This thread deserves an update:
- tripleo-ansible has now a paunch module, calling openstack/paunch as a library.
And is called here for paunch apply:
In theory, we could deprecate "paunch apply" now as we don't need it anymore. I was working on porting "paunch cleanup" but it's still WIP.
- I've been working on a new Ansible role which could totally replace Paunch, called "tripleo-container-manage", which has been enough for me to deploy an Undercloud:
https://review.opendev.org/#/c/686196. It's being tested here:
https://review.opendev.org/#/c/687651/ and as you can see the undercloud was successfully deployed without Paunch. Note that some container parameters haven't been ported and upgrade untested (this is a prototype).
The second approach is a serious prototype I would like to continue further but before I would like some feedback.
As for the feedback received in the previous answers, people would like to keep a "print-cmd" like, which makes total sense.
I was thinking we could write a proper check mode for the podman_container module, which could output the podman commands that are run by the module.
We could also extract the container management tasks to its own playbook so an operator who would usually run:
$ paunch debug (...) --action print-cmd
replaced by:
$ ansible-playbook --check -i inventory.yaml containers.yaml
A few benefits of this new role:
- leverage ansible modules (we plan to upstream podman_container module)
- could be easier to maintain and contribute (python vs ansible)
- could potentially be faster. I want to investigate usage of async actions/polls in the role.
Challenges:
- no unit tests like in paunch, will need good testing with Molecule
- we need to invest a lot in testing it, Paunch has a lot of edge cases that we carried over the cycles to manage containers.
More feedback is very welcome and anyone interested to contribute please let me know.