Update file main.yml

2026-03-24 17:10:32 +05:00 · 2026-03-24 17:10:32 +05:00 · 993c3d77ef
commit 993c3d77ef
parent c8bd92cf0f
1 changed files with 136 additions and 141 deletions
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@ -1,44 +1,4 @@
 ---
-# =============================================================================
-# DOCKER ROLE - roles/docker/tasks/main.yml
-# =============================================================================
-
-# ========== 1. Cleanup conflicting Docker configs ==========
- name: Remove conflicting Docker repository files
-  file:
-    path: "{{ item }}"
-    state: absent
-  loop:
-    - /etc/apt/sources.list.d/download_docker_com_linux_ubuntu.list
-    - /etc/apt/sources.list.d/docker-ce.list
-    - /etc/apt/sources.list.d/docker.list
-  become: yes
-  tags: [docker, deploy_docker]
-
- name: Remove old Docker GPG keys
-  file:
-    path: "{{ item }}"
-    state: absent
-  loop:
-    - /etc/apt/keyrings/docker.gpg
-    - /etc/apt/keyrings/docker.asc
-    - /usr/share/keyrings/docker-archive-keyring.gpg
-  become: yes
-  tags: [docker, deploy_docker]
-
- name: Clean apt cache
-  apt:
-    clean: yes
-  become: yes
-  tags: [docker, deploy_docker]
-
- name: Clear apt lists cache (contents only, not directory)
-  shell: rm -rf /var/lib/apt/lists/*
-  become: yes
-  tags: [docker, deploy_docker]
-  ignore_errors: yes
-
-# ========== 2. Install Docker dependencies ==========
 - name: Install Docker dependencies
  apt:
    name:
@ -49,154 +9,87 @@
      - lsb-release
    state: present
    update_cache: yes
-  become: yes
-  tags: [docker, deploy_docker]

-# ========== 3. Setup GPG key ==========
- name: Create keyrings directory
-  file:
-    path: /etc/apt/keyrings
-    state: directory
-    mode: '0755'
-  become: yes
-  tags: [docker, deploy_docker]
-
- name: Download Docker GPG key
-  get_url:
+- name: Add Docker GPG key
+  apt_key:
    url: https://download.docker.com/linux/ubuntu/gpg
-    dest: /etc/apt/keyrings/docker.asc
-    mode: '0644'
-    force: yes
-  become: yes
-  tags: [docker, deploy_docker]
+    state: present

- name: Dearmor Docker GPG key
-  shell: gpg --dearmor -o /etc/apt/keyrings/docker.gpg /etc/apt/keyrings/docker.asc
-  args:
-    creates: /etc/apt/keyrings/docker.gpg
-  become: yes
-  tags: [docker, deploy_docker]
-
- name: Set permissions on Docker GPG key
-  file:
-    path: /etc/apt/keyrings/docker.gpg
-    mode: 'a+r'
-  become: yes
-  tags: [docker, deploy_docker]
-
-# ========== 4. Add Docker repository ==========
 - name: Add Docker repository
-  copy:
-    content: |
-      deb [arch={{ ansible_architecture }} signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable
-    dest: /etc/apt/sources.list.d/docker.list
-    mode: '0644'
-  become: yes
-  tags: [docker, deploy_docker]
+  apt_repository:
+    repo: "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable"
+    state: present

- name: Update apt cache after adding Docker repo
-  apt:
-    update_cache: yes
-    cache_valid_time: 0
-  become: yes
-  tags: [docker, deploy_docker]
-
-# ========== 5. Install Docker packages ==========
- name: Install docker-ce and docker-ce-cli first
+- name: Install Docker
  apt:
    name:
-      - "docker-ce={{ docker_ce_version }}"
-      - "docker-ce-cli={{ docker_ce_cli_version }}"
+      - docker-ce
+      - docker-ce-cli
+      - containerd.io
    state: present
-    allow_downgrade: yes
-    allow_change_held_packages: yes
-  become: yes
-  tags: [docker, deploy_docker]
+    update_cache: yes

- name: Install containerd.io (after docker-ce to preserve runc)
+- name: Install Docker Compose
  apt:
-    name: "containerd.io={{ containerd_io_version }}"
+    name: docker-compose-plugin
    state: present
-    allow_downgrade: yes
-    allow_change_held_packages: yes
-  become: yes
-  notify: restart docker
-  tags: [docker, deploy_docker]

-# ========== 6. Start Docker and configure user ==========
 - name: Start and enable Docker service
  systemd:
    name: docker
    state: started
    enabled: yes
-    daemon_reload: yes
-  become: yes
-  tags: [docker, deploy_docker]

- name: Wait for Docker socket to be available
-  wait_for:
-    path: /var/run/docker.sock
-    timeout: 30
-  tags: [docker, deploy_docker]
+- name: Wait for Docker to start
+  pause:
+    seconds: 5

- name: Add admin user to docker group
-  user:
-    name: "{{ admin_user | default('zailon') }}"
-    groups: docker
-    append: yes
-  become: yes
-  tags: [docker, deploy_docker]
-
-# ========== 7. Verify installation ==========
 - name: Verify Docker installation
  command: docker --version
  register: docker_version
  changed_when: false
-  tags: [docker, deploy_docker]

 - name: Show Docker version
  debug:
    msg: "Docker version: {{ docker_version.stdout }}"
-  tags: [docker, deploy_docker]

