Pipe it to connections (#73688)
* pipelining tweaks added 'defaults' entry for ini pipelining from ssh plugin
This commit is contained in:
parent
8628c12f30
commit
9690512069
7 changed files with 49 additions and 17 deletions
2
changelogs/fragments/pipelinig_to_plugins.yml
Normal file
2
changelogs/fragments/pipelinig_to_plugins.yml
Normal file
|
@ -0,0 +1,2 @@
|
|||
bugfixes:
|
||||
- Restructured pipelining settings to be at the connection plugins leaving base config as global and for backwards compatiblity.
|
|
@ -109,16 +109,15 @@ ANSIBLE_PIPELINING:
|
|||
- "However this conflicts with privilege escalation (become). For example, when using 'sudo:' operations you must first
|
||||
disable 'requiretty' in /etc/sudoers on all managed hosts, which is why it is disabled by default."
|
||||
- This option is disabled if ``ANSIBLE_KEEP_REMOTE_FILES`` is enabled.
|
||||
- This is a global option, each connection plugin can override either by having more specific options or not supporting pipelining at all.
|
||||
env:
|
||||
- name: ANSIBLE_PIPELINING
|
||||
- name: ANSIBLE_SSH_PIPELINING
|
||||
ini:
|
||||
- section: defaults
|
||||
key: pipelining
|
||||
- section: connection
|
||||
key: pipelining
|
||||
- section: ssh_connection
|
||||
key: pipelining
|
||||
type: boolean
|
||||
yaml: {key: plugins.connection.pipelining}
|
||||
ANSIBLE_SSH_ARGS:
|
||||
# TODO: move to ssh plugin
|
||||
default: -C -o ControlMaster=auto -o ControlPersist=60s
|
||||
|
|
|
@ -12,6 +12,8 @@ DOCUMENTATION = '''
|
|||
- This connection plugin allows ansible to execute tasks on the Ansible 'controller' instead of on a remote host.
|
||||
author: ansible (@core)
|
||||
version_added: historical
|
||||
extends_documentation_fragment:
|
||||
- connection_pipelining
|
||||
notes:
|
||||
- The remote user is ignored, the user with which the ansible CLI was executed is used instead.
|
||||
'''
|
||||
|
@ -82,7 +84,7 @@ class Connection(ConnectionBase):
|
|||
|
||||
master = None
|
||||
stdin = subprocess.PIPE
|
||||
if sudoable and self.become and self.become.expect_prompt():
|
||||
if sudoable and self.become and self.become.expect_prompt() and not self.get_option('pipelining'):
|
||||
# Create a pty if sudoable for privlege escalation that needs it.
|
||||
# Falls back to using a standard pipe if this fails, which may
|
||||
# cause the command to fail in certain situations where we are escalating
|
||||
|
@ -102,7 +104,7 @@ class Connection(ConnectionBase):
|
|||
stderr=subprocess.PIPE,
|
||||
)
|
||||
|
||||
# if we created a master, we can close the other half of the pty now
|
||||
# if we created a master, we can close the other half of the pty now, otherwise master is stdin
|
||||
if master is not None:
|
||||
os.close(stdin)
|
||||
|
||||
|
@ -138,7 +140,10 @@ class Connection(ConnectionBase):
|
|||
|
||||
if not self.become.check_success(become_output):
|
||||
become_pass = self.become.get_option('become_pass', playcontext=self._play_context)
|
||||
os.write(master, to_bytes(become_pass, errors='surrogate_or_strict') + b'\n')
|
||||
if master is None:
|
||||
p.stdin.write(to_bytes(become_pass, errors='surrogate_or_strict') + b'\n')
|
||||
else:
|
||||
os.write(master, to_bytes(become_pass, errors='surrogate_or_strict') + b'\n')
|
||||
|
||||
fcntl.fcntl(p.stdout, fcntl.F_SETFL, fcntl.fcntl(p.stdout, fcntl.F_GETFL) & ~os.O_NONBLOCK)
|
||||
fcntl.fcntl(p.stderr, fcntl.F_SETFL, fcntl.fcntl(p.stderr, fcntl.F_GETFL) & ~os.O_NONBLOCK)
|
||||
|
|
|
@ -15,6 +15,8 @@ description:
|
|||
version_added: "2.7"
|
||||
requirements:
|
||||
- pypsrp>=0.4.0 (Python library)
|
||||
extends_documentation_fragment:
|
||||
- connection_pipelining
|
||||
options:
|
||||
# transport options
|
||||
remote_addr:
|
||||
|
|
|
@ -16,6 +16,8 @@ DOCUMENTATION = '''
|
|||
a password manually to decrypt an ssh key when using this connection plugin (which is the default). The
|
||||
use of ``ssh-agent`` is highly recommended.
