Ansible for devops without Vagrant

November 12, 2023, Update to add: One reason to prefer Vagrant over docker is actually because of the mission involved in setting up projects running services. Since containers typically run single processes, systemd isn't necessary to coordinate these processes.

 

 So I'm currently working through Jeff Geerling's great book Ansible for Devops.


However, I wasn't so keen on installing and running vagrant when everything should be doable (I believe) using docker-compose.

At the same time, I'm going through his book so that I can better manage my few Raspberry Pis at home, and I'd like to be able to test my ansible scripts before running them on the live pis.

 

So what I decided to do was kill two birds with one repo and set up a docker-compose based test environment that can run my ansible scripts, but that mirrors my current ripi setup (mostly).

 

Home network

My current homelab is nothing special. Three pis -- coffee, xray, and pizza -- each with a static address on my private network and a dns record pointing to it.
 
So the idea was really simply to set up a docker-compose .yaml file with three services mirroring those, and a primary service I've called "driver" that I can exec into and run ansible from.
 
If you take a look at the "driver" service you'll see I map whatever is in the "ansible" directory to the root's home directory - this should therefore contain your playbooks, inventory, etc. and it'll show up in "driver"'s home.
 
The `ansible/inventory` file simply contains the name of the three services.
 

The Dockerfile


The Dockerfile is pretty simple, but there is some interesting stuff in it.
We install openssh-server and ansible.

In order to make things simple, we generate an ssh-key for root in the container, and then we copy the id_rsa.pub into `authorized_keys` in order to allow any of the containers to ssh into any of the others. Since they share a network, they should just be able to access one another.

Finally, I set an ssh config that disables strict host checking (although it may actually make sense to limit this to xray, pizza, and coffee. I might make this change).


Getting it to work

Once you've cloned the repo, it's as simple as running `docker-compose up` to get the services up and running.
You can then docker-compose exec into "driver" and start running commands.






Comments

Post a Comment

Popular posts from this blog

JCE's Gifted and Talented Center

Image
Back in South Africa, in the early 90s, I was invited to take part in programmes offered at the Johannesburg College of Education's "Gifted and Talented Center". I can barely remember much about it. I recall that I did courses in electronics, drama, programming, and study techniques. Further, I remember the buildings and the general feeling of the place (massive buildings, alcoves with chairs and windows in the long passages between primary blocks, etc.). However, I couldn't remember very much around the nature of the programme (if, indeed, I ever knew anything about it) - who funded it, how were pupils identified, etc. I tried searching online but to no avail, there was one hit on someone's personal blog, but that was it. I did, however, manage to find the director of the JCE Gifted Child Enrichment Center from the time I attended and took a chance, asking him if he'd be willing to provide me with some information. He response was both generous and massively
Read more

100 Go Mistakes 10-16

Here we go through the rest of Chapter 2  10 - Not being aware of the possible problems with type embedding Go allows you to not only include types as fields in structs, but also to embed them. Essentially this makes the fields of the embedded/base type part of the "containers" interface. Harsanyi points out that this can lead to exposing more than you might want to, since all of the base type's fields and behaviors are exposed as part of the container. If there is reason to hide the base struct's details, rather simply include it as an unexported field and write accessors. 11 - Not using the functional options pattern I'll admit that I hadn't heard about, or consciously noticed, this pattern before now, but it's quite brilliant. An issue with positional arguments in complex functions is that having tons of arguments that are either null, or unused along certain paths, etc. is a real PITA. My own preference, when factoring out the functionality into mult
Read more

100 Go Mistakes: 1-9

So I'm pretty much looking for a place to write up notes on things I'm reading - which, right now, includes Teiva Harsanyi's "100 Go Mistakes and How to Avoid Them" (does anyone else get confused when writing title-case? Let me look up the rules quick ).   Anyway, I'm at a point where I want to write down some of what I'm learning so I can refer back to it later, so let's go. 1 - Unintended variable shadowing Go's short variable declaration operator (:=) can introduce unintended effects if you're making use of it within nested blocks. Here's a simple example . The workaround is really to explicitly assign the value to the variable declared in the outer scope, either by using temporary variables when using the declaration operator, or simply assigning directly. 2 - Unnecessary nested code This provides a fairly useful heuristic with regards to code complexity. Essentially, Harsanyi wants us to try, as far as possible, to keep the "happ
Read more