diff --git a/.vscode/settings.json b/.vscode/settings.json index 2de2499..0f0e7ca 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,3 +1,5 @@ { - "ansible.python.interpreterPath": "/opt/local/bin/python3.10" + "ansible.python.interpreterPath": "/opt/local/bin/python3.10", + "python-envs.defaultEnvManager": "ms-python.python:system", + "python-envs.pythonProjects": [] } \ No newline at end of file diff --git a/defaults/main.yml b/defaults/main.yml index 977077a..a9fed39 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -25,6 +25,10 @@ docker_swarm_manager_main_node: false docker_run_as_docker_user: true docker_user_home: /home/docker docker_defaults_file: /etc/default/docker +docker_data_dir: /var/lib/docker +docker_containerd_data_dir: /var/lib/containerd +# To enable the snapshotter when upgrading to version < 29 set the following to true +docker_enable_overlayfs_snapshotter: false docker_enable_tcp_socket: false docker_tcp_socket_port: 2375 docker_tls_api: true diff --git a/handlers/main.yml b/handlers/main.yml index ff8149a..1e864b0 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,9 +1,15 @@ --- - name: Restart docker - service: name=docker state=restarted + ansible.builtin.service: + name: docker + state: restarted + +- name: Restart containerd + ansible.builtin.service: + name: containerd + state: restarted - name: Restart cadvisor ansible.builtin.service: name: cadvisor state: restarted - diff --git a/tasks/docker_setup.yml b/tasks/docker_setup.yml index 94f228d..6a452ef 100644 --- a/tasks/docker_setup.yml +++ b/tasks/docker_setup.yml @@ -1,56 +1,72 @@ --- -- name: Docker configuration and service management +- name: docker_setup | Docker configuration and service management + when: docker_install + tags: [docker] block: - - name: Install the Docker default options + - name: docker_setup | Install the Docker default options template: src=docker-default.j2 dest={{ docker_defaults_file }} owner=root group=root mode=0644 when: ansible_service_mgr != 'systemd' notify: Restart docker tags: ['docker', 'docker_conf'] - - name: Install the Docker daemon config + - name: docker_setup | Install the Docker daemon config template: src=daemon.json.j2 dest=/etc/docker/daemon.json owner=root group=root mode=0644 notify: Restart docker tags: ['docker', 'docker_conf'] - - name: Create the docker service systemd directory + - name: docker_setup | Create the docker service systemd directory file: dest=/etc/systemd/system/docker.service.d state=directory mode=0755 when: ansible_service_mgr == 'systemd' tags: ['docker', 'docker_systemd', 'docker_conf'] - - name: Install the Docker additional systemd unit + - name: docker_setup | Install the Docker additional systemd unit template: src: docker-systemd-override.conf.j2 dest: /etc/systemd/system/docker.service.d/override.conf owner: root group: root - mode: 0644 + mode: "0644" when: ansible_service_mgr == 'systemd' notify: Restart docker register: reload_systemd tags: ['docker', 'docker_systemd', 'docker_conf'] - - name: systemd reload + - name: docker_setup | systemd reload command: systemctl daemon-reload when: reload_systemd is defined and reload_systemd is changed tags: ['docker', 'docker_systemd', 'docker_conf'] - - name: Ensure that the service is started and enabled + - name: docker_setup | Ensure that the service is started and enabled service: name=docker state=started enabled=yes +- name: docker_setup | Docker configuration and service management when: docker_install - tags: [docker] - -- name: Cron job that prunes the dangling images + tags: [docker, containerd, containerd_conf] block: - - name: Install a script that prunes the docker dangling images + - name: docker_setup | Add "beverage=lemon juice" outside a section in specified file + community.general.ini_file: + path: /etc/containerd/config.toml + option: root + value: "{{ docker_containerd_data_dir | default('/var/lib/containerd') }}" + owner: root + group: root + mode: "0644" + state: present + notify: + - Restart containerd + - Restart docker + +- name: docker_setup | Cron job that prunes the dangling images + block: + - name: docker_setup | Install a script that prunes the docker dangling images copy: src: docker-prune-dangling-images.sh dest: /usr/local/sbin/docker-prune-dangling-images owner: root group: root - mode: 0744 + mode: "0744" - - name: Install a cron job that prunes the docker images + - name: docker_setup | Install a cron job that prunes the docker images cron: name: Prune docker images cron_file: docker-prune-images @@ -60,7 +76,7 @@ job: "/usr/local/sbin/docker-prune-dangling-images" when: docker_prune_dangling_images - - name: Disable the cron job that prunes the docker images + - name: docker_setup | Disable the cron job that prunes the docker images cron: name: Prune docker images cron_file: docker-prune-images @@ -73,17 +89,17 @@ when: docker_install tags: [docker, docker_prune_images] -- name: Cron job that restart docker daemon daily +- name: docker_setup | Cron job that restart docker daemon daily block: - - name: Install a script that restart the docker daemon + - name: docker_setup | Install a script that restart the docker daemon copy: src: docker-restart-daemon.sh dest: /usr/local/sbin/docker-restart-daemon owner: root group: root - mode: 0744 + mode: "0744" - - name: Install a cron job that restart the docker daemon + - name: docker_setup | Install a cron job that restart the docker daemon cron: name: Restart docker daemon cron_file: docker-restart-daemon @@ -94,7 +110,7 @@ job: "/usr/local/sbin/docker-restart-daemon" when: docker_restart_daemon_cronjob - - name: Disable the cron job that restart the docker daemon + - name: docker_setup | Disable the cron job that restart the docker daemon cron: name: Restart docker daemon cron_file: docker-prune-images @@ -108,17 +124,17 @@ when: docker_install tags: [docker, docker_restart_daemon_cronjob] -- name: Cron job that prunes the dangling volumes +- name: docker_setup | Cron job that prunes the dangling volumes block: - - name: Install a script that prunes the docker dangling volumes + - name: docker_setup | Install a script that prunes the docker dangling volumes copy: src: docker-prune-dangling-volumes.sh dest: /usr/local/sbin/docker-prune-dangling-volumes owner: root group: root - mode: 0744 + mode: "0744" - - name: Install a cron job that prunes the docker volumes + - name: docker_setup | Install a cron job that prunes the docker volumes cron: name: Prune docker volumes cron_file: docker-prune-volumes @@ -129,7 +145,7 @@ job: "/usr/local/sbin/docker-prune-dangling-volumes" when: docker_prune_dangling_volumes - - name: Disable the cron job that prunes the docker volumes + - name: docker_setup | Disable the cron job that prunes the docker volumes cron: name: Prune docker volumes cron_file: docker-prune-volumes @@ -142,12 +158,3 @@ when: docker_install tags: [docker, docker_prune_volumes] - - - -- block: - - name: Remove the docker user - user: name=docker state=absent - - when: not docker_install - tags: [docker] diff --git a/templates/daemon.json.j2 b/templates/daemon.json.j2 index 923d805..0964015 100644 --- a/templates/daemon.json.j2 +++ b/templates/daemon.json.j2 @@ -1,4 +1,10 @@ { + "data-root": "{{ docker_data_dir }}", +{% if docker_enable_overlayfs_snapshotter %} + "features": { + "containerd-snapshotter": true + }, +{% endif %} {% if docker_log_to_journal %} "log-driver": "journald", {% endif %}