community.docker.nsenter – execute on host running controller container
This plugin is part of the community.docker collection (version 1.9.1).
To install it use:
ansible-galaxy collection install community.docker.
To use it in a playbook, specify:
New in version 1.9.0: of community.docker
This connection plugin allows Ansible, running in a privileged container, to execute tasks on the container host instead of in the container itself.
This is useful for running Ansible in a pull model, while still keeping the Ansible control node containerized.
It relies on having privileged access to run
nsenterin the host’s PID namespace, allowing it to enter the namespaces of the provided PID (default PID 1, or init/systemd).
The remote user is ignored; this plugin always runs as root.
This plugin requires the Ansible controller container to be launched in the following way: (1) The container image contains the
nsenterprogram; (2) The container is launched in privileged mode; (3) The container is launched in the host’s PID namespace (