04. 07. 2019 Andrea Detassis Business Service Monitoring, NetEye

ISO Generation with Ansible – Part 1

Here at Würth Phoenix, we ship software in many different ways, but one of the main methods to support on-premise installations is with an ISO file. With the ISO we allow our customers to install NetEye, the underlying OS, and all dependencies in a flexible yet simple way.

Since this is so important, how can we make sure that we are delivering a working, up-to-date ISO to our customers?

We had the following requirements to meet:

  • Build the ISO once (or more) a day
  • Be able to install it in many different environments (both physical and virtual)
  • Support the latest two stable versions of NetEye
  • Provide a fully automatic installation (with safe and reasonable defaults) of the “core” part of NetEye
  • Be able to run tests on it before shipping it out

To address these points, we wanted to use the same approach that we use for our software: automation and testing!
After investigating the problem, we decided to (continue to) use Ansible, combined with Molecule, Jenkins, and Packer.


Here is an overview of the tasks for the Ansible playbook and the roles that we built.

Since NetEye is based on CentOS 7, the ISO builder starts extracting the packages required for a CentOS minimal installation and combines them with the NetEye core packages, using yum‘s “comps.xml” files.
Starting from the combined list of files, we then gather all the required packages from our internal repositories and combine them into a brand new local yum repo, which we can use to perform the installation on which the ISO is based.

In order to set up the system that will receive the ISO, we use a templated kickstart file that configures all the settings needed on the host (like disk partitioning, networking, users, required packages, and much more).

Now that we have all the necessary components in place, it’s time to glue them all together into our ISO file, which is exactly what the last part of the playbook does. It also adds the following beautiful black splash screen! (sorry, we backend devs aren’t great at design…)


Now that we’ve built the playbook and its roles, it’s time to make sure that we won’t break them next time that we work on the ISO. To do this we use molecule to test our roles.

Molecule, with the help of test-infra, allows us to run some tests on the roles themselves and be sure that we won’t break ISO generation when editing or extending the roles (until you break it and you add another test!)

In the next part, we’ll explain how we use Jenkins to build the ISO periodically, and then test it with our end-to-end tests using packer!

Andrea Detassis

Andrea Detassis


Andrea Detassis

Leave a Reply

Your email address will not be published.