Allowing ENV vars in Role/Collection Requirements

April 3, 2024

If you have a private, or a repo that requires authentication, like in the case of GitLab Enterprise. You may find it difficult to simply pull without any auth your roles or collections from a repository. To do this I struggled for a while, and then realized that we can make use of the envsubst command.

First step we will need to have a template lets call it galaxy_requirements.tpl:

1

2

3

4

5

6

7

8

9

10

---

collections:

- name: ericsysmin.system

source: "https://ansible-galaxy:${GITLAB_TOKEN}@\

gitlab.com/ericsysmin/ansible-collection-system.git"

type: git

- name: ericsysmin.databases

source: "https://ansible-galaxy:${GITLAB_TOKEN}@\

gitlab.com/ericsysmin/ansible-collection-databases.git"

type: git

As long as you pass the environment vars to envsubst then it will work, in this case I am going to export the var just for command line sake, but ideally you’d put these in your build tool, either github, gitlab, or jenkins as a sensitive environment parameter to the job so that it does not get printed out.

1	export GITLAB_TOKEN=mypassword

Now lets put that somewhere in our build repo, and then during the pipeline steps (github/gitlab/jenkins) you will run something like this to resolve the token and run the ansible-galaxy install.

1 2	envsubst < galaxy_requirements.tpl > galaxy_requirements.yml ansible-galaxy install -r galaxy_requirements.yml

Using these two commands will create a new file galaxy_requirements.yml which would have the following contents.

1

2

3

4

5

6

7

8

9

10

---

collections:

- name: ericsysmin.system

source: "https://ansible-galaxy:mypassword@\

gitlab.com/ericsysmin/ansible-collection-system.git"

type: git

- name: ericsysmin.databases

source: "https://ansible-galaxy:mypassword@\

gitlab.com/ericsysmin/ansible-collection-databases.git"

type: git

This prevents you from storing any type of credential within the repository violating any security policies you may have.

Ansible, DevOps, GitLab

Leave a comment

Using Ansible set_fact to generate lists of objects

March 26, 2024

Eric Anderson

In some cases you may want to create nearly identical objects from a list of values, or another dictionary.

This was a commonly needed ability at VMware on the NSX ALB (Avi) team as for many of our infra, and for our customers have a list of servers that we needed to build into a list of dictionaries as we require more than just a specific IP.

This is how to do it (these are tasks, not the entire playbook)

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

---

- name: Generate a list for a dict

hosts: localhost

connection: local

vars:

pool_servers: "{{ pool_servers }}" # this is the input information ex. 192.168.1.1,192.168.1.2

tasks:

- name: Build server list

ansible.builtin.set_fact:

servers_list: "{{ servers_list | default([]) + [{'ip': {'addr': item, 'type': 'V4'}, 'enabled': 'true'}] }}"

loop: "{{ pool_servers.split(',') }}"

# each server_list item has ansible fact as server

- name: Print the server_list

ansible.builtin.debug:

var: servers_list

So lets review what we did.

We created the servers_list fact, we set the default value to be a blank list and then for each of the servers in pool_servers separated by , we loop adding the dict {'ip': {'addr': item, 'type': 'V4'}, 'enabled': 'true'} to the servers_list.

This can be applied to any kind of situation where you need to create a list of complicated objects.

The returned output would look like this.

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

ansible-playbook list.yml -e 'pool_servers=192.168.1.1,192.168.1.2'

[WARNING]: No inventory was parsed, only implicit localhost is available

[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [Generate a list for a dict] *****************************************************************************************

TASK [Gathering Facts] ****************************************************************************************************

ok: [localhost]

TASK [avinetworks.avisdk : Check ansible version] *************************************************************************

skipping: [localhost]

TASK [build server list] **************************************************************************************************

ok: [localhost] => (item=192.168.1.1)

ok: [localhost] => (item=192.168.1.2)

TASK [debug] **************************************************************************************************************

ok: [localhost] => {

"servers_list": [

{

"enabled": "true",

"ip": {

"addr": "192.168.1.1",

"type": "V4"

}

},

{

"enabled": "true",

"ip": {

"addr": "192.168.1.2",

"type": "V4"

}

]

}

PLAY RECAP **************************************************************************************************************

localhost : ok=3 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0

ansible, array, dicts, generated, lists, objects, set_fact

Ansible, DevOps

Leave a comment

Converting Python Google.Cloud Objects to JSON Parseable Dictionaries

March 5, 2024

Eric Anderson

Trying to write some python scripts to handle our infrastructure in GCP. I found that the Google Cloud Python SDK, does not easily convert into python using __dict__, and json.dumps() so I had to do some digging. It took a bit of time but found that we can use the Python proto library to handle conversion of the Google Cloud Objects to JSON. Here’s an example of listing GKE clusters.

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

from google.cloud import container_v1

import proto

import json

def list_gke_clusters():

"""

Lists GKE clusters in the specified project.

Args:

project_id (str): Your GCP project ID.

