Ansible Automation Platform - 用 Ansible Navigator 和 Execution Environment 镜像开发测试 Playbook

admin

2024-02-09 07:15:19

0次

《OpenShift / RHEL / DevSecOps / Ansible 汇总目录》

请参考《Ansible Automation Platform - 功能构成》一文了解什么是 Ansible Navigator 和 Execution Environment ？

文章目录

安装 Ansible Navigator
了解 ansible-navigator 命令
使用 ansible-navigator 命令
- 下载 EE 镜像
- 查看 EE 镜像中包含的 Collection
- 运行 Playbook
- 提示输入变量
- 指定运行 Playbook 使用的 EE 镜像
- 指定默认使用的 EE 镜像
Execution Environment 镜像差异说明
- 查看 RedHat 官方 EE 中包含的 Collection
- 查看

安装 Ansible Navigator

Ansible Navigator 需要本地有 docker 或 podman 的容器运行环境以及 Python 3 环境。我们以 podman 为例说明如何安装 Ansible Navigator。

用 root 用户在 /etc/yum.repos.d 目录中创建内容如下的 ansible.repo 文件。

[ansible-tower]
name=Ansible Tower Repository - $releasever $basearch
baseurl=http://releases.ansible.com/ansible-tower/rpm/epel-7-$basearch
enabled=0
gpgcheck=0[ansible-tower-dependencies]
name=Ansible Tower Dependencies Repository - $releasever $basearch
baseurl=http://releases.ansible.com/ansible-tower/rpm/dependencies/3.8/epel-7-$basearch
enabled=0
gpgcheck=0

用一般用户执行命令安装 podman 和 Python3，然后设置环境变量。

$ sudo dnf install podman
$ sudo dnf install python3-pip
$ python3 -m pip install ansible-navigator --user
$ echo 'export PATH=$HOME/.local/bin:$PATH' >> ~/.profile
$ source ~/.profile

了解 ansible-navigator 命令

新版 Ansible Automation Platform 为 Ansible Playbook 的开发人员提供了 ansible-navigator 命令，它可以替代以前 ansible、ansible-vault、ansible-config、ansible-inventory 等多个命令。原有命令和 ansible-navigator 命令对应关系如下：

ansible command	ansible-navigator command
ansible	ansible-navigator exec – ansible
ansible-builder	ansible-navigator builder
ansible-config	ansible-navigator config
ansible-doc	ansible-navigator doc
ansible-inventory	ansible-navigator inventory
ansible-galaxy	ansible-navigator exec – ansible-galaxy
ansible-lint	ansible-navigator lint
ansible-playbook	ansible-navigator run
ansible-test	ansible-navigator exec – ansible-test
ansible-vault	ansible-navigator exec – ansible-vault

使用 ansible-navigator 命令

下载 EE 镜像

由于 ansible-navigator 将使用容器运行 Playbook，因此首次运行 ansible-navigator 命令会自动下载 Ansible Execution Environment 用到的 quay.io/ansible/creator-ee 镜像。

$ ansible-navigator
--------------------------------------------------------------------
Execution environment image and pull policy overview
--------------------------------------------------------------------
Execution environment image name:     quay.io/ansible/ansible-navigator-demo-ee:v0.9.1
Execution environment image tag:      v0.9.1
Execution environment pull arguments: None
Execution environment pull policy:    tag
Execution environment pull needed:    True
--------------------------------------------------------------------
Updating the execution environment
--------------------------------------------------------------------
Running the command: podman pull quay.io/ansible/creator-ee:v0.9.1
Trying to pull quay.io/ansible/creator-ee:v0.9.1...
Getting image source signatures
Copying blob f0a2109a2528 done
Copying blob 48ce73c7e477 done
Copying blob 9f45cf1cd9f2 done
Copying blob bfd1401568a8 done
Copying blob fee18ea417d6 done
Copying blob d476c80a44d7 done
Copying blob 4aebe424f143 done
Copying blob efc5b38d83d9 done
Copying blob 410787409650 done
Copying blob edb89913e580 done
Copying blob 6b561e91716e done
Copying blob 34d2a1249074 done
Copying blob 1cb646aa85f3 done
Copying blob 764ac4e7ad9b done
Copying blob 0a1c53b5e37b done
Copying blob 229587a136fc done
Copying blob 29a5ca154d1a done
Copying blob ff219ea64e3c done
Copying blob 0c6ae578cad8 done
Copying blob 6959376cbaa5 done
Copying blob 986b929179dc done
Copying blob 6b720af45b2e done
Copying config d1524b4410 done
Writing manifest to image destination
Storing signatures
d1524b4410d034b784fc0f32d6051cf384f676b16d690286297374923014cfd4

