From b38856cbae206a3f94a19b65f9cdfd8e97745a7e Mon Sep 17 00:00:00 2001 From: shnee Date: Tue, 16 Nov 2021 12:06:04 -0500 Subject: [PATCH] Cleaned up role. --- docker-playbook.yml | 5 + roles/install_docker/README.md | 39 +++++++ roles/install_docker/defaults/main.yml | 17 +++ roles/install_docker/meta/main.yml | 25 +++++ roles/install_docker/tasks/main.yml | 57 ++++++++++ roles/install_docker/tasks/prereq_centos.yml | 103 +++++++++++++++++++ roles/install_docker/tasks/prereq_ubuntu.yml | 50 +++++++++ roles/install_docker/tasks/update_arch.yml | 15 +++ 8 files changed, 311 insertions(+) create mode 100644 docker-playbook.yml create mode 100644 roles/install_docker/README.md create mode 100644 roles/install_docker/defaults/main.yml create mode 100644 roles/install_docker/meta/main.yml create mode 100644 roles/install_docker/tasks/main.yml create mode 100644 roles/install_docker/tasks/prereq_centos.yml create mode 100644 roles/install_docker/tasks/prereq_ubuntu.yml create mode 100644 roles/install_docker/tasks/update_arch.yml diff --git a/docker-playbook.yml b/docker-playbook.yml new file mode 100644 index 0000000..9b02b47 --- /dev/null +++ b/docker-playbook.yml @@ -0,0 +1,5 @@ +--- +- name: Call the docker role. + hosts: all + roles: + - {role: install_docker, docker_users: [admin]} diff --git a/roles/install_docker/README.md b/roles/install_docker/README.md new file mode 100644 index 0000000..027ae0d --- /dev/null +++ b/roles/install_docker/README.md @@ -0,0 +1,39 @@ +Ansible Role: Install Docker +================================================================================ + +An Ansible role that installs Docker. + +This role has been tested on: +- Amazon Linux 2 +- ArchLinux +- Centos 7 & 8 +- Ubuntu 20.04 + +Variables +---------------------------------------- + +The variable that you're most likely going to want to change is `docker_users`. +That variable is a list of all the users on the system that should be added to +the `docker` group. +```yml +docker_users: [ admin, docker_admin ] +``` + +Example Playbook +---------------- + +```yml +- hosts: k8s-nodes + roles: + - {role: install_docker, docker_users: [admin]} +``` + +License +------- + +MIT + +Author Information +------------------ + +This role was created by [shnee](github.com/shnee). diff --git a/roles/install_docker/defaults/main.yml b/roles/install_docker/defaults/main.yml new file mode 100644 index 0000000..408d75d --- /dev/null +++ b/roles/install_docker/defaults/main.yml @@ -0,0 +1,17 @@ +--- +# A list of users to be added to the docker group. +docker_users: [] + +centos_repo_file: docker-ce.repo +centos_repo_full_path: "/etc/yum.repos.d/{{ centos_repo_file }}" +centos_repo_url: "https://download.docker.com/linux/centos/\ + {{ centos_repo_file }}" + +ubuntu_docker_base_url: https://download.docker.com/linux/ubuntu +ubuntu_gpg_url: "{{ ubuntu_docker_base_url }}/gpg" +ubuntu_gpg_fingerprint: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 +ubuntu_apt_repo: > + deb [arch=amd64] + "{{ ubuntu_docker_base_url }}" + "{{ ansible_distribution_release }}" + stable diff --git a/roles/install_docker/meta/main.yml b/roles/install_docker/meta/main.yml new file mode 100644 index 0000000..551e04e --- /dev/null +++ b/roles/install_docker/meta/main.yml @@ -0,0 +1,25 @@ +--- +dependencies: [] + +galaxy_info: + author: shnee + description: Install docker. + + license: MIT + + min_ansible_version: 2.1 + + platforms: + - name: ArchLinux + versions: + - all + - name: Amazon Linux 2 + versions: + - all + - name: Ubuntu + - focal # 20.04 + # CentOS is apparently not in https://galaxy.ansible.com/api/v1/platforms/ + + galaxy_tags: + - containers + - docker diff --git a/roles/install_docker/tasks/main.yml b/roles/install_docker/tasks/main.yml new file mode 100644 index 0000000..8ce1b93 --- /dev/null +++ b/roles/install_docker/tasks/main.yml @@ -0,0 +1,57 @@ +--- +# This has only been tests