Docker as an alternative to OpenStack



The create and destroy playbooks are based on Enough internal host command. The create command is given a host name and is expected to return the IP and the port. Other parameters are in the inventory group/host vars.

Instead of creating OpenStack hosts, the Enough internal host command could create Docker container instead, based on images that run ssh and systemd and return the IP/port to run ansible on them.

The playbooks need to be modified because:

  • the delegation of the DNS won’t work and should not be done. It does not harm to do it, only it is useless.
  • the certificate_authority must be set to ownca because letsencrypt can’t access private IP allocated to the containers
  • since a number of services are deployed based on Docker containers, they will be deployed with docker-in-docker.
    • All container names must be unique accross all hosts because they may be deployed with the same daemon.
    • Volumes must be relative to ~/.enough/domain instead of /opt etc. because they are evaluated on the host.

Is something missing?


And the firewall rules are no longer necessary (i.e. the firewall role can be disabled).