There are two approaches to configuring a Docker container with Ansible: + CHROOT: configure a rootfs with the chroot connection plugin and import it in Docker + SSH: launch an ssh server in the container and use Ansible with the default SSH connection plugin
Each approach presents a drawback: + CHROOT: cannot save the state of the container in between runs of Ansible. This prevents Docker from sharing rootfs layers and therefore prevents caching. + SSH: requires an SSH server running in the container. This SSH server is not necessarily a desired service in the container. Furthermore, paying the SSH setup and encryption costs for a local container seems silly. Wouldn't it be nice to harvest the power of Docker rootfs sharing/caching with the following Dockerfile: ``` PLUGIN ansible FROM ubuntu RUN apt-get install python apt-python ANSIBLE install-things.yaml ANSIBLE setup-things.yaml ANSIBLE run-things.yaml ``` If I understand Docker builds correctly, a `RUN <command>` directive work as follows: + Start the Docker container with rootfs available after the last line, and the command `<command>`. + Once `<command>` ends, the container stops and the rootfs is saved. Implementing an Ansible directive seems to be doable, using the accelerate connection plugin without an SSH setup phase as follows: + Start the Docker container with the command `python -c "<ansible accelerate daemon code>"`. + Use `ansible-playbook` with the accelerate-no-ssh connection plugin (to be implemented) to configure the container. + Once `ansible-playbook` is done, the daemon stops which stops the container, and the rootfs can be saved. I have started a discussion regarding the Docker side of things at: https://github.com/dotcloud/docker/issues/2841. It also includes a little bit more of motivation of why I think Ansible and Docker are a good match. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
