Running long-duration tasks using Ansible, results in inefficient resource utilization, and connection time-outs. At times, environment-specific limitations also put restrictions on running an Ansible job for longer time periods. This paper describes a solution to overcome these issues using an approach to run ansible jobs in an asynchronous way.
Ansible is a radically simple IT automation engine that automates cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs.
There are few use-cases, however, where Ansible after performing some pre-requisite tasks, simply waits for a process that executes the main task like:
In such cases:
In addition to the above, there can also be limitations on the duration for which the session can remain established between the Ansible Tower and the remote host.
For example, in the case of AWS when we make use of 'AssumeRole' feature (It returns a set of temporary security credentials that can be used to access AWS resources that normally do not have access to. These temporary credentials consist of an access key ID, a secret access key, and a security token), the Maximum Session duration for which the security token remains valid, can be set for a maximum of 12hrs.
But for security or any other reason it may further be reduced to a lesser duration, for example in our client's environment, it is set to 1hr only.
The steps involved in the solution are
INSPIRED BY SIGNALLING
If there are any subsequent tasks in the Ansible playbook, that are required to be executed based on the success of the task executed asynchronously, then they can no longer be part of the same playbook.
However, there can be two ways to run them
This method made it possible to run time-consuming tasks with Ansible, using an asynchronous approach, without maintaining a session or a connection between the Ansible tower and remote nodes.
With this approach, we can use Ansible to run long-duration tasks like: