Build a docker image and push it to a registry.
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符
drymer c09c79b7a4 Merge branch 'fix/10_logueo_en_registry_inexistente' of ansible-roles/deploy-docker into master 11 个月前
defaults [#10] Dejar de loguear contra registry en local 11 个月前
meta [26] - First iteration 1年前
molecule/default * Remove support for creating directories 1年前
tasks [#10] Dejar de loguear contra registry en local 11 个月前
templates Added tests 1年前
.gitignore Added tests 1年前
.yamllint * Updated dependencies of requirements.yml * Increased yamllint lines length * Add idempotence to the role 1年前
LICENSE Initial commit 1年前 Merge branch 'fix/remove-directory-support' of ansible-roles/deploy-docker into master 1年前

Deploy docker as a service

Download a git repository which has a Dockerfile, build it locally (or remotely), push it to a registry or just download a Docker image and push it to a registry. Also create a systemd service to manage it.


  • Pip installed on host
  • Docker installed on the host
  • Docker installed on the device that is running ansible
  • A registry where you can log in

Role Variables

  • git_repository: The repository in which the dockerfile is located.
  • git_repository_destination: Local path in which to clone the git repository.
  • git_repository_extra_path: Extra path inside the cloned repo to the directory containing the Dockerfile
  • git_repository_tag: Version to use of the git repository.
  • service_name: Name of the systemd service.
  • service_name_prefix: Prefix to be added before the service_name when creating the systemd service.
  • docker_registry: Domain of the registry with write access.
  • docker_registry_read: Domain of the registry with read access.
  • registry_user: User used to authenticate with the registry.
  • registry_password: Password used to authenticate with the registry.
  • docker_image: If you want to download a docker image and not a git repository
  • docker_image_tag: Docker tag.
  • docker_command: Docker command used to launch the container.
  • remote_build: Whether to build the docker remotely or locally [Default: False]



Example Playbook

- hosts: servers
    remote_build: True
    git_repository_destination: /tmp/docker-nginx
    git_repository_extra_path: stable/stretch
    git_repository_tag: master
    service_name: git-nginx
      - "/root/docker/git-nginx/data"
      - "/root/docker/git-nginx/auth"
    docker_registry: "docker-registry:5000"
    docker_registry_read: "{{ docker_registry }}"
    registry_user: testuser
    registry_password: testpassword
    docker_image_tag: latest
    docker_command: /usr/bin/docker run --rm -i --name "{{ service_name }}" -p 8081:80 "{{ docker_registry_read }}/{{ service_name }}"
    - { role: deploy-docker}


To test the role you need molecule.

And vagrant installed with libvirt

I’ve tried to test the construction of the docker in one machine and installing the service in other, but local_action or delegate_to are little fuckers to simulate.

The delegate_to approach fails because it tries to ssh back with no user, so it doesn’t matter if you copy the ssh keys there it will keep on failing.

Another approach I took was to copy all the structure of the role on the machine building the docker and modify the molecule/default/playbook.yml so as to run the playbook from there so the local_action works. The problem is that you have to run the playbook on a command so you are forced to use the changed_when: false therefore not testing the idempotence of the rol.

I give up on trying to test this role with the option remote_build = False. If anyone is interested I left my trails on this role:

Therefore the default case is for remote_build == True if you feel strong enough to test the other case, please make a new molecule scenery. Both in this role and in the ui-registry one.

molecule test



Author Information

drymer [ EN ] lyz [ EN ]