Build a docker image and push it to a registry.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
drymer c09c79b7a4 Merge branch 'fix/10_logueo_en_registry_inexistente' of ansible-roles/deploy-docker into master hace 1 año
defaults [#10] Dejar de loguear contra registry en local hace 1 año
meta [26] - First iteration hace 1 año
molecule/default * Updated dependencies of requirements.yml hace 1 año
tasks [#10] Dejar de loguear contra registry en local hace 1 año
templates Added tests hace 1 año
.gitignore Added tests hace 1 año
.yamllint * Updated dependencies of requirements.yml * Increased yamllint lines length * Add idempotence to the role hace 1 año
LICENSE Initial commit hace 1 año Merge branch 'fix/remove-directory-support' of ansible-roles/deploy-docker into master hace 1 año

Deploy docker as a service

Download a git repository which has a Dockerfile, build it locally (or remotely), push it to a registry or just download a Docker image and push it to a registry. Also create a systemd service to manage it.


  • Pip installed on host
  • Docker installed on the host
  • Docker installed on the device that is running ansible
  • A registry where you can log in

Role Variables

  • git_repository: The repository in which the dockerfile is located.
  • git_repository_destination: Local path in which to clone the git repository.
  • git_repository_extra_path: Extra path inside the cloned repo to the directory containing the Dockerfile
  • git_repository_tag: Version to use of the git repository.
  • service_name: Name of the systemd service.
  • service_name_prefix: Prefix to be added before the service_name when creating the systemd service.
  • docker_registry: Domain of the registry with write access.
  • docker_registry_read: Domain of the registry with read access.
  • registry_user: User used to authenticate with the registry.
  • registry_password: Password used to authenticate with the registry.
  • docker_image: If you want to download a docker image and not a git repository
  • docker_image_tag: Docker tag.
  • docker_command: Docker command used to launch the container.
  • remote_build: Whether to build the docker remotely or locally [Default: False]



Example Playbook

- hosts: servers
    remote_build: True
    git_repository_destination: /tmp/docker-nginx
    git_repository_extra_path: stable/stretch
    git_repository_tag: master
    service_name: git-nginx
      - "/root/docker/git-nginx/data"
      - "/root/docker/git-nginx/auth"
    docker_registry: "docker-registry:5000"
    docker_registry_read: "{{ docker_registry }}"
    registry_user: testuser
    registry_password: testpassword
    docker_image_tag: latest
    docker_command: /usr/bin/docker run --rm -i --name "{{ service_name }}" -p 8081:80 "{{ docker_registry_read }}/{{ service_name }}"
    - { role: deploy-docker}


To test the role you need molecule.

And vagrant installed with libvirt

I’ve tried to test the construction of the docker in one machine and installing the service in other, but local_action or delegate_to are little fuckers to simulate.

The delegate_to approach fails because it tries to ssh back with no user, so it doesn’t matter if you copy the ssh keys there it will keep on failing.

Another approach I took was to copy all the structure of the role on the machine building the docker and modify the molecule/default/playbook.yml so as to run the playbook from there so the local_action works. The problem is that you have to run the playbook on a command so you are forced to use the changed_when: false therefore not testing the idempotence of the rol.

I give up on trying to test this role with the option remote_build = False. If anyone is interested I left my trails on this role:

Therefore the default case is for remote_build == True if you feel strong enough to test the other case, please make a new molecule scenery. Both in this role and in the ui-registry one.

molecule test



Author Information

drymer [ EN ] lyz [ EN ]