使用 Ansible 在 Docker 容器内运行命令

Question

what I'm trying to accomplish is to run commands inside of a Docker container that has already been created on a Digital Ocean Ubuntu/Docker Droplet using Ansible.

Can't seem to find anything on this, or I'm majorly missing something. This is my Ansible task in my play book. I'm very new to Ansible so any advice or wisdom would be greatly appreciated.

- name: Test Deploy
    hosts: [my-cluster-of-servers]

tasks: 
  - name: Go Into Docker Container And Run Multiple Commands
    docker:
      name: [container-name]
      image: [image-ive-created-container-with-on-server]
      state: present
      command: docker exec -it [container-name] bash

Answer 1

After discussion with some very helpful developers on the ansible github project , a better way to do this is like so:

- name: add container to inventory
  add_host:
    name: [container-name]
    ansible_connection: docker
  changed_when: false

- name: run command in container
  delegate_to: [container-name]
  raw: bash

If you have python installed in your image, you can use the command module or any other module instead of raw.

If you want to do this on a remote docker host, add:

ansible_docker_extra_args: "-H=tcp://[docker-host]:[api port]"

to the add_host block.

See the Ansible documentation for a more complete example.

Answer 2

You should be able to execute a script (with your sequence of command in it) with docker exec :

docker exec container-name bash -l -c /path/to/script > /path/to/log

(See also " Why do I have to use bash -l -c inside my container? ")

• /path/to/script should be accessible by your Ansible process.
• /path/to/log is a path inside the container, that could be shared in a volume.

Answer 3

You can run commands within docker containers using the command module For example this code will execute echo "Hello remote machine" within my_container on the remote machine:

   tasks:
        - name: Execute commands in docker container
          command: docker exec -it my_container bash -c 'echo "Hello remote machine"'

For running the same command within the local machine, just use the local_action flag:

   tasks:
        - name: Execute commands in docker container
          local_action: command docker exec -it my_container bash -c 'echo "Hello local machine"'

Answer 4

Since Ansible 2.10 docker_container_exec is part of the community.docker collection:

- name: Run a simple command (command)
  community.docker.docker_container_exec:
    container: foo
    command: /bin/bash -c "ls -lah"
    chdir: /root
  register: result

- name: Print stdout
  debug:
    var: result.stdout

Answer 5

Update: there is a way to do this without using my module, see my other answer

I wrote a simple module to run exec on a remote Docker host. I've submitted it to the ansible project , but you can easily add it to your own projects if you need to. The module is only 23 lines long, take it from my pull request and add it to your ./library directory, and then you can add a task in your playbook like so:

  - name: Run docker exec command
    docker_exec: 
      command: <some command>
      docker_host: <docker host>
      name: <container name>
    register: exec_output

  - name: Show exec output
    debug: msg="{{ exec_output.result }}"

Answer 6

Ended up doing something like that:

- name: execute command in docker
  shell: |
    docker exec container sh -l -c "cat /tmp/secret"
  register: hello

- debug: msg="{{ hello.stdout }}"

Answer 7

To run command inside docker container using latest versions of Ansible:

• install community.docker collection using:

ansible-galaxy collection install community.docker

or better by creating file requirements.yml in the project with contents:

---
collections:
    - community.docker

and running ansible-galaxy install -r requirements.yml (similar to pip install -r requirements.txt )

• use the collection in the following way:

---
- name: local actions 
  hosts: localhost
  gather_facts: false

  tasks:
  - name: task
    community.docker.docker_container_exec: 
      container: container_name
      command: ls /tmp

More about working with collections here