AWX 19.0 EE pain...

[Callum Barr]

Hi All,

I'm a network dude - mainly work with Juniper stuff etc, so I need an execution environment that has all of my usual collections / python libraries installed.

I'm not what you would call an expert in containers/k8/docker/? and im pretty sure im just running out of talent.

Is there a definitive guide on how to build a custom EE, push that to git, and then to quay.io, so that I can add this as an EE in AWX?

I have been down the rabbit hole of trying to create my own EE with Ansible-builder etc but I really have no idea what im doing haha

Cheers

Callum

[Mona Werling]

Hey there,

this has been discussed before.

The simple steps are as follws:

- Clone the Github repo of the standard-ee from awx: https://github.com/ansible/awx-ee

- Customize the requirements.yml and the requirements_combined.yml files inside of the build-folder.

- Run docker build -t your/tag/name . from inside the repo-folder.

- When the build finishes, run docker push your/tag/name, if you don't have a docker repo already, docker will ask you for your credentials and for a repo to push to. I don't know if you are able to push to a quay.io account, but you can set up a repo on docker.io. I'm pretty sure people had some alternatives before.

- When your image has been pushed to your repo, nagivate to AWX and add the EE in you Execution-Environment-Tab. You just need to specify the link (in docker this is smth. like docker.io/your/tag:latest). If you have set it to private, you might need to create a credential to pull the image.

- Now you just need to specify the EE in your templates.

--> This is not the intended way, but since AWX 19 a few ran into problems building EEs from scratch. Some modules seem to be required and as far as I know, we didn't figure out which ones. Since the EE from the AWX-team is working fine, your best guess will be to use this as a template.

For more information, look at this thread: https://groups.google.com/g/awx-project/c/MACNtPrGpV8 they ssem to have found a solution without using the AWX-EE as a template.

Hope this helps.

Cheers.

--
You received this message because you are subscribed to the Google Groups "AWX Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to awx-project...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/awx-project/cf585d64-d8ba-425c-9b18-de981afae848n%40googlegroups.com.

[Banshee091]

Okay, my bad. The problem seems to be ansible-builder, if you install the newest version you might be able to follow the example from red-hat's "Introduction to Ansible-Builder" here: https://www.ansible.com/blog/introduction-to-ansible-builder

Be sure to check out the ansible-builder webpage in the process.

Cheers.

[phil.gr...@gmail.com]

Hi Callum. We've been asked this a lot recently so I wrote up a blog - https://www.linkedin.com/pulse/creating-custom-ee-awx-phil-griffiths/

Hopefully that'll get you going.

Phil.

[Wei-Yen Tan]

There are a few typos in the blog  and when I tried to follow example  I got a bunch of errors. I have had to build a container using podman build from scratch  but now getting ansible-runner errors. 

Get Outlook for iOS

---

From: awx-p...@googlegroups.com <awx-p...@googlegroups.com> on behalf of phil.gr...@gmail.com <phil.gr...@gmail.com>
Sent: Wednesday, April 21, 2021 7:57:53 PM
To: AWX Project <awx-p...@googlegroups.com>
Subject: [awx-project] Re: AWX 19.0 EE pain...

 

--

You received this message because you are subscribed to the Google Groups "AWX Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to awx-project...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/awx-project/59edfb74-0cef-4dbb-85f7-93d278f633f7n%40googlegroups.com.

[Wei-Yen Tan]

Namely this part :

receptor
    - ADD run.sh /run.sh
    - CMD /run.sh
    - USE    
    - RUN git lfs installR 1000

    -

Get Outlook for iOS

---

From: Wei-Yen Tan <weiye...@gmail.com>
Sent: Wednesday, April 21, 2021 8:00:04 PM
To: phil.gr...@gmail.com <phil.gr...@gmail.com>; AWX Project <awx-p...@googlegroups.com>
Subject: Re: [awx-project] Re: AWX 19.0 EE pain...

 

[Wei-Yen Tan]

I get this error in the container:

{"status": "error", "job_explanation": "Failed to extract private data directory on worker.", "result_traceback": "Traceback (most recent call last):\n  File \"/usr/local/lib/python3.8/site-packages/ansible_runner/streaming.py\", line 107, in run\n    unstream_dir(self._input, data['zipfile'], self.private_data_dir)\n  File \"/usr/local/lib/python3.8/site-packages/ansible_runner/utils/streaming.py\", line 52, in unstream_dir\n    with zipfile.ZipFile(tmp.name, 'r') as archive:\n  File \"/usr/lib64/python3.8/zipfile.py\", line 1268, in __init__\n    self._RealGetContents()\n  File \"/usr/lib64/python3.8/zipfile.py\", line 1335, in _RealGetContents\n    raise BadZipFile(\"File is not a zip file\")\nzipfile.BadZipFile: File is not a zip file\n"}

{"eof": true}

But I am not quite sure where i can troubleshoot it

[Phil Griffiths]

Thanks Wei-Yen for spotting the execution-environments error. I can thank the awful LI snippet interface when cutting and pasting!

