From 2bf1b29d3f9f14dbc1d19ddd9c936c11c0328f23 Mon Sep 17 00:00:00 2001 From: James McCallum Date: Sun, 3 Sep 2017 19:21:17 +1000 Subject: [PATCH 01/29] Add user to docker group functionality --- README.md | 6 ++++++ defaults/main.yml | 3 +++ tasks/docker-users.yml | 6 ++++++ 3 files changed, 15 insertions(+) create mode 100644 tasks/docker-users.yml diff --git a/README.md b/README.md index efe0421..4edabe7 100644 --- a/README.md +++ b/README.md @@ -36,6 +36,12 @@ Docker Compose installation options. (Used only for RedHat/CentOS.) You can enable the Edge or Test repo by setting the respective vars to `1`. +Set the docker_users variable to allow those users to run docker (these users are added to the docker group) + + docker_users: + - Guy + - James + ## Use with Ansible (and `docker` Python library) Many users of this role wish to also use Ansible to then _build_ Docker images and manage Docker containers on the server where Docker is installed. In this case, you can easily add in the `docker` Python library using the `geerlingguy.pip` role: diff --git a/defaults/main.yml b/defaults/main.yml index 14e91a7..21fdbf1 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -17,3 +17,6 @@ docker_apt_repository: "deb https://download.docker.com/linux/{{ ansible_distrib docker_yum_repo_url: https://download.docker.com/linux/centos/docker-{{ docker_edition }}.repo docker_yum_repo_enable_edge: 0 docker_yum_repo_enable_test: 0 + +# Docker users +docker_users: [] diff --git a/tasks/docker-users.yml b/tasks/docker-users.yml new file mode 100644 index 0000000..6b35881 --- /dev/null +++ b/tasks/docker-users.yml @@ -0,0 +1,6 @@ +--- +- name: Add users to docker group + user: + name: "{{ item }}" + group: docker + with_items: "{{ docker_users }}" From 8c63471573fc4bbbf35880b6a91ab94f4236f723 Mon Sep 17 00:00:00 2001 From: James McCallum Date: Sun, 3 Sep 2017 19:38:50 +1000 Subject: [PATCH 02/29] include docker-users to main --- tasks/main.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tasks/main.yml b/tasks/main.yml index ba197cf..7b08d54 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -16,3 +16,6 @@ - include: docker-compose.yml when: docker_install_compose + +- include: docker-users.yml + when: docker_users From 309ab2caeee55ae1ff2cc096c8176d43ffe42c58 Mon Sep 17 00:00:00 2001 From: Gilad Peleg Date: Tue, 19 Sep 2017 11:19:58 +0300 Subject: [PATCH 03/29] Fix typo --- tasks/setup-Debian.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index d0be48d..bde6629 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -7,7 +7,7 @@ - docker - docker-engine -- name: Ensure depdencies are installed. +- name: Ensure dependencies are installed. apt: name: "{{ item }}" state: present From e68f0cbd16beb7dcabd5b2eacccce09d151d3981 Mon Sep 17 00:00:00 2001 From: James McCallum Date: Tue, 26 Sep 2017 05:09:58 +1000 Subject: [PATCH 04/29] Fix docker group to append group rather than set it --- tasks/docker-users.yml | 1 + tasks/main.yml | 8 ++++---- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/tasks/docker-users.yml b/tasks/docker-users.yml index 6b35881..fa78103 100644 --- a/tasks/docker-users.yml +++ b/tasks/docker-users.yml @@ -3,4 +3,5 @@ user: name: "{{ item }}" group: docker + append: yes with_items: "{{ docker_users }}" diff --git a/tasks/main.yml b/tasks/main.yml index 7b08d54..00cdf7f 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,8 +1,8 @@ --- -- include: setup-RedHat.yml +- include_tasks: setup-RedHat.yml when: ansible_os_family == 'RedHat' -- include: setup-Debian.yml +- include_tasks: setup-Debian.yml when: ansible_os_family == 'Debian' - name: Install Docker. @@ -14,8 +14,8 @@ state: started enabled: yes -- include: docker-compose.yml +- include_tasks: docker-compose.yml when: docker_install_compose -- include: docker-users.yml +- include_tasks: docker-users.yml when: docker_users From 4f1a0f3d91ae37736a258606c467a203290e0a61 Mon Sep 17 00:00:00 2001 From: James McCallum Date: Tue, 26 Sep 2017 05:14:53 +1000 Subject: [PATCH 05/29] Change include_task to depreciated include due to what looks like incompatibility with test harness --- tasks/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index 00cdf7f..7b08d54 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,8 +1,8 @@ --- -- include_tasks: setup-RedHat.yml +- include: setup-RedHat.yml when: ansible_os_family == 'RedHat' -- include_tasks: