This is my personal project to use Docker containers for Ansible playbooks testings. <\/p>\n\n\n\n
It’s faster to run your tests on your local machine than on your remote GitLab repository, pushing every time you make changes to the code, etc.<\/p>\n\n\n\n
My GitLab project<\/strong>: https:\/\/gitlab.com\/RoberMB\/lab_docker<\/a><\/p>\n\n\n\n <\/p>\n\n\n\n Docker Desktop 4.16.2 (2023-01-19): https:\/\/www.docker.com\/products\/docker-desktop\/<\/a> (compatible with macOS Big Sur 11.0.0 and above)<\/p>\n\n\n\n Docker Desktop 4.15.0 (2022-12-01): https:\/\/docs.docker.com\/desktop\/release-notes\/#4150<\/a> (compatible with macOS Catalina 10.15.7 and below)<\/p>\n\n\n\n If “target_node1” or\/and “target_node2” nodes already exist you will receive the following error. This means that we have already deployed the containers before and just need to start them up:<\/p>\n\n\n\n To avoid that you can execute the docker start command to start the existing containers:<\/p>\n\n\n\n Note<\/strong><\/span>: ssh password is set into the file ‘target_node.Dockerfile’ (example for the lab: mypassword)<\/em><\/p>\n\n\n\n Or remotely:<\/p>\n\n\n\n Workaround for “Unable to run systemd services on Docker Desktop” error: https:\/\/github.com\/docker\/for-mac\/issues\/6073<\/a><\/p>\n\n\n\n https:\/\/docs.docker.com\/engine\/reference\/commandline\/docker\/<\/a> <\/p>\n\n\n\n https:\/\/docs.docker.com\/engine\/reference\/commandline\/compose_build\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" This is my personal project to use Docker containers for Ansible playbooks testings. It’s faster to run your tests on … More My Ansible Lab using Docker containers<\/span> Requirements<\/h3>\n\n\n\n
robermb@MacBook-Pro-de-RoberMB $ git clone https:\/\/gitlab.com\/RoberMB\/lab_docker.git<\/code><\/pre>\n\n\n\nBuild my_lab and deploy the containers:<\/h3>\n\n\n\n
robermb@MacBook-Pro-de-RoberMB lab_docker $ . 1-build_my_lab.sh <\/code><\/pre>\n\n\n\nrobermb@MacBook-Pro-de-RoberMB lab_docker $ . 2-create_containers_from_inventory.sh inventory_small<\/code><\/pre>\n\n\n\nCommands:<\/h3>\n\n\n\n
# Build Docker services defined in the docker-compose.yml file\n$ docker-compose build<\/code><\/pre>\n\n\n\n# Start the Docker service named 'node_manager' in detached mode\n$ docker-compose up -d node_manager<\/code><\/pre>\n\n\n\n# Access the bash shell of the 'node_manager' Docker container\n$ docker exec -ti node_manager bash<\/code><\/pre>\n\n\n\n# Run a Docker container named 'target_node1' with specific configurations\n$ docker run -d -ti --privileged --cgroupns=host -v \/sys\/fs\/cgroup:\/sys\/fs\/cgroup:rw --network lab_docker_default --name target_node1 lab_docker-target_node<\/code><\/pre>\n\n\n\n# Run a Docker container named 'target_node2' with specific configurations\n$ docker run -d -ti --privileged --cgroupns=host -v \/sys\/fs\/cgroup:\/sys\/fs\/cgroup:rw --network lab_docker_default --name target_node2 lab_docker-target_node<\/code><\/pre>\n\n\n\n-d: Run the container in the background (detached mode).\n\n-ti: Allocate a pseudo-TTY and keep STDIN open, allowing interactive access.\n\n--privileged: Give extended privileges to this container. This option gives the container full access to the host system.\n\n--cgroupns=host: Share the host's cgroup namespace with the container, allowing the container to view and manipulate cgroups on the host.\n\n-v \/sys\/fs\/cgroup:\/sys\/fs\/cgroup:rw: Mount the host's cgroup filesystem into the container. This is related to container resource control using cgroups.\n\n--network lab_docker_default: Connect the container to the 'lab_docker_default' network.\n\n--name target_node1: Assign the name 'target_node1' to the running container.\n\nlab_docker-target_node: The name of the Docker image used to create the container.<\/code><\/pre>\n\n\n\nAvoid error during a second run:<\/h3>\n\n\n\n
docker: Error response from daemon: Conflict. \nThe container name \"\/target_node1\" is already in use by \ncontainer \"51668206d2461eb402543a1daa0914d4480ac2f8f4abaaa941d762ff822c9231\". \nYou have to remove (or rename) that container to be able to reuse that name.<\/code><\/pre>\n\n\n\n# Start Docker container target_node1\n$ docker start target_node1\n\n# Start Docker container target_node2\n$ docker start target_node2<\/code><\/pre>\n\n\n\nChecking Docker commands<\/h3>\n\n\n\n
# Display running containers\n$ docker ps\n\n# Display all containers (including stopped ones)\n$ docker ps -a\n\n# List Docker images\n$ docker images\n\n# List Docker networks\n$ docker network ls<\/code><\/pre>\n\n\n\nTests<\/h3>\n\n\n\n
$ docker exec -ti node_manager bash<\/code><\/pre>\n\n\n\nroot@node_manager $ ssh target_node1\nAre you sure you want to continue connecting (yes\/no\/[fingerprint])? yes\n\nroot@node_manager $ ssh target_node2\nAre you sure you want to continue connecting (yes\/no\/[fingerprint])? yes<\/code><\/pre>\n\n\n\nroot@node_manager $ cd \/applis\/12402-acfrb\/repository\/SAaas\/roles\n\nroot@node_manager $ ansible-playbook ansible-tests\/others\/ping.yml -i ansible-tests\/inv_target_nodes<\/code><\/pre>\n\n\n\nrobermb@MacBook-Pro-de-RoberMB $ docker exec -ti node_manager ansible-playbook -i target_nodes .\/roles\/others\/ping.yml<\/code><\/pre>\n\n\n\nWORKAROUND<\/h3>\n\n\n\n
Dropping back to Docker Desktop 4.2.0 fixes the issue. I assume that it's related to the note in the 4.3.0 release notes:\n\nDocker Desktop now uses cgroupv2. If you need to run systemd in a container then:\n\n* Ensure your version of systemd supports cgroupv2. It must be at least systemd 247. Consider upgrading any centos:7 images to centos:8.\n\n* Containers running systemd need the following options: --privileged --cgroupns=host -v \/sys\/fs\/cgroup:\/sys\/fs\/cgroup:rw.<\/code><\/pre>\n\n\n\nOFFICIAL DOCUMENTATION<\/h3>\n\n\n\n