--- - name: Add Docker CE repository ansible.builtin.yum_repository: name: "docker-ce" file: "Docker-CE" description: "Docker CE Stable" baseurl: "https://download.docker.com/linux/centos/{{ ansible_distribution_major_version }}/{{ ansible_architecture }}/stable" gpgcheck: True enabled: True gpgkey: "https://download.docker.com/linux/rhel/gpg" - name: Ensure to remove old docker packages ansible.builtin.package: name: - python3-requests - docker - docker-common - docker-engine state: absent - name: Install packages ansible.builtin.package: name: "{{ item }}" state: present loop: "{{ dockerengine_packages }}" - name: Add namespace group ansible.builtin.group: name: "{{ dockerengine_nsremap_user }}" state: present when: dockerengine_usernamespace_enabled | bool - name: Setup namespace user ansible.builtin.user: name: "{{ dockerengine_nsremap_user }}" group: "{{ dockerengine_nsremap_user }}" shell: /sbin/nologin state: "{{ 'present' if dockerengine_usernamespace_enabled | bool else 'absent' }}" - name: Remove namespace group ansible.builtin.group: name: "{{ dockerengine_nsremap_user }}" state: absent when: not dockerengine_usernamespace_enabled | bool - name: Configure namespace id range ansible.builtin.lineinfile: dest: "{{ item }}" regexp: "^{{ dockerengine_nsremap_user }}:" line: "{{ dockerengine_nsremap_user }}:{{ dockerengine_nsremap_range_start }}:{{ dockerengine_nsremap_range_length }}" state: "{{ 'present' if dockerengine_usernamespace_enabled | bool else 'absent' }}" loop: - /etc/subuid - /etc/subgid - name: Create required directories ansible.builtin.file: path: "{{ item.name }}" state: directory mode: "{{ item.mode }}" loop: - name: /etc/systemd/system/docker.service.d mode: "0755" - name: /etc/docker mode: "0755" loop_control: label: "{{ item.name }}" - name: Write environment file ansible.builtin.template: src: etc/sysconfig/docker.j2 dest: /etc/sysconfig/docker mode: "0600" notify: __docker_restart - name: Write service override.conf ansible.builtin.template: src: etc/systemd/system/docker.service.d/override.conf.j2 dest: /etc/systemd/system/docker.service.d/override.conf mode: "0644" notify: __docker_restart - name: Write daemon config ansible.builtin.copy: content: "{{ (dockerengine_daemon_config | combine(dockerengine_daemon_config_extra)) | to_nice_json }}" dest: /etc/docker/daemon.json mode: "0600" notify: __docker_restart - name: Deploy daemon config ansible.builtin.copy: content: "{{ (dockerengine_daemon_config | combine(dockerengine_daemon_config_extra)) | to_nice_json }}" dest: /etc/docker/daemon.json mode: "0600" notify: __docker_restart - name: Ensure docker engine is up and running ansible.builtin.service: name: "{{ dockerengine_service }}" enabled: True state: started - name: Handle registry logins community.docker.docker_login: registry: "{{ item.url | default(omit) }}" username: "{{ item.username }}" password: "{{ item.password }}" reauthorize: "{{ item.reauthorize | default(False) }}" state: '{{ item.state | default("present") }}' loop: "{{ dockerengine_registries }}" loop_control: label: "{{ item.url | default('DockerHub') }}" - name: Create docker networks community.docker.docker_network: name: "{{ item.name }}" driver: "{{ item.driver | default('bridge') }}" enable_ipv6: "{{ item.enable_ipv6 | default(False) }}" ipam_config: "{{ item.ipam_config | default(omit) }}" force: "{{ item.force | default(omit) }}" state: "{{ item.state | default('present') }}" loop: "{{ dockerengine_networks + dockerengine_networks_extra }}" loop_control: label: "{{ item.name }}" notify: __docker_restart