Ansible-role-docker: Ansible Role - Docker

Ansible Role: Docker

An Ansible Role that installs Docker on Linux.

Requirements

None.

Role Variables

Available variables are listed below, along with default values (see defaults/main.yml):

# Edition can be one of: 'ce' (Community Edition) or 'ee' (Enterprise Edition).
docker_edition: 'ce'
docker_packages:
    - "docker-{{ docker_edition }}"
    - "docker-{{ docker_edition }}-cli"
    - "docker-{{ docker_edition }}-rootless-extras"
docker_packages_state: present

The docker_edition should be either ce (Community Edition) or ee (Enterprise Edition). You can also specify a specific version of Docker to install using the distribution-specific format: Red Hat/CentOS: docker-{{ docker_edition }}-<VERSION> (Note: you have to add this to all packages); Debian/Ubuntu: docker-{{ docker_edition }}=<VERSION> (Note: you have to add this to all packages).

You can control whether the package is installed, uninstalled, or at the latest version by setting docker_package_state to present, absent, or latest, respectively. Note that the Docker daemon will be automatically restarted if the Docker package is updated. This is a side effect of flushing all handlers (running any of the handlers that have been notified by this and any other role up to this point in the play).

docker_service_manage: true
docker_service_state: started
docker_service_enabled: true
docker_restart_handler_state: restarted

Variables to control the state of the docker service, and whether it should start on boot. If you're installing Docker inside a Docker container without systemd or sysvinit, you should set docker_service_manage to false.

docker_install_compose_plugin: false
docker_compose_package: docker-compose-plugin
docker_compose_package_state: present

Docker Compose Plugin installation options. These differ from the below in that docker-compose is installed as a docker plugin (and used with docker compose) instead of a standalone binary.

docker_install_compose: true
docker_compose_version: "1.26.0"
docker_compose_arch: "{{ ansible_architecture }}"
docker_compose_path: /usr/local/bin/docker-compose

Docker Compose installation options.

docker_repo_url: https://download.docker.com/linux

The main Docker repo URL, common between Debian and RHEL systems.

docker_apt_release_channel: stable
docker_apt_arch: "{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
docker_apt_repository: "deb [arch={{ docker_apt_arch }}] {{ docker_repo_url }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
docker_apt_ignore_key_error: True
docker_apt_gpg_key: "{{ docker_repo_url }}/{{ ansible_distribution | lower }}/gpg"

(Used only for Debian/Ubuntu.) You can switch the channel to nightly if you want to use the Nightly release.

You can change docker_apt_gpg_key to a different url if you are behind a firewall or provide a trustworthy mirror. Usually in combination with changing docker_apt_repository as well.

docker_yum_repo_url: "{{ docker_repo_url }}/{{ (ansible_distribution == 'Fedora') | ternary('fedora','centos') }}/docker-{{ docker_edition }}.repo"docker_edition }}.repo
docker_yum_repo_enable_nightly: '0'
docker_yum_repo_enable_test: '0'
docker_yum_gpg_key: "{{ docker_repo_url }}/centos/gpg"

(Used only for RedHat/CentOS.) You can enable the Nightly or Test repo by setting the respective vars to 1.

You can change docker_yum_gpg_key to a different url if you are behind a firewall or provide a trustworthy mirror. Usually in combination with changing docker_yum_repository as well.

docker_users:
  - user1
  - user2

A list of system users to be added to the docker group (so they can use Docker on the server).

docker_daemon_options:
  storage-driver: "devicemapper"
  log-opts:
    max-size: "100m"

Custom dockerd options can be configured through this dictionary representing the json file /etc/docker/daemon.json.

Use with Ansible (and docker Python library)

Many users of this role wish to also use Ansible to then build Docker images and manage Docker containers on the server where Docker is installed. In this case, you can easily add in the docker Python library using the geerlingguy.pip role:

- hosts: all

  vars:
    pip_install_packages:
      - name: docker

  roles:
    - geerlingguy.pip
    - geerlingguy.docker

Dependencies

None.

Example Playbook

- hosts: all
  roles:
    - geerlingguy.docker

Sponsors

• We Manage: Helping start-ups and grown-ups scaling their infrastructure in a sustainable way.

