Pulp plugin to manage Ansible content, e.g. roles
Project description
Use pulp_ansible to create a private Galaxy. It doesn’t have a UI currently, but using an API you can:
Mirror a subset of roles on-premise
Mirror all of Galaxy’s roles on-premise
Store private Ansible roles on-premise
Install Roles from pulp_ansible using the ansible-galaxy CLI
Version Role content over time and rollback if necessary
Support for the new multi-role content type from Galaxy
Issues are tracked in Redmine. You can file a new issue or feature request here. You can also ask questions in the #pulp-ansible channel on Freenode.
Install using Ansible
pulpcore provides an Ansible Installer that can be used to install pulp_ansible. For example if your host is in your Ansible inventory as myhost you can install onto it with:
git clone https://github.com/pulp/ansible-pulp.gitCreate your pulp_ansible.yml playbook to use with the installer:
---
- hosts: all
vars:
pulp_secret_key: secret
pulp_default_admin_password: password
pulp_install_plugins:
pulp-ansible:
app_label: "ansible"
roles:
- pulp-database
- pulp-workers
- pulp-resource-manager
- pulp-webserver
- pulp-content
environment:
DJANGO_SETTINGS_MODULE: pulpcore.app.settingsThen install it onto myhost with:
ansible-playbook pulp_ansible.yaml -l myhostInstall with pulplift
pulplift combines the Ansible installer above with Vagrant to easily try pulp_ansible on a local VM.
First you’ll need to install Vagrant.
git clone --recurse-submodules https://github.com/pulp/pulplift.git
cd pulpliftConfigure pulplift to install pulp_ansible:
cat >local.user-config.ymll <<EOL
pulp_default_admin_password: password
pulp_install_plugins:
pulp-ansible:
app_label: "ansible"
pulp_secret_key: "unsafe_default"
EOLThen run Vagrant up for fedora30 using:
vagrant up pulp3-sandbox-fedora30Then once finished ssh to your pulp_ansible environment with:
vagrant ssh pulp3-sandbox-fedora30Install pulp_ansible From PyPI
pip install pulp-ansibleAfter installing the code, configure Pulp to connect to Redis and PostgreSQL with the pulpcore configuration instructions
Install pulp_ansible from source
git clone https://github.com/pulp/pulp_ansible.git
cd pulp_ansible
pip install -e .After installing the code, configure Pulp to connect to Redis and PostgreSQL with the pulpcore configuration instructions
Run Migrations
django-admin migrate ansibleRun Services
django-admin runserver 24817
gunicorn pulpcore.content:server --bind 'localhost:24816' --worker-class 'aiohttp.GunicornWebWorker' -w 2
sudo systemctl restart pulp-resource-manager
sudo systemctl restart pulp-worker@1Configuring an API Client
All REST API examples bellow use httpie to perform the requests. The httpie commands below assume that the user executing the commands has a .netrc file in the home directory. The .netrc should have the following configuration:
machine localhost
login admin
password adminIf you configured the admin user with a different password, adjust the configuration accordingly. If you prefer to specify the username and password with each request, please see httpie documentation on how to do that.
This documentation makes use of the jq library to parse the json received from requests, in order to get the unique urls generated when objects are created. To follow this documentation as-is please install the jq library with:
$ sudo dnf install jq
Create a repository foo
$ http POST :24817/pulp/api/v3/repositories/ name=foo
{
"_href": "/pulp/api/v3/repositories/51742e85-96f8-4bc6-a232-b408f4631d98/",
...
}$ export REPO_HREF=$(http :24817/pulp/api/v3/repositories/ | jq -r '.results[] | select(.name == "foo") | ._href')
Create a new remote bar
$ http POST :24817/pulp/api/v3/remotes/ansible/ansible/ name=bar url='https://galaxy.ansible.com/api/v1/roles/?namespace__name=elastic'
{
"_href": "/pulp/api/v3/remotes/ansible/ansible/e1c65074-3a4f-4f06-837e-75a9a90f2c31/",
...