 - name: Verify Docker Compose installation
  command: docker compose version
  register: docker_compose_version
  changed_when: false
-  tags: [docker, deploy_docker]

 - name: Show Docker Compose version
  debug:
    msg: "Docker Compose version: {{ docker_compose_version.stdout }}"
-  tags: [docker, deploy_docker]

- name: Test Docker with docker ps
-  command: docker ps
-  register: docker_ps_test
-  changed_when: false
-  tags: [docker, deploy_docker]
-
- name: Show Docker containers
-  debug:
-    msg: "Docker is working! Containers: {{ docker_ps_test.stdout_lines | default(['none']) }}"
-  tags: [docker, deploy_docker]
-
-# ========== 8. Docker monitoring (optional) ==========
- name: Setup Docker monitoring for Node Exporter
+- name: Setup Docker monitoring
  block:
+    - name: Create scripts directory
+      file:
+        path: /opt/scripts
+        state: directory
+        mode: '0755'
+      become: yes
+
    - name: Deploy Docker metrics script
      copy:
        content: |
          #!/bin/bash
+          # Docker metrics script for Node Exporter textfile collector
+          
          OUTFILE="/var/lib/node_exporter/textfile_collector/docker_metrics.prom"
+          
+          # Get container counts
          TOTAL_CONTAINERS=$(docker ps -a -q 2>/dev/null | wc -l)
          RUNNING_CONTAINERS=$(docker ps -q 2>/dev/null | wc -l)
          EXITED_CONTAINERS=$((TOTAL_CONTAINERS - RUNNING_CONTAINERS))
+          
+          # Write metrics in Prometheus format
          cat << EOF > $OUTFILE
          # HELP docker_containers_total Total number of Docker containers
          # TYPE docker_containers_total gauge
          docker_containers_total $TOTAL_CONTAINERS
-          # HELP docker_containers_running Number of running Docker containers
+          # HELP docker_containers_running Number of running Docker containers  
          # TYPE docker_containers_running gauge
          docker_containers_running $RUNNING_CONTAINERS
          # HELP docker_containers_exited Number of exited Docker containers
@ -207,6 +100,36 @@
        mode: '0755'
      become: yes

+    - name: Create systemd service for Docker metrics
+      copy:
+        content: |
+          [Unit]
+          Description=Docker metrics script
+          After=docker.service
+          
+          [Service]
+          User=root
+          ExecStart=/opt/scripts/docker_metrics.sh
+        dest: /etc/systemd/system/docker-metrics.service
+        mode: '0644'
+      become: yes
+
+    - name: Create systemd timer for Docker metrics
+      copy:
+        content: |
+          [Unit]
+          Description=Run Docker metrics every 30 seconds
+          
+          [Timer]
+          OnBootSec=1min
+          OnUnitActiveSec=30s
+          
+          [Install]
+          WantedBy=timers.target
+        dest: /etc/systemd/system/docker-metrics.timer
+        mode: '0644'
+      become: yes
+
    - name: Ensure Node Exporter textfile directory exists
      file:
        path: /var/lib/node_exporter/textfile_collector
@ -216,12 +139,84 @@
        mode: '0755'
      become: yes

-    - name: Enable Docker metrics timer
+    - name: Enable and start Docker metrics timer
      systemd:
        name: docker-metrics.timer
        enabled: yes
        state: started
        daemon_reload: yes
      become: yes
-  when: enable_docker_monitoring | default(true)
-  tags: [docker, monitoring]
+
+    - name: Test Docker metrics script
+      command: /opt/scripts/docker_metrics.sh
+      register: metrics_test
+      changed_when: false
+
+    - name: Show Docker metrics test result
+      debug:
+        var: metrics_test.stdout
+
+# ========== Fix Docker runc version ==========
+- name: Check current runc version
+  command: runc --version
+  register: runc_version_check
+  ignore_errors: yes
+  changed_when: false
+  become: yes
+
+- name: Download and update runc to v1.2.4 if needed
+  block:
+    - name: Download runc v1.2.4
+      get_url:
+        url: https://github.com/opencontainers/runc/releases/download/v1.2.4/runc.amd64
+        dest: /tmp/runc.amd64
+        mode: '0755'
+      become: yes
+
+    - name: Stop docker service
+      systemd:
+        name: docker
+        state: stopped
+      become: yes
+
+    - name: Backup existing runc
+      command: mv /usr/bin/runc /usr/bin/runc.bak
+      args:
+        creates: /usr/bin/runc.bak
+      become: yes
+
+    - name: Install new runc
+      copy:
+        src: /tmp/runc.amd64
+        dest: /usr/bin/runc
+        remote_src: yes
+        mode: '0755'
+      become: yes
+
+    - name: Start docker service
+      systemd:
+        name: docker
+        state: started
+      become: yes
+
+    - name: Clean up temporary runc file
+      file:
+        path: /tmp/runc.amd64
+        state: absent
+      become: yes
+
+    - name: Verify new runc version
+      command: runc --version
+      register: new_runc_version
+      become: yes
+
+    - name: Show runc update result
+      debug:
+        msg: "runc updated to version: {{ new_runc_version.stdout }}"
+      become: yes
+
+  when: 
+    - runc_version_check is failed or 
+      "'1.2.4' not in runc_version_check.stdout"
+    - ansible_architecture == "x86_64"
+  become: yes