ansible role integration test #35

New Issue

2023-06-12T00:59:54Z

jon_nfc commented

2023-06-12 00:59:54 +00:00

(Migrated from gitlab.com)

develop integration tests for ansible roles that essentially are a docker container that replicate a fresh install of the operating system in question. by spinning up this container, the ansible role as part of the integration test would deploy the role to that container and confirm it ran as intended.

🚧 Tasks

support debian
support Ubuntu
ansible role test code must be different to the role tasks (modules used) so that any issues with the module can be discovered (hopeful)

develop integration tests for ansible roles that essentially are a docker container that replicate a fresh install of the operating system in question. by spinning up this container, the ansible role as part of the integration test would deploy the role to that container and confirm it ran as intended. ## :construction: Tasks - [ ] support debian - [ ] support Ubuntu - [ ] ansible role test code must be different to the role tasks (modules used) so that any issues with the module can be discovered (hopeful)

jon_nfc commented

2023-06-12 01:01:17 +00:00

(Migrated from gitlab.com)

proposal for debian

FROM debian:11.0

# Update the package lists and upgrade installed packages
RUN apt-get update && apt-get upgrade -y

# Install default services
RUN apt-get install -y \
    systemd \
    openssh-server \
    avahi-daemon \
    dbus \
    cron \
    systemd-logind \
    rsyslog \
    udev \
    acpid

# Configure SSH server
RUN mkdir /var/run/sshd
RUN echo 'root:password' | chpasswd
RUN sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
RUN echo "PermitEmptyPasswords yes" >> /etc/ssh/sshd_config
EXPOSE 22

# Start services
CMD /sbin/init

In this Dockerfile, the specific Debian version "11.0" is used, indicating both the major and minor versions. Adjust the version number according to your requirements.

Build the Docker image using the updated Dockerfile:

docker build -t debian-services .

Then, start a container with the desired services using:

docker run -d -p 22:22 --name debian-container debian-services

This will create a container named debian-container with only the default services installed on a fresh Debian 11.0 installation.

# proposal for debian ```Dockerfile FROM debian:11.0 # Update the package lists and upgrade installed packages RUN apt-get update && apt-get upgrade -y # Install default services RUN apt-get install -y \ systemd \ openssh-server \ avahi-daemon \ dbus \ cron \ systemd-logind \ rsyslog \ udev \ acpid # Configure SSH server RUN mkdir /var/run/sshd RUN echo 'root:password' | chpasswd RUN sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config RUN echo "PermitEmptyPasswords yes" >> /etc/ssh/sshd_config EXPOSE 22 # Start services CMD /sbin/init ``` In this Dockerfile, the specific Debian version "11.0" is used, indicating both the major and minor versions. Adjust the version number according to your requirements. Build the Docker image using the updated Dockerfile: ```bash docker build -t debian-services . ``` Then, start a container with the desired services using: ```bash docker run -d -p 22:22 --name debian-container debian-services ``` This will create a container named `debian-container` with only the default services installed on a fresh Debian 11.0 installation.

jon_nfc commented

2023-06-12 01:11:41 +00:00

(Migrated from gitlab.com)

proposal for ubuntu

Dockerfile for Ubuntu 20.04:

# Use Ubuntu 20.04 base image
FROM ubuntu:20.04

# Install required packages
RUN apt-get update && apt-get install -y \
    systemd \
    dbus \
    cron \
    rsyslog \
    openssh-server

# Configure SSH
RUN mkdir /var/run/sshd
RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
RUN echo 'root:admin' | chpasswd

# Expose SSH port
EXPOSE 22

# Start the SSH service and other services using systemd
CMD ["/sbin/init"]

Command to build and run the Docker container from the image for Ubuntu 20.04:

# Build the Docker image
docker build -t ubuntu20.04-with-services .

# Run the Docker container with additional arguments
docker run -d -p 2222:22 --privileged --name my-ubuntu20.04 ubuntu20.04-with-services

Dockerfile for Ubuntu 18.04:

# Use Ubuntu 18.04 base image
FROM ubuntu:18.04

# Install required packages
RUN apt-get update && apt-get install -y \
    systemd \
    dbus \
    cron \
    rsyslog \
    openssh-server

# Configure SSH
RUN mkdir /var/run/sshd
RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
RUN echo 'root:admin' | chpasswd

# Expose SSH port
EXPOSE 22

# Start the SSH service and other services using systemd
CMD ["/sbin/init"]

Command to build and run the Docker container from the image for Ubuntu 18.04:

# Build the Docker image
docker build -t ubuntu18.04-with-services .

# Run the Docker container with additional arguments
docker run -d -p 2222:22 --privileged --name my-ubuntu18.04 ubuntu18.04-with-services

In the docker run commands, the additional argument --privileged is added to the command to give the container extended privileges, which may be necessary for certain functionality or specific use cases.