确认本地已有 quay.io/ansible/creator-ee 镜像了。

$ podman images
REPOSITORY                              TAG         IMAGE ID      CREATED        SIZE
quay.io/ansible/creator-ee              v0.9.1      d1524b4410d0  5 weeks ago    1.4 GB

执行 ansible-navigator 命令也可看到本地镜像。

$ ansible-navigator imagesImage                     Tag              Execution environment           Created                Size
0│creator-ee                v0.9.1           True                            5 weeks ago            1.4 GB

查看 ansible-navigator 的 EE 中 ansible 的运行环境版本。

$ ansible-navigator exec -- ansible --version
ansible [core 2.13.4]config file = Noneconfigured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']ansible python module location = /usr/local/lib/python3.8/site-packages/ansibleansible collection location = /home/runner/.ansible/collections:/usr/share/ansible/collectionsexecutable location = /usr/local/bin/ansiblepython version = 3.8.13 (default, Jun 24 2022, 15:27:57) [GCC 8.5.0 20210514 (Red Hat 8.5.0-13)]jinja version = 3.1.2libyaml = True

查看 EE 镜像中包含的 Collection

可执行 ansible-navigator 命令查看缺省 EE 镜像中包含了多个 Collection。

$ ansible-navigator collectionsName                               Version     Shadowed     Type          Path
0│ansible.builtin                    2.13.4      False        contained     /usr/local/lib/python3.8/site-packages/ansible
1│ansible.posix                      1.4.0       False        contained     /usr/share/ansible/collections/ansible_collections/ansible/posix
2│ansible.windows                    1.11.1      False        contained     /usr/share/ansible/collections/ansible_collections/ansible/windows
3│awx.awx                            21.7.0      False        contained     /usr/share/ansible/collections/ansible_collections/awx/awx
4│containers.podman                  1.9.4       False        contained     /usr/share/ansible/collections/ansible_collections/containers/podman
5│kubernetes.core                    2.3.2       False        contained     /usr/share/ansible/collections/ansible_collections/kubernetes/core
6│redhatinsights.insights            1.0.7       False        contained     /usr/share/ansible/collections/ansible_collections/redhatinsights/insights
7│theforeman.foreman                 3.6.0       False        contained     /usr/share/ansible/collections/ansible_collections/theforeman/foreman

运行 Playbook

创建内容如下的 test.yml 剧本。

---
- name: this is just a testhosts: localhostgather_facts: truetasks:- name: ping testansible.builtin.ping:

然后用 ansible-navigator 执行 test.yml 剧本。

$ ansible-navigator run ./test.yml -m stdout

提示输入变量

创建内容如下的 var-promote.yml 剧本，其中包含输入变量提示。

---
- name: Input password from promotehosts: localhostgather_facts: falsevars_prompt:- name: my_passwordprompt: Enter passwordconfirm: yestasks:- name: Print passwordansible.builtin.debug:msg: 'Your password is {{ my_password }}'

执行以下命令运行剧本。

$ ansible-navigator run var-promote.yml -m stdout --playbook-artifact-enable false --ask-pass

指定运行 Playbook 使用的 EE 镜像

注意：执行以下 Playbook 需要有一个 Ansible Controller 环境。
先执行以下命令登录 registry.redhat.io 后下载 ee-supported-rhel8 镜像，它可以运行 ansible.controller 集合中的模块。

$ podman login registry.redhat.io
$ podman pull registry.redhat.io/ansible-automation-platform-22/ee-supported-rhel8:latest

创建内容如下的 add-inventory.yml 剧本。vars 中的三个变量为 Ansible Controller 的访问地址和登录用户，可修改为适合自己环境的内容。