}$ export REMOTE_HREF=$(http :24817/pulp/api/v3/remotes/ansible/ansible/ | jq -r '.results[] | select(.name == "bar") | ._href')
Sync repository foo using remote bar
$ http POST ':24817'$REMOTE_HREF'sync/' repository=$REPO_HREF
Look at the new Repository Version created
$ http GET ':24817'$REPO_HREF'versions/1/'
{
"_href": "/pulp/api/v3/repositories/78286e2c-829a-4a8c-a3ca-3a2e490e01a7/versions/1/",
"base_version": null,
"content_summary": {
"added": {
"ansible.role": {
"count": 16,
"href": "/pulp/api/v3/content/ansible/roles/?repository_version_added=/pulp/api/v3/repositories/78286e2c-829a-4a8c-a3ca-3a2e490e01a7/versions/1/"
}
},
"present": {
"ansible.role": {
"count": 16,
"href": "/pulp/api/v3/content/ansible/roles/?repository_version=/pulp/api/v3/repositories/78286e2c-829a-4a8c-a3ca-3a2e490e01a7/versions/1/"
}
},
"removed": {}
},
"number": 1
}Upload a Role to Pulp
Download a role version.
curl -L https://github.com/geerlingguy/ansible-role-postgresql/archive/master.tar.gz -o pg.tar.gz
Create an Artifact by uploading the role version tarball to Pulp.
$ export ARTIFACT_HREF=$(http --form POST :24817/pulp/api/v3/artifacts/ file@pg.tar.gz | jq -r '._href')
Create a Role content unit
Create a Role in Pulp.
$ export ROLE_HREF=$(http :24817/pulp/api/v3/content/ansible/roles/ namespace=pulp name=postgresql version=0.0.1 _artifact=$ARTIFACT_HREF | jq -r '._href')
Add content to repository foo
$ http POST ':24817'$REPO_HREF'versions/' add_content_units:="[\"$ROLE_HREF\"]"
{
"task": "/pulp/api/v3/tasks/fd4cbecd-6c6a-4197-9cbe-4e45b0516309/"
}Create a Distribution for Repository ‘foo’
This will distribute the ‘latest’ RepositoryVersion always.
$ http POST :24817/pulp/api/v3/distributions/ansible/ansible/ name='baz' base_path='dev' repository=$REPO_HREF
{
"_href": "/pulp/api/v3/tasks/2610a47e-4e88-4e8c-9d2e-c71734ae7b39/",
...
}Create a Distribution for a RepositoryVersion
Say you always want to distribute version 1 of Repository ‘foo’ even if more versions are created.
$ http POST :24817/pulp/api/v3/distributions/ansible/ansible/ name='baz' base_path='dev' repository_version=${REPO_HREF}versions/1/
{
"_href": "/pulp/api/v3/tasks/2610a47e-4e88-4e8c-9d2e-c71734ae7b39/",
...
}Install the ansible kubernetes Role
Using a direct path
To install your role using a link to the direct tarball, do the following:
$ ansible-galaxy install http://localhost:24816/pulp/content/dev/elastic/elasticsearch/6.2.4.tar.gz,,elastic.elasticsearch
Using the Pulp Galaxy API
Alternatively, Pulp offers a built-in Galaxy API. To use this, set up your distribution in your ansible config (e.g. ~/.ansible.cfg or /etc/ansible/ansible.cfg):
[galaxy]
server: http://localhost:24817/pulp_ansible/galaxy/devThen install your role using namespace and name:
$ ansible-galaxy install elastic.elasticsearch,6.2.4
- downloading role 'elasticsearch', owned by elastic
- downloading role from http://localhost:24816/pulp/content/dev/elastic/elasticsearch/6.2.4.tar.gz
- extracting elastic.elasticsearch to /home/vagrant/.ansible/roles/elastic.elasticsearch
- elastic.elasticsearch (6.2.4) was installed successfullyCollection Support
pulp_ansible can manage the multi-role repository content referred to as a Collection. The following features are supported:
mazer upload - Upload a Collection to pulp_ansible for association with one or more repositories.
mazer install - Install a Collection from pulp_ansible.
Configuring Collection Support
You’ll have to specify the protocol and hostname the pulp_ansible REST API is being served on. For pulp_ansible to interact with mazer correctly it needs the entire hostname. This is done using the ANSIBLE_HOSTNAME setting in Pulp. For example if its serving with http on localhost it would be:
export PULP_ANSIBLE_API_HOSTNAME='http://localhost:24817' export PULP_ANSIBLE_CONTENT_HOSTNAME='http://localhost:24816/pulp/content'
or in your systemd environment:
Environment=”PULP_ANSIBLE_API_HOSTNAME=http://localhost:24817” Environment=”PULP_ANSIBLE_CONTENT_HOSTNAME=http://localhost:24816/pulp/content”
Mazer Configuration
Install mazer and use the url option to point to the Distribution your content should fetch from. For example, using the Distribution created in the sync workflow, the config would be:
server: url: http://localhost:24817/pulp_ansible/galaxy/dev
This is assuming you have the Collection content exposed at a Distribution created with base_path=dev (as in the example above).
