Ansible and Docker are both powerful tools and in this blog post I aim to look at putting Ansible in a Docker container. I’m building on the work of https://hub.docker.com/r/philm/ansible_playbook/dockerfile/
docker run -v “$(pwd)”:/ansible/playbooks geektechstuff/ansible_container:latest playbook.yml -i inventory_file_name
maps a directory into the container (in above example current working directory of host becomes /ansible/playbooks of container).
Tells Ansible which inventory to use, in this example it is looking for a file call inventory_file_name.
This is the playbook that you want Ansible to run. Make sure you are running the Ansible container from the same directory the playbooks are saved to.
If the ENTRYPOINT is changed then ansible (ad-hoc commands) can be used instead of ansible-playbook (playbook commands), this change would need to be changed in the dockerfile and then the Docker image rebuilt. Also, make sure to use the relevant commands to make the container session interactive.
What The DockerFile is doing:
# using a lot of https://hub.docker.com/r/philm/ansible_playbook/dockerfile/
>Comments introducing the reader.
# Alpine is a lightweight version of Linux.
# apline:latest could also be used
>Alpine is a lightweight version of Linux that is used as the core of this Docker image. I’m sticking with version 3.7 as I’ve tested that. alpine:latest would change it to the latest release, or another operating system could be used (which may increase the image size).
# apk add installs the following
apk add \
tar && \
pip install –upgrade pip
> Using run and apk to install the Ansible dependencies, curl (to get Ansible from the web), a shell (just in case), tar (to decompress the installer later) and pip. The \ means the command continues on the next line.
# Makes the Ansible directories
RUN mkdir /etc/ansible /ansible
RUN mkdir ~/.ssh
> Creating Ansible directory and the /.ssh directory
# Over rides SSH Hosts Checking
RUN echo “host *” >> ~/.ssh/config &&\
echo “StrictHostKeyChecking no” >> ~/.ssh/config
> Overriding the key checking of SSH – FOR PRODUCTION ENVIRONMENTS ANOTHER SOLUTION WILL BE NEEDED.
# Downloads the Ansible tar (curl) and saves it (-o)
curl -fsSL https://releases.ansible.com/ansible/ansible-2.9.3.tar.gz -o ansible.tar.gz
# Extracts Ansible from the tar file
tar -xzf ansible.tar.gz -C ansible –strip-components 1 && \
rm -fr ansible.tar.gz /ansible/docs /ansible/examples /ansible/packaging
>Installing Ansible into the container
# Makes a directory for ansible playbooks
RUN mkdir -p /ansible/playbooks
# Makes the playbooks directory the working directory
> Making Ansible working directory – when using the container this will be mapped using the Docker -v command.
# Sets environment variables
ENV ANSIBLE_GATHERING smart
ENV ANSIBLE_HOST_KEY_CHECKING False
ENV ANSIBLE_RETRY_FILES_ENABLED False
ENV ANSIBLE_ROLES_PATH /ansible/playbooks/roles
ENV ANSIBLE_SSH_PIPELINING True
ENV PATH /ansible/bin:$PATH
ENV PYTHONPATH /ansible/lib
> Setting Ansible environment variables
# Sets entry point (same as running ansible-playbook)
# Can also use [“ansible”] if wanting it to be an ad-hoc command version
> Creating the Docker container’s entrypoint.