Merge pull request #4 from christopherobin/rewrite

Rewrite/Cleanup
AerisCloud · Feb 15, 2017 · ee26d24 · ee26d24
2 parents f3870e5 + 347d9b1
commit ee26d24
Show file tree

Hide file tree

Showing 18 changed files with 265 additions and 216 deletions.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,3 @@
+*.log
+.vagrant
+*.retry
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -0,0 +1,30 @@
+---
+# Docker repository branch
+docker_repo: main
+# docker_repo: testing
+# docker_repo: experimental
+# By default we listen on the docker socket, if you want to listen on TCP just
+# update this variable to add new entries such as "tcp://192.168.0.1:4738"
+docker_hosts: "{{ docker_default_hosts[ansible_os_family] | list }}"
+# Default IP when binding container ports
+docker_ip: "0.0.0.0"
+# The logging level of the daemon
+docker_log_level: "info"
+# Preferred Docker registry mirror
+docker_registry_mirror: []
+# Add insecure registries
+docker_insecure_registries: []
+# Setup TLS options
+docker_tls:
+  enabled: false
+  verify: false
+  cacert: ""
+  cert: ""
+  key: ""
+# Enable SELinux support
+docker_selinux: false
+# Cluster advertising
+docker_cluster:
+  advertise: ""
+  store: ""
+  options: {}
diff --git a/handlers/main.yml b/handlers/main.yml
@@ -1,3 +1,6 @@
 ---
-- name: Restart Docker
+- name: Reload systemd
+  command: /bin/systemctl daemon-reload
+
+- name: Restart docker
   service: name=docker state=restarted enabled=yes sleep=5
diff --git a/meta/main.yml b/meta/main.yml
@@ -1,112 +1,31 @@
 ---
 galaxy_info:
-  author: Jason Giedymin
+  author: Christophe Robin
   description: Ansible Docker Playbook Role
-  company: http://jasongiedymin.com
-  license: Apache 2
-  min_ansible_version: 1.2
-  #
-  # Below are all platforms currently available. Just uncomment
-  # the ones that apply to your role. If you don't see your 
-  # platform on this list, let us know and we'll get it added!
-  #
+  company: Wizcorp K.K.
+  license: MIT
+  min_ansible_version: 2.0
   platforms:
   - name: EL
     versions:
-  #  - all
-  #  - 5
-    - 6
-    - 7
-  #- name: GenericUNIX
-  #  versions:
-  #  - all
-  #  - any
-  #- name: Fedora
-  #  versions:
-  #  - all
-  #  - 16
-  #  - 17
-  #  - 18
-  #  - 19
-  #  - 20
-  #- name: opensuse
-  #  versions:
-  #  - all
-  #  - 12.1
-  #  - 12.2
-  #  - 12.3
-  #  - 13.1
-  #  - 13.2
-  #- name: GenericBSD
-  #  versions:
-  #  - all
-  #  - any
-  #- name: FreeBSD
-  #  versions:
-  #  - all
-  #  - 8.0
-  #  - 8.1
-  #  - 8.2
-  #  - 8.3
-  #  - 8.4
-  #  - 9.0
-  #  - 9.1
-  #  - 9.1
-  #  - 9.2
+      - 7
   - name: Ubuntu
     versions:
-      - all
-      - lucid
-      - maverick
-      - natty
-      - oneiric
-      - precise
-      - quantal
-      - raring
-      - saucy
-      - trusty
-  #- name: SLES
-  #  versions:
-  #  - all
-  #  - 10SP3
-  #  - 10SP4
-  #  - 11
-  #  - 11SP1
-  #  - 11SP2
-  #  - 11SP3
-  #- name: GenericLinux
-  #  versions:
-  #  - all
-  #  - any
+      - xenial
+      - yakkety
   - name: Debian
     versions:
       - all
       - etch
       - lenny
       - squeeze
       - wheezy
-
-  # Below are all categories currently available. Just as with
-  # the platforms above, uncomment those that apply to your role.
-  #
   categories:
   - cloud
-  #- cloud:ec2
-  #- cloud:gce
-  #- cloud:rax
-  #- database
-  #- database:nosql
-  #- database:sql
-  #- development
-  #- monitoring
-  #- networking
-  #- packaging
   - system
-  #- web
   - platform
-dependencies: []
-  # List your role dependencies here, one per line. Only
-  # dependencies available via galaxy should be listed here.
-  # Be sure to remove the '[]' above if you add dependencies
-  # to this list.
-
+dependencies:
+  - role: AerisCloud.repos
+    repositories:
+      centos7:
+        - docker
diff --git a/tasks/Debian.yml b/tasks/Debian.yml
@@ -1,36 +1,39 @@
-- name: Get uname
-  command: uname -r
-  register: os_uname
-
-# would rather have used ansible apt-key...
-- name: Add specific key
-  command: apt-key adv --keyserver keyserver.ubuntu.com --recv-keys {{docker_repo_key}}
-
-- name: Add docker repo
-  command: sudo sh -c "echo deb {{docker_repo}} docker main > /etc/apt/sources.list.d/docker.list"
-
-- name: Install os packages
-  apt: pkg={{item}} state=present update_cache=yes
-  with_items: 
-    - linux-image-extra-{{os_uname.stdout}}
-    - lxc-docker
-
-- name: Docker default config file
-  template: src=docker-defaults.j2 dest=/etc/default/docker
-
-- name: Docker init file
-  template: src=docker-init.j2 dest=/etc/init/docker.conf
-  notify: Restart Docker
-
-# consider seperate role here
-- name: Change ufw forward policy to ACCEPT
-  command: sed -i 's/DEFAULT_FORWARD_POLICY="DROP"/DEFAULT_FORWARD_POLICY="ACCEPT"/g' /etc/default/ufw
-  when: docker_listen_tcp == True
-
-- name: Reload ufw
-  command: ufw reload
-  when: docker_listen_tcp == True
-
-- name: Allow incomming tcp traffic on {{docker_listen_port}}
-  command: ufw allow {{docker_listen_port}}/tcp
-  when: docker_listen_tcp == True
+- name: "Import Docker APT public key."
+  apt_key:
+    keyserver: "{{ docker_pubkey_server }}"
+    id: "{{ docker_pubkey_id }}"
+    state: present
+  tags:
+    - docker
+    - package
+
+- name: "Install apt-transport-https if necessary."
+  apt:
+    name: "{{ item }}"
+    state: present
+  with_items:
+    - apt-transport-https
+    - ca-certificates
+  tags:
+    - docker
+    - package
+
+- name: "Add the APT Docker repository."
+  apt_repository:
+    repo: "{{ docker_apt_repo }}"
+    state: present
+    filename: 'docker'
+  tags:
+    - docker
+    - package
+
+- name: "Install Docker"
+  apt:
+    name: "{{ item }}"
+    state: present
+  with_items:
+    - docker-engine
+    - linux-image-extra-virtual
+  tags:
+    - docker
+    - package
diff --git a/tasks/RedHat.yml b/tasks/RedHat.yml
@@ -1,12 +1,15 @@
-- include: rh6.yml
+- name: "Check CentOS version"
+  fail: msg="The system is running a version of RedHat that is not supported by this playbook"
   when: ansible_distribution_major_version|int == 6
+  tags:
+    - docker
 
