├── README.md ├── build └── ci │ └── script │ ├── build.sh │ ├── deploy.sh │ └── test.sh ├── circle.yml ├── documentation └── asset │ ├── docker-coreos-ansible-toolbox.png │ └── docker-coreos-ansible-toolbox.sketch └── src ├── Dockerfile └── script └── build.sh /README.md: -------------------------------------------------------------------------------- 1 | # Docker CoreOS Ansible toolbox 2 | 3 |

4 | 5 | CoreOS is awesome, so is [Ansible](https://github.com/ansible/ansible). However, running Ansible tasks on CoreOS is a pain, mostly due to lack of Python, which is not there for a good reason. CoreOS [toolbox](https://github.com/coreos/toolbox) is a small script that uses containers to let you bring in your favorite tools into CoreOS. This is small-sized alternative toolbox image built specifically for running Ansible tasks on CoreOS machines, it's based on [Alpine Linux](http://www.alpinelinux.org) and has Python, [pip](https://github.com/pypa/pip) and Ansible preinstalled, and under 70 MB in size unpacked. 6 | 7 | [![Circle CI](https://circleci.com/gh/ianbytchek/docker-coreos-ansible-toolbox.svg?style=svg)](https://circleci.com/gh/ianbytchek/docker-coreos-ansible-toolbox) 8 | 9 | ## Attention 10 | 11 | This repository was created with hopes of possibility to easily execute ansible commands within toolbox with full access to CoreOS resources. The general idea is great, but fails in practice when you need to do anything outside pure Python, for example, control etcd or fleet, or systemd, or something else that lives on the host. You can provide access to many things by mounting executables and dependencies as volumes, but this starts to feel hacky very quickly and sometimes doesn't work. 12 | 13 | My advice is to setup Python on the host if dealing with similar scenarios. Otherwise, using Python withing toolbox is a neat way to do stuff, highly recommended. 14 | 15 | ## Running 16 | 17 | Toolbox setup and installation is covered in CoreOS [documentation](https://coreos.com/os/docs/latest/install-debugging-tools.html), in a nutshell, to make it the default toolbox image you must specify `ianbytchek/coreos-ansible-toolbox` image in `~/.toolboxrc` parameters manually or via cloud-config. 18 | 19 | ```ini 20 | TOOLBOX_DOCKER_IMAGE=ianbytchek/coreos-ansible-toolbox 21 | TOOLBOX_USER=root 22 | ``` 23 | 24 | Vincent Ambo has a great article on [provisioning CoreOS with Ansible](https://www.tazj.in/en/1410951452). Besides configuring `~/.toolboxrc` you'll also need to create `/opt/bin/python` and `/opt/bin/pip` and set `ansible_python_interpreter` inventory variable to `/opt/bin/python`. 25 | 26 | ```sh 27 | # Use --quiet option to prevent nspawn printing useless messages every time we call `python` and `pip`. 28 | 29 | sudo mkdir --parents '/opt/bin' 30 | 31 | sudo tee '/opt/bin/python' > /dev/null <<-'EOL' 32 | #!/bin/bash 33 | toolbox --quiet --bind=/home:/home python "$@" 34 | EOL 35 | 36 | sudo chmod +x '/opt/bin/python' 37 | 38 | sudo tee '/opt/bin/pip' > /dev/null <<-'EOL' 39 | #!/bin/bash 40 | toolbox --quiet --bind=/home:/home pip "$@" 41 | EOL 42 | 43 | sudo chmod +x '/opt/bin/pip' 44 | ``` 45 | -------------------------------------------------------------------------------- /build/ci/script/build.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -euo pipefail 4 | 5 | # Download the latest pip installer, etcdctl and fleetctl. 6 | 7 | curl --output './src/get-pip.py' --location 'https://bootstrap.pypa.io/get-pip.py' 8 | 9 | echo -n 'Finding fleet release url… ' 10 | url=$(curl --header "Authorization: token ${GITHUB_TOKEN}" --silent 'https://api.github.com/repos/coreos/fleet/releases' | grep 'browser_download_url' | grep -P '\-linux-amd64.tar.gz"' | head --lines 1 | cut --delimiter '"' --fields 4) 11 | echo " OK! ${url}" 12 | 13 | # Build the docker image. 14 | 15 | docker build --tag "ianbytchek/coreos-ansible-toolbox" "./src" 16 | -------------------------------------------------------------------------------- /build/ci/script/deploy.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -euo pipefail 4 | 5 | # Authenticate with docker and push the latest image. 6 | 7 | docker login \ 8 | --email $DOCKER_HUB_EMAIL \ 9 | --password $DOCKER_HUB_PASSWORD \ 10 | --username $DOCKER_HUB_USERNAME 11 | 12 | docker push ianbytchek/coreos-ansible-toolbox 13 | docker logout -------------------------------------------------------------------------------- /build/ci/script/test.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -euo pipefail 4 | 5 | echo -n "Verify Python is installed." 6 | if [ $(docker run 'ianbytchek/coreos-ansible-toolbox' which python) == '/usr/bin/python' ]; then 7 | echo ' OK!'; else echo ' Fail!'; exit 1; fi; 8 | 9 | echo -n "Verify Ansible is installed." 10 | if [ $(docker run 'ianbytchek/coreos-ansible-toolbox' which ansible) == '/usr/bin/ansible' ]; then 11 | echo ' OK!'; else echo ' Fail!'; exit 1; fi; 12 | -------------------------------------------------------------------------------- /circle.yml: -------------------------------------------------------------------------------- 1 | machine: 2 | services: 3 | - docker 4 | 5 | dependencies: 6 | override: 7 | - ./build/ci/script/build.sh: 8 | environment: 9 | GITHUB_TOKEN: 42ff89070c6787399853e615fc86b7a06edbb123 10 | 11 | test: 12 | override: 13 | - ./build/ci/script/test.sh 14 | 15 | deployment: 16 | hub: 17 | branch: master 18 | commands: 19 | - ./build/ci/script/deploy.sh -------------------------------------------------------------------------------- /documentation/asset/docker-coreos-ansible-toolbox.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/iby/docker-coreos-ansible-toolbox/c10513411ffc80d75db4705e7132bd4ff8cc01ad/documentation/asset/docker-coreos-ansible-toolbox.png -------------------------------------------------------------------------------- /documentation/asset/docker-coreos-ansible-toolbox.sketch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/iby/docker-coreos-ansible-toolbox/c10513411ffc80d75db4705e7132bd4ff8cc01ad/documentation/asset/docker-coreos-ansible-toolbox.sketch -------------------------------------------------------------------------------- /src/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine 2 | MAINTAINER Ian Bytchek 3 | 4 | COPY . /docker 5 | RUN /docker/script/build.sh -------------------------------------------------------------------------------- /src/script/build.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env sh 2 | 3 | set -euo pipefail 4 | 5 | cd $(dirname $0) 6 | 7 | # Update and install apk packages. 8 | 9 | echo 'Installing Python.' 10 | apk --update add \ 11 | py-crypto \ 12 | python \ 13 | tzdata 14 | 15 | # Install pip. 16 | 17 | echo 'Installing pip.' 18 | python /docker/get-pip.py 19 | 20 | # Installing ansible. 21 | 22 | echo 'Installing Ansible.' 23 | pip install ansible 24 | 25 | echo -n 'Cleaning up container…' 26 | 27 | rm -rf \ 28 | /docker \ 29 | /var/cache/apk/* 30 | 31 | echo ' OK!' 32 | --------------------------------------------------------------------------------