Mitogen and Teleport Ansible
If you've read my post covering the marriage between Teleport and Ansible, It's only natural that you think, how do we make it fast, more capable, moar better? Mitogen is the answer; we use Mitogen to make our deployments sing.
TL;DR
- Run Mitogen. It works. You're welcome.
- Keep reading if you would like to know more.
I'm writing this follow-up post because I've been asked a few times if there were issues with Ansible, Mitogen, and Teleport. So far, no there are no issues. Mitogen works flawlessly and the performance improvements Mitogen provides remain intact.
Star here if you're just ramping up on integrating Teleport and Ansible
Thoughts since writing the original post
I had some feelings on potential performance bottlenecks with Teleport managing large scale Ansible driven infrastructure; however, with the efficiencies gained through Mitogen I think I have less feelings.
Why Mitogen
To quote the opening paragraph from the Mitogen documentation
Mitogen for Ansible is a completely redesigned UNIX connection layer and module runtime for Ansible... it updates Ansible’s slow and wasteful shell-centric implementation with pure-Python equivalents, invoked via highly efficient remote procedure calls to persistent interpreters tunnelled over SSH.
Without getting into the underlying details, Mitogen makes Ansible more efficient and thus faster. The inclusion of Teleport is simply to facilitate authentication and transport.
The Setup
For Mitogen to work with Ansible, you need to have Ansible Installed.
Install Ansible
To install a Mitogen-supported version of Ansible, I execute the following command.
If your Ansible installation was performed through the operating system's package manager, you might need to do some extra work to install a compatible Ansible release.
Configure Ansible
As the Teleport Ansible post covers, we must set some basic Ansible configuration options to work with Teleport. I use environment variables, but feel free to set your configuration options as you desire.
Install Mitogen
Mitogen can be downloaded directly or installed. I like to install things.
Configure Mitogen for Ansible
We need to set a couple additional Ansible configuration options to work with Mitogen. I assume Mitogen has been installed in my example, so I'm dynamically sourcing the library path using a one-liner.
ANSIBLE_STRATEGY_PLUGINS
to the path where you saved it.Thus endeth the trick
Run Ansible Normally
Once everything is installed and configured, we simply run Ansible normally. From the debug output, we can see Mitogen working its magic.
Recap
- Teleport takes care of the transport and provides an authentication layer.
- The Ansible configuration points SSH at Teleport.
- The Ansible strategy options leverage Mitogen.
- Mitogen improves Ansible efficiency.
- DevOps rejoice.
Wrap-up
In this setup, we have Teleport providing access to the environment, Ansible taking care of complex workflows, and Mitogen making Ansible more efficient.
The unholy Trinity of automation is now complete.
If you're running Teleport Ansible and using Mitogen, let me know. I'd love to hear from you and learn more about your setup. While I've beaten up my environment with these tools, I'm sure there are edge cases I've not experienced in my home lab, and I'd love to know more about what is happening in the wild.
If you do have thoughts on making teleport-ansible better, let's collaborate. Everything is open source; everything is public.
The repository for teleport-ansible can be seen here https://github.com/cloudnull/teleport-ansible