Initial commit
This commit is contained in:
jwy
23
ansible-controller/Dockerfile
Normal file
23
ansible-controller/Dockerfile
Normal file
@@ -0,0 +1,23 @@
|
|||||||
|
FROM ubuntu:22.04
|
||||||
|
|
||||||
|
ENV DEBIAN_FRONTEND=noninteractive
|
||||||
|
|
||||||
|
RUN apt-get update && \
|
||||||
|
apt-get install -y --no-install-recommends \
|
||||||
|
python3 python3-pip openssh-client vim git \
|
||||||
|
ansible && \
|
||||||
|
rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
|
RUN mkdir -p /ansible
|
||||||
|
|
||||||
|
RUN useradd -ms /bin/bash uansible
|
||||||
|
USER uansible
|
||||||
|
WORKDIR /home/uansible
|
||||||
|
|
||||||
|
RUN mkdir -p /home/uansible/.ssh && \
|
||||||
|
chmod 700 /home/uansible/.ssh && \
|
||||||
|
echo export ANSIBLE_CONFIG=/ansible/ansible.cfg>>~/.bashrc && \
|
||||||
|
echo cd /ansible>>~/.bashrc
|
||||||
|
|
||||||
|
ENTRYPOINT ["/bin/bash", "-lc"]
|
||||||
|
CMD ["bash"]
|
||||||
60
compose.yml
Normal file
60
compose.yml
Normal file
@@ -0,0 +1,60 @@
|
|||||||
|
services:
|
||||||
|
controller:
|
||||||
|
build:
|
||||||
|
context: ./ansible-controller
|
||||||
|
container_name: ansible-controller
|
||||||
|
volumes:
|
||||||
|
- ./playbooks:/ansible:ro
|
||||||
|
- ./ssh/id_rsa:/home/uansible/.ssh/id_rsa:ro
|
||||||
|
depends_on:
|
||||||
|
- ubuntu
|
||||||
|
- rocky
|
||||||
|
networks:
|
||||||
|
- ansible-net
|
||||||
|
command: >
|
||||||
|
bash -lc "chmod 600 /home/uansible/.ssh/id_rsa"
|
||||||
|
|
||||||
|
ubuntu:
|
||||||
|
image: ubuntu:22.04
|
||||||
|
container_name: ubuntu_node
|
||||||
|
networks:
|
||||||
|
- ansible-net
|
||||||
|
tty: true
|
||||||
|
command: >
|
||||||
|
bash -lc "apt-get update &&
|
||||||
|
apt-get install -y openssh-server sudo python3 &&
|
||||||
|
mkdir -p /var/run/sshd &&
|
||||||
|
useradd -ms /bin/bash uansible &&
|
||||||
|
echo 'uansible ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers &&
|
||||||
|
mkdir -p /home/uansible/.ssh &&
|
||||||
|
cat /ssh/id_rsa.pub >> /home/uansible/.ssh/authorized_keys &&
|
||||||
|
chmod 700 /home/uansible/.ssh &&
|
||||||
|
chmod 600 /home/uansible/.ssh/authorized_keys &&
|
||||||
|
chown -R uansible:uansible /home/uansible/.ssh &&
|
||||||
|
/usr/sbin/sshd -D"
|
||||||
|
volumes:
|
||||||
|
- ./ssh/id_rsa.pub:/ssh/id_rsa.pub:ro
|
||||||
|
|
||||||
|
rocky:
|
||||||
|
image: rockylinux:9
|
||||||
|
container_name: rocky_node
|
||||||
|
networks:
|
||||||
|
- ansible-net
|
||||||
|
tty: true
|
||||||
|
command: >
|
||||||
|
bash -lc "dnf install -y openssh-server sudo python3 &&
|
||||||
|
/usr/bin/ssh-keygen -A &&
|
||||||
|
useradd -ms /bin/bash uansible &&
|
||||||
|
echo 'uansible ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers &&
|
||||||
|
mkdir -p /home/uansible/.ssh &&
|
||||||
|
cat /ssh/id_rsa.pub >> /home/uansible/.ssh/authorized_keys &&
|
||||||
|
chmod 700 /home/uansible/.ssh &&
|