# proposal for ubuntu Dockerfile for Ubuntu 20.04: ```Dockerfile # Use Ubuntu 20.04 base image FROM ubuntu:20.04 # Install required packages RUN apt-get update && apt-get install -y \ systemd \ dbus \ cron \ rsyslog \ openssh-server # Configure SSH RUN mkdir /var/run/sshd RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config RUN echo 'root:admin' | chpasswd # Expose SSH port EXPOSE 22 # Start the SSH service and other services using systemd CMD ["/sbin/init"] ``` Command to build and run the Docker container from the image for Ubuntu 20.04: ```bash # Build the Docker image docker build -t ubuntu20.04-with-services . # Run the Docker container with additional arguments docker run -d -p 2222:22 --privileged --name my-ubuntu20.04 ubuntu20.04-with-services ``` Dockerfile for Ubuntu 18.04: ```Dockerfile # Use Ubuntu 18.04 base image FROM ubuntu:18.04 # Install required packages RUN apt-get update && apt-get install -y \ systemd \ dbus \ cron \ rsyslog \ openssh-server # Configure SSH RUN mkdir /var/run/sshd RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config RUN echo 'root:admin' | chpasswd # Expose SSH port EXPOSE 22 # Start the SSH service and other services using systemd CMD ["/sbin/init"] ``` Command to build and run the Docker container from the image for Ubuntu 18.04: ```bash # Build the Docker image docker build -t ubuntu18.04-with-services . # Run the Docker container with additional arguments docker run -d -p 2222:22 --privileged --name my-ubuntu18.04 ubuntu18.04-with-services ``` In the `docker run` commands, the additional argument `--privileged` is added to the command to give the container extended privileges, which may be necessary for certain functionality or specific use cases.

jon_nfc commented

2023-06-12 01:23:33 +00:00

(Migrated from gitlab.com)

added 20m of time spent

jon_nfc commented

2023-06-12 02:55:11 +00:00

(Migrated from gitlab.com)

with docker for dind

To include Docker inside the Docker container for Docker-in-Docker (DinD) functionality, you can modify the Dockerfile as follows:

FROM debian:11.0

# Update the package lists and upgrade installed packages
RUN apt-get update && apt-get upgrade -y

# Install required packages
RUN apt-get install -y \
    systemd \
    openssh-server \
    avahi-daemon \
    dbus \
    cron \
    systemd-logind \
    rsyslog \
    udev \
    acpid \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

# Install Docker
RUN curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
RUN echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
RUN apt-get update && apt-get install -y docker-ce-cli

# Configure SSH server
RUN mkdir /var/run/sshd
RUN echo 'root:admin' | chpasswd
RUN sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
RUN echo "PermitEmptyPasswords yes" >> /etc/ssh/sshd_config
EXPOSE 22

# Start services
CMD /sbin/init

In this modified Dockerfile, the installation of Docker is added to enable Docker-in-Docker functionality. The necessary packages and dependencies are installed, and the official Docker repository is added to the package sources. The Docker CE CLI (command-line interface) is then installed.

Build the Docker image using the updated Dockerfile:

docker build -t debian-dind .

Then, start a container with the desired services, including Docker, using:

docker run -d -p 22:22 --privileged --name debian-dind-container debian-dind

This will create a container named debian-dind-container with the default services installed on a fresh Debian 11.0 installation, including Docker for Docker-in-Docker functionality. Note the use of the --privileged flag to give the container necessary privileges to run Docker inside.

# with docker for dind To include Docker inside the Docker container for Docker-in-Docker (DinD) functionality, you can modify the Dockerfile as follows: ```Dockerfile FROM debian:11.0 # Update the package lists and upgrade installed packages RUN apt-get update && apt-get upgrade -y # Install required packages RUN apt-get install -y \ systemd \ openssh-server \ avahi-daemon \ dbus \ cron \ systemd-logind \ rsyslog \ udev \ acpid \ apt-transport-https \ ca-certificates \ curl \ gnupg \ lsb-release # Install Docker RUN curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg RUN echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null RUN apt-get update && apt-get install -y docker-ce-cli # Configure SSH server RUN mkdir /var/run/sshd RUN echo 'root:admin' | chpasswd RUN sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config RUN echo "PermitEmptyPasswords yes" >> /etc/ssh/sshd_config EXPOSE 22 # Start services CMD /sbin/init ``` In this modified Dockerfile, the installation of Docker is added to enable Docker-in-Docker functionality. The necessary packages and dependencies are installed, and the official Docker repository is added to the package sources. The Docker CE CLI (command-line interface) is then installed. Build the Docker image using the updated Dockerfile: ```bash docker build -t debian-dind . ``` Then, start a container with the desired services, including Docker, using: ```bash docker run -d -p 22:22 --privileged --name debian-dind-container debian-dind ``` This will create a container named `debian-dind-container` with the default services installed on a fresh Debian 11.0 installation, including Docker for Docker-in-Docker functionality. Note the use of the `--privileged` flag to give the container necessary privileges to run Docker inside.

jon_nfc commented

2023-06-12 02:57:36 +00:00

(Migrated from gitlab.com)

inclusive of docker for dind

adjusted Dockerfiles for Ubuntu 20.04 and Ubuntu 18.04, including the installation of Docker for Docker-in-Docker (DinD) functionality:

Dockerfile for Ubuntu 20.04:

# Use Ubuntu 20.04 base image
FROM ubuntu:20.04

# Install required packages
RUN apt-get update && apt-get install -y \
    systemd \
    dbus \
    cron \
    rsyslog \
    openssh-server \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

# Install Docker
RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
RUN echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
RUN apt-get update && apt-get install -y docker-ce docker-ce-cli containerd.io

# Configure SSH
RUN mkdir /var/run/sshd
RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
RUN echo 'root:admin' | chpasswd

# Expose SSH and Docker ports
EXPOSE 22
EXPOSE 2375

# Start the SSH service and other services using systemd
CMD ["/sbin/init"]

Command to build and run the Docker container from the image for Ubuntu 20.04 with Docker-in-Docker support:

# Build the Docker image
docker build -t ubuntu20.04-with-docker-dind .

# Run the Docker container with additional arguments
docker run -d -p 2222:22 -p 2375:2375 --privileged --name my-ubuntu20.04-docker-dind ubuntu20.04-with-docker-dind

Dockerfile for Ubuntu 18.04:

# Use Ubuntu 18.04 base image
FROM ubuntu:18.04

# Install required packages
RUN apt-get update && apt-get install -y \
    systemd \
    dbus \
    cron \
    rsyslog \
    openssh-server \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

# Install Docker
RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
RUN echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
RUN apt-get update && apt-get install -y docker-ce docker-ce-cli containerd.io

# Configure SSH
RUN mkdir /var/run/sshd
RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
RUN echo 'root:admin' | chpasswd

# Expose SSH and Docker ports
EXPOSE 22
EXPOSE 2375

# Start the SSH service and other services using systemd
CMD ["/sbin/init"]

Command to build and run the Docker container from the image for Ubuntu 18.04 with Docker-in-Docker support:

# Build the Docker image
docker build -t ubuntu18.

# inclusive of docker for dind adjusted Dockerfiles for Ubuntu 20.04 and Ubuntu 18.04, including the installation of Docker for Docker-in-Docker (DinD) functionality: Dockerfile for Ubuntu 20.04: ```Dockerfile # Use Ubuntu 20.04 base image FROM ubuntu:20.04 # Install required packages RUN apt-get update && apt-get install -y \ systemd \ dbus \ cron \ rsyslog \ openssh-server \ apt-transport-https \ ca-certificates \ curl \ gnupg \ lsb-release # Install Docker RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg RUN echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null RUN apt-get update && apt-get install -y docker-ce docker-ce-cli containerd.io # Configure SSH RUN mkdir /var/run/sshd RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config RUN echo 'root:admin' | chpasswd # Expose SSH and Docker ports EXPOSE 22 EXPOSE 2375 # Start the SSH service and other services using systemd CMD ["/sbin/init"] ``` Command to build and run the Docker container from the image for Ubuntu 20.04 with Docker-in-Docker support: ```bash # Build the Docker image docker build -t ubuntu20.04-with-docker-dind . # Run the Docker container with additional arguments docker run -d -p 2222:22 -p 2375:2375 --privileged --name my-ubuntu20.04-docker-dind ubuntu20.04-with-docker-dind ``` Dockerfile for Ubuntu 18.04: ```Dockerfile # Use Ubuntu 18.04 base image FROM ubuntu:18.04 # Install required packages RUN apt-get update && apt-get install -y \ systemd \ dbus \ cron \ rsyslog \ openssh-server \ apt-transport-https \ ca-certificates \ curl \ gnupg \ lsb-release # Install Docker RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg RUN echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null RUN apt-get update && apt-get install -y docker-ce docker-ce-cli containerd.io # Configure SSH RUN mkdir /var/run/sshd RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config RUN echo 'root:admin' | chpasswd # Expose SSH and Docker ports EXPOSE 22 EXPOSE 2375 # Start the SSH service and other services using systemd CMD ["/sbin/init"] ``` Command to build and run the Docker container from the image for Ubuntu 18.04 with Docker-in-Docker support: ```bash # Build the Docker image docker build -t ubuntu18. ```

jon_nfc commented

2023-06-12 02:57:45 +00:00

(Migrated from gitlab.com)

added 10m of time spent

jon_nfc commented

2023-06-12 03:37:54 +00:00

(Migrated from gitlab.com)

getting systemd to work

an updated version of the Dockerfile that incorporates systemd:

FROM debian:11.7

# Set the APT proxy environment variables if required
ARG http_proxy
ARG https_proxy

# Prevent systemd installation from prompting for user input
ENV DEBIAN_FRONTEND=noninteractive

# Install required packages
RUN apt-get update && apt-get install -y --no-install-recommends \
    systemd \
    openssh-server \
    avahi-daemon \
    dbus \
    cron \
    rsyslog \
    udev \
    acpid \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

# Install Docker
RUN curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
RUN echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
RUN apt-get update && apt-get install -y docker-ce-cli

# Enable systemd init system
RUN systemctl mask \
    dev-hugepages.mount \
    sys-fs-fuse-connections.mount \
    sys-kernel-config.mount \
    display-manager.service \
    getty@.service \
    systemd-logind.service \
    systemd-remount-fs.service \
    getty.target

VOLUME [ "/sys/fs/cgroup" ]

# Configure SSH server
RUN mkdir /var/run/sshd
RUN echo 'root:admin' | chpasswd
RUN sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
RUN echo "PermitEmptyPasswords yes" >> /etc/ssh/sshd_config
EXPOSE 22

CMD ["/lib/systemd/systemd"]

This updated Dockerfile installs systemd and configures it as the init system. It also installs the other packages you specified and includes the configuration for the SSH server.

Please note that running systemd inside a Docker container can have limitations and may not work as expected in all scenarios. Ensure that you have a valid use case for using systemd in a containerized environment.

To build the Docker image with systemd support, use the following command:

docker build -t debian:integration-test --cap-add=SYS_ADMIN --tmpfs /run --tmpfs /run/lock --security-opt seccomp=unconfined .

The --cap-add=SYS_ADMIN flag grants the container the necessary capabilities, and the --tmpfs flags create temporary filesystems required by systemd. The --security-opt seccomp=unconfined flag disables seccomp filtering, which can sometimes interfere with systemd.

Please note that running systemd inside a container is an advanced configuration and may have security and operational implications. It's recommended to explore alternative approaches that align better with containerization principles whenever possible.

# getting systemd to work an updated version of the Dockerfile that incorporates systemd: ```Dockerfile FROM debian:11.7 # Set the APT proxy environment variables if required ARG http_proxy ARG https_proxy # Prevent systemd installation from prompting for user input ENV DEBIAN_FRONTEND=noninteractive # Install required packages RUN apt-get update && apt-get install -y --no-install-recommends \ systemd \ openssh-server \ avahi-daemon \ dbus \ cron \ rsyslog \ udev \ acpid \ apt-transport-https \ ca-certificates \ curl \ gnupg \ lsb-release # Install Docker RUN curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg RUN echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null RUN apt-get update && apt-get install -y docker-ce-cli # Enable systemd init system RUN systemctl mask \ dev-hugepages.mount \ sys-fs-fuse-connections.mount \ sys-kernel-config.mount \ display-manager.service \ getty@.service \ systemd-logind.service \ systemd-remount-fs.service \ getty.target VOLUME [ "/sys/fs/cgroup" ] # Configure SSH server RUN mkdir /var/run/sshd RUN echo 'root:admin' | chpasswd RUN sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config RUN echo "PermitEmptyPasswords yes" >> /etc/ssh/sshd_config EXPOSE 22 CMD ["/lib/systemd/systemd"] ``` This updated Dockerfile installs systemd and configures it as the init system. It also installs the other packages you specified and includes the configuration for the SSH server. Please note that running systemd inside a Docker container can have limitations and may not work as expected in all scenarios. Ensure that you have a valid use case for using systemd in a containerized environment. To build the Docker image with systemd support, use the following command: ``` docker build -t debian:integration-test --cap-add=SYS_ADMIN --tmpfs /run --tmpfs /run/lock --security-opt seccomp=unconfined . ``` The `--cap-add=SYS_ADMIN` flag grants the container the necessary capabilities, and the `--tmpfs` flags create temporary filesystems required by systemd. The `--security-opt seccomp=unconfined` flag disables seccomp filtering, which can sometimes interfere with systemd. Please note that running systemd inside a container is an advanced configuration and may have security and operational implications. It's recommended to explore alternative approaches that align better with containerization principles whenever possible.

jon_nfc commented

2023-06-13 15:50:51 +00:00

(Migrated from gitlab.com)

marked this issue as related to nofusscomputing/infrastructure/config#12

jon_nfc commented

2023-06-13 15:50:52 +00:00

(Migrated from gitlab.com)

marked this issue as related to nofusscomputing/projects/ansible/ansible-roles#13

jon_nfc commented

2023-07-02 06:09:31 +00:00

(Migrated from gitlab.com)

mentioned in merge request nofusscomputing/projects/ansible/ansible_docker_os!1