DO374 - ch09s06

Bookmark this page

Guided Exercise: Validating a Custom Execution Environment

Validate that a custom automation execution environment works as expected and then publish it to private automation hub.

Outcomes

Use the ansible-navigator command to run a playbook using a local execution environment.
Upload an execution environment to private automation hub.

As the student user on the workstation machine, use the lab command to prepare your system for this exercise.

This command installs Ansible Automation Platform and downloads the local execution environment that you need for this lab.

[student@workstation ~]$ lab start builder-validate

Procedure 9.3. Instructions

The lab start builder-validate command set up a test playbook, ~/builder-validate/motd-test.yml, which uses the exercise.motd.banner role in the exercise.motd Ansible Content Collection. Review the test playbook and the inventory file provided by the lab command.
1. Change into the ~/builder-validate/ directory.
```
[student@workstation ~]$ cd ~/builder-validate/
[student@workstation builder-validate]$
```
2. Review the contents of the motd-test.yml playbook.
```
---
- name: Test banner role from exercise.motd collection
  hosts: all
  collections:
    - exercise.motd
  roles:
    - name: exercise.motd.banner
```
  The playbook calls the banner role from the exercise.motd content collection. Notice that the single play targets all inventory hosts.
3. Review the inventory file.
```
[servers]
serverc
serverd
```

Display the existing messages of the day for the serverc machine.

Use the ssh command to connect to the serverc machine as the student user.

[student@workstation builder-validate]$ ssh student@serverc
Activate the web console with: systemctl enable --now cockpit.socket 

Register this system with Red Hat Insights: insights-client --register 
Create an account or view all your systems at https://red.ht/insights-dashboard

	The `/etc/motd.d/cockpit` file contains the message to activate the web console.
	The `/etc/motd.d/insights-client` file contains the Red Hat Insights message.

Use the logout command to return to the workstation machine.

[student@serverc ~]$ logout
Connection to serverc closed.
[student@workstation builder-validate]$

Run the ~/builder-validate/motd-test.yml playbook. Try the default automation execution environment selected by ansible-navigator first, and when that fails, test the custom ee-motd-minimal automation execution environment that includes the exercise.motd collection. (This custom automation execution environment is the same as the one you created in the preceding guided exercise, but has been prepared by the lab command.)

Attempt to run the motd-test.yml playbook using the ansible-navigator command. The attempt fails because the exercise.motd.banner role from the custom exercise.motd collection is not installed on the workstation machine.

[student@workstation builder-validate]$ ansible-navigator run motd-test.yml \
> -m stdout
ERROR! the role 'exercise.motd.banner' was not found in exercise.motd:ansible.legacy:/home/student/builder-validate/roles:/home/runner/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:/home/student/builder-validate

The error appears to be in '/home/student/builder-validate/motd-test.yml': line 7, column 7, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

  roles:
    - name: exercise.motd.banner
      ^ here

List the local container images.

[student@workstation builder-validate]$ podman images
REPOSITORY                 TAG         IMAGE ID      ...
localhost/ee-motd-minimal  latest      77c649cc9312  ...
...output omitted...

Note

Your machine might display additional images, and the image ID for the localhost/ee-motd-minimal container image might be different.

Use the ansible-navigator command with the following options to run the motd-test.yml playbook. The SSH connection password is redhat.

Option	Purpose
`--eei localhost/ee-motd-minimal`	Select the custom container image for the execution environment.
`--pp never`	Do not attempt to download the container image from a container image repository.
`--pae false`	Disable the creation of playbook artifacts. This option also allows prompting for passwords.
`-k`	Prompt for the SSH connection password.

[student@workstation builder-validate]$ ansible-navigator run motd-test.yml \
> --eei localhost/ee-motd-minimal --pp never --pae false -k -m stdout
SSH password: redhat

PLAY [Test banner role from exercise.motd collection] **************************

TASK [Gathering Facts] *********************************************************
ok: [serverc]
ok: [serverd]

TASK [exercise.motd.banner : Ensure /etc/motd.d/ exists] ***********************
ok: [serverc]
ok: [serverd]

TASK [exercise.motd.banner : Create custom motd banner] ************************
changed: [serverc]
changed: [serverd]

PLAY RECAP *********************************************************************
serverc                    : ok=3    changed=1    unreachable=0    failed=0  ...
serverd                    : ok=3    changed=1    unreachable=0    failed=0  ...

Verify that the playbook run configured the serverc machine to include an additional message of the day (MOTD) message.

Use the ssh command to connect to the serverc machine as the student user.

[student@workstation builder-validate]$ ssh student@serverc
Activate the web console with: systemctl enable --now cockpit.socket

Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
================================================================================
================================================================================
==                                                                            ==
==                     This system is managed by Ansible.                     ==
==                                                                            ==
================================================================================
================================================================================
...output omitted...

