Use the Ansible service in containers rather than starting it locally #15423
Conversation
|
Marking this as WIP until I get the ansible container up and running in the manageiq-pods repo. |
carbonin
changed the title
carbonin
force-pushed
the
use_ansible_service_in_containers
branch
from
b8f6b91
to
949556f
Compare
| :base_url => URI::HTTP.build(:host => "localhost", :path => "/api/v1", :port => HTTP_PORT).to_s, | ||
| :username => admin_auth.userid, | ||
| :password => admin_auth.password | ||
| :base_url => URI::HTTP.build(:host => host, :path => "/api/v1", :port => port).to_s, |
There was a problem hiding this comment.
I know this isn't changed in this PR but here and the place we do the URI...build isn't checking if the host is nil. I'm not sure what we can do there but I believe this will blow up building the URI if it's nil.
There was a problem hiding this comment.
Is there a better choice than blowing up?
| :base_url => URI::HTTP.build(:host => host, :path => "/api/v1", :port => port).to_s, | ||
| :username => admin_auth.userid, | ||
| :password => admin_auth.password, | ||
| :verify_ssl => 0 |
There was a problem hiding this comment.
It's internal API that's not exposed externally, so not a problem
| def self.container_start | ||
| miq_database.set_ansible_admin_authentication(:password => ENV["ANSIBLE_ADMIN_PASSWORD"]) | ||
|
|
||
| loop do |
There was a problem hiding this comment.
any reason it's not 5.times... like the other places?
There was a problem hiding this comment.
I was treating this how we wait for other services in the container.
See: https://github.com/ManageIQ/manageiq-pods/blob/master/images/miq-app/docker-assets/container-scripts/container-deploy-common.sh#L43
carbonin
changed the title
spec/lib/embedded_ansible_spec.rb
Outdated
| @@ -133,6 +165,29 @@ | |||
| EvmSpecHelper.create_guid_miq_server_zone | |||
| end | |||
|
|
|||
| describe ".api_connection" do | |||
| around do |example| | |||
| old_env = ENV["ANSIBLE_SERVICE_NAME"] | |||
There was a problem hiding this comment.
Is there any reason that this ENV variable should exist in the test environment? I would expect it to look more like:
around do |example|
ENV["ANSIBLE_SERVICE_NAME"] = "ansible-service"
example.run
ENV.delete("ANSIBLE_SERVICE_NAME")
end
lib/embedded_ansible.rb
Outdated
| miq_database.set_ansible_admin_authentication(:password => ENV["ANSIBLE_ADMIN_PASSWORD"]) | ||
|
|
||
| loop do | ||
| return if alive? |
There was a problem hiding this comment.
You may want to use break rather than return since return doesn't just stop the loop, it also returns out of the method. I know it doesn't matter right now, but could be confusing later if you add more to the method after the loop.
| end | ||
|
|
||
| around do |example| | ||
| old_env = ENV["ANSIBLE_SERVICE_NAME"] |
When we know we are running in a container (read: OpenShift) we also know that embedded ansible will be provided as a separate service. So rather than pointing at one of our servers as the provider URL, use the service name.
We don't need to concern ourselves with trying to manage the ansible services when we are in a container because we will be running them as a separate container and contacting the API through a service rather than locally.
This also sets verify_ssl to 0 for this connection. This is okay because in the appliance case we are communicating locally and in the container case we are communicating within the openshift project.
If we are in a container we don't attempt to start any of the services locally, but we set the password appropriatly and wait for the service to be available
This shouldn't really be set anywhere we are running the specs
carbonin
force-pushed
the
use_ansible_service_in_containers
branch
from
df7943f
to
dee942b
Compare
|
Checked commits carbonin/manageiq@36ea0ea~...dee942b with ruby 2.2.6, rubocop 0.47.1, and haml-lint 0.20.0 |
This PR makes the
EmbeddedAnsibleclass and theEmbeddedAnsibleWorker::Runnercontainer-aware. This means that their behavior will change when they detect that we are running in a container rather than in an appliance.In an appliance we start and configure embedded ansible by installing it on one of our servers and then manage the services running local to that appliance. In the container (OpenShift) case we will have a separate container dedicated to running the Ansible service which we will configure against when our server is told to start the "embedded_ansible" role.
This allows everything else in our application to use the embedded ansible provider exactly the same as they had before.