--- # ============================================================================= # DOCKER ROLE - roles/docker/tasks/main.yml # ============================================================================= # ========== 1. Cleanup conflicting Docker configs ========== - name: Remove conflicting Docker repository files file: path: "{{ item }}" state: absent loop: - /etc/apt/sources.list.d/download_docker_com_linux_ubuntu.list - /etc/apt/sources.list.d/docker-ce.list - /etc/apt/sources.list.d/docker.list become: yes tags: [docker, deploy_docker] - name: Remove old Docker GPG keys file: path: "{{ item }}" state: absent loop: - /etc/apt/keyrings/docker.gpg - /etc/apt/keyrings/docker.asc - /usr/share/keyrings/docker-archive-keyring.gpg become: yes tags: [docker, deploy_docker] - name: Clean apt cache apt: clean: yes become: yes tags: [docker, deploy_docker] - name: Clear apt lists cache (contents only, not directory) shell: rm -rf /var/lib/apt/lists/* become: yes tags: [docker, deploy_docker] ignore_errors: yes # ========== 2. Install Docker dependencies ========== - name: Install Docker dependencies apt: name: - apt-transport-https - ca-certificates - curl - gnupg - lsb-release state: present update_cache: yes become: yes tags: [docker, deploy_docker] # ========== 3. Setup GPG key ========== - name: Create keyrings directory file: path: /etc/apt/keyrings state: directory mode: '0755' become: yes tags: [docker, deploy_docker] - name: Download Docker GPG key get_url: url: https://download.docker.com/linux/ubuntu/gpg dest: /etc/apt/keyrings/docker.asc mode: '0644' force: yes become: yes tags: [docker, deploy_docker] - name: Dearmor Docker GPG key shell: gpg --dearmor -o /etc/apt/keyrings/docker.gpg /etc/apt/keyrings/docker.asc args: creates: /etc/apt/keyrings/docker.gpg become: yes tags: [docker, deploy_docker] - name: Set permissions on Docker GPG key file: path: /etc/apt/keyrings/docker.gpg mode: 'a+r' become: yes tags: [docker, deploy_docker] # ========== 4. Add Docker repository ========== - name: Add Docker repository copy: content: | deb [arch={{ ansible_architecture }} signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable dest: /etc/apt/sources.list.d/docker.list mode: '0644' become: yes tags: [docker, deploy_docker] - name: Update apt cache after adding Docker repo apt: update_cache: yes cache_valid_time: 0 become: yes tags: [docker, deploy_docker] # ========== 5. Install Docker packages ========== - name: Install docker-ce and docker-ce-cli first apt: name: - "docker-ce={{ docker_ce_version }}" - "docker-ce-cli={{ docker_ce_cli_version }}" state: present allow_downgrade: yes allow_change_held_packages: yes become: yes tags: [docker, deploy_docker] - name: Install containerd.io (after docker-ce to preserve runc) apt: name: "containerd.io={{ containerd_io_version }}" state: present allow_downgrade: yes allow_change_held_packages: yes become: yes notify: restart docker tags: [docker, deploy_docker] # ========== 6. Start Docker and configure user ========== - name: Start and enable Docker service systemd: name: docker state: started enabled: yes daemon_reload: yes become: yes tags: [docker, deploy_docker] - name: Wait for Docker socket to be available wait_for: path: /var/run/docker.sock timeout: 30 tags: [docker, deploy_docker] - name: Add admin user to docker group user: name: "{{ admin_user | default('zailon') }}" groups: docker append: yes become: yes tags: [docker, deploy_docker] # ========== 7. Verify installation ========== - name: Verify Docker installation command: docker --version register: docker_version changed_when: false tags: [docker, deploy_docker] - name: Show Docker version debug: msg: "Docker version: {{ docker_version.stdout }}" tags: [docker, deploy_docker] - name: Verify Docker Compose installation command: docker compose version register: docker_compose_version changed_when: false tags: [docker, deploy_docker] - name: Show Docker Compose version debug: msg: "Docker Compose version: {{ docker_compose_version.stdout }}" tags: [docker, deploy_docker] - name: Test Docker with docker ps command: docker ps register: docker_ps_test changed_when: false tags: [docker, deploy_docker] - name: Show Docker containers debug: msg: "Docker is working! Containers: {{ docker_ps_test.stdout_lines | default(['none']) }}" tags: [docker, deploy_docker] # ========== 8. Docker monitoring (optional) ========== - name: Setup Docker monitoring for Node Exporter block: - name: Deploy Docker metrics script copy: content: | #!/bin/bash OUTFILE="/var/lib/node_exporter/textfile_collector/docker_metrics.prom" TOTAL_CONTAINERS=$(docker ps -a -q 2>/dev/null | wc -l) RUNNING_CONTAINERS=$(docker ps -q 2>/dev/null | wc -l) EXITED_CONTAINERS=$((TOTAL_CONTAINERS - RUNNING_CONTAINERS)) cat << EOF > $OUTFILE # HELP docker_containers_total Total number of Docker containers # TYPE docker_containers_total gauge docker_containers_total $TOTAL_CONTAINERS # HELP docker_containers_running Number of running Docker containers # TYPE docker_containers_running gauge docker_containers_running $RUNNING_CONTAINERS # HELP docker_containers_exited Number of exited Docker containers # TYPE docker_containers_exited gauge docker_containers_exited $EXITED_CONTAINERS EOF dest: /opt/scripts/docker_metrics.sh mode: '0755' become: yes - name: Ensure Node Exporter textfile directory exists file: path: /var/lib/node_exporter/textfile_collector state: directory owner: node_exporter group: node_exporter mode: '0755' become: yes - name: Enable Docker metrics timer systemd: name: docker-metrics.timer enabled: yes state: started daemon_reload: yes become: yes when: enable_docker_monitoring | default(true) tags: [docker, monitoring]