Re-using Ansible playbooks to Build Docker Containers
Started working on a small side project to build a production distributed system in a developers laptop. I decided it was an excellent reason to use Docker 🐳.
Docker has it’s own way to build containers, by using Dockerfile‘s. Dockerfile’s are well thought out and their capabilities are throughly documented. I urge you to check it out if you haven’t yet.
However the thing is, the production environment we have, already has Ansible scripts to build our servers. Does it really make sense to maintain now two types of documents? One Ansible for production and one of Docker for development?
Let us check on how to build these containers using Ansible.
The fastest way to be able to re-use the Ansible playbooks will be running them from within the containers themselves. The idea should come familiar from my previous post of provisioning Vagrant VM’s with Ansible.
The first order of business would be creating a directory structure like the following:
+
+ ansible
|
| + group_vars
| + playbook
| + roles
| + hosts
| + ansible.cfg
+ Dockerfile
The important thing is that the Dockerfile needs to be above the directory structure. As any references in Dockerfile like “../ansible” won’t work due to security reasons set by Docker. To overcome this one might use a symlink.
Once you have set the Dockerfile add the following lines to it:
# Pull base image of Oracle Linux 7.2
FROM oraclelinux:7.2
MAINTAINER John Roach
# Install Ansible
RUN yum -y update
RUN yum clean all
RUN yum -y install PyYAML python-jinja2 python-httplib2 python-keyczar
RUN yum -y install python-paramiko python-setuptools git python-pip
RUN mkdir /etc/ansible/
CMD echo "[local]\nlocalhost\n" > /etc/ansible/hosts
RUN mkdir /opt/ansible/
RUN git clone http://github.com/ansible/ansible.git /opt/ansible/ansible
WORKDIR /opt/ansible/ansible
RUN git submodule update --init
ENV PATH /opt/ansible/ansible/bin:/bin:/usr/bin:/sbin:/usr/sbin
PYTHONPATH /opt/ansible/ansible/lib
ANSIBLE_LIBRARY /opt/ansible/ansible/library
RUN ansible-playbook --version
mkdir /ansible-player
# Add Ansible directory to ansible-player
COPY ansible /ansible-player/
WORKDIR /ansible-player
# Run BCC playbook
RUN ansible-playbook -i hosts playbook/site.yml -c local
This Dockerfile will install ansible to the container, copy our ansible files to said container and run the playbook. You can run the build process with the following command:
docker build -t docker-container .
This will build the container “docker-container“.
So should we use Ansible to build our containers? Probably not. The author of Ansible agrees with this. Ansible should probably be used for setting the build environment, deployment and testing stages of the building of Docker containers.
Creating the Dockerfile’s are pretty simple. And once these files are created there should be little or no change. The apps deployed within the containers might change. However, my belief is, deployments can be or should be handled by Ansible. The deployment scripts should be the ones that get re-used.
I hope to write more of my thoughts of deployments and builds as I have been moving towards the DevOps world. I know I definitely have a lot to learn. I enjoy each moment of it. So, hope you like this.
As always,
Have fun!