Run Ansible with Docker

Ansible container

Once I had to build Ansible in an offline environment, but it’s difficult to collect all the necessary packages and make them. So, I made Ansible into a container based on the Python Docker container.

BTW, ansible/ansible there is a container image called Offcial, but this is provided as a test environment for Ansible itself, and Ansible is not included ☺️

Repository

It is registered in the following repository.

Dockerfile

The content is very simple. It sshpassis required to use SSH password authentication with Ansible, so I have installed it. Also, depending on the module used, an additional pip package may be required, but I have not written it because there is no end to it.

Source: https://github.com/spy86/docker-ansible

FROM python:3.7.6-stretch

RUN pip install pip --upgrade
RUN pip install ansible

RUN apt-get update -y && \
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
sshpass

WORKDIR /work

Playbook execution

You can execute the playbook by changing to the directory where you saved the playbook and then executing the following command.

  • Create example playbook.yml
---- hosts: localhost
tasks:
- name: site | hello world
shell: echo "Hi! Ansible is working"
  • Run ansible playbook
root@vagrant:/home/vagrant# docker run -v "${PWD}":/work:ro -v ~/.ansible/roles:/root/.ansible/roles -v ~/.ssh:/root/.ssh:ro --rm spy86/ansible:latest ansible-playbook playbook.yml
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that
the implicit localhost does not match 'all'
PLAY [localhost] ***************************************************************TASK [Gathering Facts] *********************************************************
ok: [localhost]
TASK [site | hello world] ******************************************************
changed: [localhost]
PLAY RECAP *********************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
root@vagrant:/home/vagrant#

Explanation of commands

  • --rm This container is not used for starting up, so in order to keep the environment clean, delete it after execution.
  • Bindings

Since it is troublesome to copy and use the playbook in the file system of $pwd <-> /work container one by one, use the binding to directly read the playbook in the host system.

By binding to the host, ${PWD}which is /workthe working directory in the container, the directory when the command is executed can be seen from inside the container.

~/.ansible/roles <-> /root/.ansible/roles
This is for persisting the Role installed by Ansible Galaxy. Not required if you do not use Galaxy.

Due to the specifications of Ansible, if you install Role on Galaxy, Role will be saved in the available directory in the following directory.

  • ~/.ansible/roles
  • /usr/share/ansible/roles
  • /etc/ansible/roles

~/.ssh <-> /root/.ssh
Even if you run the container as it is, you cannot connect because the SSH client in the container does not have the authentication information of the target machine. Share the host machine .sshso that the target machine can be accessed from inside the container.

Bash alias

By registering the commands introduced above and other frequently used ones as aliases, you can use Ansible and so it’s good to make your work easier without being conscious of running on Docker ☺️

List of aliases:

 by the author.

--

--

--

DevOps Consultant. I’m strongly focused on automation, security, and reliability.

Love podcasts or audiobooks? Learn on the go with our new app.

CONTROLLING LIGHT USING TELEGRAM AND SENDING VALUES TO ADAFRUIT

How to upgrade a Python 2 codebase to Python 3

Basic Validations in Ruby On Rails

Final Entry

How to setup an email alert for high Active Message count for Azure Service Bus Queue

25 Numbers, Booleans, and Recursion

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Maciej

Maciej

DevOps Consultant. I’m strongly focused on automation, security, and reliability.

More from Medium

Docker: how to work with Grafana and influxdb

Docker, nginx and reverse-proxying

Difference Between Ansible And Ansible Galaxy — Ansible vs Ansible Galaxy

ansible architecture

Learn Docker:Network access (6/6)