#496 Upgrading from ansible 2.9.x branch to $current ansible (probably 5.x using ansible-core 2.12.x)
Closed: Fixed with Explanation 2 years ago by arrfab. Opened 2 years ago by arrfab.

As discussed with @mobrien and @kevin , CentOS and Fedora infrastructure teams are still relying on ansible 2.9.x (both packaging side and playbook/tasks style).
We'd need to consider upgrading as 2.9.x is slowly reaching EOL.

At first sight we'd need :

  • updated ansible pkg (metadata which would pull ansible-core and default collections)
  • review all our existing automation to confirm that it would work with the new namespace syntax for new ansible

Metadata Update from @arrfab:
- Issue tagged with: blocked, centos-ci-infra, centos-common-infra, feature-request, high-gain, high-trouble, mini-initiative

2 years ago

Food for thoughts as Kevin already started to work on this at Fedora side for packaging PoV : https://fedoraproject.org/wiki/Changes/Ansible5

Yeah, although @dmsimard is actually doing all the work. ;)

Another approach we may want to consider for centos/fedora infra: just install ansible-core and only those collections we use (which might require packaging a bunch of collections up).

I'm not sure how we could figure out all the collections we need though, aside from installing ansible-core and running the playbooks to see whats missing?

That was my high-overview plan for it, yes ... testing in dev env and trying to play all roles.
Also modifying that's needed in ansible.cfg to point to specific location for collections and declare collections in requirements.yml for ansible-galaxy/ansible-role-ctl
Big interrogation mark is about :

  • either to use rpm for each collection
  • either use the new ansible metadata pkg from pypi that would have almost all
  • just use ansible-core (lightweight) and fetch all that is needed through git/tags (like we do for our roles)

Metadata Update from @arrfab:
- Issue assigned to arrfab

2 years ago

I started a scratch build for ansible 5 rpm and have just some mods for .spec and I'll create a PR against dmsimard's fork, from where he'll open himself the PR for ansible rpm on src.fedoraproject.org
Parallel to that I'm having a look at also rebuilding ansible-core 2.12, needed as Requires: for it

Metadata Update from @arrfab:
- Assignee reset

2 years ago

[backlog refinement]
CentOS 8 Stream now officially has ansible-core 2.12. So we don't need to rebuild it anymore.
Next step is to review roles and see what changes needs to be made.

Metadata Update from @arrfab:
- Issue assigned to arrfab

2 years ago

Metadata Update from @zlopez:
- Issue untagged with: blocked
- Issue priority set to: Medium Priority (was: Needs Review)

2 years ago

quick status update : testing ansible-core 2.12 from 8-stream and once we have installed some identified collections "manually", I was able to do some syntax checks and it seems (some basic roles were tried in "dev" env) that it would work without any issue.

Identified issues (to work on) :

  • ARA needs some love as packaged version is using python 3.6 while ansible-core is now python 3.8 so callback plugin doesn't work easily (but a simple pip3.8 install --user 'ara==1.5.7' as local workaround, just for the callback plugin that is, works , while server part (including gunicorn, django, etc, are still the packaged version using python 3.6)
  • ansible-roles-ctl support for collections is being worked on but not working completely (see https://gitlab.com/osci/ansible-roles-ctl/-/issues/1)

quick update (forgot to add it the other day) : ansible-roles-ctl is now working fine for roles and collections, using branch or tag.
So it's possible to pip3.8 install --user 'ansible-roles-ctl==2.0.0' and then use it to automatically retrieve roles/collections and update it when needed.

Status update :

Once we'll have fully converted other environments, like ci, production and stream, and also reflected the workflow to test/validate a collection version bump in requirements.yml file, we'll be able to close this ticket

There will still be some work needed, but not considered crucial for this ticket : defining tasks/modules by FQCN and not short name but number of collections is really small for our infra usage, so we don't have any conflict (yet) and all playbooks/roles can be played with ansible-core 2.12.3

Status update:

ci and production infra now converted too. stream dedicated setup will be converted later (managed differently)
To help to convert .yml tasks (in roles) and playbooks, a simple tool was written (test it first) : https://github.com/CentOS/infra-scripts/blob/master/ansible/convert-ansible-tasks-to-fqcn

Parallel to what was done for the infra conversion, some time was spent through configmanagement-SIG to build and ship an ansible 5 pkg (meta-pkg with collections) :

We can now consider that converting playbooks with FQCN is BAU (when we need to modify roles we can at same time convert) and so close this ticket that was used to track the main effort to test/migrate to ansible-core 2.12.x

Metadata Update from @arrfab:
- Issue close_status updated to: Fixed with Explanation
- Issue status updated to: Closed (was: Open)

2 years ago

Login to comment on this ticket.

Boards 2
CentOS CI Infra Status: Backlog