Install docker 18.06

2025-12-25 05:36:59 +01:00 · 2018-09-20 00:35:06 +02:00 · 2018-09-20 00:35:06 +02:00 · e0b240c7bd
commit e0b240c7bd
parent cf77a30521
7 changed files with 153 additions and 1 deletions
--- a/group_vars/k8s
+++ b/group_vars/k8s
@ -11,5 +11,5 @@ harden_linux_ufw_rules:
  - rule: "allow"
    to_port: "7000"
    protocol: "udp"
-docker_version: "17.03.2-ce"
+docker_version: 18.06.*
--- a/k8s.yml
+++ b/k8s.yml
@ -3,6 +3,8 @@
  roles:
    - role: proxy
      tags: proxy
    - role: docker
      tags: docker
 #- hosts: localhost
 #  become: yes
 #  gather_facts: no
--- a/roles/docker/defaults/main.yml
+++ b/roles/docker/defaults/main.yml
@ -0,0 +1,7 @@
 docker_apt_key: https://download.docker.com/linux/ubuntu/gpg
 docker_apt_repository: https://download.docker.com/linux/ubuntu
 # Choose 'edge' 'stable' or 'testing' for docker channel
 docker_apt_channel: stable
 # Docker daemon config file
 docker_daemon_config: /etc/docker/daemon.json
 docker_version: 17.03.*
--- a/roles/docker/handlers/main.yml
+++ b/roles/docker/handlers/main.yml
@ -0,0 +1,10 @@
 ---
 - name: reload systemd
  command: systemctl daemon-reload
 - name: restart docker
  systemd:
    name: docker
    state: restarted
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@ -0,0 +1,93 @@
 ---
 - name: Docker installation for Ubuntu distribution
  block:
  - name: Ensure docker packages are not present
    apt:
      state: absent
      name: ['docker', 'docker-engine', 'docker.io']
  - name: Install docker package dependencies
    apt:
      state: latest
      name: ['apt-transport-https', 'ca-certificates', 'curl', 'software-properties-common']
      update_cache: yes
      cache_valid_time: 86400
    register: result
    retries: 3
    until: result is success
  - name: Adding Docker official gpg key
    apt_key:
      url: "{{ docker_apt_key }}"
      state: present
  - name: Setting Docker repository depending on arch
    set_fact:
      docker_repository: "deb [arch={{ item.apt_arch }}] {{ docker_apt_repository }} {{ ansible_distribution_release }} {{ docker_apt_channel }}"
    when: ansible_architecture == item.system_arch
    with_items:
      - { system_arch: 'x86_64', apt_arch: 'amd64' }
      - { system_arch: 'arm', apt_arch: 'armhf' }
  - name: Printing Docker repository
    debug:
      var: docker_repository
  - name: Adding Docker repository
    apt_repository:
      repo: "{{ docker_repository }}"
      state: present
      filename: 'docker'
  # TODO fix this - fails when ip route is using tun0 in scaleway
  - name: Explictly create docker0
    shell: |
      ip link add name docker0 type bridge || true
      ip addr add dev docker0 172.17.0.1/16 || true
  - name: Install docker-ce
    apt:
      name: docker-ce={{ docker_version }}
      update_cache: yes
    register: result
    retries: 3
    until: result is success
  - name: Pin docker-ce release
    copy:
      dest: /etc/apt/preferences.d/docker-ce
      content: |
        Package: docker-ce
        Pin: version {{ docker_version }}
        Pin-Priority: 1002
  - name: Fixing systemd unit for Docker config file
    template:
      src: docker.service.j2
      dest: /lib/systemd/system/docker.service
    notify: reload systemd
  - name: Create docker config directory
    file:
      path: /etc/docker
      mode: 0700
      recurse: yes
  - name: Templating /etc/docker/daemon.json
    template:
      src: daemon.json.j2
      dest: /etc/docker/daemon.json
    notify: restart docker
  - name: Flushing handlers 2
    meta: flush_handlers
  - name: Getting Docker version
    shell: "docker --version"
    register: docker_version
  - name: Printing Docker version
    debug: var=docker_version
  when: ansible_distribution == "Ubuntu"
--- a/roles/docker/templates/daemon.json.j2
+++ b/roles/docker/templates/daemon.json.j2
@ -0,0 +1,3 @@
 {
  "experimental": true
 }
--- a/roles/docker/templates/docker.service.j2
+++ b/roles/docker/templates/docker.service.j2
@ -0,0 +1,37 @@
 [Unit]
 Description=Docker Application Container Engine
 Documentation=https://docs.docker.com
 After=network-online.target docker.socket firewalld.service
 Wants=network-online.target
 Requires=docker.socket
 [Service]
 Type=notify
 # the default is not to use systemd for cgroups because the delegate issues still
 # exists and systemd currently does not support the cgroup feature set required
 # for containers run by docker
 ExecStart=/usr/bin/dockerd --config-file {{ docker_daemon_config }} -H fd://
 ExecReload=/bin/kill -s HUP $MAINPID
 LimitNOFILE=1048576
 # Having non-zero Limit*s causes performance problems due to accounting overhead
 # in the kernel. We recommend using cgroups to do container-local accounting.
 LimitNPROC=infinity
 LimitCORE=infinity
 # Uncomment TasksMax if your systemd version supports it.
 # Only systemd 226 and above support this version.
 TasksMax=infinity
 TimeoutStartSec=0
 # set delegate yes so that systemd does not reset the cgroups of docker containers
 Delegate=yes
 # kill only the docker process, not all processes in the cgroup
 KillMode=process
 # restart the docker process if it exits prematurely
 Restart=on-failure
 StartLimitBurst=3
 StartLimitInterval=60s
 Environment="NO_PROXY=https://cp-par1.scaleway.com,https://cp-ams1.scaleway.com,https://account.scaleway.com,http://169.254.42.42,192.168.66.0/24"
 Environment="DOCKER_OPTS=--iptables=false --ip-masq=false"
 [Install]
 WantedBy=multi-user.target