AdminSysGNULinux

Outils pour utilisateurs

Outils du site

Piste : notes_ia_intelligence_artificielle notes_asm_assembleur ansible_docker_execution_environment
tech:ansible_docker_execution_environment

Ceci est une ancienne révision du document !

Table des matières

, ,

Ansible Docker Execution Environment

Voir :

Voir aussi les execution-environment.yml :

Installation

pip install --user ansible-builder>=3.0.0

Utilisation

Fichiers :

  • execution-environment.yml
  • ansible.cfg
  • requirements.txt
  • requirements.yml
  • bindep.txt
podman login --tls-verify=false registry.acme.fr -u admin
# podman login --tls-verify=false registry.acme.fr -u admin -p P@ssw0rd
 
ansible-builder create #--file execution-environment-dev.yml
# Créer le dossier context/
 
podman build -f context/Containerfile -t img01:0.9.1
 
podman images
podman image prune
 
podman tag localhost/img01:0.9.1 aahub.acme.local/img01:0.9.1
podman images
podman push aahub.acme.local/img01:0.9.1
ansible-navigator images --eei aahub.acme.local/img01:0.9.1
cd ansible-2.3_rhel5-repo/
 
 
vim context/Containerfile
vim requirements.txt
vim requirements.yml
vim bindep.txt
vim execution-environment.yml
 
ansible-builder build -v 3 --tag img-rhel5_0.1
podman build -f context/Containerfile -t img-rhel5_0.1
 
pip3 download psutils
 
podman push --tls-verify=false twr00210f.acme.local/img-rhel5_0.2 --log-level debug
 
ansible-navigator --eei twr00210f.acme.local/acme-provisioning-dell:latest --tls-verify=false
ansible-navigator --eei twr00210f.acme.local/acme-provisioning-dell:latest --pa='--tls-verify=false'
ansible-navigator --eei twr00210f.acme.local/acme-provisioning-dell:latest
export ANSIBLE_NAVIGATOR_PULL_ARGUMENT="tls-verify=false"
 
vim /etc/containers/registries.conf
 
ansible-navigator -m stdout run reboot_idrac.yml -i inv.yml --eei twr00210f.acme.local/acme-provisioning-dell:latest
 
ansible-builder introspect --help
podman build -f context/Containerfile -t ee-test:0.3
mkdir plop
cd plop

Nettoyage 

podman image prune
podman rmi <image>
rm -rf ./context/

ansible.cfg 

# Since Ansible 2.12 (core):
# To generate an example config file (a "disabled" one with all default settings, commented out):
#               $ ansible-config init --disabled > ansible.cfg
#
# Also you can now have a more complete file by including existing plugins:
# ansible-config init --disabled -t all > ansible.cfg
 
# For previous versions of Ansible you can check for examples in the 'stable' branches of each version
# Note that this file was always incomplete  and lagging changes to configuration settings
 
# for example, for 2.9: https://github.com/ansible/ansible/blob/stable-2.9/examples/ansible.cfg
[galaxy]
server_list = rh-certified_repo, published_repo, community_repo, galaxy
 
[galaxy_server.rh-certified_repo]
token=xxxxxxxxxxxxxx1
url=https://aahub.acme.local/api/galaxy/content/rh-certified/
 
[galaxy_server.published_repo]
token=xxxxxxxxxxxxxx2
url=https://aahub.acme.local/api/galaxy/content/published/
 
[galaxy_server.community_repo]
token=xxxxxxxxxxxxxx3
url=https://aahub.acme.local/api/galaxy/content/community/
 
[galaxy_server.galaxy]
url=https://galaxy.ansible.com/

bindep.txt 

python3-jmespath

requirements.yml 

---
collections:
  - ansible.windows
  - community.general
  - ansible.posix
  - awx.awx

requirements.txt 

hvac
kafka-python

execution-environment.yml 

---
version: 1

build_arg_defaults:
  ANSIBLE_GALAXY_CLI_COLLECTION_OPTS: "-c"
  EE_BASE_IMAGE: aahub.acme.local/ee-minimal-rhel8:latest
  EE_BUILDER_IMAGE: aahub.acme.local/ansible-builder-rhel8:latest

ansible_config: 'ansible.cfg'

dependencies:
  python: requirements.txt
  galaxy: requirements.yml
  system: bindep.txt

additional_build_steps:
  prepend:
    - RUN pip3 install --upgrade pip setuptools && echo "cacert ~/ca" > ~/.curlrc && mkdir -p ~/ca
    - COPY ./cert.crt ~/ca
    - RUN rpm --import https://srv1.acme.local/katello/api/v2/repositories/2406/gpg_key_content

context/Containerfile 

ARG EE_BASE_IMAGE=aahub.acme.local/ee-minimal-rhel8:latest
ARG EE_BUILDER_IMAGE=aahub.acme.local/ansible-builder-rhel8:latest
 