In addition to the previous web console and Red Hat Insights messages, there is a new message indicating that the system is managed by Ansible. This new message comes from the /etc/motd.d/banner file.

Use the logout command to return to the workstation machine.

[student@serverc ~]$ logout
Connection to serverc closed.
[student@workstation builder-validate]$

Publish the tested localhost/ee-motd-minimal execution environment to the container registry on the classroom private automation hub.
1. Use the podman tag command to add the hub.lab.example.com/ee-motd-minimal label to the localhost/ee-motd-minimal image. The command does not produce any output.
```
[student@workstation builder-validate]$ podman tag localhost/ee-motd-minimal \
> hub.lab.example.com/ee-motd-minimal
```
2. Use the podman login command to log in to private automation hub at hub.lab.example.com:
```
[student@workstation builder-validate]$ podman login hub.lab.example.com
Username: student
Password: redhat123
Login Succeeded!
```
3. Push the hub.lab.example.com/ee-motd-minimal container image to private automation hub.
```
[student@workstation builder-validate]$ podman push \
> hub.lab.example.com/ee-motd-minimal
...output omitted...
Writing manifest to image destination
Storing signatures
```
  Note
  In some cases, the entire container image is not pushed to private automation hub. If the podman push command produces an error, then try rerunning the command.
4. Open a web browser and navigate to https://hub.lab.example.com. Log in with student as the username and redhat123 as the password.
5. From the private automation hub web UI, navigate to Execution Environments → Execution Environments. The Execution Environments page lists the ee-motd-minimal container repository.

Verify that the image can be retrieved from the container registry on the classroom private automation hub and that it works.

Display the existing MOTD messages for the servere machine.

[student@workstation builder-validate]$ ssh student@servere
Activate the web console with: systemctl enable --now cockpit.socket

Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard

Use the logout command to return to the workstation machine.

[student@servere ~]$ logout
Connection to servere closed.
[student@workstation builder-validate]$

Add servere to the existing inventory file.

[student@workstation builder-validate]$ echo "servere" >> inventory

Rerun the motd-test.yml playbook using the ansible-navigator run command and use the following options. The SSH connection password is redhat.

Option	Purpose
`--eei hub.lab.example.com/ee-motd-minimal`	Select the custom container image for the execution environment.
`--pp always`	Always download the container image from the container image repository.
`--pae false`	Disable the creation of playbook artifacts. This option also allows prompting for passwords.
`-k`	Prompt for the SSH connection password.

[student@workstation builder-validate]$ ansible-navigator run motd-test.yml \
> --eei hub.lab.example.com/ee-motd-minimal --pp always --pae false -k \
> -m stdout
-----------------------------------------------------------------------------
Execution environment image and pull policy overview
-----------------------------------------------------------------------------
Execution environment image name:     hub.lab.example.com/ee-motd-minimal:latest
Execution environment image tag:      latest
Execution environment pull arguments: None
Execution environment pull policy:    always
Execution environment pull needed:    True
-----------------------------------------------------------------------------
Updating the execution environment
-----------------------------------------------------------------------------
Running the command: podman pull hub.lab.example.com/ee-motd-minimal:latest
Trying to pull hub.lab.example.com/ee-motd-minimal:latest...
Getting image source signatures
Copying blob c64247c247c3 skipped: already exists
...output omitted...
Writing manifest to image destination
Storing signatures
778e5596d50c79db2d2e67e7534b7c37ba48a8c8afa6bc7a375bb6b700f91379
SSH password: redhat

...output omitted...

Verify that the servere machine now contains the additional MOTD message.

[student@workstation builder-validate]$ ssh student@servere
Activate the web console with: systemctl enable --now cockpit.socket

Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
================================================================================
================================================================================
==                                                                            ==
==                     This system is managed by Ansible.                     ==
==                                                                            ==
================================================================================
================================================================================
...output omitted...

Use the logout command to return to the workstation machine.

[student@servere ~]$ logout
Connection to servere closed.
[student@workstation builder-validate]$

Finish

On the workstation machine, change to the student user home directory and use the lab command to complete this exercise This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish builder-validate

This concludes the section.

Discuss Developing Advanced Automation with Red Hat Ansible Automation Platform

Go to community

Welcome to the Developing Advanced Automation with Red Hat Ansible Automation (DO374) group!

Deanna

12 wrz 2023

We are excited to launch a space dedicated to the Red Hat Training course Developing Advanced Automation with Red Hat Ansible Automation Platform! To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home page.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to DO374.Read more about Developing Advanced Automation with Red Hat Ansible Automation Platform here.

2367

Revision: do374-2.2-82dc0d7