Comments (5)
What's the drawback? It's pretty common in large orgs, esp. in air gapped environments, to rely on a local repo...
from deployment-automation.
First, curl | sudo bash
is a devops antipattern. It's not really considered idempotent and you can't rely upon it to converge to a known good state that's easily tested for. It's more of a hack to get developers up and running and not really meant to be used in automation.
I looked through the repo setup script that we provide and it really only does a handful of things that we could stuff into the ansible directly. It's not actually downloading and building a repo, it's only configuring the package handler to be aware of our repos.
For rpm-based installs it basically does:
- setup the repo location:
curl -1sLf 'https://dl.redpanda.com/nzc4ZYQK3WRGd9sy/redpanda/config.rpm.txt?distro=centos&codename=Core&version=7&arch=x86_64' > redpanda-centos-el7-x86_64.repo
- add our gpg key to trust the packages:
rpm --import https://dl.redpanda.com/nzc4ZYQK3WRGd9sy/redpanda/gpg.988A7B0A4918BC85.key
It does something similar for deb-based ones.
from deployment-automation.
This is largely resolved. The sole exception is the download and dearmoring of a key
- name: Download and import Redpanda GPG Key
shell: |
curl -1sLf "{{ rp_key_deb_actual }}" | gpg --dearmor > "{{ rp_key_path_deb_actual }}"
when: ansible_os_family == 'Debian'
I haven't found a good workaround to this method yet.
from deployment-automation.
This is largely resolved. The sole exception is the download and dearmoring of a key
- name: Download and import Redpanda GPG Key shell: | curl -1sLf "{{ rp_key_deb_actual }}" | gpg --dearmor > "{{ rp_key_path_deb_actual }}" when: ansible_os_family == 'Debian'
I haven't found a good workaround to this method yet.
you can try to predicate this on the existence of the file at rp_key_path_deb_actual. If that path exists, there's probably no reason for this task to re-run on subsequent runs. We're highly unlikely to ever change the GPG key.
from deployment-automation.
Resolved with the recent updates to redpanda-ansible-collection
from deployment-automation.
Related Issues (20)
- Always reconcile redpanda.yaml as it have node configuration HOT 1
- Validate/test if cluster configuration property of type string can be un-set HOT 3
- node_exporter only needed by grafana/prometheus, so move to grafana install playbook HOT 1
- Terraform for AWS should have a security group rule to allow intra-sg communication HOT 5
- Ansible setup for Redpanda-console HOT 3
- RP tuner fails to complete on RHEL HOT 1
- Test Server Side Schema Validation
- Use module and collection bundles copied onto client from cloudsmith
- Terraform outside of AWS us-west-2 improperly attempts to create AZ still inside us-west-2 HOT 4
- Add test on AZ & on instance types
- GCP Module Work HOT 1
- Helm deployment of Redpanda/Prometheus/Grafana
- Proxy CI fails on ssh connection in buildkite
- when demo certs is false and handle install is true, redpanda_key_file should be copied onto server
- inotify file descriptor issue on large instances causes redpanda galaxy module to crash
- Default Ubuntu version is 20.04 but 23.3.x has retired support for that version HOT 4
- rpk.tune_* options in configs/default.j2 template for redpanda_broker needs to be configurable
- Audit ansible for empty string for "not-set" case
- In ansible, explicitly set systemd service "enable" for redpanda and redpanda-tuner.
- CI: test resources race condition HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from deployment-automation.