90 lines
2.5 KiB
YAML
90 lines
2.5 KiB
YAML
---
|
|
|
|
- name: Ensure "docker" group exists
|
|
group:
|
|
name: "{{ docker_group }}"
|
|
state: present
|
|
|
|
- name: Add user to docker group
|
|
user:
|
|
name: "{{ ansible_user }}"
|
|
groups:
|
|
- "{{ docker_group }}"
|
|
append: yes
|
|
|
|
- name: Update docker daemon proxy configuration
|
|
when: docker_userland_proxy is defined
|
|
include_role:
|
|
name: update-json-file
|
|
vars:
|
|
update_json_file_name: /etc/docker/daemon.json
|
|
update_json_file_combine:
|
|
userland-proxy: "{{ docker_userland_proxy }}"
|
|
update_json_file_become: true
|
|
|
|
# Docker defaults to a MTU of 1500, which causes problems when the
|
|
# main interface has a MTU less than that. Cloud environments often
|
|
# have this, one good example is OpenDev's Linaro ARM64 cloud.
|
|
# https://storyboard.openstack.org/#!/story/2008230
|
|
- name: Lower default MTU
|
|
when: ansible_default_ipv4.mtu < 1500
|
|
include_role:
|
|
name: update-json-file
|
|
vars:
|
|
update_json_file_name: /etc/docker/daemon.json
|
|
update_json_file_combine:
|
|
mtu: 1400
|
|
update_json_file_become: true
|
|
|
|
- name: Get the status of the docket.socket unit
|
|
command: systemctl is-failed docker.socket # noqa command-instead-of-module
|
|
failed_when: false
|
|
become: true
|
|
register: _docker_socket_status
|
|
|
|
- name: Get the status of the docket unit
|
|
command: systemctl is-failed docker # noqa command-instead-of-module
|
|
failed_when: false
|
|
become: true
|
|
register: _docker_status
|
|
|
|
- name: Dir for docker systemd overrides
|
|
file:
|
|
path: /etc/systemd/system/docker.service.d/
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: '0755'
|
|
become: true
|
|
|
|
# Skopeo hardcoded protocol version 1.22 until ~February 2024.
|
|
# Docker supports the MIN version override until Docker 26 releases.
|
|
# https://github.com/docker/cli/blob/master/docs/deprecated.md#deprecate-legacy-api-versions
|
|
- name: Override the docker daemon image protocol min version
|
|
copy:
|
|
dest: /etc/systemd/system/docker.service.d/image_protocol_env.conf
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
content: |
|
|
[Service]
|
|
Environment="DOCKER_MIN_API_VERSION=1.22"
|
|
become: true
|
|
notify:
|
|
- Reload systemd
|
|
- Restart docker
|
|
|
|
- name: Restart docker
|
|
when: >-
|
|
(docker_userland_proxy is defined) or
|
|
(ansible_default_ipv4.mtu < 1500) or
|
|
(_docker_socket_status.stdout != 'active') or
|
|
(_docker_socket_status.stdout != 'active')
|
|
debug:
|
|
msg: 'Trigger a Docker restart'
|
|
changed_when: true
|
|
notify: Restart docker
|
|
|
|
- name: Reset ssh connection to pick up docker group
|
|
meta: reset_connection
|