setup-Debian.yml +- include: setup-Debian.yml when: ansible_os_family == 'Debian' - name: Install Docker. @@ -14,8 +14,8 @@ state: started enabled: yes -- include_tasks: docker-compose.yml +- include: docker-compose.yml when: docker_install_compose -- include_tasks: docker-users.yml +- include: docker-users.yml when: docker_users From 622dc1dac736eb2b513b332a52e10b91b83f50f7 Mon Sep 17 00:00:00 2001 From: James McCallum Date: Wed, 18 Oct 2017 20:01:02 +1100 Subject: [PATCH 06/29] Update documentation --- README.md | 8 ++++---- defaults/main.yml | 2 +- tasks/docker-users.yml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 4edabe7..91591e7 100644 --- a/README.md +++ b/README.md @@ -36,11 +36,11 @@ Docker Compose installation options. (Used only for RedHat/CentOS.) You can enable the Edge or Test repo by setting the respective vars to `1`. -Set the docker_users variable to allow those users to run docker (these users are added to the docker group) - docker_users: - - Guy - - James + - user1 + - user2 + +Set the docker_users variable to allow those users to run docker (these users are added to the docker group) ## Use with Ansible (and `docker` Python library) diff --git a/defaults/main.yml b/defaults/main.yml index 21fdbf1..cb6b312 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -18,5 +18,5 @@ docker_yum_repo_url: https://download.docker.com/linux/centos/docker-{{ docker_e docker_yum_repo_enable_edge: 0 docker_yum_repo_enable_test: 0 -# Docker users +# A list of users who will be added to the docker group. docker_users: [] diff --git a/tasks/docker-users.yml b/tasks/docker-users.yml index fa78103..ccc1ac7 100644 --- a/tasks/docker-users.yml +++ b/tasks/docker-users.yml @@ -1,5 +1,5 @@ --- -- name: Add users to docker group +- name: Ensure docker users are added to the docker group. user: name: "{{ item }}" group: docker From f3076bad559d2602ddf4163bbe3e33289ca4ec4f Mon Sep 17 00:00:00 2001 From: Pascal Armand Date: Mon, 27 Nov 2017 16:40:27 +0100 Subject: [PATCH 07/29] 'include' for tasks has been deprecated The use of 'include' for tasks has been deprecated. Use 'import_tasks' for static inclusions or 'include_tasks' for dynamic inclusions. --- tasks/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index ba197cf..d0bc72e 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,8 +1,8 @@ --- -- include: setup-RedHat.yml +- include_tasks: setup-RedHat.yml when: ansible_os_family == 'RedHat' -- include: setup-Debian.yml +- include_tasks: setup-Debian.yml when: ansible_os_family == 'Debian' - name: Install Docker. @@ -14,5 +14,5 @@ state: started enabled: yes -- include: docker-compose.yml +- include_tasks: docker-compose.yml when: docker_install_compose From e4a6edb4ef3c1295d87cdfc737a5f07d26c3547b Mon Sep 17 00:00:00 2001 From: Alexander Thomas Date: Fri, 19 Jan 2018 16:16:31 +0100 Subject: [PATCH 08/29] Introduced CPU architecture switch for apt source definition --- README.md | 3 ++- defaults/main.yml | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c7e81da..454be56 100644 --- a/README.md +++ b/README.md @@ -25,8 +25,9 @@ The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterpri Docker Compose installation options. + docker_apt_arch: amd64 docker_apt_release_channel: stable - docker_apt_repository: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" + docker_apt_repository: "deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" (Used only for Debian/Ubuntu.) You can switch the channel to `edge` if you want to use the Edge release. diff --git a/defaults/main.yml b/defaults/main.yml index 3573df1..1cb4d22 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -11,7 +11,9 @@ docker_compose_path: /usr/local/bin/docker-compose # Used only for Debian/Ubuntu. Switch 'stable' to 'edge' if needed. docker_apt_release_channel: stable -docker_apt_repository: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" +# Architecture must be specified in order for updates to work. Choose between 'amd64' & 'i386'. +docker_apt_arch: amd64 +docker_apt_repository: "deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" # Used only for RedHat/CentOS. docker_yum_repo_url: https://download.docker.com/linux/centos/docker-{{ docker_edition }}.repo From 462a0b5359f7001fe11c4cb34fca17576392b5f6 Mon Sep 17 00:00:00 2001 From: Alexander Thomas Date: Fri, 19 Jan 2018 16:21:24 +0100 