Enabling the Ansible Runner Capability on the Site Controller

The Site controller can execute Ansible tasks, typically provided via the Extension mechanism. It is disabled by default for security reasons and must be enabled in order for it to execute workflow tasks of type Ansible.

On the Site Controller VM execute:

1. Create a transient job directory

mkdir -p /opt/metalsoft/ansible-jobs

2. Add the ansible runner pod: Edit the docker-compose.yaml file and add the ansible runner pod and uncomment the following entries in the services section:

  ansible-runner:
    container_name: ansible-runner
    network_mode: host
    hostname: ansible-runner-qa02-os10-b9425
    image: registry.metalsoft.dev/sc/sc-ansible-playbook-runner:openshift
    restart: always
    environment:
      - TZ=Etc/UTC
      - ANSIBLE_RUNNER=enabled
      - ANSIBLE_RUNNER_HOME=/opt/metalsoft/ansible-jobs
      - ANSIBLE_RUNNER_ARCHIVES_FOLDER=/opt/metalsoft/ansible-archives
    volumes:
      - /opt/metalsoft/ansible-jobs:/opt/metalsoft/ansible-jobs
      - /opt/metalsoft/nfs-storage:/iso

3. Enable the ansible runner capability in the ms-agent section:

environment:
      - ANSIBLE_RUNNER=enabled
volumes:
      - /opt/metalsoft/ansible-jobs:/opt/metalsoft/ansible-jobs

4. Restart the site controller:

docker compose up -d

5. Verify that the capability is active: In the Admin go to Sites > site > Site Controllers and look for the ANSIBLE_RUNNER=true entry