Browse Source

initial commit

master
Robert Kaussow 6 months ago
commit
9c7d801eea

+ 3
- 0
.gitignore View File

@@ -0,0 +1,3 @@
1
+# ---> Ansible
2
+*.retry
3
+

+ 9
- 0
LICENSE View File

@@ -0,0 +1,9 @@
1
+MIT License
2
+
3
+Copyright (c) <year> <copyright holders>
4
+
5
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
6
+
7
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
8
+
9
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

+ 54
- 0
README.md View File

@@ -0,0 +1,54 @@
1
+# sit-lnx.docker-engine
2
+
3
+Install docker engine. Currently only overlay2 as storage engine is supported.
4
+
5
+**Supported OS**
6
+* RHEL7
7
+
8
+### Role Variables
9
+
10
+```yaml
11
+---
12
+dockerengine_package: docker
13
+dockerengine_docker_group_enabled: False
14
+
15
+dockerengine_secure_registries: []
16
+dockerengine_insecure_registries: []
17
+dockerengine_block_registries: []
18
+
19
+# dockerengine_http_proxy: # defaults to not set
20
+# dockerengine_https_proxy: # defaults to not set
21
+# dockerengine_no_proxy: # defaults to not set
22
+
23
+# All storage variables are mandatory. You have to set them correctly!
24
+# dockerengine_storage_pvs: /dev/sdx # defaults to not set
25
+dockerengine_storage_vg: vg_docker
26
+dockerengine_storage_lv: lv_docker
27
+dockerengine_storage_size: 100G
28
+dockerengine_base_dir: /var/lib/docker
29
+```
30
+
31
+### Examples
32
+
33
+#### Playbook
34
+
35
+```yaml
36
+---
37
+- hosts: docker-engine
38
+  become: true
39
+
40
+  roles:
41
+    - sit-lnx.docker-engine
42
+```
43
+
44
+### Dependencies
45
+
46
+* you need the `wrap` custom filter from
47
+
48
+### Maintainer
49
+
50
+[Robert Kaussow](https://gitea.rknet.org/xoxys)
51
+
52
+### License
53
+
54
+This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details

+ 17
- 0
defaults/main.yml View File

@@ -0,0 +1,17 @@
1
+---
2
+dockerengine_package: docker
3
+dockerengine_docker_group_enabled: False
4
+
5
+dockerengine_secure_registries: []
6
+dockerengine_insecure_registries: []
7
+dockerengine_block_registries: []
8
+
9
+# dockerengine_http_proxy: # defaults to not set
10
+# dockerengine_https_proxy: # defaults to not set
11
+# dockerengine_no_proxy: # defaults to not set
12
+
13
+# dockerengine_storage_pvs: /dev/sdx # defaults to not set
14
+dockerengine_storage_vg: vg_docker
15
+dockerengine_storage_lv: lv_docker
16
+dockerengine_storage_size: 100G
17
+dockerengine_base_dir: /var/lib/docker

+ 10
- 0
handlers/main.yml View File

@@ -0,0 +1,10 @@
1
+---
2
+- name: Restart docker engine
3
+  systemd:
4
+    state: restarted
5
+    name: "{{ dockerengine_package }}"
6
+    daemon_reload: yes
7
+    enabled: yes
8
+  listen: __docker_restart
9
+  become: True
10
+  become_user: root

+ 13
- 0
meta/main.yml View File

@@ -0,0 +1,13 @@
1
+---
2
+galaxy_info:
3
+  author: Robert Kaussow
4
+  description: Install Docker Engine
5
+  license: MIT
6
+  min_ansible_version: 2.4
7
+  platforms:
8
+  - name: EL
9
+    versions:
10
+    - 7
11
+  galaxy_tags:
12
+  - docker
13
+dependencies: []

+ 34
- 0
tasks/install.yml View File

@@ -0,0 +1,34 @@
1
+---
2
+- block:
3
+    - name: Install docker engine
4
+      package:
5
+        name: "{{ dockerengine_package }}"
6
+        state: installed
7
+
8
+    - name: Add docker group
9
+      group:
10
+        name: docker
11
+        state: present
12
+      notify: __docker_restart
13
+      when: dockerengine_docker_group_enabled
14
+
15
+    - name: Deploy config files to setup environment
16
+      template:
17
+        src: "{{ item.src }}"
18
+        dest: "{{ item.dest }}"
19
+        owner: root
20
+        group: root
21
+        mode: 0644
22
+      with_items:
23
+        - { src: 'etc/sysconfig/docker.j2', dest: '/etc/sysconfig/{{ dockerengine_package }}' }
24
+        - { src: 'etc/sysconfig/docker-storage-setup.j2', dest: '/etc/sysconfig/{{ dockerengine_package }}-storage-setup' }
25
+        - { src: 'etc/containers/registries.conf.j2', dest: '/etc/containers/registries.conf' }
26
+      notify: __docker_restart
27
+
28
+    - name: Ensure docker engine is up and running
29
+      service:
30
+        name: "{{ dockerengine_package }}"
31
+        enabled: True
32
+        state: started
33
+  become: True
34
+  become_user: root