Subject: [PATCH 09/29] Changed 'include' to 'include_tasks' due to deprecations in Ansible >2.4 --- tasks/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index ba197cf..d0bc72e 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,8 +1,8 @@ --- -- include: setup-RedHat.yml +- include_tasks: setup-RedHat.yml when: ansible_os_family == 'RedHat' -- include: setup-Debian.yml +- include_tasks: setup-Debian.yml when: ansible_os_family == 'Debian' - name: Install Docker. @@ -14,5 +14,5 @@ state: started enabled: yes -- include: docker-compose.yml +- include_tasks: docker-compose.yml when: docker_install_compose From b6f6b1b66cfcdfd272ed49160ece562fc714a8db Mon Sep 17 00:00:00 2001 From: Stephen Benjamin Date: Fri, 2 Feb 2018 10:54:16 -0500 Subject: [PATCH 10/29] Support fedora --- defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 3573df1..3ebf5a7 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -13,7 +13,7 @@ docker_compose_path: /usr/local/bin/docker-compose docker_apt_release_channel: stable docker_apt_repository: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" -# Used only for RedHat/CentOS. -docker_yum_repo_url: https://download.docker.com/linux/centos/docker-{{ docker_edition }}.repo +# Used only for RedHat/CentOS/Fedora +docker_yum_repo_url: https://download.docker.com/linux/{{ (ansible_distribution == "Fedora")|ternary("fedora","centos") }}/docker-{{ docker_edition }}.repo docker_yum_repo_enable_edge: 0 docker_yum_repo_enable_test: 0 From 250660e149b2195c97957fca0cfaf16ed404be8e Mon Sep 17 00:00:00 2001 From: Dirk Weise Date: Thu, 22 Feb 2018 10:55:56 +0100 Subject: [PATCH 11/29] Make ignoring repository key error optional Just ignoring an error regarding the Docker GPG key and downloading it from "some" web page is not desired in any environment. Change-Id: I2d59e9bf070a4262ff5d251a65b698c858345eb7 --- defaults/main.yml | 1 + tasks/setup-Debian.yml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index 3573df1..94042d3 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -12,6 +12,7 @@ docker_compose_path: /usr/local/bin/docker-compose # Used only for Debian/Ubuntu. Switch 'stable' to 'edge' if needed. docker_apt_release_channel: stable docker_apt_repository: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" +docker_apt_ignore_key_error: true # Used only for RedHat/CentOS. docker_yum_repo_url: https://download.docker.com/linux/centos/docker-{{ docker_edition }}.repo diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index d0be48d..87f8e4b 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -21,7 +21,7 @@ id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 state: present register: add_repository_key - ignore_errors: true + ignore_errors: "{{ docker_apt_ignore_key_error }}" - name: Ensure curl is present (on older systems without SNI). package: name=curl state=present From 92b42b0352100908e06e36c9877dcaa075e7904b Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 1 May 2018 19:15:19 -0500 Subject: [PATCH 12/29] Issue #54: Update Docker Compose default version to the latest version. --- README.md | 2 +- meta/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c7e81da..454f848 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ Available variables are listed below, along with default values (see `defaults/m The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterprise Edition). You can also specify a specific version of Docker to install using a format like `docker-{{ docker_edition }}-`. And you can control whether the package is installed, uninstalled, or at the latest version by setting `docker_package_state` to `present`, `absent`, or `latest`, respectively. docker_install_compose: true - docker_compose_version: "1.16.1" + docker_compose_version: "1.21.1" docker_compose_path: /usr/local/bin/docker-compose Docker Compose installation options. diff --git a/meta/main.yml b/meta/main.yml index b975c01..575a466 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -6,7 +6,7 @@ galaxy_info: description: Docker for Linux. company: "Midwestern Mac, LLC" license: "license (BSD, MIT)" - min_ansible_version: 2.0 + min_ansible_version: 2.4 platforms: - name: EL versions: From fd8139c402c51f58ed3c91ae2497c15f85366203 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 1 May 2018 19:15:39 -0500 Subject: [PATCH 13/29] Issue #54: Update Docker Compose default