mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-01-03 01:57:18 +00:00
Upgrade devture/ansible version and documen nsenter usage
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1772
This commit is contained in:
parent
12b28a4749
commit
959a6ac0b1
@ -41,9 +41,50 @@ If you find yourself needing to resort to such hacks, please consider reporting
|
|||||||
|
|
||||||
## Using Ansible via Docker
|
## Using Ansible via Docker
|
||||||
|
|
||||||
Alternatively, you can run Ansible on your computer from inside a Docker container (powered by the [devture/ansible](https://hub.docker.com/r/devture/ansible/) Docker image).
|
Alternatively, you can run Ansible inside a Docker container (powered by the [devture/ansible](https://hub.docker.com/r/devture/ansible/) Docker image).
|
||||||
|
|
||||||
Here's a sample command to get you started (run this from the playbook's directory):
|
This ensures that you're using a very recent Ansible version, which is less likely to be incompatible with the playbook.
|
||||||
|
|
||||||
|
There are 2 ways to go about it:
|
||||||
|
|
||||||
|
- [Running Ansible in a container on the Matrix server itself](#running-ansible-in-a-container-on-the-matrix-server-itself)
|
||||||
|
- [Running Ansible in a container on another computer (not the Matrix server)](#running-ansible-in-a-container-on-another-computer-not-the-matrix-server)
|
||||||
|
|
||||||
|
|
||||||
|
### Running Ansible in a container on the Matrix server itself
|
||||||
|
|
||||||
|
To run Ansible in a (Docker) container on the Matrix server itself, you need to have a working Docker installation.
|
||||||
|
Docker is normally installed by the playbook, so this may be a bit of a chicken and egg problem. To solve it:
|
||||||
|
|
||||||
|
- you **either** need to install Docker manually first. Follow [the upstream instructions](https://docs.docker.com/engine/install/) for your distribution and consider setting `matrix_docker_installation_enabled: false` in your `vars.yml` file, to prevent the playbook from installing Docker
|
||||||
|
- **or** you need to run the playbook in another way (e.g. [Running Ansible in a container on another computer (not the Matrix server)](#running-ansible-in-a-container-on-another-computer-not-the-matrix-server)) at least the first time around
|
||||||
|
|
||||||
|
Once you have a working Docker installation on the server, **clone the playbook** somewhere on the server and configure it as per usual (`inventory/hosts`, `inventory/host_vars/..`, etc.), as described in [configuring the playbook](configuring-playbook.md).
|
||||||
|
|
||||||
|
You would then need to add `ansible_connection=community.docker.nsenter` to the host line in `inventory/hosts`. This tells Ansible to connect to the "remote" machine by switching Linux namespaces with [nsenter](https://man7.org/linux/man-pages/man1/nsenter.1.html), instead of using SSH.
|
||||||
|
Alternatively, you can leave your `inventory/hosts` as is and specify the connection type in **each** `ansible-playbook` call you do later, like this: `ansible-playbook --connection=community.docker.nsenter ...`
|
||||||
|
|
||||||
|
Run this from the playbook's directory:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
docker run -it --rm \
|
||||||
|
--privileged \
|
||||||
|
--pid=host \
|
||||||
|
-w /work \
|
||||||
|
-v `pwd`:/work \
|
||||||
|
--entrypoint=/bin/sh \
|
||||||
|
docker.io/devture/ansible:2.13.0-r0
|
||||||
|
```
|
||||||
|
|
||||||
|
Once you execute the above command, you'll be dropped into a `/work` directory inside a Docker container.
|
||||||
|
The `/work` directory contains the playbook's code.
|
||||||
|
|
||||||
|
You can execute `ansible-playbook ...` (or `ansible-playbook --connection=community.docker.nsenter ...`) commands as per normal now.
|
||||||
|
|
||||||
|
|
||||||
|
### Running Ansible in a container on another computer (not the Matrix server)
|
||||||
|
|
||||||
|
Run this from the playbook's directory:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
docker run -it --rm \
|
docker run -it --rm \
|
||||||
@ -51,7 +92,7 @@ docker run -it --rm \
|
|||||||
-v `pwd`:/work \
|
-v `pwd`:/work \
|
||||||
-v $HOME/.ssh/id_rsa:/root/.ssh/id_rsa:ro \
|
-v $HOME/.ssh/id_rsa:/root/.ssh/id_rsa:ro \
|
||||||
--entrypoint=/bin/sh \
|
--entrypoint=/bin/sh \
|
||||||
docker.io/devture/ansible:2.11.6-r1
|
docker.io/devture/ansible:2.13.0-r0
|
||||||
```
|
```
|
||||||
|
|
||||||
The above command tries to mount an SSH key (`$HOME/.ssh/id_rsa`) into the container (at `/root/.ssh/id_rsa`).
|
The above command tries to mount an SSH key (`$HOME/.ssh/id_rsa`) into the container (at `/root/.ssh/id_rsa`).
|
||||||
@ -60,9 +101,9 @@ If your SSH key is at a different path (not in `$HOME/.ssh/id_rsa`), adjust that
|
|||||||
Once you execute the above command, you'll be dropped into a `/work` directory inside a Docker container.
|
Once you execute the above command, you'll be dropped into a `/work` directory inside a Docker container.
|
||||||
The `/work` directory contains the playbook's code.
|
The `/work` directory contains the playbook's code.
|
||||||
|
|
||||||
You can execute `ansible-playbook` commands as per normal now.
|
You can execute `ansible-playbook ...` commands as per normal now.
|
||||||
|
|
||||||
### If you don't use SSH keys for authentication
|
#### If you don't use SSH keys for authentication
|
||||||
|
|
||||||
If you don't use SSH keys for authentication, simply remove that whole line (`-v $HOME/.ssh/id_rsa:/root/.ssh/id_rsa:ro`).
|
If you don't use SSH keys for authentication, simply remove that whole line (`-v $HOME/.ssh/id_rsa:/root/.ssh/id_rsa:ro`).
|
||||||
To authenticate at your server using a password, you need to add a package. So, when you are in the shell of the ansible docker container (the previously used `docker run -it ...` command), run:
|
To authenticate at your server using a password, you need to add a package. So, when you are in the shell of the ansible docker container (the previously used `docker run -it ...` command), run:
|
||||||
|
Loading…
Reference in New Issue
Block a user