community.docker.nsenter – execute on host running controller container
Note
This plugin is part of the community.docker collection (version 1.10.2).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.docker
.
To use it in a playbook, specify: community.docker.nsenter
.
New in version 1.9.0: of community.docker
Synopsis
This connection plugin allows Ansible, running in a privileged container, to execute tasks on the container host instead of in the container itself.
This is useful for running Ansible in a pull model, while still keeping the Ansible control node containerized.
It relies on having privileged access to run
nsenter
in the host’s PID namespace, allowing it to enter the namespaces of the provided PID (default PID 1, or init/systemd).
Parameters
Parameter |
Comments |
---|---|
PID to attach with using nsenter. The default should be fine unless you are attaching as a non-root user. Default: 1 Configuration:
|
Notes
Note
The remote user is ignored; this plugin always runs as root.
This plugin requires the Ansible controller container to be launched in the following way: (1) The container image contains the
nsenter
program; (2) The container is launched in privileged mode; (3) The container is launched in the host’s PID namespace (--pid host
).
Authors
Jeff Goldschrafe (@jgoldschrafe)