Recent searches
Search options
Fun question for the #NixOS #Ansible bubble:
I noticed that Ansible on NixOS does not find python modules that have been installed from NixPkgs. This means, modules like the kubernetes module are not found and Ansible cannot do its work, when a task is executed on localhost (e.g. via delegate_to)
Is there a way to install those additional modules together with the Ansible package?
Or is this just some messup with autodetecting the python interpreter on localhost?
Second round for the #NixOS #Ansible bubble:
With lots of help I now have a Ansible derivation that includes python modules for requirements from e.g. the kubernetes.core Ansible collection.
But things still do not work. Example: Creating something in a Kubernetes cluster using the kubernetes.core collection. No matter whether I target localhost in my playbook or the remote host with a delegate_to for localhost.
Ansible uses the installed python directly, but without all the module-including-voodoo that is done in the .ansible-wrapped file (that is being called when "ansible" is being invoked". And thus the kubernetes module is not found.
I also tried installing python3 and python3Packages.kubernetes in addition to ansible. I see the kubernetes in $HOME/.nix-profile/lib/python3.12/site-packages/, but it is still not found. I tried telling Ansible that localhost has a python interpreter, but no change.
Frustrating...
Third round for the #NixOS #Ansible bubble:
I think I have a solution! At least I got some thing working.
Having the python312 nixpkg installed is not enough. It is also not enough to have python312, python312Packages.kubernetes and python312Packages.cryptography installed.
I had to install them "in the same package":
```
home.packages = with pkgs; [
ansible
ansible-lint
(pkgs.python3.withPackages (python-pkgs: [
python-pkgs.cryptography
python-pkgs.kubernetes
]))
];
```
Then I could set the ansible_python_interpreter to `python3` and could use the kubernetes python module for using things from the kubernetes.core Ansible collection.
This is in addition to having the modules also available in the ansible derivation, no idea if that is really necessary.
I'll do some more digging and testing, but at least something worked now! I call that a win!
Fourth and hopefully last round for the #NixOS #Ansible bubble:
Short recap: Having the kubernetes module in the ansible derivation/package is not enough, it needs to also be in the python3 or python312 derivation/package.
Fun fact:
- `which python3` gives me /home/tux.penguin/.nix-profile/bin/python3
- this links to /nix/store/ipwx571dlhxmdf1n1yd8vgqq5ndjnxba-python3-3.12.8-env/bin/python3
- `which -a python3` only gives me this one python, no other binaries found in the PATH with that name
1. Using /nix/store/ipwx571dlhxmdf1n1yd8vgqq5ndjnxba-python3-3.12.8-env/bin/python3 as ansible_python_interpreter works, the kubernetes module is found
2. Using /home/tux.penguin/.nix-profile/bin/python3 for ansible_python_interpreter works
3. Using "{{ lookup('env','HOME') }}/.nix-profile/bin/python3" for ansible_python_interpreter works
4. Using just python3 DOES NOT work?!?!? What the hell? Even if this is resolved (in the shell at least) to the same python3 binary/link in ~/.nix-profile/bin/python3? What the hell?
Hardcoding a nix path, even it is just ~/.nix-profile/bin/python3, is of course not feasible if the code is being used on other machines where this is not guaranteed to exist (as outlined in the answers yesterday).
What am I missing?
Running the playbook with -v shows me that it is using a completely different python3 from /nix/store/lhpwdis5hkyljz1d200bj1s6g51ljq9k-python3-3.12.8/bin/python3 which does not have the kubernetes module apparently.
No idea how it picks this up, where it takes that information from and how to fix this...
OK, this seems to be the python that Ansible is using. Being called directly without all the PATH mangling that the .ansible-wrapped script does. Which explains why it does not find the kubernetes module...
(Thanks @darix for the hint)
Fifth and (it really seems) last round for the #NixOS #Ansible bubble:
Thanks to @nebucatnetzer I tried installing ansible "the other way round". Rather than trying to install Ansible and have a customized python3 (with hvac and kubernetes modules etc.) as a "build input" I have tried the other way round: Adding ansible and ansible-core to the python package:
```
(pkgs.python3.withPackages (python-pkgs: [
python-pkgs.ansible
python-pkgs.ansible-core
python-pkgs.hvac
python-pkgs.kubernetes
]))
```
A short test was successful, tasks delegated to localhost found the kubernetes module and could successfully do things! Hooray!
@johanneskastl Maybe take a look at the python section of the nixpkgs manual, it has quite a few approaches listed: https://nixos.org/manual/nixpkgs/stable/#using-python
@johanneskastl
I suspect you need to build your python environment and pass that to where you build your ansible package.
Isn't there a nixos wiki page for ansible? If not, I feel like there should be. Maybe it is not because why would you use ansible if you have nix 
@musicmatze Thanks for the tip, Matze. I thought the same, but had no time to test that yet.
As for the "Why Ansible..." question, I already answered that yesterday (and did not quote Shakespeare!)