I've corrected the article.

[Wei-Yen Tan]

Yoy are welcome. I am very eager to give this a shot. I tried this execution environment but found that it came up with errors and still troubleshooting.  isn't the prepend activity done twice if you list it there ? As it is already in the main container file ? 

Was there anything else you did? I am not having much luck, I would be grateful for any help. When I ran with that execution environment yml I get a permission denied...

Get Outlook for iOS

---

From: Phil Griffiths <phil.gr...@gmail.com>
Sent: Wednesday, April 21, 2021 9:37:32 PM
To: Wei-Yen Tan <weiye...@gmail.com>
Cc: AWX Project <awx-p...@googlegroups.com>
Subject: Re: [awx-project] Re: AWX 19.0 EE pain...

 

[Wei-Yen Tan]

Also is the extra steps part of the main containerfile? And if so what are the implications of that? Did you run a custom image? 

Get Outlook for iOS

---

From: Wei-Yen Tan <weiye...@gmail.com>
Sent: Wednesday, April 21, 2021 9:45:35 PM
To: Phil Griffiths <phil.gr...@gmail.com>

[phil.gr...@gmail.com]

I would start with my LinkedIn example first, to see if that works for you. That'll rule out platform, versions etc

Then just modify one thing at a time until you track back to the error. I've no idea where it's getting the zip file from as I've not seen that one before.

[Wei-Yen Tan]

Hi Phil,

Thank you for the reply. Thats the funny thing. I followed your instruction. Created a new directory with all the details that you mentioned. There were some extra collections but i dont think that would have an extra bearing on it. 

I am using centos 8 but I have tried centos 7 too with docker.

When I run the container I get this error:

 podman run docker.io/weiyentan2/example_ansible-ee

/bin/sh: /run.sh: Permission denied

I feel I am missing something. I would be grateful if you could shed some light on this? ie whether you used the same image from awx-ee or you rolled your own. Many thanks.

WY

To view this discussion on the web visit https://groups.google.com/d/msgid/awx-project/9611e2d8-4dcd-4177-bcb7-82b1cd3789efn%40googlegroups.com.

[Phil Griffiths]

Did you add run.sh to the right directory? I had to add it to context/run.sh

[Wei-Yen Tan]

It appears in the context directory . Ie I can see it there 

Get Outlook for iOS

---

From: Phil Griffiths <phil.gr...@gmail.com>
Sent: Thursday, April 22, 2021 12:41:22 AM
To: Wei-Yen Tan <weiye...@gmail.com>
Cc: AWX Project <awx-p...@googlegroups.com>

[Phil Griffiths]

chmod +x it with it hasn't got execute permission?

[Wei-Yen Tan]

Thank you for that I gave it execute permission (windows guy slowly getting to terms with linux)  but i am now striking that error that the file is not a zip file. 

{"status": "error", "job_explanation": "Failed to extract private data directory on worker.", "result_traceback": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.8/site-packages/ansible_runner/streaming.py\", line 107, in run\n unstream_dir(self._input, data['zipfile'], self.private_data_dir)\n File \"/usr/local/lib/python3.8/site-packages/ansible_runner/utils/streaming.py\", line 52, in unstream_dir\n with zipfile.ZipFile(tmp.name, 'r') as archive:\n  File \"/usr/lib64/python3.8/zipfile.py\", line 1268, in __init__\n    self._RealGetContents()\n  File \"/usr/lib64/python3.8/zipfile.py\", line 1335, in _RealGetContents\n    raise BadZipFile(\"File is not a zip file\")\nzipfile.BadZipFile: File is not a zip file\n"}

{"eof": true}

Get Outlook for iOS

---

From: Phil Griffiths <phil.gr...@gmail.com>
Sent: Thursday, April 22, 2021 12:44:16 AM

[Phil Griffiths]

I can see where this is coming from in the code but don't know how it works tbh.

If you send me over all the config, I'll see if I can test or emulate.

[Andrea Lenarduzzi]

Launching jo i've this error:

Traceback (most recent call last): File "/var/lib/awx/venv/awx/lib64/python3.8/site-packages/awx/main/tasks.py", line 1397, in run res = receptor_job.run() File "/var/lib/awx/venv/awx/lib64/python3.8/site-packages/awx/main/tasks.py", line 2957, in run return self._run_internal(receptor_ctl) File "/var/lib/awx/venv/awx/lib64/python3.8/site-packages/awx/main/tasks.py", line 3008, in _run_internal raise RuntimeError(detail) RuntimeError: Pod Running

Why?

