added role docker_host

2021-07-09 14:42:10 +02:00
parent a5fa558ae6
commit e72a17d688
16 changed files with 412 additions and 0 deletions
--- a/roles/docker_host/tasks/CentOS.yml
+++ b/roles/docker_host/tasks/CentOS.yml
@@ -0,0 +1,26 @@
+- name: Copy Docker GPG Public Key.
+  copy:
+    src: "docker-ce.gpg"
+    dest: '/etc/yum.repos.d/docker-ce.gpg'
+    owner: root
+    group: root
+    mode: 0644
+
+- name: Add Docker GPG key.
+  rpm_key:
+    key: "/etc/yum.repos.d/docker-ce.gpg"
+    state: present
+  when: ansible_distribution == "RedHat"
+
+- name: Add Docker repository.
+  copy:
+    src: "docker-ce.repo"
+    dest: '/etc/yum.repos.d/docker-ce.repo'
+    owner: root
+    group: root
+    mode: 0644
+
+- name: Install python-selinux
+  yum:
+    state: present
+    name: "libselinux-python3"
--- a/roles/docker_host/tasks/Debian.yml
+++ b/roles/docker_host/tasks/Debian.yml
@@ -0,0 +1,44 @@
+- name: Update the apt package index
+  apt: # noqa 403 - we want to upgrade all packages to latest
+    name: "*"
+    state: latest
+    update_cache: yes
+    force_apt_get: yes
+- name: Install packages for apt add repository over HTTPS
+  apt: # noqa 403 - we want to upgrade all packages to latest
+    name: "{{ packagesdep }}"
+    force_apt_get: yes
+    state: latest
+    update_cache: yes
+  vars:
+    packagesdep:
+    - git
+    - apt-transport-https
+    - ca-certificates
+    - wget
+    - software-properties-common
+    - gnupg2
+    - curl
+- name: Add Apt signing key from official docker repo
+  apt_key:
+    url: https://download.docker.com/linux/debian/gpg
+    state: present
+  environment:
+    http_proxy: "{{ mmw_proxy|default('') }}"
+    https_proxy: "{{ mmw_proxy|default('') }}"
+- name: add docker official repository for Debian Stretch
+  apt_repository:
+    repo: "deb [arch=amd64] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable"
+    state: present
+- name: Index new repo into the cache
+  apt: # noqa 403 - we want to upgrade all packages to latest
+    name: "*"
+    state: latest
+    update_cache: yes
+    force_apt_get: yes
+
+- name: Install python-selinux
+  apt:
+    state: present
+    name: "python3-selinux"
+...
--- a/roles/docker_host/tasks/RedHat.yml
+++ b/roles/docker_host/tasks/RedHat.yml
@@ -0,0 +1,6 @@
+---
+- name: Install python-selinux
+  yum:
+    state: present
+    name: "libselinux-python3"
+...
--- a/roles/docker_host/tasks/Ubuntu.yml
+++ b/roles/docker_host/tasks/Ubuntu.yml
@@ -0,0 +1,44 @@
+- name: Update the apt package index
+  apt: # noqa 403 - we want to update all packages to latest
+    name: "*"
+    state: latest
+    update_cache: yes
+    force_apt_get: yes
+- name: Install packages for apt add repository over HTTPS
+  apt: # noqa 403 - we want to update all packages to latest
+    name: "{{ packagesdep }}"
+    force_apt_get: yes
+    state: latest
+    update_cache: yes
+  vars:
+    packagesdep:
+    - git
+    - apt-transport-https
+    - ca-certificates
+    - wget
+    - software-properties-common
+    - gnupg2
+    - curl
+- name: Add Apt signing key from official docker repo
+  apt_key:
+    url: https://download.docker.com/linux/ubuntu/gpg
+    state: present
+  environment:
+    http_proxy: "{{ mmw_proxy }}"
+    https_proxy: "{{ mmw_proxy }}"
+- name: add docker official repository for Ubuntu
+  apt_repository:
+    repo: "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable"
+    state: present
+- name: Index new repo into the cache
+  apt: # noqa 403 - we want to update all packages to latest
+    name: "*"
+    state: latest
+    update_cache: yes
+    force_apt_get: yes
+
+- name: Install python-selinux
+  apt:
+    state: present
+    name: "python3-selinux"
+...
--- a/roles/docker_host/tasks/main.yml
+++ b/roles/docker_host/tasks/main.yml
@@ -0,0 +1,82 @@
+---
+# tasks file for docker
+- name: Ensure old versions of Docker are not installed.
+  package:
+    name:
+      - docker
+      - docker-common
+      - docker-engine
+    state: absent
+
+- name: setup Debian system
+  include_tasks: Debian.yml
+  when: ansible_distribution == "Debian"
+
+- name: setup RedHat system
+  include_tasks: CentOS.yml
+  when: ansible_distribution == "CentOS"
+
+- name: setup Ubuntu system
+  include_tasks: Ubuntu.yml
+  when: ansible_distribution == 'Ubuntu'
+
+- name: setup RedHat system
+  include_tasks: RedHat.yml
+  when: ansible_distribution == 'RedHat'
+
+- name: Install Docker and containerd.
+  package:
+    name: "{{ item }}"
+    state: present
+  with_items:
+    - docker-ce
+    - docker-ce-cli
+    - containerd.io
+    - python3-pip
+
+- name: Create systemd docker.service.d.
+  file:
+    path: '/etc/systemd/system/docker.service.d'
+    state: directory
+    owner: root
+    group: root
+    mode: '0644'
+  notify: restart docker
+
+- name: Template Proxy Settings for Docker Daemon.
+  template:
+    src: 'docker-proxy.conf'
+    dest: '/etc/systemd/system/docker.service.d/docker-proxy.conf'
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: Ensure Docker is started and enabled at boot.
+  service:
+    name: docker
+    state: started
+    enabled: true
+
+- name: Ensure handlers are notified now to avoid firewall conflicts.
+  meta: flush_handlers
+
+- name: install docker / docker-compose sdk
+  pip:
+    name:
+      - docker
+      - docker-compose
+  vars:
+    ansible_python_interpreter: /usr/bin/python3
+  environment:
+    http_proxy: "{{ mmw_proxy|default('') }}"
+    https_proxy: "{{ mmw_proxy|default('') }}"
+
+
+- name: install docker-compose
+  get_url:
+    dest: /usr/local/bin/docker-compose
+    url: "https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64"
+    mode: '0755'
+  environment:
+    https_proxy: "{{ mmw_proxy|default('') }}"
+...