on Amazon Linux 2, CentOS 7-8, Ubuntu 20.04, and +# ArchLinux. + +# Prequisites +# This step will: +# 1. Remove any unwanted docker packages, (we want newest package from official +# docker repos. +# 2. Install dependencies. +# 3. Add official docker repo. + +# Archlinux and Amazon Linux don't have any prequisite steps, they're +# repositories have up to date docker packages so we don't need to add a 3rd +# party repo or uninstall unwanted packages. + +- include_tasks: prereq_centos.yml + when: ansible_distribution == "CentOS" + +- include_tasks: prereq_ubuntu.yml + when: ansible_distribution == "Ubuntu" + +# The arch cloud image does not have a package cache. +- include_tasks: update_arch.yml + when: ansible_distribution == "Archlinux" + +- name: Install docker packages after adding 3rd party repo. + package: + name: + - docker-ce + - docker-ce-cli + - containerd.io + state: present + become: true + when: ansible_distribution != "Amazon" and ansible_distribution != "Archlinux" +- name: Install docker packages for distros that don't use a 3rd party repo. + package: + name: + - docker + state: present + become: true + when: ansible_distribution == "Amazon" or ansible_distribution == "Archlinux" + +- name: Add users to the docker group. + user: + name: "{{ item }}" + groups: + - docker + append: true + with_items: "{{ docker_users }}" + become: true + +- name: Enable and start docker service. + service: + name: docker + state: started + enabled: true + become: true diff --git a/roles/install_docker/tasks/prereq_centos.yml b/roles/install_docker/tasks/prereq_centos.yml new file mode 100644 index 0000000..21327dd --- /dev/null +++ b/roles/install_docker/tasks/prereq_centos.yml @@ -0,0 +1,103 @@ +--- +# This commented out code was an attempt to make sure the CentOS extras repo is +# enabled. +# TODO This isn't working. It will create the repo everytime regardless whether +# or not the repo is already enabled. For now we leave it because this repo is +# enabled by defaullt on CentOS 7 & 8 +# +# https://docs.docker.com/engine/install/centos/#os-requirements +# Look in /etc/yum.repos.d/ for examples of the fields for a repo. This files +# have variables in their config. To get the values of the variables you can +# run: +# `python -c 'import yum; yb = yum.YumBase(); print(yb.conf.yumvar)'` +# - name: Ensure CentOS extras repo is enbaled for CentOS 7. +# yum_repository: +# name: extras +# description: CentOS-{{ ansible_distribution_major_version }} - Extras +# enabled: true +# mirrorlist: "http://mirrorlist.centos.org/?\ +# release={{ ansible_distribution_major_version }}&\ +# arch={{ ansible_architecture }}&\ +# repo=extras&infra=genclo" +# gpgcheck: true +# become: true +# when: > +# ansible_distribution == "CentOS" and +# ansible_distribution_major_version == "7" +# - name: Ensure CentOS extras repo is enbaled for CentOS 8. +# yum_repository: +# name: extras +# description: > +# CentOS Linux {{ ansible_distribution_major_version }} - Extras +# enabled: true +# mirrorlist: "http://mirrorlist.centos.org/?\ +# release={{ ansible_distribution_major_version }}&\ +# arch={{ ansible_architecture }}&\ +# repo=extras&infra=genclo" +# gpgcheck: true +# become: true +# when: > +# ansible_distribution == "CentOS" and +# ansible_distribution_major_version == "8" + +# TODO Add this step. +# https://docs.docker.com/engine/install/centos/#os-requirements + +################################################################################ +# Uninstall unwanted docker packages. +################################################################################ + +# This step combines "Uninstall old versions" for RedHat family distros. +# https://docs.docker.com/engine/install/centos/#uninstall-old-versions +# https://docs.docker.com/engine/install/fedora/#uninstall-old-versions +# https://docs.docker.com/engine/install/rhel/#uninstall-old-versions + +# We check