Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[RFE] implement async module to support changing IP address #32

Open
thom311 opened this issue Mar 7, 2018 · 16 comments
Open

[RFE] implement async module to support changing IP address #32

thom311 opened this issue Mar 7, 2018 · 16 comments

Comments

@thom311
Copy link
Contributor

thom311 commented Mar 7, 2018

Commonly, the role will connect to the host via SSH. Hence, it cannot currently support to change the IP address of the host, because it will cut itself off.

ansible supports reboot of the system or changing the TCP port of the SSH server via async requests and poll for completion. Something similar should be possible for the network role.

The user should be able to specify that the role works asynchronously, and that afterwards the host is reachable via a new IP address.

Also interesting is to combine this with the CheckPoint feature of NetworkManager.

@codetronaut
Copy link

Hello, I would like to work on this issue. Please give me some follow-ups.

@pcahyna
Copy link
Member

pcahyna commented Feb 20, 2020

@codetronaut great! @thom311 @tyll could you please give advice? By the way, using the CheckPoint feature is already implemented in #119 , I believe.

@pcahyna
Copy link
Member

pcahyna commented Feb 20, 2020

@codetronaut from a quick look I think the best place to start would be to read about the CheckPoint feature referenced above and look in PR #119 to see how it is used in the network role (in the internal module which implements most of the functionality, which is here: https://github.com/linux-system-roles/network/blob/master/library/network_connections.py). Then you could modify the module to introduce a timeout, after which the state is rolled back. And introduce a new operation which would cancel the timeout. Finally, you would change the Ansible parts of the role so that it calls the module asynchronously, then reconnects and invokes the cancellation of the timeout. (Unless the maintainers have different suggestions.)

@thom311
Copy link
Contributor Author

thom311 commented Feb 20, 2020

I think the important bit here are how to implement async modules. It's more a question about ansible module development... I am not familiar with it, but I'd look how other modules handle that. For example, how can the SSH module change the port? How does reboot work?

@pcahyna
Copy link
Member

pcahyna commented Feb 20, 2020

An example of a test which reboots the managed host can be seen here:
https://github.com/linux-system-roles/selinux/blob/6cd1ec8fdebdb92a789b14e5a44fe77f0a3d8ecd/tests/selinux_apply_reboot.yml#L12

@pcahyna
Copy link
Member

pcahyna commented Feb 20, 2020

here is some information about async tasks: https://docs.ansible.com/ansible/latest/user_guide/playbooks_async.html

@pcahyna
Copy link
Member

pcahyna commented Feb 20, 2020

@thom311 what is the SSH module? I don't see it in the module index.

@codetronaut
Copy link

codetronaut commented Feb 20, 2020

@pcahyna will check the #119.
will ask if get stuck :)
Also, I am a little beginner but will do my best to resolve this issue.

@pcahyna
Copy link
Member

pcahyna commented Feb 21, 2020

@codetronaut in this case, because most of the role functionality is implemented in an Ansible module, the Ansible documentation about developing modules could be useful: https://docs.ansible.com/ansible/latest/dev_guide/index.html

@pcahyna
Copy link
Member

pcahyna commented Feb 21, 2020

@codetronaut you don't need to dive too much into the details of Ansible module development though, as you are not developing a module from scratch, the module already exists and you will need to only extend it a bit.

@codetronaut
Copy link

sure @pcahyna , will do it.

@pcahyna
Copy link
Member

pcahyna commented Feb 24, 2020

@codetronaut : @tyll uncovered some problems in the checkpoint implementation, see #154, so the code in #119 is likely to get changed.

@codetronaut
Copy link

Sure.

@codetronaut
Copy link

Then you could modify the module to introduce a timeout, after which the state is rolled back. And introduce a new operation which would cancel the timeout.

please guide me for this, I understand the part after the creation of the module i.e to insert into the ansible's python file.

@tyll
Copy link
Member

tyll commented Apr 16, 2020

@codetronaut thank you for your patience. I just submitted a PR to fix the current bug in the implementation (#193) and I thought about this feature. IMHO the next step after the bug is fixed is to refactor the code to

  1. Not to commit/destroy the checkpoint directly in the module when the transaction is complete but instead to return the dbus path of the checkpoint (for example /org/freedesktop/NetworkManager/Checkpoint/66)
  2. Add another step in the role tasks file after the current call of the module to destroy the checkpoint. Maybe it can just be a command like

gdbus call --system --dest org.freedesktop.NetworkManager --object-path /org/freedesktop/NetworkManager --method org.freedesktop.NetworkManager.CheckpointDestroy /org/freedesktop/NetworkManager/Checkpoint/66

when the network_provider is nm.

Afterwards we can consider additional checks that would call CheckpointRollback after doing a specific check. This needs further discussion. What do you think? (also @pcahyna or @thom311 please comment).

@tyll
Copy link
Member

tyll commented Apr 16, 2020

Actually my comment probably belongs better to #123 but this all needs to play well together.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants