OS: container with openSUSE Leap 15.2
上次升級是 2020/11/29 , 這次會來升級的原因是
Ansible 在 2.10 以後的版本, 有很多 module 被移動到 Ansible Collections, 也就是說現在不是如同 Ansible 官網上面的 pip3 install ‘ansible[azure]’ 的安裝方式. 接下來就是透過 collection 方式來進行安裝
這樣也是好事, 之前也是因為這樣報了一個 issue
然後也同步紀錄一下目前 Azure CloudShell 上面的 Ansible 資訊
先整理結果
升級前
OS: openSUSE Leap 15.2
awscli: aws-cli/2.1.4 Python/3.7.3
gcloud: Google Cloud SDK 319.0.0
azure-cli: 2.15.1 (目前有 bug)
ansible: 2.10.3
升級後
OS: openSUSE Leap 15.2
awscli: aws-cli/2.2.4 Python/3.8.8
gcloud: Google Cloud SDK 340.0.0
azure-cli: 2.23.0 (目前有 bug)
ansible: 2.10.9
AWS CLI v2 安裝文件
GCP Cloud SDK 版本
這次的做法還是會透過 docker build 指令來進行
Dockerfile 的部分我是拿之前 openSUSE Leap 15.2 來修改
修改細節
列出 diff 的結果給大家參考
> diff opensuseLeap152_ansible_20210513_Dockerfile opensuseLeap151_ansible_20201129_Dockerfile
6c6
< # update time: 20210513
---
> # update: 20201129
75c75
< # Install google cloud SDK 340.0.0
---
> # Install google cloud SDK 319.0.0
77,78c77,78
< RUN wget https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-340.0.0-linux-x86_64.tar.gz && \
< tar zxvf google-cloud-sdk-340.0.0-linux-x86_64.tar.gz && \
---
> RUN wget https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-319.0.0-linux-x86_64.tar.gz && \
> tar zxvf google-cloud-sdk-319.0.0-linux-x86_64.tar.gz && \
Dockerfile 內容如下
# openSUSE Leap 15.2 with ansible, azure-cli, aws cli, gcloud
FROM opensuse/leap:15.2
# Author
# MAINTAINER 已經棄用, 之後要使用 LABEL 方式
# update time: 20210513
LABEL maintainer="sakana@cycu.org.tw"
# Set LANG for UTF-8 - for Chinese
ENV LANG C.UTF-8
# Install python3-pip, upgrade pip, ansible, boto, boto3
RUN zypper install -y python3-pip && \
pip3 install --upgrade pip && \
pip3 install ansible && \
pip3 install boto boto3
# Install openssh, set ls alias
RUN zypper install -y openssh
RUN echo "alias ls='ls --color=tty'" >> /root/.bashrc
# Install wget, download azure_rm.py, set permission
RUN zypper install -y wget
# azure_rm.py no need to download
# Starting with Ansible 2.8, Ansible provides an Azure dynamic-inventory plug-in
# https://docs.ansible.com/ansible/latest/plugins/inventory/azure_rm.html
# old azure_rm.py URL https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/azure_rm.py
#
# Create working directory in /root
RUN mkdir /root/.azure && \
mkdir /root/.aws && \
mkdir /root/playbook && \
mkdir -p /root/.config/gcloud && \
wget https://raw.githubusercontent.com/sakanamax/LearnAnsible/master/template/ansible.cfg && \
mv /ansible.cfg /root && \
wget https://raw.githubusercontent.com/sakanamax/LearnAnsible/master/template/hosts && \
mv /hosts /root
#### Azure ####
# Install azure-cli
# 2020/11/29 Still have az login issue in Github https://github.com/Azure/azure-cli/issues/13209
RUN zypper install -y curl && \
rpm --import https://packages.microsoft.com/keys/microsoft.asc && \
zypper addrepo --name 'Azure CLI' --check https://packages.microsoft.com/yumrepos/azure-cli azure-cli && \
zypper install --from azure-cli -y azure-cli
