Make your Docker Container Ansible Client by providing SSH facility!
In this story, we are going to discuss how to make a Docker Container Ansible Client by providing an SSH facility. So let’s first understand some basics terminologies.
What is Dockerfile?
A Dockerfile is a text file that has a series of instructions on how to build your image. It supports a simple set of commands that you need to use in your Dockerfile.
Here we are going to create our an SSH enabled Image with the help of Dockerfile
- We are using centos image with the latest tag so this image will install openssh-server, passwd, and net-tools software. openssh-server will give us ssh facility passwd package is useful in changing the password of any user and net-tools gives us some basic command this software is optional.
- The next line will create ssh-key.
- Now we are changing the root user password with RedHat from this line
- and finally, we’re starting ssh service. Inside centos container systemctl like commands are not preconfigured so we are using by default way to start service.
Now Dockerfile is ready to create an image. Run this file with a command
docker build -t <image_name>:<tag> <Dockerfile_location>
Now this will create your Image. You can verify this with the command
This Image is available on my DockerHub repository so you can create it on your own or you can download it it’s up to you.
So Now the container will get launch and if we try to do ssh, If you are trying the first time then this will work but from next time onwards this will fail with an authentication error.
In simple word, we are going to access it with a different key so to update our server that this is a new server we are going to access with the existing IP we have to run the ssh-keygen command
ssh-keygen -R <IP of container>
This command will update or we can say replace some entries in their files.
So now it’s time to automate. let’s write a playbook to automate all things. below shown code is the minimum required ansible configuration. Here roles path is not a mandatory keyword.
Ansible playbook which will launch entire setup including container is shown below.
So In the playbook, we are going to include variable files named varialbe.yml, and Inside tasks following things are mentioned.
- In the first task, we are going to install Docker with the help of a package module.
- After installing the service module will start the service of docker.
- To pull Image from DockerHub system requires request module to install and this is python3 module so next two tasks will install python3 and request module respectively.
- The next task will pull Image yash202000/ssh:v1
- docker_container module will launch docker container from the available image and all output will be registered in variable x
- debug module will print variable x output.
- blockinfile module will update the entry in the inventory file.
- last but not least this command will update the IP stored for the key.
So now this playbook will launch a container that is port forwarding enabled. Now let’s write a playbook that will launch apache httpd in a docker container and start services.
2 playbooks we written so let’s run it one by one and see result.
so this playbook executed successfully now lets check result by command
Now you can see that container named os is launched 8 second ago with enabled port forwarding on port no 80
Now let’s configure os container.
This playbook also executed successfully not let’s check result on container IP address: 172.17.0.2
Yeah, it works!
Conclusion: We know the thing that containers don’t have ssh facility by default but in docker, we have an ‘exec’ command to access it. If there is any issue in the container environment we go there by ‘exec’ command and fix it. Things will work fine! but, In a bigger environment There we have thousands of containers running, and manually accessing and fixing each and every container is very time-consuming. So here tools like Ansible will help us to automate the thing.
Check out my GitHub for code.
Thanks for reading… If any questions please feel free to leave a comment below and Do connect with me on these platforms.
- Mail: firstname.lastname@example.org
- LinkedIn: https://www.linkedin.com/in/yash-panchwatkar/
Stay tuned for such awesome stories!