expand/awx-on-k3s
1
0
Fork 0
mirror of https://github.com/Expand-sys/awx-on-k3s synced 2025-12-16 05:52:15 +11:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: bump ansible builder version to 3.0.0

Browse source
This commit is contained in:
kurokobo 2023-05-17 23:50:42 +09:00
parent 122a0136a0
commit d401d8ff75
13 changed files with 136 additions and 65 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

111
builder/README.md
View file

@ -43,7 +43,7 @@ In such cases, you need to add Ansible collections, Python packages, and RPM pac
To build custom EE, there is a tool called Ansible Builder. You can build your own custom EE with any Ansible collections, Python packages, and RPM packages added. To build custom EE, there is a tool called Ansible Builder. You can build your own custom EE with any Ansible collections, Python packages, and RPM packages added.
- [ansible/ansible-builder](https://github.com/ansible/ansible-builder) - [ansible/ansible-builder](https://github.com/ansible/ansible-builder)
- [Introduction — ansible-builder documentation](https://ansible-builder.readthedocs.io/en/latest/) - [Introduction — ansible-builder documentation](https://ansible-builder.readthedocs.io/en/stable/)
This repository includes ready-to-use files as an example to use Ansible Builder. You can clone my repository to start with my ready-to-use example files. This repository includes ready-to-use files as an example to use Ansible Builder. You can clone my repository to start with my ready-to-use example files.
@ -58,7 +58,7 @@ cd awx-on-k3s/builder
- CentOS Stream 8 (Minimal) - CentOS Stream 8 (Minimal)
- Python 3.9 - Python 3.9
- Docker 20.10.17 - Docker 20.10.17
- Ansible Builder 1.2.0 - Ansible Builder 3.0.0
### Install Ansible Builder ### Install Ansible Builder
@ -72,51 +72,61 @@ python3 -m pip install ansible-builder
At least, the file `execution-environment.yml` is required to build EE. At least, the file `execution-environment.yml` is required to build EE.
This repository contains [`execution-environment.yml` as a ready-to-use example](execution-environment.yml). This file is made to achieve following requirements. This repository contains [`execution-environment.yml` as a minimal ready-to-use example](execution-environment.yml). This file is made to achieve following requirements.
- Use `quay.io/ansible/ansible-runner:stable-2.12-latest` as the base image - Use `quay.io/centos/centos:stream9-minimal` as the base image
- Add Ansible collections that listed in [`requirements.yml`](requirements.yml) - Use Python `3.11` as Python interpreter
- Add Python packages that listed in [`requirements.txt`](requirements.txt) - Use Ansible `2.15.*` and Ansible Runner `2.3.*` to run playbooks on EE
- Add RPM Packages that listed in [`bindep.txt`](bindep.txt) - Add Ansible collections that listed in [`dependencies/requirements.yml`](dependencies/requirements.yml)
- Run some commands before build steps and after build steps - Add Python packages that listed in [`ependencies/requirements.txt`](ependencies/requirements.txt)
- Add RPM Packages that listed in [`dependencies/bindep.txt`](dependencies/bindep.txt) for basic remote connection and debugging
- Run additional commands during build steps (`additional_build_steps`)
- In this example, to allow the hard-coded interpreter name (`python3`) passed by AWX, `alternatives` command is appended under `append_base` to make the binary `/usr/bin/python3.11` executable as command `python3`
You can review modify [`execution-environment.yml`](execution-environment.yml) and any YAML or TEXT file referenced from this file to suit your requirements. Note that since this example uses `*-minimal` image as the base image and added only few packages for SSH connection and debugging, there should be still missing packages and modules for some modules and collections.
Note the base image can be chosen from the tags from [quay.io/ansible/ansible-runner](https://quay.io/repository/ansible/ansible-runner?tab=tags). You can review and modify [`execution-environment.yml`](execution-environment.yml) and any files referenced from this file to suit your requirements.
The syntax of `requirements.yml` is [the same as for Ansible Galaxy](https://docs.ansible.com/ansible/latest/galaxy/user_guide.html#install-multiple-collections-with-a-requirements-file). The syntax of `requirements.txt` is [the same as for Pip](https://pip.pypa.io/en/stable/reference/requirements-file-format/), and `bindep.txt` is [for Bindep](https://docs.opendev.org/opendev/bindep/latest/readme.html). The syntax of `requirements.yml` is [the same as for Ansible Galaxy](https://docs.ansible.com/ansible/latest/galaxy/user_guide.html#install-multiple-collections-with-a-requirements-file). The syntax of `requirements.txt` is [the same as for Pip](https://pip.pypa.io/en/stable/reference/requirements-file-format/), and `bindep.txt` is [for Bindep](https://docs.opendev.org/opendev/bindep/latest/readme.html).