- name: Create Inventory once piece at a timehosts: localhostgather_facts: falsevars:ansible_controller_username: adminansible_controller_password: Rxg0P30I1GMVmIkAPv01NbooEJaPDmd0ansible_controller_host: https://my-ansible-controller-ansible-automation-platform.apps-crc.testingcollections:- ansible.controllertasks:- name: Add inventoryinventory:name: Book Inventorydescription: Create Inventory once piece at a timeorganization: Defaultstate: presentcontroller_host: "{{ ansible_controller_host }}"controller_username: "{{ ansible_controller_username }}"controller_password: "{{ ansible_controller_password }}"validate_certs: false- name: Add hosthost:name: ansible-client01description: "ansible-client01"inventory: Book Inventoryvariables:hosts_var: 192.168.203.118state: presentcontroller_host: "{{ ansible_controller_host }}"controller_username: "{{ ansible_controller_username }}"controller_password: "{{ ansible_controller_password }}"validate_certs: false- name: Add groupgroup:name: Linux-VMinventory: Book Inventoryhosts:- ansible-client01state: presentcontroller_host: "{{ ansible_controller_host }}"controller_username: "{{ ansible_controller_username }}"controller_password: "{{ ansible_controller_password }}"validate_certs: false

执行命令运行 add-inventory.yml 剧本，其中指定使用 ee-supported-rhel8 镜像运行该剧本。

$ ansible-navigator run add-inventory.yml -m stdout --eei registry.redhat.io/ansible-automation-platform-22/ee-supported-rhel8:latest

指定默认使用的 EE 镜像

执行以下命令，在当前用户 HOME 中创建内容如下的 .ansible-navigator.yml 文件，其中设置了默认使用的 EE 镜像。

---
$ cat> ~/.ansible-navigator.yml << EOF
ansible-navigator:execution-environment:image: registry.redhat.io/ansible-automation-platform-22/ee-supported-rhel8:latest
EOF

执行命令，确认当前运行 ansible-navigator 使用的 EE 镜像，其中标记为 “primary” 为目前使用的 EE 镜像。

$ ansible-navigator images
---  NAME                                TAG     EXECUTION ENVIRONMENT    CREATED         SIZE
0│creator-ee                             v0.9.1                   True    15 months ago   1.35 GB
1│ee-supported-rhel8 (primary)           latest                   True    6 days ago      1.64 GB

Execution Environment 镜像差异说明

查看 RedHat 官方 EE 中包含的 Collection

运行以下命令，可以查看一个 EE 镜像中包含的 Collection 列表。

$ podman run -it --rm registry.redhat.io/ansible-automation-platform-22/ee-supported-rhel8 ansible-galaxy collection list# /usr/share/ansible/collections/ansible_collections
Collection              Version
----------------------- -------
amazon.aws              3.2.0  
ansible.controller      4.2.1  
ansible.netcommon       3.1.1  
ansible.network         1.2.0  
ansible.posix           1.3.0  
ansible.security        1.0.0  
ansible.utils           2.6.1  
ansible.windows         1.9.0  
ansible.yang            1.0.0  
arista.eos              5.0.0  
cisco.asa               3.0.0  
cisco.ios               3.0.0  
cisco.iosxr             3.0.0  
cisco.nxos              3.0.0  
cloud.common            2.1.1  
frr.frr                 2.0.0  
ibm.qradar              2.0.0  
junipernetworks.junos   3.0.0  
kubernetes.core         2.2.3  
openvswitch.openvswitch 2.1.0  
redhat.insights         1.0.7  
redhat.openshift        2.1.0  
redhat.rhv              1.6.5  
redhat.satellite        3.3.0  
servicenow.itsm         1.3.3  
splunk.es               2.0.0  
trendmicro.deepsec      2.0.0  
vmware.vmware_rest      2.1.5  
vyos.vyos               3.0.0

