diff options
Diffstat (limited to 'fdio.infra.ansible/roles/docker')
8 files changed, 186 insertions, 0 deletions
diff --git a/fdio.infra.ansible/roles/docker/defaults/main.yaml b/fdio.infra.ansible/roles/docker/defaults/main.yaml new file mode 100644 index 0000000000..bf97b4a192 --- /dev/null +++ b/fdio.infra.ansible/roles/docker/defaults/main.yaml @@ -0,0 +1,35 @@ +--- +# file: roles/docker/defaults/main.yaml + +# Version options. +docker_edition: "ce" +docker_package: "docker-{{ docker_edition }}" +docker_package_state: latest + +# Service options. +docker_service_state: started +docker_service_enabled: true +docker_restart_handler_state: restarted +docker_service_mgr: "systemd" + +# Used only for Debian/Ubuntu. +docker_apt_release_channel: "stable" +docker_apt_repository: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable" +docker_apt_repository_state: present +docker_apt_ignore_key_error: true +docker_apt_gpg_key: "https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg" +docker_apt_gpg_key_state: present + +# Used only for RedHat/CentOS/Fedora. +docker_yum_repo_url: https://download.docker.com/linux/{{ (ansible_distribution == "Fedora") | ternary("fedora","centos") }}/docker-{{ docker_edition }}.repo +docker_yum_repo_enable_edge: "0" +docker_yum_repo_enable_test: "0" +docker_yum_gpg_key: https://download.docker.com/linux/centos/gpg + +# Proxy settings. +docker_daemon_environment_http: + - "HTTP_PROXY={{ proxy_env.http_proxy }}" + - "NO_PROXY={{ proxy_env.no_proxy }}" +docker_daemon_environment_https: + - "HTTPS_PROXY={{ proxy_env.https_proxy }}" + - "NO_PROXY={{ proxy_env.no_proxy }}" diff --git a/fdio.infra.ansible/roles/docker/handlers/main.yaml b/fdio.infra.ansible/roles/docker/handlers/main.yaml new file mode 100644 index 0000000000..53eb8528f6 --- /dev/null +++ b/fdio.infra.ansible/roles/docker/handlers/main.yaml @@ -0,0 +1,9 @@ +--- +# file roles/docker/handlers/main.yaml + +- name: Restart Docker + ansible.builtin.service: + name: "docker" + state: "{{ docker_restart_handler_state }}" + tags: + - docker-restart-service diff --git a/fdio.infra.ansible/roles/docker/meta/main.yaml b/fdio.infra.ansible/roles/docker/meta/main.yaml new file mode 100644 index 0000000000..7bef656eb5 --- /dev/null +++ b/fdio.infra.ansible/roles/docker/meta/main.yaml @@ -0,0 +1,18 @@ +--- +# file: meta/main.yaml + +dependencies: [] + +galaxy_info: + role_name: docker + author: fd.io + description: Docker-CE for Linux. + company: none + license: "license (Apache)" + min_ansible_version: 2.9 + platforms: + - name: Ubuntu + versions: + - jammy + galaxy_tags: + - docker diff --git a/fdio.infra.ansible/roles/docker/tasks/jammy.yaml b/fdio.infra.ansible/roles/docker/tasks/jammy.yaml new file mode 100644 index 0000000000..8ec7a01ee1 --- /dev/null +++ b/fdio.infra.ansible/roles/docker/tasks/jammy.yaml @@ -0,0 +1,30 @@ +--- +# file: roles/docker/tasks/ubuntu_jammy.yaml + +- name: Inst - Dependencies + ansible.builtin.apt: + name: + - "apt-transport-https" + - "ca-certificates" + - "gpg-agent" + - "software-properties-common" + state: "present" + cache_valid_time: 3600 + install_recommends: false + tags: + - docker-inst-dependencies + +- name: Conf - Add APT Key + ansible.builtin.apt_key: + url: "{{ docker_apt_gpg_key }}" + state: "{{ docker_apt_gpg_key_state }}" + tags: + - docker-conf-apt + +- name: Conf - Install APT Repository + ansible.builtin.apt_repository: + repo: "{{ docker_apt_repository }}" + state: "{{ docker_apt_repository_state }}" + update_cache: true + tags: + - docker-conf-apt diff --git a/fdio.infra.ansible/roles/docker/tasks/main.yaml b/fdio.infra.ansible/roles/docker/tasks/main.yaml new file mode 100644 index 0000000000..e07b29e363 --- /dev/null +++ b/fdio.infra.ansible/roles/docker/tasks/main.yaml @@ -0,0 +1,85 @@ +--- +# file: roles/docker/tasks/main.yaml + +- include_tasks: "{{ ansible_distribution_release }}.yaml" + tags: + - docker-inst-dependencies + +- name: Inst - Docker + ansible.builtin.package: + name: + - "{{ docker_package }}" + - "{{ docker_package }}-cli" + state: "{{ docker_package_state }}" + tags: + - docker-inst-package + +- name: Conf - Docker Service + ansible.builtin.service: + name: docker + state: "{{ docker_service_state }}" + enabled: "{{ docker_service_enabled }}" + when: + - docker_service_mgr == "systemd" + tags: + - docker-conf-service + +- name: Conf - Docker Service Directory + ansible.builtin.file: + path: "/etc/systemd/system/docker.service.d" + state: "directory" + mode: "0755" + when: + - docker_service_mgr == "systemd" + tags: + - docker-conf-service + +- name: Conf - Docker Daemon + ansible.builtin.template: + src: "templates/daemon.json.j2" + dest: "/etc/docker/daemon.json" + owner: "root" + group: "root" + mode: "0644" + notify: + - "Restart Docker" + when: > + docker_daemon is defined and + docker_service_mgr == "systemd" + tags: + - docker-conf-daemon + +- name: Conf - Docker HTTP Proxy + ansible.builtin.template: + src: "templates/docker.service.proxy.http" + dest: "/etc/systemd/system/docker.service.d/http-proxy.conf" + owner: "root" + group: "root" + mode: "0644" + notify: + - "Restart Docker" + when: > + proxy_env is defined and + proxy_env.http_proxy is defined and + docker_service_mgr == "systemd" + tags: + - docker-conf-service + +- name: Conf - Docker HTTPS Proxy + ansible.builtin.template: + src: "templates/docker.service.proxy.https" + dest: "/etc/systemd/system/docker.service.d/https-proxy.conf" + owner: "root" + group: "root" + mode: "0644" + notify: + - "Restart Docker" + when: > + proxy_env is defined and + proxy_env.https_proxy is defined and + docker_service_mgr == "systemd" + tags: + - docker-conf-service + +- name: Meta - Flush handlers + ansible.builtin.meta: flush_handlers diff --git a/fdio.infra.ansible/roles/docker/templates/daemon.json.j2 b/fdio.infra.ansible/roles/docker/templates/daemon.json.j2 new file mode 100644 index 0000000000..becc2b1af7 --- /dev/null +++ b/fdio.infra.ansible/roles/docker/templates/daemon.json.j2 @@ -0,0 +1 @@ +{{ docker_daemon | to_nice_json }}
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker/templates/docker.service.proxy.http b/fdio.infra.ansible/roles/docker/templates/docker.service.proxy.http new file mode 100644 index 0000000000..73ceba3870 --- /dev/null +++ b/fdio.infra.ansible/roles/docker/templates/docker.service.proxy.http @@ -0,0 +1,4 @@ +# {{ ansible_managed }} + +[Service] +Environment="{{ docker_daemon_environment_http | join('" "') }}" diff --git a/fdio.infra.ansible/roles/docker/templates/docker.service.proxy.https b/fdio.infra.ansible/roles/docker/templates/docker.service.proxy.https new file mode 100644 index 0000000000..1c2097eb9d --- /dev/null +++ b/fdio.infra.ansible/roles/docker/templates/docker.service.proxy.https @@ -0,0 +1,4 @@ +# {{ ansible_managed }} + +[Service] +Environment="{{ docker_daemon_environment_https | join('" "') }}" |