your container images Ansible and Buildah can create
Transcript of your container images Ansible and Buildah can create
![Page 1: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/1.jpg)
Ansible and Buildah can create your container images
Tomas TomecekRed Hat
![Page 2: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/2.jpg)
/who Tomáš Tomeček
● Principal Software Engineer @ Red Hat
● Team lead
● RHEL, Fedora, Containers, Automation and Integration
● I ❤ free & open source software
● Ansible manages all my laptops, servers and container images
![Page 3: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/3.jpg)
What’s Ansible?
![Page 4: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/4.jpg)
What’s Ansible?● Oh, wait. This is AnsibleFest.
![Page 5: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/5.jpg)
What’s Buildah?● A tool to build container images.
![Page 6: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/6.jpg)
Buildah● Can build container images from dockerfiles.
$ buildah bud .STEP 1: FROM busyboxSTEP 2: RUN lstotal 16Kbin dev etc home proc root sys tmp usr varSTEP 3: COPY ./README.md /STEP 4: CMD /entrypoint.sh
![Page 7: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/7.jpg)
Buildah (cont’d)● Or you can script the build process yourself.
# buildah from fedora:30fedora-working-container
# export CONTAINER_FS=$(buildah mount)# cp $FILES $CONTAINER_FS/my-path/
# buildah run fedora-working-container dnf install httpd
![Page 8: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/8.jpg)
Buildah (cont’d)● Or from scratch.# buildah from scratch
# export CONTAINER_FS=$(buildah mount)# ls -lha $CONTAINER_FStotal 0drwx------. 2 root root 6 Sep 16 09:08 .drwx------. 6 root root 69 Sep 16 09:08 ..
# dnf install --installroot=$CONTAINER_FS systemd bash
![Page 9: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/9.jpg)
![Page 10: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/10.jpg)
Why should you care?● Ansible can take care of your container images,
not just infra.● Using Ansible to define an image instead of a
bash script.● You can recycle your playbooks and roles.● Ansible playbooks are YAML.● Build the way you want.
![Page 11: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/11.jpg)
How Ansible and Buildah work together?● Ansible connection plugins.$ ansible-playbook -vvvvvv -c buildah ...TASK [Gathering Facts] *****************************<buildah-container> RUN [b'buildah', b'mount', b'--', b'buildah-container']MOUNTPOINT b'/var/lib/cont.../89e0b96a0fa4651a87e7931...<buildah-container> RUN [b'buildah', b'run', b'--', b'buildah-container', ...
![Page 12: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/12.jpg)
Let’s give it a shot$ buildah pull $BASE_IMAGE
$ buildah from --name $CONT_NAME $BASE_IMAGE
$ printf "$CONT_NAME \ ansible_connection=buildah \ ansible_python_interpreter=/usr/bin/python3" >inventory-container
$ ansible-playbook -i inventory-container -c buildah ./recipe.yaml
$ buildah commit --cmd '/entrypoint.sh' $CONT_NAME my-fancy-image$ buildah rm $(CONT_NAME)
![Page 13: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/13.jpg)
Someone could automate that
![Page 14: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/14.jpg)
ansible-bender● github.com/ansible-community/ansible-bender
● Bends containers. And it's shiny.
![Page 15: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/15.jpg)
ansible-bender (cont’d)● Ansible playbooks define the container image
content.● Image metadata as Ansible vars.
● Builds as first-class citizens.
● Can move images to registry, file, dockerd...● Configurable layering and caching.
![Page 16: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/16.jpg)
Future plans● Add support for podman and docker.
● Builds from scratch.
● Add gating system - Zuul.
● Contributors!
![Page 17: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/17.jpg)
- name: Demonstration of ansible-bender's functionality hosts: all vars: ansible_bender: base_image: python:3-alpine working_container: volumes: ['{{ playbook_dir }}:/src:Z'] target_image: name: my-image labels: built-by: '{{ ansible_user }}' environment: VARIABLE: value tasks: - command: 'ls -lha /src' - stat: path: "{{ lookup('env','FILE_TO_PROCESS') }}"
![Page 18: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/18.jpg)
$ ansible-bender build playbook.yamlPLAY [Demonstration of ansible-bender's functionality] **************TASK [Gathering Facts] **********************************************ok: [my-image-20190916-121252774136-cont]TASK [Run a sample command] *****************************************changed: [my-image-20190916-121252774136-cont]TASK [Stat a file] **************************************************ok: [my-image-20190916-121252774136-cont]
PLAY RECAP **********************************************************my-image-20190916-121252774136-cont : ok=3 changed=1 unreachable=0 failed=0
Getting image source signaturesCopying blob sha256:1bfeebd…Copying config sha256:f3608dfe38bcd1e1d… Image 'my-image' was built successfully \o/
![Page 19: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/19.jpg)
CONTENT SLIDE
![Page 20: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/20.jpg)
First things first!
Make a copy of this template to start creating your presentation
This template uses the overpass font. If you don’t have overpass download it here.
![Page 21: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/21.jpg)
Section Break
![Page 22: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/22.jpg)
Contact● github.com/TomasTomecek/speaks
● github.com/ansible-community/ansible-bender
● @TomasTomec
● https://blog.tomecek.net/
![Page 23: your container images Ansible and Buildah can create](https://reader030.fdocuments.in/reader030/viewer/2022012511/6188ecdec6e6b816396d93ab/html5/thumbnails/23.jpg)