Other customization is possible besides this. Refer to [the official Ansible Builder documentation](https://ansible-builder.readthedocs.io/en/latest/) for details. Other customization is possible besides this. Refer to [the official Ansible Builder documentation](https://ansible-builder.readthedocs.io/en/stable/) for details.
### Build EE ### Build EE
Once your files are ready, run `ansible-builder build` command to build EE as a container image according to the definition in `execution-environment.yml`. Specify a tag (`--tag`) to suit your requirements. Once your files are ready, run `ansible-builder build` command to build EE as a container image according to the definition in `execution-environment.yml`. Specify a tag (`--tag`) to suit your requirements.
```bash ```bash
ansible-builder build --tag registry.example.com/ansible/ee:2.12-custom --container-runtime docker --verbosity 3 ansible-builder build --tag registry.example.com/ansible/ee:2.15-custom --container-runtime docker --verbosity 3
``` ```
Below is an example output of this command. Below is an example output of this command.
```bash ```bash
$ ansible-builder build --tag registry.example.com/ansible/ee:2.12-custom --container-runtime docker --verbosity 3 $ ansible-builder build --tag registry.example.com/ansible/ee:2.15-custom --container-runtime docker --verbosity 3
Ansible Builder is building your execution environment image. Tags: registry.example.com/ansible/ee:2.12-custom Ansible Builder is generating your execution environment build context.
File context/_build/requirements.yml will be created. File context/_build/requirements.yml will be created.
File context/_build/requirements.txt will be created. File context/_build/requirements.txt will be created.
File context/_build/bindep.txt will be created. File context/_build/bindep.txt will be created.
File context/_build/ansible.cfg will be created. Creating context/_build/configs
Rewriting Containerfile to capture collection requirements File context/_build/configs/ansible.cfg will be created.
File context/_build/scripts/assemble will be created.
File context/_build/scripts/install-from-bindep will be created.
File context/_build/scripts/introspect.py will be created.
File context/_build/scripts/check_galaxy will be created.
File context/_build/scripts/check_ansible will be created.
File context/_build/scripts/entrypoint will be created.
Ansible Builder is building your execution environment image. Tags: registry.example.com/ansible/ee:2.15-custom
Running command: Running command:
docker build -f context/Dockerfile -t registry.example.com/ansible/ee:2.12-custom context docker build -f context/Dockerfile -t registry.example.com/ansible/ee:2.15-custom context
Sending build context to Docker daemon 7.68kB Sending build context to Docker daemon 50.18kB
Step 1/27 : ARG EE_BASE_IMAGE=quay.io/ansible/ansible-runner:stable-2.12-latest Step 1/76 : ARG EE_BASE_IMAGE="quay.io/centos/centos:stream9-minimal"
Step 2/27 : ARG EE_BUILDER_IMAGE=quay.io/ansible/ansible-builder:latest
Step 3/27 : FROM $EE_BASE_IMAGE as galaxy
... ...
Removing intermediate container cb1d45eac7ba Step 76/76 : CMD ["bash"]
---> f6c3375db22e ---> Running in a7dd36359206
Successfully built f6c3375db22e Removing intermediate container a7dd36359206
Successfully tagged registry.example.com/ansible/ee:2.12-custom ---> db146c87502d
Successfully built db146c87502d
Successfully tagged registry.example.com/ansible/ee:2.15-custom
Complete! The build context can be found at: /home/********/awx-on-k3s/builder/context Complete! The build context can be found at: /home/********/awx-on-k3s/builder/context
``` ```
@ -125,8 +135,8 @@ Once the command is complete, your custom EE image is built and stored on Docker
```bash ```bash
$ docker image ls $ docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE REPOSITORY TAG IMAGE ID CREATED SIZE
registry.example.com/ansible/ee 2.12-custom f6c3375db22e 4 minutes ago 748MB registry.example.com/ansible/ee 2.15-custom db146c87502d 20 seconds ago 281MB
``` ```
## Use EE ## Use EE
@ -142,13 +152,13 @@ To use your EE in AWX, in typical use cases, your EE should be stored on some co
Simply you can push your EE image to some container registry. Any registry can be acceptable. If you want to deploy your own private container registry, refer [additional guide on this repository](../registry). Simply you can push your EE image to some container registry. Any registry can be acceptable. If you want to deploy your own private container registry, refer [additional guide on this repository](../registry).
