This is my first ansible playbook which is used to provision some linux boxes to run as docker platforms. This playbook speeds up the deployment and configuration management considerably, especially since there are 5 boxes at separate sites to manage.
--- #post install configuration for docker use - hosts: localserver remote_user: root become: su gather_facts: no connection: ssh tasks: - name: 'selinux permissive' lineinfile: dest=/etc/selinux/config regexp="^SELINUX=" line="SELINUX=permissive" - name: 'add docker ce repo' fetch: src: https://download.docker.com/linux/centos/docker-ce.repo dest: /etc/yum.repos.d/ flat: yes fail_on_missing: no - name: 'update package list' yum: update_cache: yes name: '*' state: latest - name: 'add packages' yum: name: - epel-release - yum-utils - device-mapper-persistent-data - docker-ce - python-pip state: latest - name: 'install docker-compose' pip: > name=docker-compose state=latest - name: 'add centos to docker group' user: name: centos groups: docker append: yes - name: 'add daemon.json' copy: src: /mnt/c/Users/soops/playbooks/dockerServer/daemon.json dest: /etc/docker/daemon.json owner: root group: root mode: 0644 - name: 'enable and restart docker' systemd: name: docker enabled: yes state: restarted daemon_reload: yes - name: 'stop postfix' systemd: name: postfix enabled: no state: stopped - name: 'start portainer container' docker_container: name: portainer state: started restart_policy: always ports: 9000:9000 docker_host: unix://var/run/docker.sock image: portainer/portainer command: --no-auth - name: 'website test' docker_container: name: testWebserver state: started ports: 80:80 docker_host: unix://var/run/docker.sock image: httpd volumes: /home/centos/html/:/usr/local/apache2/htdocs/
I learned a couple of things here while hacking this together once I had a friend who uses ansible professionally review it:
- There’s a module for that. Avoid shell commands like the plague, and look up your command’s corresponding module. Using shell commands relies on sequence, ansible is a declarative structured tool so task statements should be tests of state and stand alone without regard to location in the script.
- Use -C to test each statement without changing anything on the managed hosts.
- Use –syntax-check to validate your playbook without executing it.
- Use pip to install your ansible. I used the apt-get method for my Ubuntu for Windows, and I could only get 220.127.116.11. I kept getting syntax errors for statements that I knew to be true, and after hours of staring at the screen I found out that it meant the module wasn’t supported in the ansible version being used. Installing ansible through pip gave me the current 2.7.6 version.
I need to work on roles, triggers and variables, but this has vastly simplified my server deployment and configuration problem, and given me an added tool to deploy containers that I can try with Jenkins.