Skip to content

ansibleguy/infra_docker_minimal

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

58 Commits

.github

.github

 
 

defaults/main

defaults/main

 
 

meta

meta

 
 

tasks

tasks

 
 

.ansible-lint.yml

.ansible-lint.yml

 
 

.yamllint

.yamllint

 
 

LICENSE.txt

LICENSE.txt

 
 

README.md

README.md

 
 

playbook.yml

playbook.yml

 
 

requirements_lint.txt

requirements_lint.txt

 
 

Repository files navigation

Ansible Role - Docker Setup

Ansible Role to deploy a basic docker installation on a linux server.

Buy me a coffee

Molecule Test Status YamlLint Test Status PyLint Test Status Ansible-Lint Test Status Ansible Galaxy

Tested:

  • Debian 11
  • Debian 12

Install

# latest
ansible-galaxy role install git+https://github.com/ansibleguy/infra_docker_minimal

# from galaxy
ansible-galaxy install ansibleguy.infra_docker_minimal

# or to custom role-path
ansible-galaxy install ansibleguy.infra_docker_minimal --roles-path ./roles

Functionality

To keep it short => it will set-up docker like described here.

There is also an option to install docker-compose on the target host.

  • Package installation

    • Docker prerequisites

    • Docker base-packages

    • Default opt-outs:

      • docker-compose

    • Default opt-ins:

      • docker server component (else only client will be installed)

Info

  • Note: This role currently only supports debian-based systems

  • Note: If you are using NFTables you will have problems running docker.

    Docker does not support NFTables natively. The 'docker-ce'/'docker-ce-cli' package has IPTables set as its dependency.

    One CAN keep the NFTables ruleset clean when running docker with the parameter 'iptables=false'. It is even cleaner if 'bridge=none' is set!

    After that only a few IPTables rules are added. To completely eliminate this docker-ruleset one needs to reload NFTables whenever docker is restarted.

    This Ansible role lets you configure this behaviour as can be seen in the example below!

    If you use NFTables you might also want to look into the ansibleguy.infra_nftables role!

Usage

You want a simple Ansible GUI? Check-out my Ansible WebUI

Config

You can configure docker using the 'docker' variable/dictionary.

docker:
  tcp:
    enable: true  # enable docker-service listening on tcp
    bind: '0.0.0.0'

  compose:
    enable: true  # install docker-compose
    plugin: true  # default; install docker-compose-plugin ('docker compose' instead of 'docker-compose')

  nftables:
    clean: true  # set bridge_none, disable_iptables and reload to true
    bridge_none: false  # set bridge=none argument on docker-startup
    disable_iptables: false  # set iptables=false argument on docker-startup
    reload: false  # reload nftables after a docker.service restart to remove its auto-added iptables-rules

Execution

Run the playbook:

ansible-playbook -K -D -i inventory/hosts.yml playbook.yml

About

Ansible Role to provision Docker

Topics

docker ansible automation ansible-role iac infrastructure-as-code

Resources

Readme

License

GPL-3.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Sponsor this project

  •  
Learn more about GitHub Sponsors