```bash ```bash
$ docker push registry.example.com/ansible/ee:2.12-custom $ docker push registry.example.com/ansible/ee:2.15-custom
The push refers to repository [registry.example.com/ansible/ee] The push refers to repository [registry.example.com/ansible/ee]
... ...
2.12-custom: digest: sha256:043a2bd19f4fcc5bd189f0ef0e8fb4e3b436c90e984f23f7dcf0e6b3da4443e0 size: 4515 2.15-custom: digest: sha256:bf799b01b32bccb2570911ae77e3700ef9cc5d708699a9fa421124c038a57d31 size: 3452
``` ```
Then you can specify `registry.example.com/ansible/ee:2.12-custom` as your own custom EE in AWX. Specify registry credentials if your container registry requires authentication. Then you can specify `registry.example.com/ansible/ee:2.15-custom` as your own custom EE in AWX. Specify registry credentials if your container registry requires authentication.
#### Use EE in AWX without container registry #### Use EE in AWX without container registry
@ -160,10 +170,10 @@ This means that if your Kubernetes has all the EE images you need in its cache i
```bash ```bash
# Save your EE image as Tar file # Save your EE image as Tar file
docker save registry.example.com/ansible/ee:2.12-custom -o custom-ee.tar docker save registry.example.com/ansible/ee:2.15-custom -o custom-ee.tar
# Import the Tar file to containerd # Import the Tar file to containerd
sudo /usr/local/bin/k3s ctr images import --compress-blobs --base-name registry.example.com/ansible/ee:2.12-custom custom-ee.tar sudo /usr/local/bin/k3s ctr images import --compress-blobs --base-name registry.example.com/ansible/ee:2.15-custom custom-ee.tar
``` ```
Ensure your imported image is listed. Ensure your imported image is listed.
@ -172,13 +182,13 @@ Ensure your imported image is listed.
$ sudo /usr/local/bin/k3s crictl images $ sudo /usr/local/bin/k3s crictl images
IMAGE TAG IMAGE ID SIZE IMAGE TAG IMAGE ID SIZE
... ...
registry.example.com/ansible/ee 2.12-custom cbd5e7519054c 515MB registry.example.com/ansible/ee 2.15-custom db146c87502d4 96.3MB
... ...
``` ```
Now you can specify `registry.example.com/ansible/ee:2.12-custom` as your own custom EE in AWX without any container registry and any credentials. Now you can specify `registry.example.com/ansible/ee:2.15-custom` as your own custom EE in AWX without any container registry and any credentials.
You can change the policy of pulling the image in `Edit` page of your EE. The default `Only pull the image if not present before running` is ok, but to be safe you should specify `Never pull container before running`. In AWX, you can change the policy of pulling the image in `Edit` page of your EE. The default `Only pull the image if not present before running` is ok, but to be safe you should specify `Never pull container before running`.
### Use EE in Ansible Runner ### Use EE in Ansible Runner
@ -194,12 +204,23 @@ The `Dockerfile` is generated and stored under the `context` directory once your
```bash ```bash
$ cat context/Dockerfile $ cat context/Dockerfile
ARG EE_BASE_IMAGE=quay.io/ansible/ansible-runner:stable-2.12-latest ARG EE_BASE_IMAGE="quay.io/centos/centos:stream9-minimal"
ARG EE_BUILDER_IMAGE=quay.io/ansible/ansible-builder:latest ...
FROM $EE_BASE_IMAGE as galaxy # Base build stage
ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS= FROM $EE_BASE_IMAGE as base
USER root ...
# Galaxy build stage
FROM base as galaxy
...
# Builder build stage
FROM base as builder
...
# Final build stage
FROM base as final
... ...
``` ```
@ -211,8 +232,14 @@ Ansible Builder is generating your execution environment build context.
File context/_build/requirements.yml will be created. File context/_build/requirements.yml will be created.
File context/_build/requirements.txt will be created. File context/_build/requirements.txt will be created.
File context/_build/bindep.txt will be created. File context/_build/bindep.txt will be created.
File context/_build/ansible.cfg will be created. Creating context/_build/configs
Rewriting Containerfile to capture collection requirements File context/_build/configs/ansible.cfg will be created.
File context/_build/scripts/assemble will be created.
File context/_build/scripts/install-from-bindep will be created.
File context/_build/scripts/introspect.py will be created.
File context/_build/scripts/check_galaxy will be created.
File context/_build/scripts/check_ansible will be created.
File context/_build/scripts/entrypoint will be created.
Complete! The build context can be found at: /home/********/awx-on-k3s/builder/context Complete! The build context can be found at: /home/********/awx-on-k3s/builder/context
``` ```