||||||
|
chmod 600 /home/uansible/.ssh/authorized_keys &&
|
||||||
|
chown -R uansible:uansible /home/uansible/.ssh &&
|
||||||
|
/usr/sbin/sshd -D"
|
||||||
|
volumes:
|
||||||
|
- ./ssh/id_rsa.pub:/ssh/id_rsa.pub:ro
|
||||||
|
|
||||||
|
networks:
|
||||||
|
ansible-net:
|
||||||
|
driver: bridge
|
||||||
4
playbooks/ansible.cfg
Normal file
4
playbooks/ansible.cfg
Normal file
@@ -0,0 +1,4 @@
|
|||||||
|
[defaults]
|
||||||
|
inventory = /ansible/inventory.ini
|
||||||
|
host_key_checking = False
|
||||||
|
remote_user = uansible
|
||||||
9
playbooks/inventory.ini
Normal file
9
playbooks/inventory.ini
Normal file
@@ -0,0 +1,9 @@
|
|||||||
|
[ubuntu]
|
||||||
|
ubuntu_node
|
||||||
|
|
||||||
|
[rocky]
|
||||||
|
rocky_node
|
||||||
|
|
||||||
|
[all:vars]
|
||||||
|
ansible_user=uansible
|
||||||
|
ansible_ssh_private_key_file=/home/uansible/.ssh/id_rsa
|
||||||
7
playbooks/test.yml
Normal file
7
playbooks/test.yml
Normal file
@@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
- name: Test connectivity
|
||||||
|
hosts: all
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Ping
|
||||||
|
ansible.builtin.ping:
|
||||||
25
readme.md
Normal file
25
readme.md
Normal file
@@ -0,0 +1,25 @@
|
|||||||
|
## What it does
|
||||||
|
The docker compose file creates two linux servers (ubuntu and rocky linux) and one controller with ansible installed.
|
||||||
|
|
||||||
|
## What it's for
|
||||||
|
The idea is to test ansible playbooks on temporary setups.
|
||||||
|
The servers are configured with the right SSH key and config to allow connection from the controller to the servers.
|
||||||
|
|
||||||
|
## How to use it
|
||||||
|
Write your ansible playbooks then run this command to start the controller
|
||||||
|
|
||||||
|
```bash
|
||||||
|
docker compose run --build --rm controller bash
|
||||||
|
```
|
||||||
|
|
||||||
|
You can now test ansible ad hoc commands
|
||||||
|
|
||||||
|
```bash
|
||||||
|
ansible -m ping all
|
||||||
|
```
|
||||||
|
|
||||||
|
Or run a playbook
|
||||||
|
|
||||||
|
```bash
|
||||||
|
ansible-playbook test.yml
|
||||||
|
```
|
||||||
7
ssh/id_rsa
Normal file
7
ssh/id_rsa
Normal file
@@ -0,0 +1,7 @@
|
|||||||
|
-----BEGIN OPENSSH PRIVATE KEY-----
|
||||||
|
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
|
||||||
|
QyNTUxOQAAACC1K948GL9b0CBkenqlKZxErPR3bQNB6lSLTKbsD+IuugAAAJhd7Th0Xe04
|
||||||
|
dAAAAAtzc2gtZWQyNTUxOQAAACC1K948GL9b0CBkenqlKZxErPR3bQNB6lSLTKbsD+Iuug
|
||||||
|
AAAECm/IA4MFHdTKdkz+goxxAITY7rzVo4JtETJAKZz7fcN7Ur3jwYv1vQIGR6eqUpnESs
|
||||||
|
9HdtA0HqVItMpuwP4i66AAAADnJvb3RAUENOU0kyMDEwAQIDBAUGBw==
|
||||||
|
-----END OPENSSH PRIVATE KEY-----
|
||||||
1
ssh/id_rsa.pub
Normal file
1
ssh/id_rsa.pub
Normal file
@@ -0,0 +1 @@
|
|||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILUr3jwYv1vQIGR6eqUpnESs9HdtA0HqVItMpuwP4i66 root@PCNSI2010
|
||||||
Reference in New Issue
Block a user