DEV Community

Cover image for Automating the Deployment of a Docker-Powered Full-Stack Application with Terraform and Ansible

Posted on

6 1

Automating the Deployment of a Docker-Powered Full-Stack Application with Terraform and Ansible


In a previous project, "Docker to the Rescue: Deploying React and FastAPI App With Monitoring", I explored Docker's transformative power in simplifying application deployment.

However as deployment requirements grow, automation becomes essential to ensure consistency, efficiency, and scalability. Manual deployments, particularly during updates, are prone to inefficiencies and inconsistencies, this is a significant challenge in software delivery. Automation addresses this by enabling seamless rollouts of application and infrastructure changes, reducing downtime and human errors.

In this article, I will go through a project where I leveraged automation to deploy a React and FastAPI application by:

  • Provisioning Azure resources with Terraform.
  • Integrate Ansible into Terraform to configure infrastructure
  • Orchestrating application deployment using Docker Compose.

Terraform provisions the server infrastructure required to host the application, while Ansible manages the configuration and setup of the provisioned server. The application (complete application and monitoring stack) is containerized and orchestrated using Docker Compose, ensuring seamless deployment and efficient resource management.
By integrating these tools, the setup becomes repeatable, robust, and adaptable to evolving deployment needs.

Architecture Overview

Architecture Diagram
overview of complete architecture

Implementation Steps

I will walk you through the steps I took to set up this automation process. You can find the application configuration code on my github.

Docker and Dockerhub:
First I took the steps to push my custom application pre-built docker images to dockerhub:

docker tag utibeokon/frontend:v2.0 frontend
docker tag utibeokon/backend:latest backend

docker push utibeokon/frontend:v2.0
docker push utibeokon/backend:latest
Enter fullscreen mode Exit fullscreen mode

The respective images can be found here.

I have my docker-compose configuration files in the project folder. Two docker compose files and other service specific config files properly named according the their respective services. The docker compose files contain declarations for the following services:

  • Frontend
  • Backend
  • Postgres
  • Adminer
  • Traefik


  • Prometheus
  • Grafana
  • Loki
  • Promtail
  • Cadvisor

An overview of how the services interact within a shared docker network.
service interaction diagram

  • Frontend connects with Backend
  • Backend connects with Postgres for database interaction
  • Adminer serves as a database dashboard for administration
  • Traefik (running on ports 80 and 443) handles reverse-proxy within the network, handling routing, HTTPS redirecting and loadbalancing of requests received by the server

  • Cadvisor gathers container metrics and sends it to prometheus

  • Promtail gathers logs for Loki

  • Prometheus and Loki stores metrics and logs

  • Grafana accepts Prometheus and Loki as data source and display the data in graphical form using dahsboards.

Do well to confirm the routing configurations for Traefik. You can modify this to fit your routing needs.

In the terraform directory, there are configurations to provision a virtual network, a network security group and a virtual machine on azure. These configs are spread into two modules, network and vm. Also, the terraform setup uses azure blob storage as the remote backend.

# file
# provision a virtual network from the network module
module "network" {
  source              = "./modules/network"
  resource_group_name = var.resource_group_name
  location            = var.location
  vnet_name           = "server-vnet"
  subnet_name         = "server-subnet"
  nsg_name            = "server-nsg"
  allowed_ports       = ["22", "80", "443"]

# provision a virtual machine instance from vm module
module "vm" {
  source              = "./modules/vm"
  resource_group_name = var.resource_group_name
  location            = var.location
  vm_name             = "server"
  vm_size             = "Standard_B2s"
  admin_username      = var.admin_username
  ssh_public_key      = file(var.ssh_key_path)
  subnet_id           =

# dynamically create an inventory file for ansible
resource "local_file" "inventory" {
  content = <<EOT
${module.vm.public_ip} ansible_user=${var.admin_username} ansible_ssh_private_key_file=~/.ssh/id_rsa

  filename = "../ansible/inventory.ini"

