📚
Ansible で Docker をインストールしてみる
環境
Ansible実行環境は、Raspberry Pi上のDockerコンテナ上のAmazonLinux 2023
$ ansible --version
ansible [core 2.15.13]
config file = None
configured module search path = ['/home/docker/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.9/site-packages/ansible
ansible collection location = /home/docker/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/local/bin/ansible
python version = 3.9.16 (main, Apr 24 2024, 00:00:00) [GCC 11.4.1 20230605 (Red Hat 11.4.1-2)] (/usr/bin/python3)
jinja version = 3.1.5
libyaml = True
ターゲットホストは、Raspberry Pi上で動かしたKVMのDebian12(genericcloudのイメージを利用)
インベントリファイルを用意する
hosts.test.yaml
test:
hosts:
test1:
ansible_host: 192.168.11.201
vars:
ansible_ssh_user: debian
ホストへの接続テスト
$ ansible -i hosts.test.yaml -m ping test --ask-pass
SSH password:
test1 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
$ ansible -i hosts.test.yaml -m setup test --ask-pass | head
SSH password:
test1 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.11.201"
],
"ansible_all_ipv6_addresses": [
プレイブックを記述していく
test.yml
---
- name: configure and deploy test environment.
hosts: test
become: yes
roles:
- docker
公式サイトのインストール手順の内容をプレイブックに記載
-
sudo apt-get install ca-certificates curlとsudo install -m 0755 -d /etc/apt/keyringsについては、自分の試したところではインストール済み/作成済みだったのでプレイブックへの記載はスルーしたが、常識的には記載したほうがいいと思う。 - もしかしたら
set_fact: docker_archの箇所は、amd64環境などでは書き換えが必要かもしれない。
roles/docker/tasks/main.yml
---
- name: Set architecture
set_fact:
docker_arch: "{{ 'arm64' if ansible_machine == 'aarch64' else ansible_machine }}"
- name: Add Docker's official GPG key
get_url:
url: https://download.docker.com/linux/debian/gpg
dest: /etc/apt/keyrings/docker.asc
mode: '0644'
force: true
- name: Add the repository to Apt sources
apt_repository:
repo: "deb [arch={{ docker_arch }} signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable"
state: present
- name: Install the Docker packages
apt:
name: [ 'docker-ce', 'docker-ce-cli', 'containerd.io', 'docker-buildx-plugin', 'docker-compose-plugin' ]
state: present
- name: Be sure docker is running and enabled
systemd:
name: docker
state: reloaded
enabled: yes
文法チェック
$ ansible-playbook --inventory hosts.test.yaml --syntax-check test.yml
playbook: test.yml
プレイブックを実行する
$ ansible-playbook --inventory hosts.test.yaml --diff --ask-pass test.yml
SSH password:
PLAY [configure and deploy test environment.] *********************************************************************************************************************************************************************
TASK [Gathering Facts] ********************************************************************************************************************************************************************************************
ok: [test1]
TASK [docker : Set architecture] **********************************************************************************************************************************************************************************
ok: [test1]
TASK [docker : Add Docker's official GPG key] ********************************************************************************************************************************************************************************
changed: [test1]
TASK [docker : Add the repository to Apt sources] *************************************************************************************************************************************************************************
--- before: /dev/null
+++ after: /etc/apt/sources.list.d/download_docker_com_linux_debian.list
@@ -0,0 +1 @@
+deb [arch=arm64 signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian bookworm stable
changed: [test1]
TASK [docker : Install the Docker packages] ********************************************************************************************************************************************************************
The following additional packages will be installed:
dbus-user-session docker-ce-rootless-extras git git-man liberror-perl
libgdbm-compat4 libltdl7 libperl5.36 libslirp0 patch perl perl-modules-5.36
pigz slirp4netns
Suggested packages:
cgroupfs-mount | cgroup-lite git-daemon-run | git-daemon-sysvinit git-doc
git-email git-gui gitk gitweb git-cvs git-mediawiki git-svn ed diffutils-doc
perl-doc libterm-readline-gnu-perl | libterm-readline-perl-perl make
libtap-harness-archive-perl
The following NEW packages will be installed:
containerd.io dbus-user-session docker-buildx-plugin docker-ce docker-ce-cli
docker-ce-rootless-extras docker-compose-plugin git git-man liberror-perl
libgdbm-compat4 libltdl7 libperl5.36 libslirp0 patch perl perl-modules-5.36
pigz slirp4netns
0 upgraded, 19 newly installed, 0 to remove and 0 not upgraded.
changed: [test1]
TASK [docker : Be sure docker is running and enabled] *************************************************************************************************************************************************************
changed: [test1]
PLAY RECAP ********************************************************************************************************************************************************************************************************
test1 : ok=6 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
参考 VScodium の例
同じような感じで、gpg キーを追加してインストールするタイプのパッケージのインストールは対応できる。
VSCodiumは以下のようなプレイブックでインストールできる。
roles/gui_apps/tasks/vscodium.yml
---
- name: Add vscodium gpg key
get_url:
url: https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/master/pub.gpg
dest: /etc/apt/trusted.gpg.d/vscodium-archive-keyring.asc
mode: '0644'
force: true
- name: Add vscodium apt repository
apt_repository:
repo: deb [signed-by=/etc/apt/trusted.gpg.d/vscodium-archive-keyring.asc] https://download.vscodium.com/debs vscodium main
state: present
- name: be sure to be installed vscodium
apt:
name: [ 'codium' ]
state: present
Discussion