-- include: rh7.yml
-  when: ansible_distribution_major_version|int == 7
-
-- name: "Change docker options"
-  lineinfile: >
-    line='other_args={{ docker_opts }}'
-    regexp='^other_args='
-    dest=/etc/sysconfig/docker
+- name: "Install docker"
+  yum: >
+    name=docker-engine
+    enablerepo=dockerrepo
     state=present
+  notify: Restart docker
+  tags:
+    - docker
+    - package
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -1,12 +1,54 @@
 ---
 - include: Debian.yml
-  when: ansible_os_family == "Debian"
+  static: no
+  when: ansible_os_family == 'Debian'
+  tags:
+    - docker
 
 - include: RedHat.yml
+  static: no
   when: ansible_os_family == "RedHat"
+  tags:
+    - docker
+
+- name: "Create drop-in folder"
+  file: path=/etc/systemd/system/docker.service.d state=directory mode=0755
+  tags:
+    - docker
+    - service
+    - files
+
+# Not a big fan of this but the default package explicitly prevents defining the hosts
+# option in the daemon config by adding a useless -H option on the dockerd start command,
+# this service file removes it
+- name: "Create drop-in systemd definition to allow for custom listen options"
+  template: src=docker.service.j2 dest=/etc/systemd/system/docker.service.d/docker.conf
+  notify:
+    - Reload systemd
+  tags:
+    - docker
+    - service
+    - files
+
+- name: "Ensure that /etc/docker exists"
+  file: path=/etc/docker state=directory mode=0755
+  tags:
+    - docker
+    - files
+
+- name: "Docker default config file"
+  template: src=docker-config.json.j2 dest=/etc/docker/daemon.json
+  notify:
+    - Restart docker
+  tags:
+    - docker
+    - files
 
 - name: "Make sure docker is running"
   service: >
     name=docker
     state=started
     enabled=yes
+  tags:
+    - docker
+    - service
diff --git a/tasks/rh6.yml b/tasks/rh6.yml
diff --git a/tasks/rh7.yml b/tasks/rh7.yml
diff --git a/templates/docker-config.json.j2 b/templates/docker-config.json.j2
@@ -0,0 +1,25 @@
+{
+	"hosts": {{ docker_hosts | to_json }},
+	"ip": {{ docker_ip | to_json }},
+	"log-level": {{ docker_log_level | to_json }},
+{% if docker_log_driver is defined %}
+	"log-driver": {{ docker_log_driver | to_json }},
+{% if docker_log_opts is defined %}
+	"log-opts": {{ docker_log_opts | to_json }},
+{% endif %}
+{% endif %}
+{% if docker_labels is defined %}
+	"labels": {{ docker_labels | to_json }},
+{% endif %}
+{% if docker_tls.enabled %}
+	"tls": {{ docker_tls.enabled | to_json }},
+	"tlsverify": {{ docker_tls.verify | to_json }},
+	"tlscacert": {{ docker_tls.cacert | to_json }},
+	"tlscert": {{ docker_tls.cert | to_json }},
+	"tlskey": {{ docker_tls.key | to_json }},
+{% endif %}
+{% if docker_registry_mirror | length %}
+	"registry-mirror": {{ docker_registry_mirror | to_json }},
+{% endif %}
+	"insecure-registries": {{ docker_insecure_registries | to_json }}
+}