sometimes you just want to clear logs of a docker container. For instance, I’m running dnsmasq in a docker container and I’m troubleshooting raspberry PI PXE boot (yes to run ESXi-ARM stateless…) And the dnsmasq is serving my homelab its domain. Then it can be an annoyance when you run docker logs <container name> seeing all the log entries since the container started. And you just want to start with a clean slate.
It is the way
Yes, there is a way. And when you google you’ll find more blog posts giving you the solution. Which is
A year ago, after following a few sessions at the dutch VMATechcon I decided to dive into the world of Ansible. With a background in industrial automation (programming PLCs) I have a soft spot for writing code. I saw the benefits of declarative languages, and decided to dive into Ansible. But where to start. And what should I use it for.
I’m working on a small VM which provides DHCP,DNS,TFTP,FTP,HTTP and NTP services so I can easily (PXE) boot nested ESXi hosts on VMware workstation and my homelab. All running in docker containers on Photon OS. For maintenance (and learning) I decided to use Ansible for building, running these containers.
One of the issues I had, was that I had to maintain the VM and the software installed on it… I’m quite proficient with Linux, but it can still be a challenge. And keeping installations logs update about how to install software… yeah…. that is an issue. A embraced the solutions docker, git and ansible are giving me. (And vagrant, when using VMware workstation).
Using docker to run the services, using ansible to automate workflows and using git to keep track of changes and store my code in my github repositories. With this approach I can easily rebuild the VM when it breaks down. And I see the VM more as a processing entity, then a virtual computer that needs to be maintained.
The Ansible container
browsing the internet I found this blog post about running ansible inside a docker container and using it interactively on the docker host. This gave me the possibility to have ‘portable’ ansible installation, without any ties to the VM OS. In my opinion it is great. With adding some small bash scripts so I don’t need to write something like ‘docker run -rm -it …..’ everytime, I have an ideal solution. The original code for the container is based on alpine:3.7 and python 2. Everytime I build the docker image I received a warning that python 2 is outdated…. so I (finaly) updated the dockerfile using alpine:3.11 as the base image and using python 3. You can find my code here on github, and the docker image here on dockerhub.
How to use
simple. There are 2 ways to use it.
clone git repository
pull image from dockerhub
Option 1, clone git repository
I’ve created a small installation script to make things easier. It will run docker build to build the ansible image and it will copy the scripts under ./scripts/ to /usr/local/bin/ And your all set… well almost
Option 2, pull image from dockerhub
Instead of building the image, you can pull it from dockerhub into your local docker environment. The scripts assume that the docker image is tagged like ansible:2.9.0, but when you pull it from dockerhub, the name is brtlvrs/ansible-helper:v.0.3. So you need to retag them (or edit the scripts).
docker image tag brtlvrs/ansible-helper:v.0.3 ansible:2.9.0
docker image tag ansible:2.9.0 ansible:latest
The wrapper scripts are stored in the image, in the folder /2installOnHost To copy them out of the image do the following
docker create -n test ansible:2.9.0
docker cp test:/2InstallOnHost/ah* /usr/local/bin/
chmod +x /usr/local/bin/ah*
docker rm test
This will create a docker container named test, using the imported image ansible:2.9.0. Then copies the files from inside the container to the /usr/local/bin/ and sets the executable bit on these files. Finally it removes the created docker container. Now you should be able to run ah or ah-playbook.
Both scripts will mount the folowing volumes into the container
needed to access localhost via ssh (ansible)
needed to access localhost via ssh (ansible)
Mountpoint is the default location inside the container.
Making the ansible logs persistent.
To make it work you need to do the following:
install docker-py on the docker host ( if you want ansible to be able to control docker)
add the ~/.ssh/id_rsa.pub content to ~/.ssh/authorized_keys file, so you don’t need to store the user password into the ansible inventory file.
An now it should work. Type ‘ah’ and you’ll enter a temporary docker container running ansible. Type ah-playbook and you’ll execute the command ansible-playbook inside a temporary docker container. Have fun.