+ 2
- 0
tasks/main.yml View File

@@ -0,0 +1,2 @@
1
+---
2
+- include_tasks: install.yml

+ 27
- 0
templates/etc/containers/registries.conf.j2 View File

@@ -0,0 +1,27 @@
1
+# {{ ansible_managed }}
2
+# This is a system-wide configuration file used to
3
+# keep track of registries for various container backends.
4
+# It adheres to TOML format and does not support recursive
5
+# lists of registries.
6
+
7
+# The default location for this configuration file is /etc/containers/registries.conf.
8
+
9
+# The only valid categories are: 'registries.search', 'registries.insecure',
10
+# and 'registries.block'.
11
+
12
+[registries.search]
13
+#registries = ['registry.access.redhat.com']
14
+registries = [{{ dockerengine_secure_registries | wrap | join(',') }}]
15
+
16
+# If you need to access insecure registries, add the registry's fully-qualified name.
17
+# An insecure registry is one that does not have a valid SSL certificate or only does HTTP.
18
+[registries.insecure]
19
+registries = [{{ dockerengine_insecure_registries | wrap | join(',') }}]
20
+
21
+
22
+# If you need to block pull access from a registry, uncomment the section below
23
+# and add the registries fully-qualified name.
24
+#
25
+# Docker only
26
+[registries.block]
27
+registries = [{{ dockerengine_block_registries | wrap | join(',') }}]

+ 7
- 0
templates/etc/sysconfig/docker-storage-setup.j2 View File

@@ -0,0 +1,7 @@
1
+# {{ ansible_managed }}
2
+STORAGE_DRIVER=overlay2
3
+DEVS={{ dockerengine_storage_pvs }}
4
+CONTAINER_ROOT_LV_NAME={{ dockerengine_storage_lv }}
5
+CONTAINER_ROOT_LV_SIZE={{ dockerengine_storage_size }}
6
+CONTAINER_ROOT_LV_MOUNT_PATH={{ dockerengine_base_dir }}
7
+VG={{ dockerengine_storage_vg }}

+ 43
- 0
templates/etc/sysconfig/docker.j2 View File

@@ -0,0 +1,43 @@
1
+## {{ ansible_managed }}
2
+# /etc/sysconfig/docker
3
+
4
+# Modify these options if you want to change the way the docker daemon runs
5
+OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false'
6
+if [ -z "${DOCKER_CERT_PATH}" ]; then
7
+    DOCKER_CERT_PATH=/etc/docker
8
+fi
9
+
10
+# Do not add registries in this file anymore. Use /etc/containers/registries.conf
11
+# from the atomic-registries package.
12
+#
13
+
14
+# On an SELinux system, if you remove the --selinux-enabled option, you
15
+# also need to turn on the docker_transition_unconfined boolean.
16
+# setsebool -P docker_transition_unconfined 1
17
+
18
+# Location used for temporary files, such as those created by
19
+# docker load and build operations. Default is /var/lib/docker/tmp
20
+# Can be overriden by setting the following environment variable.
21
+# DOCKER_TMPDIR=/var/tmp
22
+
23
+# Controls the /etc/cron.daily/docker-logrotate cron job status.
24
+# To disable, uncomment the line below.
25
+# LOGROTATE=false
26
+
27
+# docker-latest daemon can be used by starting the docker-latest unitfile.
28
+# To use docker-latest client, uncomment below lines
29
+#DOCKERBINARY=/usr/bin/docker-latest
30
+#DOCKERDBINARY=/usr/bin/dockerd-latest
31
+#DOCKER_CONTAINERD_BINARY=/usr/bin/docker-containerd-latest
32
+#DOCKER_CONTAINERD_SHIM_BINARY=/usr/bin/docker-containerd-shim-latest
33
+
34
+# Proxy settings
35
+{% if dockerengine_http_proxy is defined %}
36
+HTTP_PROXY={{ dockerengine_http_proxy }}
37
+{% endif %}
38
+{% if dockerengine_https_proxy is defined %}
39
+HTTPS_PROXY={{ dockerengine_https_proxy }}
40
+{% endif %}
41
+{% if dockerengine_no_proxy is defined %}
42
+NO_PROXY={{ dockerengine_no_proxy|join(',') }}"
43
+{% endif %}

Loading…
Cancel
Save