This image is built upon the playbook2image source-to-image base image. The resulting image can run any of the playbooks provided in
Note: at this time there are known issues that prevent to run this image for installation/upgrade purposes (i.e. run one of the config/upgrade playbooks) from within one of the hosts that is also an installation target at the same time: if the playbook you want to run attempts to manage the docker daemon and restart it (like install/upgrade playbooks do) this would kill the container itself during its operation.
playbook2image base image provides several options to control the behaviour of the containers. For more details on these options see the playbook2image documentation.
At the very least, when running a container using this image you must specify:
- An inventory file. This can be mounted inside the container as a volume and specified with the
INVENTORY_FILEenvironment variable. Alternatively you can serve the inventory file from a web server and use the
INVENTORY_URLenvironment variable to fetch it.
- ssh keys so that Ansible can reach your hosts. These should be mounted as a volume under
- The playbook to run. This is set using the
PLAYBOOK_FILEenvironment variable. If you don't specify a playbook the
openshift_factsplaybook will be run, collecting and showing facts about your OpenShift environment.
Here is an example of how to run a containerized
openshift-ansible playbook that will check the expiration dates of OpenShift's internal certificates using the
openshift_certificate_expiry role. The inventory and ssh keys are mounted as volumes (the latter requires setting the uid in the container and SELinux label in the key file via
:Z so they can be accessed) and the
PLAYBOOK_FILE environment variable is set to point to an example certificate check playbook that is already part of the image:
docker run -u `id -u` \ -v $HOME/.ssh/id_rsa:/opt/app-root/src/.ssh/id_rsa:Z,ro \ -v /etc/ansible/hosts:/tmp/inventory:ro \ -e INVENTORY_FILE=/tmp/inventory \ -e OPTS="-v" \ -e PLAYBOOK_FILE=playbooks/certificate_expiry/default.yaml \ openshift/origin-ansible
The playbook2image examples provide additional information on how to use an image built from it like this one.