This is our organizations first jump off into Docker and Docker Compose. We had previously stood up a POC of Tower and like it enough that we wanted to compare the AWX version. Our issue is that changes we would normally make at the OS level are now changes that have to be made in the container. Having almost zero knowledge of how to configure/edit a container, where would be some good places to start for documentation? For instance, if our network guys wanted a playbook to output a file, does the file live in the container or the host file system?
I know these are pretty much basement questions on Docker and not necessarily AWX, but our need to tweak some settings within AWX is forcing us to learn on the fly.
Thanks in advance.
Our issue is that changes we would normally make at the OS level
What changes are you normally making at the OS level?
If our network guys wanted a playbook to output a file, does the file live in the container or the host file system?
To answer your question, if your playbook saves a file locally, it
will be somewhere in the awx_task container. I would encourage your
network guys to do things like (1) output the file [which is most
likely a config] to screen, (2) have the playbook *send* the file
somewhere, or (3) evaluate why they need to save the file (meaning you
might be able to write tasks that will fetch a config and assert
against it, never actually needing to save a config -- we were able to
do this in some cases).
Also, for what its worth, we were able to transition to AWX without
editing the containers (or how they were built) at all. And I think
most people will be able to do this too, maybe with some changes to
their own playbooks (for example, we added tasks to all of our
applicable roles/playbooks to install dependencies locally, which
installs needed dependencies into the container on playbook
execution).
My one hurdle right now is the network guys are wanting to edit the requirements.yml file so they can pull roles from Galaxy on the fly?
They also had questions about some of the pip installs they needed to do when we did the POC for Tower. Will these need to be done again and which container? You may have answered that one already with the task container.
network guys are wanting to edit the requirements.yml file
I feel like if they edit the requirements.yml file in the project
(like, in the git project), the next time the playbook will get run,
AWX will check for `roles/requirements.yml` changes and will download
your new roles as needed.
I say "feel like" being I'm having some unrelated problems with this
file, but it most likely won't affect y'all.
They also had questions about some of the pip installs they needed to do when we did the POC for Tower. Will these need to be done again and which container?
Yeah, for these type of things I would suggest having a task that
looks something like:
- name: Ensure needed dependencies are available
pip:
name:
- junos-eznc # Obviously use whatever packages you need here
- ncclient
state: present
delegate_to: localhost
run_once: true
That will ensure the needed dependences already exist in the container
before your tasks actually need and use them.