Mazer publish
You can use mazer to publish any built artifact to pulp_ansible by running:
mazer publish path/to/artifact.tar.gz
For example if you have mazer installed and configured the script below will upload a Collection to pulp_ansible and display it:
$ git clone https://github.com/ansible/mazer.git
$ cd mazer/tests/ansible_galaxy/collection_examples/hello/
$ mazer build
$ mazer publish releases/greetings_namespace-hello-11.11.11.tar.gz
$ http :24817/pulp/api/v3/content/ansible/collections/
HTTP/1.1 200 OK
Allow: GET, POST, HEAD, OPTIONS
Connection: close
Content-Length: 357
Content-Type: application/json
Date: Tue, 30 Apr 2019 22:12:06 GMT
Server: gunicorn/19.9.0
Vary: Accept, Cookie
X-Frame-Options: SAMEORIGIN
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"_artifact": "/pulp/api/v3/artifacts/8d77cbc1-fcc7-4239-b369-323ef2080e2f/",
"_created": "2019-04-30T22:12:01.452493Z",
"_href": "/pulp/api/v3/content/ansible/collections/505e7a21-49c6-4287-936e-b043ec6f76d1/",
"_type": "ansible.collection",
"name": "hello",
"namespace": "greetings_namespace",
"version": "11.11.11"
}
]
}
Note that this does not add the Collection to any Repository Version. You can associate the hello unit with a two step process:
Create a new RepositoryVersion that includes the Collection
Create a new Publication that references the new RepositoryVersion from step 1.
Update the Distribution serving mazer to serve the new Publication from step 2.
You could do these steps with a script like:
# Create a Repository http POST :24817/pulp/api/v3/repositories/ name=foo export REPO_HREF=$(http :24817/pulp/api/v3/repositories/ | jq -r '.results[] | select(.name == "foo") | ._href') # Find the 'hello' collection export COLLECTION_HREF=$(http :24817/pulp/api/v3/content/ansible/collections/ | jq -r '.results[0]._href') # Create a Repository Version with the 'hello' collection http POST ':24817'$REPO_HREF'versions/' add_content_units:="[\"$COLLECTION_HREF\"]" # Create a Distribution http POST :24817/pulp/api/v3/distributions/ansible/ansible/ name='baz' base_path='dev' repository=$REPO_HREF
Mazer install
You can use mazer to install a collection by its namespace and name from pulp_ansible using the install command. For example to install the hello collection from above you can specify:
mazer install greetings_namespace.hello
This assumes that the hello Collection is being served by the Distribution mazer is configured to use.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file pulp-ansible-0.1.0rc5.tar.gz.
File metadata
- Download URL: pulp-ansible-0.1.0rc5.tar.gz
- Upload date:
- Size: 31.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/41.0.1 requests-toolbelt/0.9.1 tqdm/4.32.1 CPython/3.6.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | ce65eecc0120b09e092e98455a1376b03d706cf081ea98504bbb88cff71fe4ca |
|
| MD5 | e59bf280909144f470cee6edebf90378 |
|
| BLAKE2b-256 | a9380d6b7aa6ed94edcc9ecbe50deb162c1230bdf59cfe8bf654a2ddd2533550 |
File details
Details for the file pulp_ansible-0.1.0rc5-py3-none-any.whl.
File metadata
- Download URL: pulp_ansible-0.1.0rc5-py3-none-any.whl
- Upload date:
- Size: 35.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/41.0.1 requests-toolbelt/0.9.1 tqdm/4.32.1 CPython/3.6.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | d2f6c46705489040e3bee449fd01cf6f69ec45bd1c38e4a07f59fa3ea4adfdcf |
|
| MD5 | 302b2635009447fcd15f59bb4333081b |
|
| BLAKE2b-256 | d5aa6fa5c2e3ef65def330e4db4b75b8d58c5d770fe18cd77cbbf16e6dd7321b |
