There may be cases in which you would like to be able to execute a scripts or commands in a device or on a group of devices. For example, in rpm-ostree during life cycle of the device a configuration change without rebooting may be needed.

Project Flotta makes your life easier by supporting Ansible playbook execution. How can we create an Ansible playbook for the edge devices? How does the execution work in Project Flotta? This is what we will cover in this blog post.

Preliminary steps

1- Define the Ansible Playbook

First things first: we need to write your example Ansible playbook. To keep things easy, let’s say we want to create a txt file in some of our edge devices.

---
-  name: Hello Ansible Playbook
   hosts: 127.0.0.1
   gather_facts: false
   
   tasks:
   - name: Create a file called '/tmp/hello.txt'
     copy:
       content: Hello from Project Flotta!
       dest: /tmp/hello.txt

2 - Define the EdgeConfig

Then, it’s time to send it to the Flotta Operator but… How? Easy! Let create an EdgeConfig CR!
(See CRD Reference for detailed description).

apiVersion: management.project-flotta.io/v1alpha1
kind: EdgeConfig
metadata:
  name: edgeconfig-sample
spec:
    edgePlaybook: 
        playbooks: 
            - content: LS0tCi0gIG5hbWU6IEhlbGxvIEFuc2libGUgUGxheWJvb2sKICAgaG9zdHM6IDEyNy4wLjAuMQogICBnYXRoZXJfZmFjdHM6IGZhbHNlCiAgIAogICB0YXNrczoKICAgLSBuYW1OiBDcmVhdGUgYSBmaWxlIGNhbGxlZCAnL3RtcC9oZWxsby50eHQnCiAgICAgY29weToKICAgICAgIGNvbnRlbnQ6IEhlbGxvIGZyb20gUHJvamVjdCBGbG90dGEhCiAgICAgICBkZXN0OiAvdG1wL2hlbGxvLnR4dAo=
              timeoutSeconds: 10

The content item contains the base64 encoding of our example playbook. It can be obtained using:

>> base64 << EOF
---
-  name: Hello Ansible Playbook
   hosts: 127.0.0.1
   gather_facts: false
   
   tasks:
   - name: Create a file called '/tmp/hello.txt'
     copy:
       content: Hello from Project Flotta!
       dest: /tmp/hello.txt
EOF

3 - Label the edge devices

To let the Flotta Operator know that you want execute your edgeconfig-sample on one more specific edge devices, you must label them.

>> kubectl label edgedevice device1 config/device-by-config=edgeconfig-sample
>> kubectl label edgedevice device3 config/device-by-config=edgeconfig-sample

In this case, we want to run the playbook on two edge devices: device1 and device3

4 - Apply the EdgeConfig to the cluster

>> kubectl apply -f edgeconfig-sample.yaml

Architecture

What happens when Flotta Operator receives the EdgeConfig?

It automatically creates a PlaybookExecution CR for each device that has been properly labelled.

In this way it is possible to monitor the execution of the playbook on each edge device, indeed the edge device will update the status of the PlaybookExecution CR according with the Ansible playbook execution result.

The possible statuse are: Deploying, Running, SuccessfullyCompleted, CompletedWithError.

The EdgeConfig CR provides the possibility to specify the Execution Type of each Ansible playbook. The possible strategies provided are:

• StopOnFailure: stop playbook execution as soon as failure occurs and do not re-execute it
• RetryOnFailure: retry to execute the playbook if a failure occurs during the playbook execution
• ExecuteOnce: execute the playbook only once

At the moment, only ExecuteOnce is supported.

Future works

At the time of writing of this blog post some important features are still missing. For example, when does the Flotta Operator can consider the EdgeConfig completed?

What if the user select 100 edge devices and some successfully completed the executions, others are no reachable and other completed the execution with errors?

We need to implement a “waiting strategy”. The EdgeConfig has been designed to use conditions: in this way it possible to way until all the PlaybookExecution CRs are in a final state (SuccessfullyCompleted and CompletedWithError), or considered the EdgeConfig successfully executed if at least x% of the edge devices ran the playbook correctly.

This is a good opportunity for you to start contributing on Project Flotta!