Has Ansible solved the issue where some tasks (e.g. postgresql_user) require a Python module to be available, which you don't want to be installed in the global environment? Last I looked into it you could use a venv but had to monkey around with some envvars and it wasn't ergonomic in the least.

You can monkey with the Python primitives, containerize the runtime env, or probably something more involved

Would suggest the middle option: https://docs.ansible.com/ansible/latest/getting_started_ee/i...

One can use the primitives, but eventually you'll find conflict or drift. Config management becomes something else. Not worth the hassle considering inconsistent usage/placement of the 'become' keyword, the '-b' argument, and such.

EEs slot perfectly into AWX/AAP, the next logical step once you've grown tired of using the Ansible CLI.

Nope, the issue is still there, and not just for Postgres. You need `hvac` to use Hashicorp Vault-related stuff, for example.

There's a decent workaround, though, if you don't mind managing your Ansible install with `pipx` instead of your system package manager:

    $ pipx install ansible --include-deps
    $ pipx inject ansible psycopg2-binary --include-apps

You can also containerize it w/ Podman or Docker and install the deps in the container. Maybe even add an alias.

[1]: https://github.com/astral-sh/uv/issues/6314

Just to clarify, for the reader, that ansible and python are only required for the deployment host, not it's targets.

being agentless and using ssh for transport, the target hosts need only have an ip address listed in the deployment hosts inventory, aka one can address target hosts directly after creating them, given ssh access.

much of ansibles python issues are just python issues.

ansible is a very flexible tool, and idempotent behavior is largely a factor of playbook design until it hits real world limits.