version to the latest version. For real this time. --- defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index 3573df1..4d3d382 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -6,7 +6,7 @@ docker_package_state: present # Docker Compose options. docker_install_compose: true -docker_compose_version: "1.16.1" +docker_compose_version: "1.21.1" docker_compose_path: /usr/local/bin/docker-compose # Used only for Debian/Ubuntu. Switch 'stable' to 'edge' if needed. From 07e05ef00f51b692d9ca1292967dbf36d393f7bf Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 1 May 2018 21:18:30 -0500 Subject: [PATCH 14/29] Fixes #21: DOCKER iptables chain problem when used with geerlingguy.firewall. --- README.md | 6 +++++- defaults/main.yml | 3 ++- tasks/main.yml | 9 ++++++++- 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 454f848..65b8a6e 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,11 @@ Available variables are listed below, along with default values (see `defaults/m The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterprise Edition). You can also specify a specific version of Docker to install using a format like `docker-{{ docker_edition }}-`. And you can control whether the package is installed, uninstalled, or at the latest version by setting `docker_package_state` to `present`, `absent`, or `latest`, respectively. - docker_install_compose: true + docker_restart_on_package_change: True + +Whether to restart the Docker daemon after the Docker package is installed or updated. If this is set to `True`, this role will flush all handlers (run any of the handlers that have been notified by this and any other role up to this point in the play). The default setting helps avoid firewall clashes with Docker rules (e.g. when using custom `iptables` rules or the `geerlingguy.firewall` Ansible role). + + docker_install_compose: True docker_compose_version: "1.21.1" docker_compose_path: /usr/local/bin/docker-compose diff --git a/defaults/main.yml b/defaults/main.yml index 4d3d382..88401df 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -3,9 +3,10 @@ docker_edition: 'ce' docker_package: "docker-{{ docker_edition }}" docker_package_state: present +docker_restart_on_package_change: True # Docker Compose options. -docker_install_compose: true +docker_install_compose: True docker_compose_version: "1.21.1" docker_compose_path: /usr/local/bin/docker-compose diff --git a/tasks/main.yml b/tasks/main.yml index d0bc72e..bbbc141 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -6,7 +6,10 @@ when: ansible_os_family == 'Debian' - name: Install Docker. - package: name={{ docker_package }} state={{ docker_package_state }} + package: + name: "{{ docker_package }}" + state: "{{ docker_package_state }}" + notify: restart docker - name: Ensure Docker is started and enabled at boot. service: @@ -14,5 +17,9 @@ state: started enabled: yes +- name: Ensure handlers are notified now to avoid firewall conflicts. + meta: flush_handlers + when: docker_restart_on_package_change + - include_tasks: docker-compose.yml when: docker_install_compose From 7b0f422f32e8aa0f5311d1d754e3e26b3f27952b Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 1 May 2018 21:31:35 -0500 Subject: [PATCH 15/29] PR #47 follow-up: Add tests for Ubuntu 18.04 Bionic, Fedora 27, and fix boolean case. --- .travis.yml | 5 +++-- README.md | 1 + defaults/main.yml | 6 +++--- meta/main.yml | 4 ++++ 4 files changed, 11 insertions(+), 5 deletions(-) diff --git a/.travis.yml b/.travis.yml index 25e8152..d371899 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,9 +3,10 @@ services: docker env: - distro: centos7 + - distro: ubuntu1804 - distro: ubuntu1604 - - distro: ubuntu1404 - - distro: debian8 + - distro: debian9 + - distro: fedora27 script: # Configure test script so we can run extra tests after playbook is run. diff --git a/README.md b/README.md index 65b8a6e..a420e8c 100644 --- a/README.md +++ b/README.md @@ -31,6 +31,7 @@ Docker Compose installation options. docker_apt_release_channel: stable docker_apt_repository: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" + docker_apt_ignore_key_error: True (Used only for Debian/Ubuntu.) You can switch the channel to `edge` if you want to use the Edge release. diff --git a/defaults/main.yml b/defaults/main.yml index b6b754a..3448d79 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -13,9 +13,9 @@ docker_compose_path: /usr/local/bin/docker-compose # Used only for Debian/Ubuntu. Switch 'stable' to 'edge' if needed. docker_apt_release_channel: stable docker_apt_repository: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" -docker_apt_ignore_key_error: true +docker_apt_ignore_key_error: True -# Used only for RedHat/CentOS/Fedora -docker_yum_repo_url: https://download.docker.com/linux/{{ (ansible_distribution == "Fedora")|ternary("fedora","centos") }}/docker-{{ docker_edition }}.repo +# Used only for RedHat/CentOS/Fedora. +docker_yum_repo_url: https://download.docker.com/linux/{{ (ansible_distribution == "Fedora") | ternary("fedora","centos") }}/docker-{{ docker_edition }}.repo docker_yum_repo_enable_edge: 0 docker_yum_repo_enable_test: 0 diff --git a/meta/main.yml b/meta/main.yml index 575a466..939d881 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -12,6 +12,9 @@ galaxy_info: versions: - 6 - 7 + - name: Fedora + versions: + - all - name: Debian versions: - jessie @@ -19,6 +22,7 @@ galaxy_info: versions: - trusty - xenial + - bionic galaxy_tags: - web - system From 201cd7dd947541c3e1cc697fca41c42087524972 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 1 May 2018 21:36:08 -0500 Subject: [PATCH 16/29] Docker repo doesn't yet support Ubuntu 18.04 Bionic, it seems. --- .travis.yml | 2 +- meta/main.yml | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index d371899..ea8dbd4 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,8 +3,8 @@ services: docker env: - distro: centos7 - - distro: ubuntu1804 - distro: ubuntu1604 + - distro: ubuntu1404 - distro: debian9 - distro: fedora27 diff --git a/meta/main.yml b/meta/main.yml index 939d881..c872b5d 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -22,7 +22,6 @@ galaxy_info: versions: - trusty - xenial - - bionic galaxy_tags: - web - system From 3f96f8f023280c60364ed7d6eea0b2128603a27c Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 2 May 2018 14:43:02 -0500 Subject: [PATCH 17/29] PR #43 follow-up: Align order of vars in docs with defaults. --- README.md | 2 +- defaults/main.yml | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 5af404f..b54fa7f 100644 --- a/README.md +++ b/README.md @@ -29,8 +29,8 @@ Whether to restart the Docker daemon after the Docker package is installed or up Docker Compose installation options. - docker_apt_arch: amd64 docker_apt_release_channel: stable + docker_apt_arch: amd64 docker_apt_repository: "deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" docker_apt_ignore_key_error: True diff --git a/defaults/main.yml b/defaults/main.yml index d54fb72..905618a 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -12,8 +12,7 @@ docker_compose_path: /usr/local/bin/docker-compose # Used only for Debian/Ubuntu. Switch 'stable' to 'edge' if needed. docker_apt_release_channel: stable -# Architecture must be specified in order for updates to work. Choose between 'amd64' & 'i386'. -docker_apt_arch: amd64 +docker_apt_arch: amd64 docker_apt_repository: "deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" docker_apt_ignore_key_error: True From 1a05e3ae721a15c90b795e1faf1edef21b449c2a Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sun, 6 May 2018 17:47:34 -0500 Subject: [PATCH 18/29] PR #26 follow-up: Docs tidy. --- README.md | 2 +- tasks/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index f348fe5..74fc22e 100644 --- a/README.md +++ b/README.md @@ -46,7 +46,7 @@ Docker Compose installation options. - user1 - user2 -Set the docker_users variable to allow those users to run docker (these users are added to the docker group) +A list of system users to be added to the `docker` group (so they can use Docker on the server). ## Use with Ansible (and `docker` Python library) diff --git a/tasks/main.yml b/tasks/main.yml index 01895d4..f47f630 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -24,5 +24,5 @@ - include_tasks: docker-compose.yml when: docker_install_compose -- include: docker-users.yml +- include_tasks: docker-users.yml when: docker_users From 9f9ad7ee92b055bbbbe53459eae670aa39f9e47b Mon Sep 17 00:00:00 2001 From: coaxial Date: Fri, 11 May 2018 09:11:11 -0400 Subject: [PATCH 19/29] Fix deprecation warning --- tasks/setup-Debian.