# Install Ansible azure module
# After ansible 2.10, some module move to ansible collect, change install method
RUN zypper install -y curl && \
curl -O https://raw.githubusercontent.com/ansible-collections/azure/dev/requirements-azure.txt && \
pip3 install -r requirements-azure.txt && \
rm -f requirements-azure.txt && \
ansible-galaxy collection install azure.azcollection
#install vim tar gzip jq unzip less bind-utils iputils groff
RUN zypper install -y vim tar gzip jq unzip less bind-utils iputils groff
RUN echo "set encoding=utf8" > /root/.vimrc
#### AWS ####
# Install awscli v1
#RUN pip3 install awscli
#RUN echo "source /usr/bin/aws_bash_completer" >> /root/.bashrc
# Install awscli v2
RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" && \
unzip awscliv2.zip && \
/aws/install
RUN echo "complete -C '/usr/local/bin/aws_completer' aws" >> /root/.bashrc
#### GCP ####
# Install google cloud SDK 340.0.0
ENV CLOUDSDK_CORE_DISABLE_PROMPTS 1
RUN wget https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-340.0.0-linux-x86_64.tar.gz && \
tar zxvf google-cloud-sdk-340.0.0-linux-x86_64.tar.gz && \
/google-cloud-sdk/install.sh && \
echo "if [ -f '/google-cloud-sdk/path.bash.inc' ]; then . '/google-cloud-sdk/path.bash.inc'; fi" >> /root/.bashrc && \
echo "if [ -f '/google-cloud-sdk/completion.bash.inc' ]; then . '/google-cloud-sdk/completion.bash.inc'; fi" >> /root/.bashrc
使用 docker build 指令建立 image
> docker build -t sakana/ansible_opensuse152:20210513 -f ./opensuseLeap152_ansible_20210513_Dockerfile .
使用 -f 指定 Dockerfile 名稱
最後是 ” . “ 目前的目錄
測試 container image
> docker run -v ~/.aws:/root/.aws -v ~/.azure:/root/.azure -v ~/.config/gcloud:/root/.config/gcloud -it sakana/ansible_opensuse152:20210513 /bin/bash
測試結果 OK, 建立 tag
這邊目前因為 openSUSE Leap 15 使用舊的 azure cli 以及相依性, 所以現在 az 指令會有問題, 已經 update issue 以及花了很多時間調整, 目前還是要等 openSUSE and Azure 看是否會有後續更新
但是 ansible with azure 沒有問題, 所以目前 az 指令可能會暫時透過 Azure cloud shell
觀察資訊
> docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
sakana/ansible_opensuse152 20210513 c69c2e1c6e9e 13 minutes ago 2.45GB
opensuse/leap 15.2 573008f769b5 20 hours ago 106MB
sakana/ansible_opensuse152 latest 9f8d6b777cc9 2 weeks ago 1.82GB
建立 tag
> docker tag c69c2e1c6e9e sakana/ansible_opensuse152:latest
登入 docker
> docker login
上傳 image
> docker push sakana/ansible_opensuse152:20210513
> docker push sakana/ansible_opensuse152:latest
完工, 以後使用就用
> docker run -v ~/.aws:/root/.aws -v ~/.azure:/root/.azure -v ~/.config/gcloud:/root/.config/gcloud -it sakana/ansible_opensuse152 /bin/bash
額外小記: 又碰到 Azure 的認證資訊已經超過一年了, 參考之前自己的筆記
http://sakananote2.blogspot.com/2020/05/azure-dynamic-inventory-with-ansible.html
使用 az ad sp list --all --output table | grep azure-cli 找出舊的認證,
刪除他 ex: # az ad sp delete --id d06f8905-ad21-425b-9da5-3e0bcf22a853
然後建立新的認證 ex: # az ad sp create-for-rbac --query '{"client_id": appId, "secret": password, "tenant": tenant}'
查詢 subscription_id, ex: # az account show --query "{ subscription_id: id }"
更新 ~/.azure/credentials
~ enjoy it
Reference: