Ansible automation demo for Cygate Techdays 2019 by Christofer Tibbelin
Build a Docker container and install Check Points API software in it.
in this demo my Docker host is the same as Ansible host running Ubuntu 18.10 Docker is already installed
So we don't need to sudo for docker jobs on the docker host
sudo groupadd docker
sudo gpasswd -a $USER docker
newgrp dockerso ansible can talk to this. I had problems with python2 so had to run python3 in the inventory
pip install dockerCreate a dockerfile with the CheckPoint MGT API in a empty folder (I call this folder docker)
This is what Ansible will start to create docker image
# Download base image from python repository version 3.7-alpine
# Alpine is extra small image
FROM python:3.7-alpine
MAINTAINER FullName <email@Address>
# use apk to update + install git
RUN apk add --update git
# Install CheckPoint MGT API to talk to CheckPoint MGT server
RUN pip install git+https://github.com/CheckPointSW/cp_mgmt_api_python_sdk
#Keep container running Fake as we use docker connection to reach it.
ENTRYPOINT ["tail", "-f", "/dev/null"]ansible-playbook -i inventory.ini create_docker.ymldocker network list | grep -q "mgt_net" || docker network create "mgt_net"tag is the same as name
docker build --tag=cp_api-img ./docker/cp_api-img is the image name/tag from previous command.
docker run -d -P \
--network='mgt_net' \
--network-alias mgt \
--name cp_api01 cp_api-imgdocker ps -s --format "table {{.Names}}: {{.Size}}: {{.RunningFor}}"docker stats --no-stream --format "table {{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}"docker exec -it cp_api01 shDemo 5.2 🐳☑️🤘
Use the new Ansible module and docker container to push a change to the CheckPoint MGT