Chapter 4. Building off of existing base EEs provided by Red Hat Ansible Automation Platform
4.1. Gathering system-level dependencies
The bindep format provides a way of specifying cross-platform requirements. A minimum expectation is that the collection(s) specify necessary requirements for [platform:rpm].
Below is an example of content from a valid bindep.txt file:
Example 4.1. A bindep.txt file
python38-devel [platform:rpm compile] subversion [platform:rpm] git-lfs [platform:rpm]
Entries from multiple collections will be combined into a single file. This will be processed by bindep and then passed to dnf. Only requirements with no profiles or no runtime requirements will be installed to the image.
4.2. Customizing an existing execution environment image
Ansible Controller ships with three default execution environments:
-
Ansible 2.9- no collections are installed other than Controller modules -
Minimal- contains the latest Ansible 2.12 release along with Ansible Runner, but contains no collections or other additional content -
EE Supported- contains all Red Hat-supported content
While these environments cover many automation use cases, you can add additional items to customize these containers for your specific needs. The following procedure adds the kubernetes.core collection to the ee-minimal default image:
Procedure
Log in to
registry.redhat.iovia Podman:$ podman login -u="[username]" -p="[token/hash]" registry.redhat.io
Pull an Automation Execution Environment image
podman pull registry.redhat.io/ansible-automation-platform-21/ee-minimal-rhel8:latest
Configure your Ansible Builder files to specify any additional content to add to the new execution environment image which is based off of
ee-minimal.For example, to add the Kubernetes Core Collection from Galaxy to the image, fill out the
requirements.ymlfile as such:collections: - kubernetes.core
- For more information on definition files and their content, refer to to definition file breakdown section.
In the execution environment definition file, specify the filepath to the original
ee-minimalcontainer in theEE_BASE_IMAGEfield. In doing so, your finalexecution-environment.ymlfile will look like the following:Example 4.2. A customized
execution-environment.ymlfileversion: 1 build_arg_defaults: EE_BASE_IMAGE: 'example.registry.com/my-base-ee' dependencies: galaxy: requirements.yml
NoteSince this example uses the community version of
kubernetes.coreand not a certified collection from automation hub, we do not need to create anansible.cfgnor reference that in our definition file.Build the new execution environment image using the following command:
$ ansible-builder build -t registry.redhat.io/[username]/new-ee
where
[username]specifies your username, andnew-eespecifies the name of your new container image.Use the
podman imagescommand to confirm that your new container image is in that list:Example 4.3. Output of a
podman imagescommand with the imagenew-eeREPOSITORY TAG IMAGE ID CREATED SIZE localhost/new-ee latest f5509587efbb 3 minutes ago 769 MB
- Verify your newly-created execution environment image via Ansible Navigator
Tag the image for use in your automation hub:
$ podman tag registry.redhat.io/_[username]_/_new-ee_ [automation-hub-IP-address]/_[username]_/_new-ee_
Log in to your automation hub using Podman:
NoteYou must have
adminor appropriate container repository permissions for automation hub to push a container. See Managing containers in private automation hub in the Red Hat Ansible Automation Platform documentation for more information.$ podman login -u="[username]" -p="[token/hash]" [automation-hub-IP-address]
Push your image to the container registry in automation hub:
$ podman push [automation-hub-IP-address]/_[username]_/_new-ee_
Pull your new image into your automation controller instance:
- Navigate to automation controller.
- From the side-navigational bar, click Administration → Execution Environments.
- Click Add.
Enter the appropriate information then click Save to pull in the new image.
Noteif your instance of automation hub is password or token protected, ensure that you have the appropriate container registry credential set up.