Custom EE with Azure modules?

[Howard Jones]

I was hoping to try out AWX 19 this afternoon, specifically the
execution environments, which might solve hassles we have with custom
AWX builds and venvs currently, but...

I'm building an EE with collection.azcollection, and azure-cli inside
it. So far pip has been running for about 2 hours trying to untangle the
dependencies! Has anyone had any success with EEs for managing Azure
resources?

[Andrey Gangan]

do you want to add collection.azcollection to EE ?

I tryed to do same using requirments.yml placed in roles folder, but aws does not load them.

As a workaround I created <project folder>/library and placed  required modules there. it works.

WegHostingZone - BigBlueButton Hosting, Linux support

пятница, 9 апреля 2021 г. в 17:44:00 UTC+3, Howard Jones:

[Howard Jones]

On 10/04/2021 12:24, Andrey Gangan wrote:
> do you want to add collection.azcollection to EE ?
>
> I tryed to do same using requirments.yml placed in roles folder, but
> aws does not load them.
>
> As a workaround I created <project folder>/library and placed 
> required modules there. it works.

Nearly. I want to add collection.azcollection *and* azure-cli to an EE.
There are Azure functions (like creating a Service Principal) that you
can't do with the azcollection modules yet.

I have been trying to use ansible-builder to build the EE, as they
recommend, but pip basically runs forever trying to resolve the required
versions (I stopped it after 24 hours).

I think I need to build two venvs inside the EE, since azcollection has
very old versions of azure modules as dependencies.

[Andrey Gangan]

i did not checked about creating own env yet.

The only needed was zabbix-api which I install on target machine and run zabbix as a remote module.

Anyway I gonna check it.

суббота, 10 апреля 2021 г. в 15:50:47 UTC+3, Howard Jones:

[Andrey Gangan]

did you check this link? :

https://github.com/ansible/awx-ee

суббота, 10 апреля 2021 г. в 15:50:47 UTC+3, Howard Jones:

On 10/04/2021 12:24, Andrey Gangan wrote:

[Andrey Gangan]

Take a look here: https://github.com/ansible/awx-ee/blob/devel/_build/requirements.yml

It looks like your requirements alrady included.

Did you try with the default EE ?

WegHostingZone - BigBlueButton Hosting, Linux support

суббота, 10 апреля 2021 г. в 15:50:47 UTC+3, Howard Jones:

On 10/04/2021 12:24, Andrey Gangan wrote:

[Howard Jones]

On 11/04/2021 14:50, Andrey Gangan wrote:
> Take a look
> here: https://github.com/ansible/awx-ee/blob/devel/_build/requirements.yml
>
> It looks like your requirements alrady included.
> Did you try with the default EE ?
>

It doesn't contain the Azure CLI ('az' command). That depends on the
azure-cli-core, but is a separate module named azure-cli

azure-cli-core 2.11.1 is in the default awx-ee as a dependency of
azure.azcollection, so in theory azure-cli==2.11.1 could work (the
versions are tied together for azure-cli releases), BUT the other
azure-mgmt-* module dependencies are much newer even in that version.
e.g: azure-mgmt-batch==9.0.0 in azure-cli, but 5.0.1 in azure.azcollection.

So I think it needs to be a separate venv for azure-cli inside the EE.

[Andrey Gangan]

in this case I whould suggest to open ticket to add dependency in future releases.

понедельник, 12 апреля 2021 г. в 13:38:32 UTC+3, Howard Jones:

[Wei-Yen Tan]

I am experimenting with building a custom container.   I am a windows guy so I have tasks that I want to run with powershell. As a play I have included the steps to curl the Microsoft repository and yum it in the image. It compiles. So I am going to Upload and have a play 😊. It beats the previous example I had before 

Get Outlook for iOS

---

From: awx-p...@googlegroups.com <awx-p...@googlegroups.com> on behalf of Andrey Gangan <a.ga...@gmail.com>
Sent: Tuesday, April 13, 2021 10:27:05 PM
To: AWX Project <awx-p...@googlegroups.com>
Subject: Re: [awx-project] Re: Custom EE with Azure modules?

 

--
You received this message because you are subscribed to the Google Groups "AWX Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to awx-project...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/awx-project/300acff6-6385-44e0-a113-b0a7c4bccfdfn%40googlegroups.com.

[Howard Jones]

On 13/04/2021 11:32, Wei-Yen Tan wrote:

I am experimenting with building a custom container.   I am a windows guy so I have tasks that I want to run with powershell. As a play I have included the steps to curl the Microsoft repository and yum it in the image. It compiles. So I am going to Upload and have a play 😊. It beats the previous example I had before 

I started with the awx-ee repo, and updated the last few lines of the execution-environment.yml as follows to get helm, kubectl and the Azure 'az' cli tool into my EE. It seems like I need the latest (not released) ansible-runner to actually use it locally though (last release of ansible-runner with significant changes is actually a year old, and doesn't seem to mention docker anywhere).

version: 1
dependencies:
  galaxy: _build/requirements.yml
  system: _build/bindep.txt
additional_build_steps:
  append:
    - RUN alternatives --set python /usr/bin/python3
    - COPY --from=quay.io/project-receptor/receptor:0.9.7 /usr/bin/receptor /usr/bin/receptor
    - RUN mkdir -p /var/run/receptor
    - ADD run.sh /run.sh
    - CMD /run.sh
    - RUN pip install virtualenv
    - RUN virtualenv /opt/azure-cli
    - RUN /opt/azure-cli/bin/pip install azure-cli
    - RUN ln -s /opt/azure-cli/bin/az /usr/bin/az
    - RUN curl https://get.helm.sh/helm-v3.5.3-linux-amd64.tar.gz | tar --strip-components=1 -C /usr/bin -xzf - linux-amd64/helm
    - RUN curl -L -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/v1.20.5/bin/linux/amd64/kubectl && chmod a+x /usr/bin/kubectl
    - USER 1000
    - RUN git lfs install

With that built, I can run playbooks with latest git ansible-runner and this runner/env/settings:

---
container_image: awx-ee-az-cli-helm
containerized: true
process_isolation_executable: docker
process_isolation: true

 ansible-runner run -p test-playbook.yaml runner

So far, it doesn't appear to pass in envvars to the container though (defined in runner/env/envvars)

[Wei-Yen Tan]

Apologies. It looks like you are doing it through ansible builder? I realised that ansible-builder specialises in the python/ansible  related stuff so I cloned the parent image (there is a repo for it) that it uses  and customised that image using podman on centos /rhel 8. Now I have a base image with everything I need in it. You could do something similar? 

Get Outlook for iOS

---

From: awx-p...@googlegroups.com <awx-p...@googlegroups.com> on behalf of Howard Jones <ho...@thingy.com>
Sent: Wednesday, April 14, 2021 12:56:02 AM
To: awx-p...@googlegroups.com <awx-p...@googlegroups.com>

Subject: Re: [awx-project] Re: Custom EE with Azure modules?

--
You received this message because you are subscribed to the Google Groups "AWX Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to awx-project...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/awx-project/5a20b3e7-408c-1d44-e90d-10d2283dfcdc%40thingy.com.

[Wei-Yen Tan]

ansible/awx-ee: An Ansible execution environment for AWX project (github.com)

Here is the github repository.

I cloned this repository, made changes to the container file and then built it again. Then I will use ansible-builder to do the other ansible customization. Then I will upload this to my repo  ie nexus.

Perhaps you can do something similar?

[Wei-Yen Tan]

Apologies Howard. Late in the night again,

I wonder if its a podman thing?