ansible : docker client

This is my first ansible playbook which is used to provision some linux boxes to run as docker platforms. This playbook speeds up the deployment and configuration management considerably, especially since there are 5 boxes at separate sites to manage.

--- #post install configuration for docker use
- hosts: localserver
  remote_user: root 
  become: su
  gather_facts: no
  connection: ssh

  - name: 'selinux permissive'
    lineinfile: dest=/etc/selinux/config regexp="^SELINUX=" line="SELINUX=permissive"

  - name: 'add docker ce repo'
      dest: /etc/yum.repos.d/
      flat: yes
      fail_on_missing: no

  - name: 'update package list'
      update_cache: yes 
      name: '*' 
      state: latest

  - name: 'add packages'
       - epel-release
       - yum-utils
       - device-mapper-persistent-data
       - docker-ce
       - python-pip
      state: latest

  - name: 'install docker-compose'
    pip: >

  - name: 'add centos to docker group'
     name: centos
     groups: docker
     append: yes

  - name: 'add daemon.json'
      src: /mnt/c/Users/soops/playbooks/dockerServer/daemon.json
      dest: /etc/docker/daemon.json
      owner: root
      group: root
      mode: 0644

  - name: 'enable and restart docker'
      name: docker
      enabled: yes
      state: restarted
      daemon_reload: yes

  - name: 'stop postfix'
      name: postfix
      enabled: no
      state: stopped

  - name: 'start portainer container'
      name: portainer
      state: started
      restart_policy: always
      ports: 9000:9000
      docker_host: unix://var/run/docker.sock
      image: portainer/portainer
      command: --no-auth

  - name: 'website test'
      name: testWebserver
      state: started
      ports: 80:80
      docker_host: unix://var/run/docker.sock
      image: httpd
      volumes: /home/centos/html/:/usr/local/apache2/htdocs/

I learned a couple of things here while hacking this together once I had a friend who uses ansible professionally review it:

  • There’s a module for that. Avoid shell commands like the plague, and look up your command’s corresponding module. Using shell commands relies on sequence, ansible is a declarative structured tool so task statements should be tests of state and stand alone without regard to location in the script.
  • Use -C to test each statement without changing anything on the managed hosts.
  • Use –syntax-check to validate your playbook without executing it.
  • Use pip to install your ansible. I used the apt-get method for my Ubuntu for Windows, and I could only get I kept getting syntax errors for statements that I knew to be true, and after hours of staring at the screen I found out that it meant the module wasn’t supported in the ansible version being used. Installing ansible through pip gave me the current 2.7.6 version.

I need to work on roles, triggers and variables, but this has vastly simplified my server deployment and configuration problem, and given me an added tool to deploy containers that I can try with Jenkins.

Leave a Reply

Your email address will not be published. Required fields are marked *