ansible-role-promtail icon indicating copy to clipboard operation
ansible-role-promtail copied to clipboard

Published 20 hours ago • verified publisher icon patrickjahns

Download and Rsync

Open gannaramu opened this issue 2 years ago • 2 comments

for instances when remote machine dont have internet access.

gannaramu avatar Aug 30 '22 00:08 gannaramu

Thank you very much for your proposal. However - I am very reluctant to accept the change, for the simple reason, that your change now enforces to upload the binaries from the controller for everyone. Imagine a fleet of 100s even 1000s of hosts - the controller would require to copy it to all.

Instead of changing the role, I propose the following:

You create a playbook in which you copy the binaries onto the respective hosts and then specify the paths where they can be found via {{ promtail_tmp_dir }} and {{ promtail_version }}. Respectively you can also specify the checksum ( see: https://github.com/patrickjahns/ansible-role-promtail/issues/71 // https://github.com/patrickjahns/ansible-role-promtail/pull/72 )

Or alternatively - provide a fileserver as the user in #71 has done

patrickjahns avatar Aug 31 '22 10:08 patrickjahns

@patrickjahns I agree with your point. but there are many cases where these nodes are behind firewalls and cant access them from internet. the current logic is inspired from cloudalchemy node exporter ansible role. https://galaxy.ansible.com/cloudalchemy/node_exporter https://github.com/cloudalchemy/ansible-node-exporter/blob/c2401cfed554906843520cbac7ae2a3a132c590e/tasks/install.yml#L20-L53 I will leave the decision up to you.

gannaramu avatar Aug 31 '22 17:08 gannaramu

Have you tried the suggestion to copy the binary outside of the role? If we were to introduce the change, the existing behaviour should not be changed and a new behaviour for fetching binaries and distributing them should be opt-in.

patrickjahns avatar Sep 30 '22 07:09 patrickjahns

I didn't get a chance to do it. but i have been using this modified version. I will let you know once i get a change to try it out.

gannaramu avatar Oct 16 '22 04:10 gannaramu

@gannaramu A similar feature was merged with #104 - maybe this can already be used like you intended it to do? alternatively that is a good PR to copy and create another feature flag to enable your behaviour - would you pick it up ?

patrickjahns avatar Feb 10 '23 17:02 patrickjahns

@patrickjahns sure will try it out and see if it suffices. if not will incorporate it in this pr

gannaramu avatar Feb 10 '23 17:02 gannaramu

@patrickjahns what do you think of this implementation?

gannaramu avatar Feb 11 '23 06:02 gannaramu

@gannaramu

Have you tested your idea yet? I fear this won't work as the local path "branch" won't have any checksums available. I believe it would be better to hide this download behaviour behind a feature flag to explicitly change the behaviour instead of relying of implicit variables being set.

Please add a molecule test scenario to cover this additional feature

edit:

After double checking your idea - I've come to the conclusion that it's also best to preliminary check if the file is in promtail_binary_local_dir and fail early if it is not. (https://github.com/patrickjahns/ansible-role-promtail/pull/158)

Let's use a explicit switch to decide between:

  • the node downloads the archive
  • the controller downloads the archive

patrickjahns avatar Feb 11 '23 12:02 patrickjahns

@patrickjahns can we add support to python3.10 on tox?

gannaramu avatar Feb 11 '23 14:02 gannaramu

@patrickjahns i have the molecule tests added need some eyes on it https://github.com/gannaramu/ansible-role-promtail/actions/runs/4151862946/jobs/7182434219

gannaramu avatar Feb 11 '23 14:02 gannaramu

@gannaramu Please excuse the delay in answering

There is a typo in the variables propogate should most likely be propagate

patrickjahns avatar Apr 04 '23 16:04 patrickjahns

@gannaramu - it's finally released with the role 🎉

patrickjahns avatar Apr 06 '23 06:04 patrickjahns