Setup Ansible on docker containers
What is ansible?
Ansible is an open source community project sponsored by Red Hat, it’s the simplest way to automate IT and used for a configuration management, application deployment, intra-service orchestration, and many other IT needs.
Advantages of ansible :
- free: It is a open source tool.
- Simple to use : No special coding skills are required to write ansible playbooks.
- Agentless : You don’t need to install any other software,firewalls,ansible on the worker nodes that you want to perform actions on.
- Powerful : Ansible let you automate complex IT workflows with the help of rich modules available.
In this article we will going see how to install and setup ansible on the docker containers step by step. Basically Ansible uses Master slave architecture. IN this article we will install one master and one worker/slave node.
Step 1:We need docker to be installed on the local machine. Check if docker is installed or not using below command. If it is not installed Please install it.
$ docker — version
Docker version 18.03.1-ce, build 9ee9f40Step 2:We need ubuntu base image for our ansible Master and node container. Pull the latest ubuntu image from docker hub using the below command.
$ docker pull ubuntu
Using default tag: latest
latest: Pulling from library/ubuntu
345e3491a907: Pull complete
57671312ef6f: Pull complete
5e9250ddb7d0: Pull complete
Digest: sha256:b4aa552dd3f2ed84f3214b0e8add3648aee0205ef58295c92fe0899f96ad8755
Status: Downloaded newer image for ubuntu:latestStep 3: Below Command is used to check list of docker images available on machine.
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 7e0aa2d69a15 4 weeks ago 72.7MB
redis latest 4760dc956b2d 3 years ago 107MB
ubuntu <none> f975c5035748 3 years ago 112MB
alpine latest 3fd9065eaf02 3 years ago 4.14MBStep 4: Below Command is used to check list of available containers. it will show both running as well as stop containers. List of Running containers you can find using docker ps command.
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMESStep 5: Lets create a ansible master controller container using ubuntu base image.
$ docker run -itd — name ansible_master ubuntu /bin/bash
d34f89c763f9a87ffe7cd723618133edc42eac3b530c7a93cf7030c041ce1cb9Step 6: Lets create another ansible node using same base image.
$ docker run -itd — name ansible_node ubuntu /bin/bash
3c3bc9c76b203246ad5014142972abb0b41693f4edf473cf2a5df0501a4ead54Step 7: Below command is used to Check list of running containers.
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3c3bc9c76b20 ubuntu “/bin/bash” 58 seconds ago Up 56 seconds ansible_node
d34f89c763f9 ubuntu “/bin/bash” 3 minutes ago Up 3 minutes ansible_masterStep 8: Exec into Ansible Master container and install python,ansible,open-ssh client,vim and iputils.ping into it.
$ docker attach d34f89c763f9
root@d34f89c763f9:/# apt update; apt install python ansible openssh-client vim iputils-ping -y
Get:1 http://archive.ubuntu.com/ubuntu focal InRelease [265 kB]
Get:2 http://security.ubuntu.com/ubuntu focal-security InRelease [114 kB]Step 9: Exec into Ansible node container now and install vim ssh and python in it.
$ docker attach 3c3bc9c76b20
root@3c3bc9c76b20:/#
root@3c3bc9c76b20:/#
root@3c3bc9c76b20:/# apt update;apt install ssh vim python -y
Get:1 http://archive.ubuntu.com/ubuntu focal InRelease [265 kB]
Get:2 http://archive.ubuntu.com/ubuntu focal-updates InRelease [114 kB]Step 10: Once done set the password for root user on both the container.
root@ca07a033db25:/# passwd root
New password:
Retype new password:
passwd: password updated successfullyStep 11: We now need to setup passwordless ssh connectivity between master ansible container and node container. Exec into node container and perform following steps.
Open ssh config file listed below using vi editor.
root@ca07a033db25:/# vi /etc/ssh/ssh_configMake permitRootLogin true in ssh config file and restart ssh service within the container.
root@ca07a033db25:/# service ssh restart
* Restarting OpenBSD Secure Shell server sshdStep 12: inorder to check connectivity from master ansible node to the node container run below command to get ip of the node container. exec into master container and try to ping the ip.
`$ docker network inspect bridge
[
{
“Name”: “bridge”,
“Id”: “dd6c9c4d9825c74b829ca5911bf8cca2eb164fb1ca1b2afc2a243d41d0e5acbb”,
“Created”: “2021–05–27T06:52:56.066958456Z”,
“Scope”: “local”,
=======================================================ping 172.18.0.3
PING 172.18.0.3 (172.18.0.3) 56(84) bytes of data.
64 bytes from 172.18.0.3: icmp_seq=1 ttl=64 time=0.104 ms
64 bytes from 172.18.0.3: icmp_seq=2 ttl=64 time=0.076 ms
Step 13: Genarate the public and private key pair on master node using below command and copy it on the node container.
root@0cf0f6c5b629:/# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:7jR/K8DMCj88dctvLXN75DJ4KYFGljYSwkuL4/24u8c root@0cf0f6c5b629
The key's randomart image is:
+---[RSA 3072]----+
| . |
| + . |
| o + . . |
| o o . * |
| . o +S= o |
| o ..* + . .|
| + *+= . + + |
| BoEo+ B B o|
| +B. .=oB.= |
+----[SHA256]-----+root@0cf0f6c5b629:/# ssh-copy-id root@172.18.0.3
Step 14: Now you are ready to use the ansible. Write a sample playbook and update the inventory file with with the respective ip address to test if its working fine or not.
- hosts: webservers
become: yes
tasks:
- pinginventory file-
[webservers]
foo.example.comrun the playbooks using below command.
ansible-playbook ping.yaml -i inventory.txtIf playbook run successfully then your ansible is setup properly.
Please note: inorder to add more nodes for ansible ,take the same image of node container which we have already and used it.
