Hello Team,
I have been trying to move my team from ansible core and would like to do that with little change into what we have already so the contribution from team can still happen. I need a way to sync AWX as closely as possible to ansible core.
For context, we deploy microservices to AWS ECS and some of these services need a config server. We pick passwords from ansible vault and encrypt it with spring cloud cli, pass it to a template to generate the yaml file that is consumed by the config server. Below snippet shows a bit how we do that
- name: Encryption Account Mysql Jdbc Username
shell: “spring encrypt ‘{{ vault_pgnx_account_mysql_jdbc_username }}’ --key {{ vault_configserver_encryption_key }}”
register: reg_account_mysql_jdbc_username
For that to happen, I need to install sdkman on the awx_task. Though I am not too sure about how to cleanly do it I ended up with a little hack of the awx/installer/roles/local_docker/compose.yml file
`
-
block:
-
name: Start the containers
docker_compose:
project_src: “{{ docker_compose_dir }}”
restarted: “{{ awx_compose_config is changed or awx_secret_key is changed }}”
register: awx_compose_start -
name: Update CA trust in awx_web container
command: docker exec awx_web ‘/usr/bin/update-ca-trust’
when: awx_compose_config.changed or awx_compose_start.changed -
name: Update CA trust in awx_task container
command: docker exec awx_task ‘/usr/bin/update-ca-trust’
when: awx_compose_config.changed or awx_compose_start.changed
when: compose_start_containers|bool -
name: Installing unzip
command: docker exec awx_task bash -c ‘yum -y install unzip’ -
name: Installing zip
command: docker exec awx_task bash -c ‘yum -y install zip’ -
name: Installing sdkman
command: docker exec awx_task bash -c ‘/usr/bin/curl -s “https://get.sdkman.io” | bash’ -
name: Sourcing sdkman init
command: docker exec awx_task bash -c ‘source “/home/awx/.sdkman/bin/sdkman-init.sh”’ -
name: Sourcing sdkman for .zshrc
command: docker exec awx_task sh -c ‘source “/home/awx/.zshrc”’ -
name: Installing Java
command: docker exec awx_task bash -c ’ source “/home/awx/.sdkman/bin/sdkman-init.sh” && sdk install java’
ignore_errors: yes -
name: Installing Springboot cli
command: docker exec awx_task sh -c ‘source “/home/awx/.sdkman/bin/sdkman-init.sh” && sdk install springboot’
ignore_errors: yes -
name: Installing Spring cloud on Springboot cli
command: docker exec awx_task bash -c ‘source “/home/awx/.sdkman/bin/sdkman-init.sh” && spring install org.springframework.cloud:spring-cloud-cli:2.2.0.BUILD-SNAPSHOT’
`
The first problem I have is really leverage on PATHs and some environment variables. I still struggling to understand why some of these commands work fine when I ssh into the awx_task container. The workaround I found is to source the sdk init script before each command. Though the installation is successful as shown before. The real struggle is to access whatever was installed in AWX. Nor java, sdk or spring were available.
`
TASK [local_docker : Create Docker Compose Configuration] *********************************************************************************************************************************************************
ok: [localhost] => (item=environment.sh)
ok: [localhost] => (item=credentials.py)
ok: [localhost] => (item=docker-compose.yml)
ok: [localhost] => (item=nginx.conf)
TASK [local_docker : Render SECRET_KEY file] **********************************************************************************************************************************************************************
ok: [localhost]
TASK [local_docker : Start the containers] ************************************************************************************************************************************************************************
ok: [localhost]
TASK [local_docker : Update CA trust in awx_web container] ********************************************************************************************************************************************************
skipping: [localhost]
TASK [local_docker : Update CA trust in awx_task container] *******************************************************************************************************************************************************
skipping: [localhost]
TASK [local_docker : Installing unzip] ****************************************************************************************************************************************************************************
changed: [localhost]
TASK [local_docker : Installing zip] ******************************************************************************************************************************************************************************
changed: [localhost]
TASK [local_docker : Installing sdkman] ***************************************************************************************************************************************************************************
changed: [localhost]
TASK [local_docker : Sourcing sdkman init] ************************************************************************************************************************************************************************
changed: [localhost]
TASK [local_docker : Sourcing sdkman for .zshrc] ******************************************************************************************************************************************************************
changed: [localhost]
TASK [local_docker : Installing Java] *****************************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {“changed”: true, “cmd”: [“docker”, “exec”, “awx_task”, “bash”, “-c”, " source "/home/awx/.sdkman/bin/sdkman-init.sh" && sdk install java"], “delta”: “0:00:00.584797”, “end”: “2020-02-22 13:59:16.163409”, “msg”: “non-zero return code”, “rc”: 1, “start”: “2020-02-22 13:59:15.578612”, “stderr”: “”, “stderr_lines”: , “stdout”: “\n\u001b[1;31mStop! java 11.0.6.hs-adpt is already installed.\u001b[0m”, “stdout_lines”: [“”, “\u001b[1;31mStop! java 11.0.6.hs-adpt is already installed.\u001b[0m”]}
…ignoring
TASK [local_docker : Installing Springboot cli] *******************************************************************************************************************************************************************
changed: [localhost]
TASK [local_docker : Installing Spring cloud on Springboot cli] ***************************************************************************************************************************************************
changed: [localhost]
PLAY RECAP ********************************************************************************************************************************************************************************************************
localhost : ok=20 changed=8 unreachable=0 failed=0 skipped=97 rescued=0 ignored=1
`
I am still trying to figure out how to have access to items/executable installed within the awx_container. So to test the principle I have a test playbook that supposed to use the installed spring cloud cli . This first attempt didn’t work. The last didn’t work either but shows the output below:
`
[WARNING]: provided hosts list is empty, only localhost is available. Note that
the implicit localhost does not match ‘all’
PLAY [localhost] ***************************************************************
TASK [Gathering Facts] *********************************************************
ok: [localhost]
TASK [Calling spring boot cloud cli for encryption] ****************************
fatal: [localhost]: FAILED! => {“changed”: true, “cmd”: “source "/home/awx/.sdkman/bin/sdkman-init.sh" &&\nspring encrypt 12345 -key 84277c6897f245dcc188485fd94e96e6\n”, “delta”: “0:00:00.021462”, “end”: “2020-02-22 15:29:27.016114”, “msg”: “non-zero return code”, “rc”: 127, “start”: “2020-02-22 15:29:26.994652”, “stderr”: “find: ‘/var/lib/awx/.sdkman/src’: No such file or directory\nfind: ‘/var/lib/awx/.sdkman/ext’: No such file or directory\ntouch: cannot touch ‘/var/lib/awx/.sdkman/var/delay_upgrade’: No such file or directory\n/home/awx/.sdkman/bin/sdkman-init.sh: line 112: /var/lib/awx/.sdkman/var/candidates: No such file or directory\n/home/awx/.sdkman/bin/sdkman-init.sh: line 113: __sdkman_echo_debug: command not found\n/bin/sh: line 1: spring: command not found”, “stderr_lines”: [“find: ‘/var/lib/awx/.sdkman/src’: No such file or directory”, “find: ‘/var/lib/awx/.sdkman/ext’: No such file or directory”, “touch: cannot touch ‘/var/lib/awx/.sdkman/var/delay_upgrade’: No such file or directory”…
PLAY RECAP *********************************************************************
localhost : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
`
Now I am not sure how to move forward. This is really key for us moving forward with the adoption. From the output, I am not sure why /var/lib/awx is being used while the library lives in /home/awx/.sdkman.
I really need your help to get passed this step. Thanks in advance