Ansible Playbook Docker Image
Docker Image of Ansible for executing ansible-playbook command against an externally mounted set of Ansible playbooks. Based on philm/ansible_playbook
Build
docker build -t walokra/ansible-playbook .
Test
$ docker run --name ansible-playbook --rm walokra/ansible-playbook --version
ansible-playbook 2.3.0.0
config file =
configured module search path = [u'/opt/ansible/library']
python version = 2.7.13 (default, Apr 20 2017, 12:13:37) [GCC 6.3.0]
Running Ansible Playbook
docker run --rm -it -v PATH_TO_LOCAL_PLAYBOOKS_DIR:/ansible/playbooks walokra/ansible-playbook PLAYBOOK_FILE
For example, assuming your project's structure follows best practices, the command to run ansible-playbook from the top-level directory would look like:
docker run --rm -it -v $(pwd):/ansible/playbooks walokra/ansible-playbook site.yml
Ansible playbook variables can simply be added after the playbook name.
Ansible Helper wrapper
Shell script named ansible_helper that wraps a Docker image containing Ansible:
docker run --rm -it \
-v ~/.ssh/id_rsa:/root/.ssh/id_rsa \
-v ~/.ssh/id_rsa.pub:/root/.ssh/id_rsa.pub \
-v $(pwd):/ansible/playbooks \
-v /var/log/ansible/ansible.log \
walokra/ansible-playbook "$@"
Point the above script to any inventory file so that we can execute any Ansible command on any host, e.g.
./ansible_helper play playbooks/create_user.yml -i inventory/staging -e 'some_var=some_value'
SSH Keys
If Ansible is interacting with external machines, you'll need to mount an SSH key pair for the duration of the play:
docker run --rm -it \
-v ~/.ssh/id_rsa:/root/.ssh/id_rsa \
-v ~/.ssh/id_rsa.pub:/root/.ssh/id_rsa.pub \
-v $(pwd):/ansible/playbooks \
walokra/ansible-playbook site.yml
Ansible Vault
If you've encrypted any data using Ansible Vault, you can decrypt during a play by either passing --ask-vault-pass after the playbook name, or pointing to a password file. For the latter, you can mount an external file:
docker run --rm -it -v $(pwd):/ansible/playbooks \
-v ~/.vault_pass.txt:/root/.vault_pass.txt \
walokra/ansible-playbook \
site.yml --vault-password-file /root/.vault_pass.txt
Note: the Ansible Vault executable is embedded in this image. To use it, specify a different entrypoint:
docker run --rm -it -v $(pwd):/ansible/playbooks --entrypoint ansible-vault \
walokra/ansible-playbook encrypt FILENAME