Returns:

list: List of GKE clusters.

"""

project_id = 'myproject'

client = container_v1.ClusterManagerClient()

request = container_v1.ListClustersRequest(

parent=f'projects/{project_id}/locations/-')

# List clusters in the specified project

response = client.list_clusters(request=request)

return response.clusters

if __name__ == "__main__":

clusters = []

for cluster in list_gke_clusters():

if cluster.resource_labels['type'] == 'automation':

clusters.append(json.loads(proto.Message.to_json(cluster)))

for cluster in clusters:

print(cluster['zone'])

As you can see using proto.Message.to_json(object) allowed me to provide json parseable data. Just figured someone else can use this and I wanted to keep a note of it as the solution wasn’t something easily able to be found. Someone also found it works for other GCP objects.

Other methods were also discussed here: https://github.com/googleapis/python-vision/issues/70

cloud, gcp, google, google.cloud, objects, platform, proto, python, sdk

Cloud, DevOps, Google Cloud Platform, Kubernetes

Leave a comment

Configuring Docker Desktop on WSL2

February 11, 2024

Eric Anderson

First steps, you’ll need to install and configure WSL2. To install WSL2 you can use the Microsoft Store or follow these instructions: https://learn.microsoft.com/en-us/windows/wsl/install

Then to install Docker to run on Windows and WSL2 you’ll need to follow these instructions: https://docs.docker.com/desktop/wsl/

During some testing and trying to simplify my WSL2 environment I stumbled upon an annoying issue that prevented me from running docker ps each time I attempted to run docker ps I’d receive the following error.

1	permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json": dial unix /var/run/docker.sock: connect: permission denied

To get around this issue you’ll need to run the following commands:

1

2

3

4

sudo adduser $USER docker

newgrp docker

sudo chown root:docker /var/run/docker.sock

sudo chmod g+w /var/run/docker.sock

Once those are ran you should be able to run docker without hitting permissions errors.

Those commands are adding/ensuring that the docker group exists and adding your existing user to the docker group. It then modifies the docker.sock to allow the docker group access to the socket.

development, docker, ubuntu, windows, wsl, wsl2

DevOps, Ubuntu, Uncategorized, Windows, WSL

Leave a comment

How to Install Pyenv on MacOS

February 5, 2024

Eric Anderson

Steps to install Pyenv on MacOS

There are a few ways on MacOS to install Python. You can install it via Brew, or by using Pyenv. After needing to switch between different versions of Python often I’ve decided to move to Pyenv. Prior to these steps I removed all versions of Python installed directly with Brew.

1. Update Brew and install prerequisites
We will need to update brew.

1	brew update

In some cases when installing Python >=3.12.1 we will need ncurses. If it’s missing you can install using:

1	brew install ncurses

2. Install Pyenv using brew

The recommended way to install pyenv on MacOS is brew.

1	brew install pyenv

3. Brew doctor fix

If you want to avoid brew doctor warning about “config” scripts existing outside the system or Homebrew directories please include the following in your shell.

1	alias brew='env PATH="${PATH//$(pyenv root)\/shims:/}" brew'

4. Configure your Zsh profile.

1

2

3

echo 'export PYENV_ROOT="$HOME/.pyenv"' >> ~/.zshrc

echo '[[ -d $PYENV_ROOT/bin ]] && export PATH="$PYENV_ROOT/bin:$PATH"' >> ~/.zshrc

echo 'eval "$(pyenv init -)"' >> ~/.zshrc

If you wish to use Pyenv in non-interactive shells, add the following:

1

2

3

echo 'export PYENV_ROOT="$HOME/.pyenv"' >> ~/.zprofile

echo '[[ -d $PYENV_ROOT/bin ]] && export PATH="$PYENV_ROOT/bin:$PATH"' >> ~/. zprofile

echo 'eval "$(pyenv init -)"' >> ~/.zprofile

5. Restart shell

1	exec "$SHELL"

6. Install python 3.12

I am going to show how to install python 3.12 but you can select any version of your choice.

1	pyenv install 3.12

7. Switch between your python versions

pyenv shell <version> – modifies python for the current shell session

pyenv local <version> – modifies the python used in the current directory (or subdirectories)

pyenv global <version> – modifies the python used for your user account

brew, mac, macos, pyenv, python, system

DevOps, MacOS, Python, System Administration

Leave a comment

Allowing ENV vars in Role/Collection Requirements

Share:

Using Ansible set_fact to generate lists of objects

Share:

Converting Python Google.Cloud Objects to JSON Parseable Dictionaries

Share:

Configuring Docker Desktop on WSL2

Share:

How to Install Pyenv on MacOS

Steps to install Pyenv on MacOS

1. Update Brew and install prerequisites We will need to update brew.

2. Install Pyenv using brew

3. Brew doctor fix

4. Configure your Zsh profile.

5. Restart shell

6. Install python 3.12

7. Switch between your python versions

Share:

1. Update Brew and install prerequisites
We will need to update brew.