1
builder/bindep.txt
View file

@ -1 +0,0 @@
bind-utils

6
builder/dependencies/bindep.txt Normal file
View file

@ -0,0 +1,6 @@
openssh-clients
sshpass
git-core
findutils
which

1
builder/dependencies/requirements.txt Normal file
View file

@ -0,0 +1 @@
example-pypi-package

2
builder/requirements.yml → builder/dependencies/requirements.yml
View file

@ -1,5 +1,5 @@
--- ---
collections: collections:
- name: community.general - name: community.general
version: 6.0.0 version: 7.0.0
source: https://galaxy.ansible.com source: https://galaxy.ansible.com

65
builder/execution-environment.yml
View file

@ -1,20 +1,59 @@
--- ---
version: 1 # Refer to Ansible Builder Documentation for details for each options:
# https://ansible-builder.readthedocs.io/en/stable/definition/
build_arg_defaults: version: 3
EE_BASE_IMAGE: quay.io/ansible/ansible-runner:stable-2.12-latest
ansible_config: ansible.cfg # build_arg_defaults:
# ANSIBLE_GALAXY_CLI_COLLECTION_OPTS: "--pre"
# ANSIBLE_GALAXY_CLI_ROLE_OPTS: "no-deps"
images:
base_image:
name: quay.io/centos/centos:stream9-minimal
options:
# container_init:
# package_pip: dumb-init==1.2.5
# entrypoint: '["/opt/builder/bin/entrypoint", "dumb-init"]'
# cmd: '["bash"]'
package_manager_path: /usr/bin/microdnf
# relax_password_permissions: true
# skip_ansible_check: false
# workdir: /runner
# user: 1000
dependencies: dependencies:
galaxy: requirements.yml python_interpreter:
python: requirements.txt package_system: python3.11
system: bindep.txt python_path: /usr/bin/python3.11
ansible_core:
package_pip: ansible-core~=2.15
ansible_runner:
package_pip: ansible-runner~=2.3
galaxy: dependencies/requirements.yml
python: dependencies/requirements.txt
system: dependencies/bindep.txt
additional_build_files:
- src: files/ansible.cfg
dest: configs
additional_build_steps: additional_build_steps:
prepend: # prepend_base:
- RUN whoami # - RUN echo "Additional steps for prepend_base"
- RUN cat /etc/os-release append_base:
append: # - RUN echo "Additional steps for append_base"
- RUN echo This is a post-install command! - RUN alternatives --install /usr/bin/python3 python3 /usr/bin/python3.11 0
- RUN ls -la /etc # prepend_galaxy:
# - RUN echo "Additional steps for prepend_galaxy"
# append_galaxy:
# - RUN echo "Additional steps for append_galaxy"
# prepend_builder:
# - RUN echo "Additional steps for prepend_builder"
# append_builder:
# - RUN echo "Additional steps for append_builder"
# prepend_final:
# - RUN echo "Additional steps for prepend_final"
# append_final:
# - RUN echo "Additional steps for append_final"

0
builder/ansible.cfg → builder/files/ansible.cfg
View file

4
builder/requirements.txt
View file

@ -1,4 +0,0 @@
example-pypi-package
# Recommended workaround to avoid dependency issues: https://github.com/ansible/ansible-runner/issues/1138
ansible-runner>=2.2.1

2
containergroup/README.md
View file

@ -161,7 +161,7 @@ spec:
env: env:
- name: MY_CUSTOM_ENV - name: MY_CUSTOM_ENV
value: This is my custom environment variable value: This is my custom environment variable
image: registry.example.com/ansible/ee:2.12-custom image: registry.example.com/ansible/ee:2.15-custom
... ...
resources: resources:
limits: limits:

4
galaxy/README.md
View file

@ -544,8 +544,8 @@ Then simply `login`, `tag` and `push`.
```bash ```bash
docker login galaxy.example.com docker login galaxy.example.com
docker tag registry.example.com/ansible/ee:2.12-custom galaxy.example.com/demo/ee:2.12-custom docker tag registry.example.com/ansible/ee:2.15-custom galaxy.example.com/demo/ee:2.15-custom
docker push galaxy.example.com/demo/ee:2.12-custom docker push galaxy.example.com/demo/ee:2.15-custom
``` ```
## Use with AWX ## Use with AWX

2
runner/.gitignore vendored
View file

@ -1 +1,3 @@
.ansible
.cache
artifacts artifacts

2
runner/env/settings vendored
View file

@ -1,7 +1,7 @@
--- ---
process_isolation: true process_isolation: true
process_isolation_executable: docker process_isolation_executable: docker
container_image: registry.example.com/ansible/ee:2.12-custom container_image: registry.example.com/ansible/ee:2.15-custom
# Specify additional bind-mount points to an isolated Docker or Podman container. # Specify additional bind-mount points to an isolated Docker or Podman container.
# Note that this is UNDOCUMENTED option. # Note that this is UNDOCUMENTED option.

1
runner/project/demo.yml
View file

@ -26,6 +26,7 @@
- pwd - pwd
- python3 -m pip list - python3 -m pip list
- ansible-galaxy collection list -p . - ansible-galaxy collection list -p .
- rpm -qa
register: command_results register: command_results
- ansible.builtin.debug: - ansible.builtin.debug:
msg: "{{ item.stdout_lines }}" msg: "{{ item.stdout_lines }}"