FROM $EE_BASE_IMAGE as galaxy
ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS=-c
USER root
 
ADD _build/ansible.cfg ~/.ansible.cfg
 
ADD _build /build
WORKDIR /build
 
RUN ansible-galaxy role install -r requirements.yml --roles-path "/usr/share/ansible/roles"
RUN ANSIBLE_GALAXY_DISABLE_GPG_VERIFY=1 ansible-galaxy collection install $ANSIBLE_GALAXY_CLI_COLLECTION_OPTS -r requirements.yml --collections-path "/usr/share/ansible/collections"
 
FROM $EE_BUILDER_IMAGE as builder
 
COPY --from=galaxy /usr/share/ansible /usr/share/ansible
 
ADD _build/requirements.txt requirements.txt
RUN ansible-builder introspect --sanitize --user-pip=requirements.txt --write-bindep=/tmp/src/bindep.txt --write-pip=/tmp/src/requirements.txt
RUN assemble
 
FROM $EE_BASE_IMAGE
USER root
RUN pip3 install --upgrade pip setuptools && echo "cacert ~/ca" > ~/.curlrc && mkdir -p ~/ca
COPY ./cert.crt ~/ca
RUN rpm --import https://srv1.acme.local/katello/api/v2/repositories/2406/gpg_key_content
 
COPY --from=galaxy /usr/share/ansible /usr/share/ansible
 
COPY --from=builder /output/ /output/
RUN /output/install-from-bindep && rm -rf /output/wheels
version: 3

dependencies:
  galaxy: requirements.yml
  python: requirements.txt
  system: bindep.txt
 
#  ansible_core:
#    package_pip: ansible-core==2.14.4
#
#  ansible_runner:
#    package_pip: ansible-runner
#
#  python_interpreter:
#    package_system: python39  # (optional) name of a Python interpreter OS package to install
#    python_path: /usr/bin/python3.9  # (optional) path to the Python interpreter to use

  exclude:
    python:
      - docker
    system:
      - python3-Cython

images:
  base_image:
    # name: quay.io/centos/centos:stream9
    # name: quay.io/ansible/ansible-runner:latest       # Obsoltete
    # name: ghcr.io/ansible-community/community-ee-minimal:2.16.0-1
    # name: quay.io/ansible/awx-ee:latest
    name: ghcr.io/ansible-community/community-ee-base:2.19.1-1
 
# additional_build_files:
#     - src: files/ansible.cfg
#       dest: configs

additional_build_steps:
#  prepend_galaxy:
#    - ADD _build/configs/ansible.cfg ~/.ansible.cfg
  prepend_base:
    # - RUN echo PLOP
  append_final:
    # - RUN groupadd --gid 1000 vscode
    # - RUN adduser --home-dir /vscode --create-home --gid 1000 --uid 1000 vscode
    - RUN ls -l

options:
  user: '1000'

execution-environment.yml 

---

version: 3

dependencies:
  galaxy: requirements.yml
  python: requirements.txt
  system: bindep.txt

images:
  base_image:
    name: ghcr.io/ansible-community/community-ee-base:2.19.1-1

options:
  user: '1000'

requirements.yml 

---

collections:
  - ansible.utils
  - ansible.posix
  - ansible.windows
  - ansible.netcommon
  - community.general
  - community.windows
  - community.vmware
  - community.crypto
  - community.postgresql
  - community.mysql
  - community.network
  - kubernetes.core
  - containers.podman
  - awx.awx
  - vmware.vmware
  - vmware.vmware_rest
  - microsoft.ad
  # - fortinet.fortios

requirements.txt 

six
psutil
# pywinrm
jc
jmespath

bindep.txt 

git
rsync
curl
wget
psmisc
tar
unzip
gzip
#python38-wheel [platform:centos-8 platform:rhel-8]
iputils [platform:rpm]
bind-utils [platform:rpm]
#python3-jmespath [platform:rpm]
#net-snmp-utils [platform:rpm]
tech/ansible_docker_execution_environment.1761659400.txt.gz · Dernière modification : de Jean-Baptiste
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki