Hacker News new | ask | show | jobs
by zby 1904 days ago
Can you run ansible or terraform inside a docker container?

There are two parts of the dev environment - the programmer preferences and the project libraries and other infrastructure. What I would like is to have a way to compose those two and ideally something that would work the same way inside a docker container as in a full VM.
4 comments
qbasic_forever 1904 days ago
Grab the ansible-runner image from dockerhub and it's a great slimmed down image to run ansible: https://ansible-runner.readthedocs.io/en/stable/container.ht...

To provision stuff _inside_ your docker container from ansible I've found packer is the easiest way to do it: https://www.packer.io/docs/provisioners/ansible-local There was apparently a tool called ansible-bender that did something similar but was abandoned. Packer makes it easy to define a container that's provisioned with a local ansible playbook.

Ultimately though I think using ansible with containers is a code smell. If you provision in a container with ansible you have to pull in an entire Python install, and that blows up your container size fast. You can do multi-stage builds and carefully extract the stuff you need but it's a real pain. IMHO minimal shell scripts that run in very tightly defined and controlled environments of the dockerfile (i.e. they don't have to be super flexible or support any and every system, just this container) are the way to go.

link
mrweasel 1904 days ago
I have a co-worker who had the idea of stuffing Ansible into a container. This would allow anyone to easily run any Ansible playbooks without having to deal with dependencies and versions. It’s absolutely terrible to use. You end up having wrapper scripts to make it even remotely usable.

Mounting things in the right locations is a nightmare, even minor changes becomes a hassel. For Ansible, just learn to use virtualenvs.

Terraform may be a little better.

link
narism 1904 days ago
We do the same thing but I wouldn’t call it a nightmare /hassle. It’s exactly one helper script to start up the container with the right volumes and a few aliases to make commands (ansible / ansible-playbook / etc) work seamlessly. Some good tips here: https://jonathan.bergknoff.com/journal/run-more-stuff-in-doc...
link
conradludgate 1904 days ago
Yes to terraform. We use it at our work to setup some dynamodb tables for testing locally. We mount the .terraform folder.
link
1MachineElf 1904 days ago
Nix and Guix are both answers to that combined need.
link