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index 62e4d1d..8805ba6 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -25,13 +25,13 @@ - name: Ensure curl is present (on older systems without SNI). package: name=curl state=present - when: add_repository_key|failed + when: add_repository_key is failed - name: Add Docker apt key (alternative for older systems without SNI). shell: "curl -sSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -" args: warn: no - when: add_repository_key|failed + when: add_repository_key is failed - name: Add Docker repository. apt_repository: From 8f1804c9308f662761d26dda32e5493d6e1646fa Mon Sep 17 00:00:00 2001 From: Raphael Nestler Date: Thu, 17 May 2018 17:20:39 +0200 Subject: [PATCH 20/29] Update docker-compose version to 1.21.2 See https://github.com/docker/compose/releases/tag/1.21.2 --- README.md | 2 +- defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 74fc22e..abec29f 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterpri Whether to restart the Docker daemon after the Docker package is installed or updated. If this is set to `True`, this role will flush all handlers (run any of the handlers that have been notified by this and any other role up to this point in the play). The default setting helps avoid firewall clashes with Docker rules (e.g. when using custom `iptables` rules or the `geerlingguy.firewall` Ansible role). docker_install_compose: True - docker_compose_version: "1.21.1" + docker_compose_version: "1.21.2" docker_compose_path: /usr/local/bin/docker-compose Docker Compose installation options. diff --git a/defaults/main.yml b/defaults/main.yml index 1df94b1..0c17481 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -7,7 +7,7 @@ docker_restart_on_package_change: True # Docker Compose options. docker_install_compose: True -docker_compose_version: "1.21.1" +docker_compose_version: "1.21.2" docker_compose_path: /usr/local/bin/docker-compose # Used only for Debian/Ubuntu. Switch 'stable' to 'edge' if needed. From abd8e3625ef5ae15d13aab6cafbde7c5229f0aa3 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 18 May 2018 16:58:50 -0500 Subject: [PATCH 21/29] Fixes #42: Allow control over docker_service state. --- README.md | 6 ++++++ defaults/main.yml | 5 +++++ handlers/main.yml | 2 +- tasks/main.yml | 4 ++-- 4 files changed, 14 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index abec29f..22ebd15 100644 --- a/README.md +++ b/README.md @@ -23,6 +23,12 @@ The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterpri Whether to restart the Docker daemon after the Docker package is installed or updated. If this is set to `True`, this role will flush all handlers (run any of the handlers that have been notified by this and any other role up to this point in the play). The default setting helps avoid firewall clashes with Docker rules (e.g. when using custom `iptables` rules or the `geerlingguy.firewall` Ansible role). + docker_service_state: started + docker_service_enabled: yes + docker_restart_handler_state: restarted + +Variables to control the state of the `docker` service, and whether it should start on boot. If you're installing Docker inside a Docker container without systemd or sysvinit, you should set these to `stopped` and set the enabled variable to `no`. + docker_install_compose: True docker_compose_version: "1.21.2" docker_compose_path: /usr/local/bin/docker-compose diff --git a/defaults/main.yml b/defaults/main.yml index 0c17481..caa6702 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -5,6 +5,11 @@ docker_package: "docker-{{ docker_edition }}" docker_package_state: present docker_restart_on_package_change: True +# Service options. +docker_service_state: started +docker_service_enabled: yes +docker_restart_handler_state: restarted + # Docker Compose options. docker_install_compose: True docker_compose_version: "1.21.2" diff --git a/handlers/main.yml b/handlers/main.yml index 43016e0..7847bc1 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,3 +1,3 @@ --- - name: restart docker - service: name=docker state=restarted + service: "name=docker state={{ docker_restart_handler_state }}" diff --git a/tasks/main.yml b/tasks/main.yml index f47f630..eaf71c5 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -14,8 +14,8 @@ - name: Ensure Docker is started and enabled at boot. service: name: docker - state: started - enabled: yes + state: "{{ docker_service_state }}" + enabled: "{{ docker_service_enabled }}" - name: Ensure handlers are notified now to avoid firewall conflicts. meta: flush_handlers From 8034040c69a1402a0d5e80404f9d12d88bf9511d Mon Sep 17 00:00:00 2001 From: Nick Jones Date: Wed, 23 May 2018 17:06:09 +0100 Subject: [PATCH 22/29] Update user's group membership, not primary group --- tasks/docker-users.