if a docker repo has alredy been added to yum. If so, then we want to +# skip the removing of the old docker packages to make this script more +# idempotent. +- name: Check if docker repo has alredy been added. + command: yum repolist # noqa command-instead-of-module + changed_when: false + register: repolist + +- name: Uninstall old versions of docker RedHat like distros.. + yum: + name: + - docker + - docker-client + - docker-client-latest + - docker-common + - docker-latest + - docker-latest-logrotate + - docker-logrotate + - docker-selinux + - docker-engine-selinux + - docker-engine + - podman + - runc + state: absent + become: true + when: "'docker' not in repolist.stdout" + +################################################################################ +# Install dependencies +################################################################################ + +# https://docs.docker.com/engine/install/centos/#install-using-the-repository +- name: Install dependencies for yum distros. + yum: + name: + - yum-utils + state: present + become: true + +################################################################################ +# Install docker repo. +################################################################################ + +# https://docs.docker.com/engine/install/centos/#install-using-the-repository +- name: Add docker yum repo for centos. + command: + cmd: "yum-config-manager --add-repo {{ centos_repo_url }}" + creates: "{{ centos_repo_full_path }}" + become: true diff --git a/roles/install_docker/tasks/prereq_ubuntu.yml b/roles/install_docker/tasks/prereq_ubuntu.yml new file mode 100644 index 0000000..67e5c47 --- /dev/null +++ b/roles/install_docker/tasks/prereq_ubuntu.yml @@ -0,0 +1,50 @@ +--- +################################################################################ +# Uninstall unwanted docker packages. +################################################################################ + +# https://docs.docker.com/engine/install/ubuntu/#uninstall-old-versions +- name: Remove old docker packages for Debian like distros. + apt: + name: + - docker + - docker-engine + - docker.io + - containerd + - runc + state: absent + become: true + +################################################################################ +# Install dependencies +################################################################################ + +# https://docs.docker.com/engine/install/ubuntu/#install-using-the-repository +- name: Install Docker dependencies on Debian like distro. + apt: + name: + - ca-certificates + - curl + - gnupg + - lsb-release + become: true + +################################################################################ +# Install docker repo. +################################################################################ + +# https://docs.docker.com/engine/install/ubuntu/#install-using-the-repository +- name: Add GPG key to apt for Ubuntu. + apt_key: + url: "{{ ubuntu_gpg_url }}" + id: "{{ ubuntu_gpg_fingerprint }}" + state: present + become: true + +# https://docs.docker.com/engine/install/ubuntu/#install-using-the-repository +- name: Add Docker repository for Ubuntu. + apt_repository: + repo: "{{ ubuntu_apt_repo }}" + state: present + update_cache: true + become: true diff --git a/roles/install_docker/tasks/update_arch.yml b/roles/install_docker/tasks/update_arch.yml new file mode 100644 index 0000000..ad61285 --- /dev/null +++ b/roles/install_docker/tasks/update_arch.yml @@ -0,0 +1,15 @@ +--- +# These tasks will update the pacman repos if Docker is not alredy instflled. +# +# We only want to update the chache if needed, otherwise this will break +# idempotentcy. + +- name: Get a list of installed pacakges. + ansible.builtin.package_facts: + manager: auto + +- name: Update pacman cache if docker is not installed. + pacman: + update_cache: true + become: true + when: "'docker' not in ansible_facts.packages"