Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cache session information somehow #32

Open
ktdreyer opened this issue Feb 19, 2019 · 3 comments
Open

cache session information somehow #32

ktdreyer opened this issue Feb 19, 2019 · 3 comments
Labels
enhancement New feature or request

Comments

@ktdreyer
Copy link
Owner

Currently every Ansible module authenticates its own unique Koji client session. This means we always send the login RPC to Koij Hub every time we want to make a change.

This is not slower than invoking the koji CLI many times, but we may be able to do better.

When we do a client login to the Koji Hub at the /ssllogin endpoint, we get back a XML-RPC response with a session-id (int) and a session-key (string). Example:

cbs -d --debug-xmlrpc hello

The Koji client then uses these two values to authenticate all the requests going forward. Subsequent HTTP requests for XML-RPC look like this:

/kojihub?session-id=123456&session-key=1234-asdf&callnum=0

where callnum is an integer that increases for every authenticated call.

In koji-ansible, we could return session-id, session-key, from a koji_login module, and have all the other modules use these variables if they are defined for the profile.

Note, we would also need to cache callnum in a way that every other koji-ansible module can increment it.
@ktdreyer ktdreyer changed the title new koji_login module cache session information somehow Apr 30, 2020
@ktdreyer ktdreyer added the enhancement New feature or request label Apr 30, 2020
@ktdreyer
Copy link
Owner Author

ktdreyer commented Apr 30, 2020
edited
Loading

Ansible includes "connection" plugins that might help here. I have not looked into this in depth, but one that looks interesting is "httpapi". Maybe we need a "koji" connection plugin.

https://github.com/network-automation/httpapi/blob/master/playbook.yml is one example of using httpapi.

@ktdreyer
Copy link
Owner Author

"httpapi" looks a bit too specific for Cisco/network devices.

However, this post describes how to create a custom connection plugin that caches a login credential: https://steampunk.si/blog/let-us-give-ansible-a-rest/ .

When we use a connection plugin, all the Koji client traffic originates from the host that runs Ansible. Right now we have some users that run the koji-ansible modules on remote nodes (via Ansible's usual SSH mechanism), and some other users running koji-ansible in containers, so we need to evaluate how to make this work in all cases.

@ktdreyer
Copy link
Owner Author

One project to watch here is the new Ansible "turbo" module. There was a presentation at AnsibleFest 2020. A bit unclear how widespread and battle-tested that is at this point, but an interesting approach to caching.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ktdreyer