|
||||
author: ansible (@core)
|
||||
extends_documentation_fragment:
|
||||
- connection_pipelining
|
||||
version_added: historical
|
||||
options:
|
||||
host:
|
||||
|
@ -190,23 +192,14 @@ DOCUMENTATION = '''
|
|||
- name: ansible_user
|
||||
- name: ansible_ssh_user
|
||||
pipelining:
|
||||
default: ANSIBLE_PIPELINING
|
||||
description:
|
||||
- Pipelining reduces the number of SSH operations required to execute a module on the remote server,
|
||||
by executing many Ansible modules without actual file transfer.
|
||||
- This can result in a very significant performance improvement when enabled.
|
||||
- However this conflicts with privilege escalation (become).
|
||||
For example, when using sudo operations you must first disable 'requiretty' in the sudoers file for the target hosts,
|
||||
which is why this feature is disabled by default.
|
||||
env:
|
||||
- name: ANSIBLE_PIPELINING
|
||||
- name: ANSIBLE_SSH_PIPELINING
|
||||
ini:
|
||||
- section: defaults
|
||||
- section: connection
|
||||
key: pipelining
|
||||
- section: ssh_connection
|
||||
key: pipelining
|
||||
type: boolean
|
||||
vars:
|
||||
- name: ansible_pipelining
|
||||
- name: ansible_ssh_pipelining
|
||||
|
|
|
@ -14,6 +14,8 @@ DOCUMENTATION = """
|
|||
- This plugin allows extra arguments to be passed that are supported by the protocol but not explicitly defined here.
|
||||
They should take the form of variables declared with the following pattern `ansible_winrm_<option>`.
|
||||
version_added: "2.0"
|
||||
extends_documentation_fragment:
|
||||
- connection_pipelining
|
||||
requirements:
|
||||
- pywinrm (python library)
|
||||
options:
|
||||
|
|
29
lib/ansible/plugins/doc_fragments/connection_pipelining.py
Normal file
29
lib/ansible/plugins/doc_fragments/connection_pipelining.py
Normal file
|
@ -0,0 +1,29 @@
|
|||
# Copyright (c) 2021 Ansible Project
|
||||
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
from __future__ import (absolute_import, division, print_function)
|
||||
__metaclass__ = type
|
||||
|
||||
|
||||
class ModuleDocFragment(object):
|
||||
|
||||
# common shelldocumentation fragment
|
||||
DOCUMENTATION = """
|
||||
options:
|
||||
pipelining:
|
||||
default: ANSIBLE_PIPELINING
|
||||
description:
|
||||
- Pipelining reduces the number of connection operations required to execute a module on the remote server,
|
||||
by executing many Ansible modules without actual file transfers.
|
||||
- This can result in a very significant performance improvement when enabled.
|
||||
- However this can conflict with privilege escalation (become).
|
||||
For example, when using sudo operations you must first disable 'requiretty' in the sudoers file for the target hosts,
|
||||
which is why this feature is disabled by default.
|
||||
env:
|
||||
- name: ANSIBLE_PIPELINING
|
||||
ini:
|
||||
- section: defaults
|
||||
key: pipelining
|
||||
type: boolean
|
||||
vars:
|
||||
- name: ansible_pipelining
|
||||
"""
|
Loading…
Reference in a new issue