AdminSysGNULinux

Outils pour utilisateurs

Outils du site

Piste : notes_kubernetes_k8s_-_utilisation notes_svn_subversion notes_pid1_conteneurs documentation pb_nmap_openvz ansible_docker_execution_environment
tech:ansible_docker_execution_environment

Ceci est une ancienne révision du document !

Table des matières

, ,

Ansible Docker Execution Environment

Voir :

Voir aussi les execution-environment.yml :

Installation

pip install --user ansible-builder>=3.0.0

Utilisation

Fichiers :

  • execution-environment.yml
  • ansible.cfg
  • requirements.txt
  • requirements.yml
  • bindep.txt
podman login --tls-verify=false registry.acme.fr -u admin
# podman login --tls-verify=false registry.acme.fr -u admin -p P@ssw0rd
 
ansible-builder create #--file execution-environment-dev.yml
# Créer le dossier context/
 
podman build -f context/Containerfile -t img01:0.9.1
 
podman images
podman image prune
 
podman tag localhost/img01:0.9.1 aahub.acme.local/img01:0.9.1
podman images
podman push aahub.acme.local/img01:0.9.1
ansible-navigator images --eei aahub.acme.local/img01:0.9.1
cd ansible-2.3_rhel5-repo/
 
 
vim context/Containerfile
vim requirements.txt
vim requirements.yml
vim bindep.txt
vim execution-environment.yml
 
ansible-builder build -v 3 --tag img-rhel5_0.1
podman build -f context/Containerfile -t img-rhel5_0.1
 
pip3 download psutils
 
podman push --tls-verify=false twr00210f.acme.local/img-rhel5_0.2 --log-level debug
 
ansible-navigator --eei twr00210f.acme.local/acme-provisioning-dell:latest --tls-verify=false
ansible-navigator --eei twr00210f.acme.local/acme-provisioning-dell:latest --pa='--tls-verify=false'
ansible-navigator --eei twr00210f.acme.local/acme-provisioning-dell:latest
export ANSIBLE_NAVIGATOR_PULL_ARGUMENT="tls-verify=false"
 
vim /etc/containers/registries.conf
 
ansible-navigator -m stdout run reboot_idrac.yml -i inv.yml --eei twr00210f.acme.local/acme-provisioning-dell:latest
 
ansible-builder introspect --help
podman build -f context/Containerfile -t ee-test:0.3
mkdir plop
cd plop

Nettoyage 

podman image prune
podman rmi <image>
rm -rf ./context/

ansible.cfg 

# Since Ansible 2.12 (core):
# To generate an example config file (a "disabled" one with all default settings, commented out):
#               $ ansible-config init --disabled > ansible.cfg
#
# Also you can now have a more complete file by including existing plugins:
# ansible-config init --disabled -t all > ansible.cfg
 
# For previous versions of Ansible you can check for examples in the 'stable' branches of each version
# Note that this file was always incomplete  and lagging changes to configuration settings
 
# for example, for 2.9: https://github.com/ansible/ansible/blob/stable-2.9/examples/ansible.cfg
[galaxy]
server_list = rh-certified_repo, published_repo, community_repo, galaxy
 
[galaxy_server.rh-certified_repo]
token=xxxxxxxxxxxxxx1
url=https://aahub.acme.local/api/galaxy/content/rh-certified/
 
[galaxy_server.published_repo]
token=xxxxxxxxxxxxxx2
url=https://aahub.acme.local/api/galaxy/content/published/
 
[galaxy_server.community_repo]
token=xxxxxxxxxxxxxx3
url=https://aahub.acme.local/api/galaxy/content/community/
 
[galaxy_server.galaxy]
url=https://galaxy.ansible.com/

bindep.txt 

python3-jmespath

requirements.yml 

---
collections:
  - ansible.windows
  - community.general
  - ansible.posix
  - awx.awx

requirements.txt 

hvac
kafka-python

execution-environment.yml 

---
version: 1

build_arg_defaults:
  ANSIBLE_GALAXY_CLI_COLLECTION_OPTS: "-c"
  EE_BASE_IMAGE: aahub.acme.local/ee-minimal-rhel8:latest
  EE_BUILDER_IMAGE: aahub.acme.local/ansible-builder-rhel8:latest

ansible_config: 'ansible.cfg'

dependencies:
  python: requirements.txt
  galaxy: requirements.yml
  system: bindep.txt

additional_build_steps:
  prepend:
    - RUN pip3 install --upgrade pip setuptools && echo "cacert ~/ca" > ~/.curlrc && mkdir -p ~/ca
    - COPY ./cert.crt ~/ca
    - RUN rpm --import https://srv1.acme.local/katello/api/v2/repositories/2406/gpg_key_content

context/Containerfile 

ARG EE_BASE_IMAGE=aahub.acme.local/ee-minimal-rhel8:latest
ARG EE_BUILDER_IMAGE=aahub.acme.local/ansible-builder-rhel8:latest
 
FROM $EE_BASE_IMAGE as galaxy
ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS=-c
USER root
 
ADD _build/ansible.cfg ~/.ansible.cfg
 
ADD _build /build
WORKDIR /build
 
RUN ansible-galaxy role install -r requirements.yml --roles-path "/usr/share/ansible/roles"
RUN ANSIBLE_GALAXY_DISABLE_GPG_VERIFY=1 ansible-galaxy collection install $ANSIBLE_GALAXY_CLI_COLLECTION_OPTS -r requirements.yml --collections-path "/usr/share/ansible/collections"
 
FROM $EE_BUILDER_IMAGE as builder
 
COPY --from=galaxy /usr/share/ansible /usr/share/ansible
 
ADD _build/requirements.txt requirements.txt
RUN ansible-builder introspect --sanitize --user-pip=requirements.txt --write-bindep=/tmp/src/bindep.txt --write-pip=/tmp/src/requirements.txt
RUN assemble
 
FROM $EE_BASE_IMAGE
USER root
RUN pip3 install --upgrade pip setuptools && echo "cacert ~/ca" > ~/.curlrc && mkdir -p ~/ca
COPY ./cert.crt ~/ca
RUN rpm --import https://srv1.acme.local/katello/api/v2/repositories/2406/gpg_key_content
 
COPY --from=galaxy /usr/share/ansible /usr/share/ansible
 
COPY --from=builder /output/ /output/
RUN /output/install-from-bindep && rm -rf /output/wheels
tech/ansible_docker_execution_environment.1758652933.txt.gz · Dernière modification : de Jean-Baptiste
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki