Merge pull request #16205 from carbonin/add_awx_as_embedded_ansible_b…

…ackend Add awx as an embedded ansible plugin (cherry picked from commit 5d27b97)
ManageIQ · Dec 11, 2017 · 1c5c158 · 1c5c158
1 parent b175209
commit 1c5c158
Show file tree

Hide file tree

Showing 11 changed files with 420 additions and 69 deletions.
diff --git a/Gemfile b/Gemfile
@@ -31,6 +31,7 @@ gem "color",                          "~>1.8"
 gem "config",                         "~>1.3.0",       :require => false
 gem "dalli",                          "~>2.7.4",       :require => false
 gem "default_value_for",              "~>3.0.3"
+gem "docker-api",                     "~>1.33.6",      :require => false
 gem "elif",                           "=0.1.0",        :require => false
 gem "fast_gettext",                   "~>1.2.0"
 gem "gettext_i18n_rails",             "~>1.7.2"

diff --git a/app/models/embedded_ansible_worker/runner.rb b/app/models/embedded_ansible_worker/runner.rb
@@ -66,17 +66,18 @@ def message_sync_config(*_args); end
   private
 
   def provider_url
-    server = MiqServer.my_server(true)
+    URI::Generic.build(provider_uri_hash).to_s
+  end
 
+  def provider_uri_hash
     if MiqEnvironment::Command.is_container?
-      host = ENV["ANSIBLE_SERVICE_HOST"]
-      path = "/api/v1"
+      {:scheme => "https", :host => ENV["ANSIBLE_SERVICE_HOST"], :path => "/api/v1"}
+    elsif Rails.env.development?
+      {:scheme => "http", :host => "localhost", :path => "/api/v1", :port => 54321}
     else
-      host = server.hostname || server.ipaddress
-      path = "/ansibleapi/v1"
+      server = MiqServer.my_server(true)
+      {:scheme => "https", :host => server.hostname || server.ipaddress, :path => "/ansibleapi/v1"}
     end
-
-    URI::HTTPS.build(:host => host, :path => path).to_s
   end
 
   def raise_role_notification(notification_type)

diff --git a/config/settings.yml b/config/settings.yml
@@ -94,6 +94,16 @@
   :history:
     :keep_drift_states: 6.months
     :purge_window_size: 10000
+:embedded_ansible:
+  :docker:
+    :task_image_name: ansible/awx_task
+    :task_image_tag: latest
+    :web_image_name: ansible/awx_web
+    :web_image_tag: latest
+    :rabbitmq_image_name: rabbitmq
+    :rabbitmq_image_tag: 3
+    :memcached_image_name: memcached
+    :memcached_image_tag: alpine
 :ems:
 # provider specific settings are nested here, but they are in the provider repos
 # e.g.:

diff --git a/lib/embedded_ansible.rb b/lib/embedded_ansible.rb
@@ -10,7 +10,7 @@ def self.new
   end
 
   def self.detect_available_platform
-    subclasses.detect(&:available?) || NullEmbeddedAnsible
+    subclasses.sort.detect(&:available?) || NullEmbeddedAnsible
   end
 
   def self.available?
@@ -21,6 +21,14 @@ def self.enabled?
     MiqServer.my_server(true).has_active_role?(ANSIBLE_ROLE)
   end
 
+  def self.priority
+    0
+  end
+
+  def self.<=>(other_embedded_ansible)
+    other_embedded_ansible.priority <=> priority
+  end
+
   def alive?
     return false unless configured? && running?
     begin
@@ -43,9 +51,45 @@ def api_connection_raw(host, port)
     )
   end
 
+  def find_or_create_secret_key
+    miq_database.ansible_secret_key ||= SecureRandom.hex(16)
+  end
+
+  def find_or_create_admin_authentication
+    miq_database.ansible_admin_authentication || miq_database.set_ansible_admin_authentication(:password => generate_password)
+  end
+
+  def find_or_create_rabbitmq_authentication
+    miq_database.ansible_rabbitmq_authentication || miq_database.set_ansible_rabbitmq_authentication(:password => generate_password)
+  end
+
+  def find_or_create_database_authentication
+    auth = miq_database.ansible_database_authentication
+    return auth if auth
+
+    auth = miq_database.set_ansible_database_authentication(:password => generate_password)
+
+    database_connection.select_value("CREATE ROLE #{database_connection.quote_column_name(auth.userid)} WITH LOGIN PASSWORD #{database_connection.quote(auth.password)}")
+    database_connection.select_value("CREATE DATABASE awx OWNER #{database_connection.quote_column_name(auth.userid)} ENCODING 'utf8'")
+
+    auth
+  end
+
+  def generate_password
+    SecureRandom.base64(18).tr("+/", "-_")
+  end
+
   def miq_database
     MiqDatabase.first
   end
+
+  def database_connection
+    ActiveRecord::Base.connection
+  end
+
+  def database_configuration
+    @db_config ||= ActiveRecord::Base.configurations[Rails.env]
+  end
 end
 
 Dir.glob(File.join(File.dirname(__FILE__), "embedded_ansible/*.rb")).each { |f| require_dependency f }
diff --git a/lib/embedded_ansible/appliance_embedded_ansible.rb b/lib/embedded_ansible/appliance_embedded_ansible.rb
@@ -18,6 +18,10 @@ def self.available?
     required_rpms.subset?(LinuxAdmin::Rpm.list_installed.keys.to_set)
   end
 
+  def self.priority
+    30
+  end
+
   def initialize
     require "linux_admin"
   end
@@ -112,13 +116,8 @@ def with_inventory_file
   end
 
   def configure_secret_key
-    key = miq_database.ansible_secret_key
-    if key.present?
-      File.write(SECRET_KEY_FILE, key)
-    else
-      AwesomeSpawn.run!("/usr/bin/python -c \"import uuid; file('#{SECRET_KEY_FILE}', 'wb').write(uuid.uuid4().hex)\"")
-      miq_database.ansible_secret_key = File.read(SECRET_KEY_FILE)
-    end
+    key = find_or_create_secret_key
+    File.write(SECRET_KEY_FILE, key)
   end
 
   def update_proxy_settings
@@ -135,26 +134,10 @@ def update_proxy_settings
     File.write(SETTINGS_FILE, new_contents)
   end
 
-  def generate_admin_authentication
-    miq_database.set_ansible_admin_authentication(:password => generate_password)
-  end
-
-  def generate_rabbitmq_authentication
-    miq_database.set_ansible_rabbitmq_authentication(:password => generate_password)
-  end
-
-  def generate_database_authentication
-    auth = miq_database.set_ansible_database_authentication(:password => generate_password)
-    database_connection.select_value("CREATE ROLE #{database_connection.quote_column_name(auth.userid)} WITH LOGIN PASSWORD #{database_connection.quote(auth.password)}")
-    database_connection.select_value("CREATE DATABASE awx OWNER #{database_connection.quote_column_name(auth.userid)} ENCODING 'utf8'")
-    auth
-  end
-
   def inventory_file_contents
-    admin_auth    = miq_database.ansible_admin_authentication || generate_admin_authentication
-    rabbitmq_auth = miq_database.ansible_rabbitmq_authentication || generate_rabbitmq_authentication
-    database_auth = miq_database.ansible_database_authentication || generate_database_authentication
-    db_config     = Rails.configuration.database_configuration[Rails.env]
+    admin_auth    = find_or_create_admin_authentication
+    rabbitmq_auth = find_or_create_rabbitmq_authentication
+    database_auth = find_or_create_database_authentication
 
     <<-EOF.strip_heredoc
       [tower]
@@ -165,8 +148,8 @@ def inventory_file_contents
       [all:vars]
       admin_password='#{admin_auth.password}'
 
-      pg_host='#{db_config["host"] || "localhost"}'
-      pg_port='#{db_config["port"] || "5432"}'
+      pg_host='#{database_configuration["host"] || "localhost"}'
+      pg_port='#{database_configuration["port"] || "5432"}'
 
       pg_database='awx'
       pg_username='#{database_auth.userid}'
@@ -182,14 +165,6 @@ def inventory_file_contents
     EOF
   end
 
-  def generate_password
-    SecureRandom.base64(18).tr("+/", "-_")
-  end
-
-  def database_connection
-    ActiveRecord::Base.connection
-  end
-
   def local_tower_version
     File.read(TOWER_VERSION_FILE).strip
   end

diff --git a/lib/embedded_ansible/container_embedded_ansible.rb b/lib/embedded_ansible/container_embedded_ansible.rb
@@ -5,6 +5,10 @@ def self.available?
     ContainerOrchestrator.available?
   end
 
+  def self.priority
+    20
+  end
+
   def start
     miq_database.set_ansible_admin_authentication(:password => ENV["ANSIBLE_ADMIN_PASSWORD"])
     ContainerOrchestrator.new.scale(ANSIBLE_DC_NAME, 1)