To view this discussion on the web visit https://groups.google.com/d/msgid/awx-project/CAJ3TUwjEA9FRAR8_VdiONRU%2Bh%2BvV-%2BNXRcgwqBPxb-sVL71bPQ%40mail.gmail.com.

--

Le informazioni, i dati e le notizie contenute nella presente comunicazione e i relativi allegati sono di natura privata e come tali possono essere riservate e sono, comunque, destinate esclusivamente ai destinatari indicati in epigrafe. La diffusione, distribuzione e/o la copiatura del documento trasmesso da parte di qualsiasi soggetto diverso dal destinatario è proibita, sia ai sensi dell'art. 616 c.p., sia ai sensi del D.Lgs. n. 196/2003. Se avete ricevuto questo messaggio per errore, vi preghiamo di distruggerlo e di darcene immediata comunicazione anche inviando un messaggio di ritorno all'indirizzo e-mail del mittente.

This e-mail (including attachments) is intended only for the recipient(s) named above. It may contain confidential or privileged information and should not be read, copied or otherwise used by any other person. If you are not the named recipient, please contact (specificare l'e-mail dell'azienda) and delete the e-mail from your system. Rif. D.L. 196/2003.

[Wei-Yen Tan]

I got that as well at one point. For me I think it was the run.sh not having execute permissions. Have a look at the kubernetes logs on the pod before it terminates or spin up the container and see what it does in podman/docker. The error is most likely there. 

Get Outlook for iOS

---

From: awx-p...@googlegroups.com <awx-p...@googlegroups.com> on behalf of Andrea Lenarduzzi <andre...@gmail.com>
Sent: Thursday, April 22, 2021 2:57:57 AM

To view this discussion on the web visit https://groups.google.com/d/msgid/awx-project/CABKy_H467706Ch7s-0zUrZ6QYA8M_%2B_34Ogcz1ANALboJXWnpw%40mail.gmail.com.

[Andrea Lenarduzzi]

in "docker ps" there isn't "my_first_ee_image"

[Wei-Yen Tan]

On your kubernetes box? No there won't be. You are looking at containers. On the box where you authored the image run docker image 

Get Outlook for iOS

---

From: awx-p...@googlegroups.com <awx-p...@googlegroups.com> on behalf of Andrea Lenarduzzi <andre...@gmail.com>

Sent: Thursday, April 22, 2021 3:19:52 AM

To view this discussion on the web visit https://groups.google.com/d/msgid/awx-project/CABKy_H4yx8sNcgnTNxzfZYVz302ULMQ%2B7Bbv5Jtj-3c88cqBQg%40mail.gmail.com.

[Wei-Yen Tan]

Docker image ls 

Get Outlook for iOS

---

From: Wei-Yen Tan <weiye...@gmail.com>
Sent: Thursday, April 22, 2021 7:56:12 AM
To: Andrea Lenarduzzi <andre...@gmail.com>

[phil.gr...@gmail.com]

I've just deployed a new custom EE to my AWX setup and it's working. So my LinkedIn instructions are working. I've added a troubleshooting section to the end of the blog, in case it might be useful for you - https://www.linkedin.com/pulse/creating-custom-ee-awx-phil-griffiths/

[Wei-Yen Tan]

Hi  Phil, 

I found this issue.....

AWX RuntimeError resulting in loss of worker task logs and true outcome · Issue #9961 · ansible/awx (github.com)

and found this:

Separately, I had similar issues as reported in 9917 but was able to eventually get a custom EE container builtt and working (to include Galaxy collections) by using the workarounds mentioned there. I needed to use your suggested --build-arg ANSIBLE_RUNNER_IMAGE=quay.io/ansible/awx-ee:0.1.1




When I used this The playbook ran as expected. The playbook did error but that is expected and comes under standard bug fixing. 




Thank you for taking the time to help me. It is most appreciated.

To view this discussion on the web visit https://groups.google.com/d/msgid/awx-project/44a60cde-8f17-494d-9b78-b9cccb31fd32n%40googlegroups.com.

[Wei-Yen Tan]

Spoke too soon , it looks like the image built, using those args but no pwsh binary got installed in that image . When I use that image as the parent now it says it can't find kubernetes.core collection.

Back to square one.....I'll send a new message.....

[Chris Paggen]

The steps on the linkedin page worked for me - thanks!