tech:ansible_vagrant_et_docker
Table des matières
Ansible Vagrant et Docker
Docker
Install
Proxy
Général
Ajout du compte au groupe docker
adduser jean docker
Attention, cela créé une faille de sécurité
Exemple
docker run -ti --privileged -v /:/host fedora chroot /host
Conf conteneur
Dockerfile
FROM debian:jessie #ENV http_proxy http://192.168.56.1:3128 #ENV https_proxy http://192.168.56.1:3128 ARG https_proxy ARG http_proxy ENV DEBIAN_FRONTEND noninteractive ENV TERM linux ENV LANG C.UTF-8 ENV LANGUAGE C.UTF-8 ENV LC_ALL C.UTF-8 RUN echo "deb http://ftp.debian.org/debian jessie-backports main" > /etc/apt/sources.list.d/backports.list RUN (apt-get update && apt-get upgrade -y -q && apt-get dist-upgrade -y -q && apt-get -y -q autoclean && apt-get -y -q autoremove) RUN apt-get install -q -y --no-install-recommends openssh-server python-minimal tmux bash locales sudo vim supervisor RUN apt-get install -q -y --no-install-recommends -t jessie-backports ansible RUN (locale-gen fr_FR.UTF-8 UTF-8 && dpkg-reconfigure locales) RUN mkdir -p /var/run/sshd RUN mkdir /root/.ssh RUN echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQP77kB6AoqUSfvgy844x46CpJC5qLFTgnh2meUxMxA98jvk8TkheKICY2WBiEdORC4uGWVuMEIy0Zy/vL25JFlu7lgZ2B8g7r7JmITpVQMc+TlF5GyJqE1r56A5ljqZXKVVE9PnLCi2FN0rhQLpYM645U0Akvkc6yS0+6RFSWkobrC9/F1L6PU+dzmw6Yisd2nFDjw/J43QrADGPi3HCY+xTjcW/TD8FyGlNWuvNlvHY8aQKoOnuvWnK7F32ciaJE6/8BLKCap/lmkEtxAFd7hAt5YpLK6lNXtkbTKxBZF7SChVW4KJbI5IK2kaHIuXBhMfVTt3xSxk08wahbnVhV root@debian2.localdomain" > /root/.ssh/authorized_keys COPY sshd.conf /etc/supervisor/conf.d/sshd.conf EXPOSE 22 ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf", "-n"]
Conf supervisord
sshd.conf
[program:sshd] directory=/ command=/usr/sbin/sshd autostart=true autorestart=true user = root
#docker build --no-cache -t plop --build-arg http_proxy=http://192.168.56.1:3128 --build-arg https_proxy=http://192.168.56.1:3128 . docker build -t plop --build-arg http_proxy=http://192.168.56.1:3128 --build-arg https_proxy=http://192.168.56.1:3128 .
Vagrant
Vagrantfile
Vagrant.configure("2") do |config| config.vm.provider "docker" do |d| #d.image = "debian:jessie" d.remains_running = false d.build_dir = "." d.has_ssh = true d.create_args = ['--name=ansible1'] end config.ssh.username = "root" config.ssh.private_key_path = "~/.ssh/id_rsa" config.vm.provision "ansible" do |ansible| ansible.playbook = "play-fi.yml" ansible.extra_vars = { hostname: "default" } end end
Autre
Un Makefile pour nous simplifier la vie
Makefile
FicListYaml = $(shell find . -type f -iname "*.yml" -not -iname "mdp.yml") FicListPlayBook = $(shell echo play*.yml) check: check-yaml check-ansible # Check YAML syntax check-yaml: for Fic in $(FicListYaml); do \ ansible-lint "$$Fic" || break ; \ done check-ansible: for Fic in $(FicListPlayBook); do \ ansible-playbook --check "$$Fic" || break ; \ done apply: for Fic in $(FicListPlayBook); do \ ansible-playbook "$$Fic" || break ; \ done # Check idempotent check-active: $(eval changed := $(shell ansible-playbook play-fi.yml |tail -2 |sed -e 's/^.*changed=\([0-9][0-9]*\).*/\1/')) @if [ "$(changed)" != "0" ]; then\ echo "ERR NO idempostent";\ false ;\ fi clean: rm -f *.retry vagrant destroy -f build: vagrant up --provider=docker status: vagrant global-status docker ps
Pb
La commande hostname échoue dans un Docker
J'ai dû utiliser la clause WHEN
- name: define hostname hostname: name='{{hostnameFqdn}}' when: ansible_virtualization_type != "docker"
La modification du fichier /etc/hosts via lineinfile pose également pb.
Could not replace file: /tmp/tmpu74RFY to /etc/hosts: [Errno 16] Device or resource busy
tech/ansible_vagrant_et_docker.txt · Dernière modification : de Jean-Baptiste