Ansible Docker container installation
Using Ansible on a container requires a container engine to be running. There are multiple choices for which container to use, the most famous ones being Docker, Kubernetes, and Red Hat OpenShift. In this book, we will only cover Docker. We need to have a Docker engine running on the machine that is going to host the Ansible Container. The information about Docker installation can be found in its official documentation at: https://docs.docker.com/install/. This covers a large number of operating systems.
Here, we will assume that the Docker engine is installed, and that the current user has been added to the Docker group so that they can manage the local Docker containers on the machine. You can also choose to build your own container by selecting any of the systems that you are familiar with for the source image. Make sure that you have all requirements installed. The following is an example of a basic Dockerfile on Linux Alpine, one of the lightest systems used on containers:
FROM alpine:3.7
RUN echo "#### Setting up the environment for the build dependencies ####" && \
set -x && apk --update add --virtual build-dependencies \
gcc musl-dev libffi-dev openssl-dev python-dev
RUN echo "#### Update the OS package index and tools ####" && \
apk update && apk upgrade
RUN echo "#### Setting up the build dependecies ####" && \
apk add --no-cache bash curl tar openssh-client \
sshpass git python py-boto py-dateutil py-httplib2 \
py-jinja2 py-paramiko py-pip py-yaml ca-certificates
RUN echo "#### Installing Python PyPI ####" && \
pip install pip==9.0.3 && \
pip install python-keyczar docker-py
RUN echo "#### Installing Ansible latest release and cleaning up ####" && \
pip install ansible –upgrade \
apk del build-dependencies && \
rm -rf /var/cache/apk/*
RUN echo "#### Initializing Ansible inventory with the localhost ####" && \
mkdir -p /etc/ansible/library /etc/ansible/roles /etc/ansible/lib /etc/ansible/ && \
echo "localhost" >> /etc/ansible/hosts
ENV HOME /home/ansible
ENV PATH /etc/ansible/bin:$PATH
ENV PYTHONPATH /etc/ansible/lib
ENV ANSIBLE_ROLES_PATH /etc/ansible/roles
ENV ANSIBLE_LIBRARY /etc/ansible/library
ENV ANSIBLE_SSH_PIPELINING True
ENV ANSIBLE_GATHERING smart
ENV ANSIBLE_HOST_KEY_CHECKING false
ENV ANSIBLE_RETRY_FILES_ENABLED false
RUN adduser -h $HOME ansible -D \
&& chown -R ansible:ansible $HOME
RUN echo "ansible ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers \
&& chmod 0440 /etc/sudoers
WORKDIR $HOME
USER ansible
ENTRYPOINT ["ansible"]
We then build the container using the build function on Docker:
docker build -t dockerhub-user/ansible .
The build might take some time to finish. We can then try and run our Ansible container in several different ways, depending on how we are going to use it. For example, we can verify the Ansible version on the container:
docker run --rm -it -v ~:/home/ansible dockerhub-user/ansible --version
We can also run a ping task:
docker run --rm -it -v ~:/home/ansible \
-v ~/.ssh/id_rsa:/ansible/.ssh/id_rsa \
-v ~/.ssh/id_rsa.pub:/ansible/.ssh/id_rsa.pub \
dockerhub-user/ansible -m ping 192.168.1.10
By changing the ENTRYPOINT of our Dockerfile code from [ansible] to [ansible-playbook], we can create a script that can use our container to work as if docker-playbook is installed. This will be explained further in Chapter 3, Ansible Inventory and Playbook. Create a script called ansible-playbook and add it to the PATH environmental variable with the following code:
#!/bin/bash
-v ~/.ssh/id_rsa:/ansible/.ssh/id_rsa \
-v ~/.ssh/id_rsa.pub:/ansible/.ssh/id_rsa.pub \
-v /var/log/ansible/ansible.log \
dockerhub-user/ansible "$@"
This script can be used as follows to execute a playbook on a specific host located in the inventory folder:
Ansibleplaybook play tasks.yml -i inventory/hosts