也可以运行以下命令查看一个 EE 镜像中包含的 Collection 列表。

   NAME                                   VERSION      SHADOWED       TYPE            PATH0│amazon.aws                             3.2.0           False       contained       /usr/share/ansible/collections/ansible_collections/amazon/aws/1│ansible.controller                     4.2.1           False       contained       /usr/share/ansible/collections/ansible_collections/ansible/controller/2│ansible.netcommon                      3.1.1           False       contained       /usr/share/ansible/collections/ansible_collections/ansible/netcommon/3│ansible.network                        1.2.0           False       contained       /usr/share/ansible/collections/ansible_collections/ansible/network/4│ansible.posix                          1.3.0           False       contained       /usr/share/ansible/collections/ansible_collections/ansible/posix/5│ansible.security                       1.0.0           False       contained       /usr/share/ansible/collections/ansible_collections/ansible/security/6│ansible.utils                          2.6.1           False       contained       /usr/share/ansible/collections/ansible_collections/ansible/utils/7│ansible.windows                        1.9.0           False       contained       /usr/share/ansible/collections/ansible_collections/ansible/windows/8│ansible.yang                           1.0.0           False       contained       /usr/share/ansible/collections/ansible_collections/ansible/yang/9│arista.eos                             5.0.0           False       contained       /usr/share/ansible/collections/ansible_collections/arista/eos/
10│cisco.asa                              3.0.0           False       contained       /usr/share/ansible/collections/ansible_collections/cisco/asa/
11│cisco.ios                              3.0.0           False       contained       /usr/share/ansible/collections/ansible_collections/cisco/ios/
12│cisco.iosxr                            3.0.0           False       contained       /usr/share/ansible/collections/ansible_collections/cisco/iosxr/
13│cisco.nxos                             3.0.0           False       contained       /usr/share/ansible/collections/ansible_collections/cisco/nxos/
14│cloud.common                           2.1.1           False       contained       /usr/share/ansible/collections/ansible_collections/cloud/common/
15│frr.frr                                2.0.0           False       contained       /usr/share/ansible/collections/ansible_collections/frr/frr/
16│ibm.qradar                             2.0.0           False       contained       /usr/share/ansible/collections/ansible_collections/ibm/qradar/
17│junipernetworks.junos                  3.0.0           False       contained       /usr/share/ansible/collections/ansible_collections/junipernetworks/junos/
18│kubernetes.core                        2.2.3           False       contained       /usr/share/ansible/collections/ansible_collections/kubernetes/core/
19│openvswitch.openvswitch                2.1.0           False       contained       /usr/share/ansible/collections/ansible_collections/openvswitch/openvswitch/
20│redhat.insights                        1.0.7           False       contained       /usr/share/ansible/collections/ansible_collections/redhat/insights/
21│redhat.openshift                       2.1.0           False       contained       /usr/share/ansible/collections/ansible_collections/redhat/openshift/
22│redhat.rhv                             1.6.5           False       contained       /usr/share/ansible/collections/ansible_collections/redhat/rhv/
23│redhat.satellite                       3.3.0           False       contained       /usr/share/ansible/collections/ansible_collections/redhat/satellite/
24│servicenow.itsm                        1.3.3           False       contained       /usr/share/ansible/collections/ansible_collections/servicenow/itsm/
25│splunk.es                              2.0.0           False       contained       /usr/share/ansible/collections/ansible_collections/splunk/es/
26│trendmicro.deepsec                     2.0.0           False       contained       /usr/share/ansible/collections/ansible_collections/trendmicro/deepsec/
27│vmware.vmware_rest                     2.1.5           False       contained       /usr/share/ansible/collections/ansible_collections/vmware/vmware_rest/
28│vyos.vyos                              3.0.0           False       contained       /usr/share/ansible/collections/ansible_collections/vyos/vyos/

查看

$ ansible-navigator collections --eei quay.io/ansible/creator-ee:v0.9.1 Name                               Version     Shadowed     Type          Path
0│ansible.builtin                    2.13.4      False        contained     /usr/local/lib/python3.8/site-packages/ansible
1│ansible.posix                      1.4.0       False        contained     /usr/share/ansible/collections/ansible_collections/ansible/posix
2│ansible.windows                    1.11.1      False        contained     /usr/share/ansible/collections/ansible_collections/ansible/windows
3│awx.awx                            21.7.0      False        contained     /usr/share/ansible/collections/ansible_collections/awx/awx
4│containers.podman                  1.9.4       False        contained     /usr/share/ansible/collections/ansible_collections/containers/podman
5│kubernetes.core                    2.3.2       False        contained     /usr/share/ansible/collections/ansible_collections/kubernetes/core
6│redhatinsights.insights            1.0.7       False        contained     /usr/share/ansible/collections/ansible_collections/redhatinsights/insights
7│theforeman.foreman                 3.6.0       False        contained     /usr/share/ansible/collections/ansible_collections/theforeman/foreman

从上面我们可以看到 ansible-navigator 缺省使用的 EE 镜像来自 quay.io 网站，这是 RedHat 官方（redhat.）提供镜像的上游开源镜像源，它其中包含的 Collection 和 RedHat 官方提供的会在数量上、和名称上稍有差异。

词库加载错误:未能找到文件“E:\highferrum_mysql\Configuration\Dict_Stopwords.txt”。

上一篇：perl下stat()函数的使用

下一篇：Day808.设计模式一些列问题 -Java 性能调优实战