docker的role目录结构
[19:07:17 root@ansible docker]#tree
.
├── docker
│ ├── files
│ │ └── docker-19.03.15.tgz #docker二进制安装文件
│ ├── handlers
│ ├── tasks
│ │ ├── docker_etc.yaml #docker的etc配置文件,主要为镜像加速地址配置
│ │ ├── docker_install.yaml #docker二进制安装过程
│ │ ├── docker_service.yaml #docker服务的service文件生成
│ │ ├── docker_start.yaml #docker服务器启动
│ │ ├── main.yml
│ │ └── swap_off.yaml #关闭swap交换分区
│ └── templates
│ ├── containerd.service.j2 #containerd的service文件
│ ├── daemon.json.j2 #镜像加速文件生成
│ ├── docker.service.j2 #docker的service文件
│ └── docker.socket.j2 #docker的socket文件
└── role_docker.yml #docker的playbook文件
tasks目录的文件
[19:12:48 root@ansible docker]#cat docker/tasks/main.yml
- include: docker_install.yaml
- include: docker_service.yaml
- include: swap_off.yaml
- include: docker_etc.yaml
- include: docker_start.yaml
[19:07:19 root@ansible docker]#cat docker/tasks/docker_install.yaml
- name: install docker
unarchive: src=docker-19.03.15.tgz dest=/tmp/
- name: cpoy docker is bin
shell: cp -rf /tmp/docker/* /usr/bin/
- name: remove docker-bin
shell: rm -rf /tmp/docker
[19:11:11 root@ansible docker]#cat docker/tasks/docker_etc.yaml
- name: mkdir /etc/docker
file: path=/etc/docker state=directory
- name: docker etc is file
template: src=daemon.json.j2 dest=/etc/docker/daemon.json
[19:11:37 root@ansible docker]#cat docker/tasks/docker_service.yaml
- name: add containerd_service
template: src=containerd.service.j2 dest=/etc/systemd/system/containerd.service
- name: add docker_service
template: src=docker.service.j2 dest=/etc/systemd/system/docker.service
- name: add docker socket
template: src=docker.socket.j2 dest=/etc/systemd/system/docker.socket
[19:11:50 root@ansible docker]#cat docker/tasks/docker_start.yaml
- name: start containerd
service: name=containerd state=restarted enabled=yes
- name: start docker.socket
service: name=docker.socket state=restarted enabled=yes
- name: start docker
service: name=docker state=restarted enabled=yes
[19:12:24 root@ansible docker]#cat docker/tasks/swap_off.yaml
- name: swap off is fstab
lineinfile: path=/etc/fstab regexp="swap" state=absent
- name: swap is off
shell: swapoff -a
templates目录文件
[19:13:10 root@ansible docker]#cat docker/templates/containerd.service.j2
[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target local-fs.target
[Service]
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/bin/containerd
Type=notify
Delegate=yes
KillMode=process
Restart=always
RestartSec=5
LimitNPROC=infinity
LimitCORE=infinity
LimitNOFILE=1048576
TasksMax=infinity
OOMScoreAdjust=-999
[Install]
WantedBy=multi-user.target
[19:13:37 root@ansible docker]#cat docker/templates/daemon.json.j2
{
"registry-mirrors": ["https://qai5ut9z.mirror.aliyuncs.com"]
}
[19:13:51 root@ansible docker]#cat docker/templates/docker.socket.j2
[Unit]
Description=Docker Socket for the API
[Socket]
ListenStream=/var/run/docker.sock
SocketMode=0660
SocketUser=root
SocketGroup=root
[Install]
WantedBy=sockets.target
[19:14:19 root@ansible docker]#cat docker/templates/docker.service.j2
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service containerd.service
Wants=network-online.target
Requires=docker.socket containerd.service
[Service]
Type=notify
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
StartLimitBurst=3
StartLimitInterval=60s
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
Delegate=yes
KillMode=process
OOMScoreAdjust=-500
[Install]
WantedBy=multi-user.target
主playbook文件
[19:15:54 root@ansible docker]#cat role_docker.yml
- hosts: all
remote_user: root
roles:
- docker