple way to achieve it is following:

Create a container image with your own public ssh keys and with ansible dependency installed. Like you will need to define python path.
Launch new containers from this image.
Use host as proxyjump, the account used on host should also have the same public key in authorized_keys. For example your machine running ansible script add “~/.ssh/config” file as:
```
Host 192.168.*.*
 HostName %h
 IdentityFile ~/.ssh/id_rsa
 ProxyJump 106.10.250.10
 User ubuntu
```

Following is a simple ansible script to work with a dynamically created container. We have not used lxd module in ansible as it is not updated for quite sometime. So it does not work predictably but “awk” works predictable.

- hosts:
    your_host_address_or_dns_name
  remote_user: ubuntu
  gather_facts: no

  tasks:

    - name: Check container list
      command:
        /snap/bin/lxc list
      register: container_list

    - name: Create and launch a container named test
      command:
        "/snap/bin/lxc launch test-image test"
      when: ("test" not in container_list.stdout)
      register: test_var

    - name: Wait for 10 seconds before checking the address
      wait_for:
        timeout:
          10
      delegate_to:
        localhost

    - name: Get the test container ip
      shell:
        /snap/bin/lxc list test -c 4 | awk '!/IPV4/{ if ( $2 != "" ) print $2}'
      register:
        test_ipv4
      when: test_var is defined
          
    - name: Add this container information as dynamic host
      add_host:
        gather_facts: no
        ansible_python_interpreter: /usr/bin/python3
        name:
          "{{ test_ipv4.stdout }}"
        groups:
          - testgroup

- hosts:
    testgroup
  remote_user: ubuntu
  become: yes
  become_method: sudo
    
  tasks:
    
    - name: Test information
      debug:
        msg:
          "System working {{ ansible_host }}"
          
    - name: Ping the server
      ping:
      register: testcontainer

- hosts:
    your_host_ip_or_dns_name
  remote_user: ubuntu
  gather_facts: no

  tasks:

    - name: Check container list
      command:
        /snap/bin/lxc list
      register: container_list
      
    - name: Stop test container to create test base image
      command:
        /snap/bin/lxc stop test
      when: ('test' in container_list.stdout)
      register: test_image

    - name: Check if the image exist
      command:
        /snap/bin/lxc image list
      register: image_list
   
    - name: Create image from test container when image do not exist
      command:
        /snap/bin/lxc publish test --alias test-1.0
      when: ("test-1.0" not in image_list.stdout)

Tony_Anytime · August 26, 2019, 5:09pm

Thanks, Will Review!

Basant_Chhetri · December 13, 2021, 10:53am

@Tony_Anytime did you solved your issue?