All the images and docker-compose files are located under the directory .ci/
The simulator is controlled by the file .ci/docker-compose.ansimulator.env
In this file are defined :
-
the Debian and Centos source images and version used to build the simulator
-
the generated image names for the simulator
-
the number of containers for each distribution. Currently set to 4 for centos, 1 for debian.
It is possible to change the amount of instance, or set one to0to disable the usage of a distribution.
The [linux] group in the inventory filetests/ansible/inventory/hostsmust be updated accordingly. -
the listen IP for compose, which can allow to connect remotely to installed services on the containers.
The default setting restrict it to localhost. -
support for yum and apt proxy URL.
If set, they will be hardcoded into the images. You must rebuild them to change the proxy addresses
Aside the proxy setting, any change here will be applied after a -stop / -start.
Standard case : connecting from your computer to a service using any http browser.
The current configuration allows to connect to any service running in the containers on the port 80 or 443 only.
ou'll need to update the .ci/docker-compose.ansimulator.env file and change the DOCKER_HOST_IP to the value 0.0.0.0
Please note the containers will be reachable by anybody. If you are on WSL, having 127.0.0.1 should be valid for your computer.
In addition, the mapped port on docker side will be at random, due to using docker deploy.
First, verify in the hosts file on which container your service is installed. (or the reverse proxy service, if used).
Then, with docker ps write down the port mapped on this container to ->80/tcp or 443/tcp depending of your configuration, which might be in the 31000-33000 range.
You can then connect to your service with : http(s)://<my_host_ip_or_name>:<external_docker_port>
A last thing : depending of the configuration, a service might expect a specific name. In such case, edit in the playbook or the inventory the external url parameter.
For example:
-
grafana : while a configuration for a reverse proxy exists for the same container, the test configuration for grafana is listening on 0.0.0.0.
So either changinggrafana_server_nameto your hostname (the nginx playbook must be executed)
orgrafana_listen_portto 80 in the inventory filetests/ansible/inventory/group_vars/monitoring-server/grafanawill allow a direct connection after executing the monitoring playbook another time. -
rundeck : no reverse proxy is defined, the configuration has a preset similar to the initial values.
Change in the playbooktests/ansible/playbook-test-rundeck.ymlthe parameterrundeck_url_fullto the correct hostname and port and re-execute the playbook.
The following volume will be created or mounted :
-
on the ansible controller :
- ./ansible : mounted as /etc/ansible, RO or RW (default) depending of the setting
- ./ : mounted as /opt/repo, RO
- ./tests/ansible : mounted as /opt/ansible, RW. Contains the test playbooks and inventory.
-
on all containers :
- ansible_simulator_sshkey (volume) : mounted as /home/ansible/.ssh, RW. This allows ansible to connect on all other containers using ssh.
- ansible_simulator_temp_docker_vol (volume) : mounted as /var/lib/docker, RW.
Using Docker in Docker requires such volume.
Please note this volume is deleted by the makefile when using the target ansible-simul-stop.
The custom inventory is placed under tests/ansible/inventory, which will be available as /opt/ansible on the ansible controller.
The name and tag for the images are located in the .ci/docker-compose.ansimulator.env file.
The Dockerfile is located under .ci/docker-ansimulator-template/
It is the same for both Debian and Centos (Rocky) images.
The full configuration is not as usual, some elements like the module versions to deploy are still in the Dockerfile.
But due to the number of packages to install and configure, which are necessary to simulate a complete server, most of the commands are splitted under multiple directories, one per theme.
Each contains an install.sh file, with all the commands, and additional configuration files.
For example, to simply change the version to install for ansible, just the Dockerfile is enough, at the ansible section.
But if you want to fine-tune some system packages or the installation of ansible, look under .ci/docker-ansimulator-template/system/ or ...template/ansible/ directory.
Please note using python 3.9 on rhel/centos/rocky/alma release 8 raise multiple problems due to missing package variants for python 3.9.
As such, switching from ansible 2.9 to ansible 2.15 will requires to change the distribution release 8 to release 9.
Such restruction will be present, while less noticeable, for any distribution using a global python version different from the default one.
To resume, to change ansible version from 2.9 to 2.15, you need to set the new version in the Dockerfile, and change in the docker-compose.ansimulator.env the IMAGE_CENTOS_REF_VERSION from 8.x to 9.x
If you're using the ansible-role repository, the roles are fully compatible between both versions.
Still, as one deprecated argument for the "command" and "shell" modules has been completely blocked since ansible 2.14+, the roles cannot be executed immediately.
If the desired version is not ansible v2.9, execute the command : make ansible-tools-compat-v2_14-update-roles
It will simply chain a grep on the warn: false argument in the files, then apply sed to delete the lines.
The variant shell: <my command and args> warn=false is not supported.
While this command requires a running ansimulator (any version), it can be copied from the makefile and applied manually on the roles.
Notice: the syntax variant on a single line is not supported, like : shell: <my command and args> warn=false
Author: HAL - CC-BY-4.0