Using Ansible inside a container works really well for this use case (we use it like this all the time). You can even have your own Ansible image which will contain all your roles and playbooks. You’ll then use this container to run Ansible commands, so the container is not a long living service but more like a CLI tool.