# trigger the vm configuration with ansible
resource "null_resource" "ansible_provisioner" {
  depends_on = [

  triggers = {
    always_run = timestamp()

  provisioner "local-exec" {
    command = <<-EOT
      sleep 60 # allow time for public ip to update
      ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook \
        -i ../ansible/inventory.ini \

# dns record for the server
# dns zone (slready created manually)
data "azurerm_dns_zone" "domain" {
  name                = var.domain_name
  resource_group_name = var.resource_group_name

resource "azurerm_dns_a_record" "domain" {
  name                = "@"
  zone_name           =
  resource_group_name = var.resource_group_name
  ttl                 = 3600
  records             = [module.vm.public_ip]
Enter fullscreen mode Exit fullscreen mode

Upon running terraform apply Terraform will:

  • Provision the resources on azure
  • Retrieve the public ip and create an inventory.ini file in the ansible directory with the public ip details
  • Trigger ansible to start configuring the server once it is ready

After inspecting the configurations, you can cd into the terraform directory and run

terraform init
terraform apply -auto-approve
Enter fullscreen mode Exit fullscreen mode

The ansible setup consists of a single playbook and 3 roles. The roles are responsible for:

  • Preparing the server
  • Copying necessary files
  • Deploying the application


The playbook is a simple playbook that calls all three roles.

# playbook.yml
- name: Deploy Docker-based application
  hosts: servers
  become: yes
  become_user: root
  gather_facts: yes
    - server-setup
    - copy-files
    - deploy-app

Enter fullscreen mode Exit fullscreen mode

Deployed Application:
On a successful run of terraform apply -auto-approve, you will get a similar output as this:
tf apply output

If you used the the DNS configuration for Azure DNS, you can access the application via the domain name.
Else, you should copy the IP address, and create an A record the details on your DNS service provider website that maps to the IP address.

Challenges Faced

  • Ensuring Seamless Integration Between Terraform and Ansible
  • Managing sensitive data like SSH keys, credentials, and API tokens securely across both Terraform and Ansible.
  • Debugging Ansible Playbooks: Playbook errors due to mismatched dependencies or configurations on the target VMs slowed down the deployment.

Best Practices

-Automation workflow
Automate every step of the process—from provisioning to configuration—to reduce human error and improve reliability.

  • State Management
    Use remote backends for Terraform state files to enable team collaboration and state consistency.

  • Testing and Validation
    Validate Terraform configurations with terraform validate and terraform plan.
    Test Ansible playbooks in isolated environments using Molecule before running them in production.


This project demonstrates the power of combining Terraform and Ansible to achieve seamless automation for infrastructure provisioning and application deployment. By leveraging Infrastructure as Code (IaC) and Configuration Management, it’s possible to create a repeatable, reliable pipeline that significantly reduces manual effort.

The challenges encountered, such as ensuring integration between tools and managing sensitive data, provided invaluable learning opportunities. Following best practices like modular design, robust state management, and automated testing ensures that the solution is both scalable and secure.

As a next step, this workflow could be extended by incorporating CI/CD pipelines, adding alerting mechanisms for monitoring, or scaling to multi-cloud environments. Automation isn’t just about efficiency—it’s about building systems that evolve with your needs.

Billboard image

Monitor more than uptime.

With Checkly, you can use Playwright tests and Javascript to monitor end-to-end scenarios in your NextJS, Astro, Remix, or other application.

Get started now!

Top comments (1)

utibeima_ubom_dev profile image
Utibeima Ubom


Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

👋 Kindness is contagious

Explore a sea of insights with this enlightening post, highly esteemed within the nurturing DEV Community. Coders of all stripes are invited to participate and contribute to our shared knowledge.

Expressing gratitude with a simple "thank you" can make a big impact. Leave your thanks in the comments!

On DEV, exchanging ideas smooths our way and strengthens our community bonds. Found this useful? A quick note of thanks to the author can mean a lot.
