Stop Installing Terraform and Ansible Directly: Use Docker CLI to Keep Your Host Clean – ITFROMZERO

Table of Contents

The Nightmare Called “Dependency Hell”

You’ve likely faced that frustrating situation: Project A requires Terraform 0.12, but Project B demands the latest 1.5 version. Even worse, Ansible might need Python 3.8, while your machine is already on Python 3.11 for AI work. Every project switch means reinstalling, reconfiguring PATHs, and eventually, your OS becomes an inescapable mess.

I remember wasting four hours just to strip out an old AWS CLI v1 to install v2 for compatibility with new EKS features. I asked myself: “Why am I turning my workstation into a testing ground for every tool under the sun?”. Docker isn’t just for servers; it’s the “lifesaver” that lets you completely isolate these tools.

On a system I managed with over 50 different projects, adopting Docker CLI reduced environment-related errors by 90% and saved dozens of GBs by eliminating redundant binaries.

Docker: A “Clean Box” for Every CLI Tool

Instead of installing binaries directly into your system, we’ll containerize them. The best part is that each container is a separate environment. Need a specific Terraform version? Just call the right image tag. Once finished, the container is destroyed, leaving your host machine as pristine as ever.

You might worry: “If it’s in Docker, how can it read my local code or credentials?” The key is Volume Mounting (the -v parameter). We map the current working directory into the container. This way, the CLI processes your files normally, but the software itself stays tucked away inside its Docker “box”.

1. Running AWS CLI: Say Goodbye to Bulky Installers

Usually, you have to download an MSI or run complex installation scripts. With Docker, a single command is all you need to list S3 buckets:

docker run --rm -it \
  -v ~/.aws:/root/.aws \
  amazon/aws-cli s3 ls

Quick breakdown of the parameters:

--rm: Cleans up the container immediately after the command finishes.
-it: Enables terminal interaction, which is essential for entering passwords or MFA codes.
-v ~/.aws:/root/.aws: Shares access from the host to the container so AWS CLI can recognize your account.

2. Infrastructure Management with Terraform Docker

Instead of using tfenv or asdf, I prefer official images from HashiCorp. Suppose you’re in a directory containing a main.tf file:

docker run --rm -v $(pwd):/workspace -w /workspace hashicorp/terraform:1.5.0 init
docker run --rm -u $(id -u):$(id -g) -v $(pwd):/workspace -w /workspace hashicorp/terraform:1.5.0 plan

Important notes:

-w /workspace: Specifies the working directory inside the container.
-u $(id -u):$(id -g): This flag ensures created files aren’t owned by root, avoiding annoying permission issues on Linux/macOS.

Another project using an older version? Just switch 1.5.0 to 0.12.31 in an instant.

3. Ansible: No More Fears of Breaking Python Libraries

Ansible often pulls in dozens of dependencies. Installing it directly can easily break other critical Python scripts on your machine. Try the ultra-lightweight Alpine version instead:

docker run --rm -it \
  -v $(pwd):/ansible \
  -v ~/.ssh:/root/.ssh:ro \
  williamyeh/ansible:alpine-2.9 \
  ansible-playbook -i hosts site.yml

Pro tip: The :ro parameter at the end of the SSH volume allows Ansible to use your keys to connect to servers while ensuring it cannot modify or delete the original key files.

Use Aliases for a Seamless Experience

Nobody wants to type a long command every time they run terraform plan. Leverage alias in your .bashrc or .zshrc to streamline the experience:

# Add to your shell configuration
alias terraform='docker run --rm -v "$(pwd)":/workspace -w /workspace hashicorp/terraform:latest'
alias aws='docker run --rm -it -v ~/.aws:/root/.aws -v "$(pwd)":/aws amazon/aws-cli'

After saving, just type terraform plan or aws s3 ls. It feels exactly like a native installation, but under the hood, Docker is handling everything.

Three Vital Tips to Avoid Trouble

While very convenient, keep these points in mind to avoid common pitfalls:

Prioritize Relative Paths: Since the app runs in a container, absolute paths like /Users/name/project won’t exist. Always use ./file_name.
Startup Latency: Docker takes about 0.5 – 1 second to initialize a container. For standard CLI commands, this is negligible, but consider the impact if you’re running a script that loops through commands thousands of times.
Network Communication: If the container needs to access the host’s localhost, don’t forget to add the flag --network="host".

Conclusion

Switching to Docker for CLI tools isn’t just about following tech trends; it’s a professional mindset to keep your development environment stable. You’ll no longer fear OS updates or switching to a new machine. Try it with AWS CLI or Terraform today—you’ll see that tool management has never been this painless.