Integrate Docker with Ansible - jamongx/twitter-clone GitHub Wiki

On Docker Server

  • Create ansadmin
  • Add ansadmin to sudoers files
  • Enable password based login
# sudo su -

[root@docker-server ~]# adduser ansadmin
[root@docker-server ~]# passwd ansadmin
xxxx

[root@docker-server ~]# visudo
## Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL
ansadmin        ALL=(ALL)       NOPASSWD: ALL --> added

[root@docker-server ~]# grep Password /etc/ssh/sshd_config
PasswordAuthentication yes -> already enable

On Ansible Server

  • Add to hosts file
  • Copy ssh keys
[root@ansible-server ~]# vim /etc/ansible/hosts
172.31.25.246 -> docker host internal ip address

[root@ansible-server ~]# sudo su - ansadmin

[ansadmin@ansible-server ~]$ ssh-copy-id 172.xxx.xxx.xxx -> docker server private ip
yes
ansadmin password: xxxx

[ansadmin@ansible-server ~]$ cd .ssh

[ansadmin@ansible-server ~]$ ls
id_rsa  id_rsa.pub  known_hosts

[ansadmin@ansible-server ~]$ pwd
/home/ansadmin/.ssh

[ansadmin@ansible-server ~]$ cat id_rsa.pub
ssh-rsa xxxx...

On Docker Server

  • Check authorized_keys
[root@docker-server ~]# sudo su - ansadmin

[ansadmin@docker-server root]$ cd .ssh

[ansadmin@docker-server root]$ pwd
/home/ansadmin/.ssh

[ansadmin@docker-server root]$ ll
total 4
-rw------- 1 ansadmin ansadmin 405 Sep 22 18:41 authorized_keys

[ansadmin@docker-server root]$ cat authorized_keys
ssh-rsa xxx...

On Ansible Server

  • Test the connection
[ansadmin@ansible-server ~]$ ansible all -m ping

[WARNING]: Platform linux on host 172.xxx.xxx.xxx is using the discovered Python interpreter at /usr/bin/python, but future
installation of another Python interpreter could change this. See
https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information.
172.xxx.xxx.xxx | SUCCESS => {
   "ansible_facts": {
       "discovered_interpreter_python": "/usr/bin/python"
   },
   "changed": false,
   "ping": "pong"
}


[ansadmin@ansible-server ~]$ ansible all -m command -a uptime

[WARNING]: Platform linux on host 172.xxx.xxx.xxx is using the discovered Python interpreter at /usr/bin/python, but future
installation of another Python interpreter could change this. See
https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information.
172.xxx.xxx.xxx | CHANGED | rc=0 >>
18:47:45 up 17:55,  2 users,  load average: 0.00, 0.00, 0.00