I am currently researching on two alternative approaches to provision Docker containers. Containers are currently managed with Ansible.
DockerfileNormally I would write a Dockerfile for my needs, build an image and then use that image to spin up a container.
Dockerfile that sets up SSH accessWith the second approach, I could reuse roles in other contexts, regardless of Docker. For example I could apply them to an EC2 instance or to a bare metal server hosted in-house.
One big loss seems to be Docker "layerization", in favour of an (arguably) more powerful (Ansible modules, idempotency, usually no bash scripting) provisioning experience.
I believe there is more I did not consider.
In case of approach 2, what am I missing from a (more traditional) approach 1? Is there any other better approach to this problem involving both Ansible and Docker?
PS: not strictly relevant to the question, but maybe worth mentioning: I would like to manage dev environments involving these Docker containers with Vagrant.
UPDATE #1
Use Packer with Docker builder and Ansible provisioner (see @polarisuser answer)
In my opinion this can be seen as a refinement of approach 2.
A 3rd option that you might want to look in to is using Packer to create you image. I am currently using Packer and I really like it.
What I do is I use Packer to pull the docker image that I want, and then in the provisioning step, I use Chef to get my image in a desired state. You could do the same thing with Ansible.