--- # ========== Cleanup conflicting Docker repo configs (LXC safety) ========== - name: Remove conflicting Docker repository files file: path: "{{ item }}" state: absent loop: - /etc/apt/sources.list.d/download_docker_com_linux_ubuntu.list - /etc/apt/sources.list.d/docker-ce.list - /etc/apt/sources.list.d/docker.list become: yes tags: [docker, deploy_docker] - name: Remove old Docker GPG keys file: path: "{{ item }}" state: absent loop: - /etc/apt/keyrings/docker.gpg - /usr/share/keyrings/docker-archive-keyring.gpg - /usr/share/keyrings/docker.gpg become: yes tags: [docker, deploy_docker] # ========== Fix runc BEFORE Docker install (LXC safety) ========== - name: Ensure runc at safe version before Docker install (LXC only) apt: name: "runc=1.1.12-0ubuntu3" state: present allow_downgrade: yes allow_change_held_packages: yes become: yes tags: [docker, deploy_docker] when: ansible_virtualization_type in ['lxc', 'container'] # ========== Install Docker ========== - name: Install Docker dependencies apt: name: - apt-transport-https - ca-certificates - curl - gnupg - lsb-release state: present update_cache: yes become: yes tags: [docker, deploy_docker] - name: Create keyrings directory file: path: /etc/apt/keyrings state: directory mode: '0755' become: yes tags: [docker, deploy_docker] - name: Add Docker GPG key apt_key: url: https://download.docker.com/linux/ubuntu/gpg keyring: /etc/apt/keyrings/docker.gpg state: present become: yes tags: [docker, deploy_docker] - name: Add Docker repository (without cache update) apt_repository: repo: "deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable" filename: docker state: present update_cache: no # ← Важно: не обновлять кэш здесь! become: yes tags: [docker, deploy_docker] - name: Update apt cache after adding Docker repo apt: update_cache: yes cache_valid_time: 3600 become: yes tags: [docker, deploy_docker] - name: Install Docker packages apt: name: - docker-ce - docker-ce-cli - containerd.io state: present allow_downgrade: yes allow_change_held_packages: yes become: yes notify: restart docker tags: [docker, deploy_docker] - name: Install Docker Compose plugin apt: name: docker-compose-plugin state: present become: yes tags: [docker, deploy_docker] - name: Start and enable Docker service systemd: name: docker state: started enabled: yes daemon_reload: yes become: yes tags: [docker, deploy_docker] - name: Wait for Docker to start pause: seconds: 5 tags: [docker, deploy_docker] - name: Verify Docker installation command: docker --version register: docker_version changed_when: false tags: [docker, deploy_docker] - name: Show Docker version debug: msg: "Docker version: {{ docker_version.stdout }}" tags: [docker, deploy_docker] - name: Verify Docker Compose installation command: docker compose version register: docker_compose_version changed_when: false tags: [docker, deploy_docker] - name: Show Docker Compose version debug: msg: "Docker Compose version: {{ docker_compose_version.stdout }}" tags: [docker, deploy_docker] # ========== Docker Monitoring Setup ========== - name: Setup Docker monitoring block: - name: Create scripts directory file: path: /opt/scripts state: directory mode: '0755' become: yes - name: Deploy Docker metrics script copy: content: | #!/bin/bash OUTFILE="/var/lib/node_exporter/textfile_collector/docker_metrics.prom" TOTAL_CONTAINERS=$(docker ps -a -q 2>/dev/null | wc -l) RUNNING_CONTAINERS=$(docker ps -q 2>/dev/null | wc -l) EXITED_CONTAINERS=$((TOTAL_CONTAINERS - RUNNING_CONTAINERS)) cat << EOF > $OUTFILE # HELP docker_containers_total Total number of Docker containers # TYPE docker_containers_total gauge docker_containers_total $TOTAL_CONTAINERS # HELP docker_containers_running Number of running Docker containers # TYPE docker_containers_running gauge docker_containers_running $RUNNING_CONTAINERS # HELP docker_containers_exited Number of exited Docker containers # TYPE docker_containers_exited gauge docker_containers_exited $EXITED_CONTAINERS EOF dest: /opt/scripts/docker_metrics.sh mode: '0755' become: yes - name: Create systemd service for Docker metrics copy: content: | [Unit] Description=Docker metrics script After=docker.service [Service] User=root ExecStart=/opt/scripts/docker_metrics.sh dest: /etc/systemd/system/docker-metrics.service mode: '0644' become: yes - name: Create systemd timer for Docker metrics copy: content: | [Unit] Description=Run Docker metrics every 30 seconds [Timer] OnBootSec=1min OnUnitActiveSec=30s [Install] WantedBy=timers.target dest: /etc/systemd/system/docker-metrics.timer mode: '0644' become: yes - name: Ensure Node Exporter textfile directory exists file: path: /var/lib/node_exporter/textfile_collector state: directory owner: node_exporter group: node_exporter mode: '0755' become: yes - name: Enable and start Docker metrics timer systemd: name: docker-metrics.timer enabled: yes state: started daemon_reload: yes become: yes - name: Test Docker metrics script command: /opt/scripts/docker_metrics.sh register: metrics_test changed_when: false - name: Show Docker metrics test result debug: var: metrics_test.stdout tags: [docker, deploy_docker, monitoring]