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/docker-users.yml b/tasks/docker-users.yml index ccc1ac7..afebd9a 100644 --- a/tasks/docker-users.yml +++ b/tasks/docker-users.yml @@ -2,6 +2,6 @@ - name: Ensure docker users are added to the docker group. user: name: "{{ item }}" - group: docker + groups: docker append: yes with_items: "{{ docker_users }}" From 9205f56172c00ad81327811f6275f84a6637c925 Mon Sep 17 00:00:00 2001 From: larsmaes Date: Thu, 7 Jun 2018 14:43:13 +0200 Subject: [PATCH 23/29] Update docker-users.yml change group to groups otherwise primary group of users wil be changed --- tasks/docker-users.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/docker-users.yml b/tasks/docker-users.yml index ccc1ac7..afebd9a 100644 --- a/tasks/docker-users.yml +++ b/tasks/docker-users.yml @@ -2,6 +2,6 @@ - name: Ensure docker users are added to the docker group. user: name: "{{ item }}" - group: docker + groups: docker append: yes with_items: "{{ docker_users }}" From fda6a8e33d17389712fc51bb3c7ae8c140b97412 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 20 Jun 2018 19:31:39 -0500 Subject: [PATCH 24/29] Fixes #60: Support Ubuntu 18.04 Bionic Beaver. --- .travis.yml | 1 + meta/main.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.travis.yml b/.travis.yml index ea8dbd4..07a44c9 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,6 +3,7 @@ services: docker env: - distro: centos7 + - distro: ubuntu1804 - distro: ubuntu1604 - distro: ubuntu1404 - distro: debian9 diff --git a/meta/main.yml b/meta/main.yml index c872b5d..939d881 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -22,6 +22,7 @@ galaxy_info: versions: - trusty - xenial + - bionic galaxy_tags: - web - system From 148a5a4041ddd148d7a6b13f30483a1cd19e2090 Mon Sep 17 00:00:00 2001 From: George Brighton Date: Sun, 22 Jul 2018 22:02:44 +0100 Subject: [PATCH 25/29] Fix deprecation warning when installing dependencies; fixes #77 --- tasks/setup-Debian.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index 8805ba6..312de84 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -9,11 +9,10 @@ - name: Ensure dependencies are installed. apt: - name: "{{ item }}" + name: + - apt-transport-https + - ca-certificates state: present - with_items: - - apt-transport-https - - ca-certificates - name: Add Docker apt key. apt_key: From 470554872fda142fe23b5d9140869af7b44dd034 Mon Sep 17 00:00:00 2001 From: George Brighton Date: Sun, 22 Jul 2018 22:13:02 +0100 Subject: [PATCH 26/29] Remove docker_restart_on_package_change option to correct warning; fixes #79 --- README.md | 6 +----- defaults/main.yml | 1 - tasks/main.yml | 1 - 3 files changed, 1 insertion(+), 7 deletions(-) diff --git a/README.md b/README.md index 22ebd15..b264883 100644 --- a/README.md +++ b/README.md @@ -17,11 +17,7 @@ Available variables are listed below, along with default values (see `defaults/m docker_package: "docker-{{ docker_edition }}" docker_package_state: present -The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterprise Edition). You can also specify a specific version of Docker to install using a format like `docker-{{ docker_edition }}-`. And you can control whether the package is installed, uninstalled, or at the latest version by setting `docker_package_state` to `present`, `absent`, or `latest`, respectively. - - docker_restart_on_package_change: True - -Whether to restart the Docker daemon after the Docker package is installed or updated. If this is set to `True`, this role will flush all handlers (run any of the handlers that have been notified by this and any other role up to this point in the play). The default setting helps avoid firewall clashes with Docker rules (e.g. when using custom `iptables` rules or the `geerlingguy.firewall` Ansible role). +The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterprise Edition). You can also specify a specific version of Docker to install using a format like `docker-{{ docker_edition }}-`. And you can control whether the package is installed, uninstalled, or at the latest version by setting `docker_package_state` to `present`, `absent`, or `latest`, respectively. Note that the Docker daemon will be automatically restarted if the Docker package is updated. This is a side effect of flushing all handlers (running any of the handlers that have been notified by this and any other role up to this point in the play). docker_service_state: started docker_service_enabled: yes diff --git a/defaults/main.yml b/defaults/main.yml index caa6702..e95a1b3 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -3,7 +3,6 @@ docker_edition: 'ce' docker_package: "docker-{{ docker_edition }}" docker_package_state: present -docker_restart_on_package_change: True # Service options. docker_service_state: started diff --git a/tasks/main.yml b/tasks/main.yml index eaf71c5..8444ac7 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -19,7 +19,6 @@ - name: Ensure handlers are notified now to avoid firewall conflicts. meta: flush_handlers - when: docker_restart_on_package_change - include_tasks: docker-compose.yml when: docker_install_compose From bf4bed998721a432320dbf41150639307700b759 Mon Sep 17 00:00:00 2001 From: Abed Kassis Date: Mon, 23 Jul 2018 14:06:08 +1000 Subject: [PATCH 27/29] Update README.md Latest docker-compose --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 22ebd15..9ae6278 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,7 @@ Whether to restart the Docker daemon after the Docker package is installed or up Variables to control the state of the `docker` service, and whether it should start on boot. If you're installing Docker inside a Docker container without systemd or sysvinit, you should set these to `stopped` and set the enabled variable to `no`. docker_install_compose: True - docker_compose_version: "1.21.2" + docker_compose_version: "1.22.0" docker_compose_path: /usr/local/bin/docker-compose Docker Compose installation options. From ee812ac37e9150950f2e0ceed7c1c41084d3feed Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 31 Jul 2018 11:14:24 -0500 Subject: [PATCH 28/29] PR #81: Bump Docker Compose default version. --- defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index e95a1b3..c12e9e9 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -11,7 +11,7 @@ docker_restart_handler_state: restarted # Docker Compose options. docker_install_compose: True -docker_compose_version: "1.21.2" +docker_compose_version: "1.22.0" docker_compose_path: /usr/local/bin/docker-compose # Used only for Debian/Ubuntu. Switch 'stable' to 'edge' if needed. From bac7157eda433c495cce1bdd031aa2d0ee41b063 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 4 Sep 2018 11:29:18 -0500 Subject: [PATCH 29/29] Fixes #86, Fixes #35, Fixes #68: Document how to pin version on all OSes. --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 04c027f..8b0755f 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,9 @@ Available variables are listed below, along with default values (see `defaults/m docker_package: "docker-{{ docker_edition }}" docker_package_state: present -The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterprise Edition). You can also specify a specific version of Docker to install using a format like `docker-{{ docker_edition }}-`. And you can control whether the package is installed, uninstalled, or at the latest version by setting `docker_package_state` to `present`, `absent`, or `latest`, respectively. Note that the Docker daemon will be automatically restarted if the Docker package is updated. This is a side effect of flushing all handlers (running any of the handlers that have been notified by this and any other role up to this point in the play). +The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterprise Edition). You can also specify a specific version of Docker to install using the distribution-specific format: Red Hat/CentOS: `docker-{{ docker_edition }}-`; Debian/Ubuntu: `docker-{{ docker_edition }}=`. + +You can control whether the package is installed, uninstalled, or at the latest version by setting `docker_package_state` to `present`, `absent`, or `latest`, respectively. Note that the Docker daemon will be automatically restarted if the Docker package is updated. This is a side effect of flushing all handlers (running any of the handlers that have been notified by this and any other role up to this point in the play). docker_service_state: started docker_service_enabled: yes