The above sponsor(s) are supporting Jeff Geerling on GitHub Sponsors. You can sponsor Jeff's work too, to help him continue improving these Ansible open source projects!

Download Details:

Author: Geerlingguy
Source Code: https://github.com/geerlingguy/ansible-role-docker 
License: MIT license

#ansible #docker #infrastructure #debian #ubuntu 

What is GEEK

Buddha Community

Docker Explained: Docker Architecture | Docker Registries

Following the second video about Docker basics, in this video, I explain Docker architecture and explain the different building blocks of the docker engine; docker client, API, Docker Daemon. I also explain what a docker registry is and I finish the video with a demo explaining and illustrating how to use Docker hub

In this video lesson you will learn:

• What is Docker Host
• What is Docker Engine
• Learn about Docker Architecture
• Learn about Docker client and Docker Daemon
• Docker Hub and Registries
• Simple demo to understand using images from registries

#docker #docker hub #docker host #docker engine #docker architecture #api

Ansible-role-docker: Ansible Role - Docker

Ansible Role: Docker

An Ansible Role that installs Docker on Linux.

Requirements

None.

Role Variables

Available variables are listed below, along with default values (see defaults/main.yml):

# Edition can be one of: 'ce' (Community Edition) or 'ee' (Enterprise Edition).
docker_edition: 'ce'
docker_packages:
    - "docker-{{ docker_edition }}"
    - "docker-{{ docker_edition }}-cli"
    - "docker-{{ docker_edition }}-rootless-extras"
docker_packages_state: present

The docker_edition should be either ce (Community Edition) or ee (Enterprise Edition). You can also specify a specific version of Docker to install using the distribution-specific format: Red Hat/CentOS: docker-{{ docker_edition }}-<VERSION> (Note: you have to add this to all packages); Debian/Ubuntu: docker-{{ docker_edition }}=<VERSION> (Note: you have to add this to all packages).

You can control whether the package is installed, uninstalled, or at the latest version by setting docker_package_state to present, absent, or latest, respectively. Note that the Docker daemon will be automatically restarted if the Docker package is updated. This is a side effect of flushing all handlers (running any of the handlers that have been notified by this and any other role up to this point in the play).

docker_service_manage: true
docker_service_state: started
docker_service_enabled: true
docker_restart_handler_state: restarted

Variables to control the state of the docker service, and whether it should start on boot. If you're installing Docker inside a Docker container without systemd or sysvinit, you should set docker_service_manage to false.

docker_install_compose_plugin: false
docker_compose_package: docker-compose-plugin
docker_compose_package_state: present

Docker Compose Plugin installation options. These differ from the below in that docker-compose is installed as a docker plugin (and used with docker compose) instead of a standalone binary.

docker_install_compose: true
docker_compose_version: "1.26.0"
docker_compose_arch: "{{ ansible_architecture }}"
docker_compose_path: /usr/local/bin/docker-compose

Docker Compose installation options.

docker_repo_url: https://download.docker.com/linux

The main Docker repo URL, common between Debian and RHEL systems.

docker_apt_release_channel: stable
docker_apt_arch: "{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
docker_apt_repository: "deb [arch={{ docker_apt_arch }}] {{ docker_repo_url }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
docker_apt_ignore_key_error: True
docker_apt_gpg_key: "{{ docker_repo_url }}/{{ ansible_distribution | lower }}/gpg"

(Used only for Debian/Ubuntu.) You can switch the channel to nightly if you want to use the Nightly release.

You can change docker_apt_gpg_key to a different url if you are behind a firewall or provide a trustworthy mirror. Usually in combination with changing docker_apt_repository as well.

docker_yum_repo_url: "{{ docker_repo_url }}/{{ (ansible_distribution == 'Fedora') | ternary('fedora','centos') }}/docker-{{ docker_edition }}.repo"docker_edition }}.repo
docker_yum_repo_enable_nightly: '0'
docker_yum_repo_enable_test: '0'
docker_yum_gpg_key: "{{ docker_repo_url }}/centos/gpg"

(Used only for RedHat/CentOS.) You can enable the Nightly or Test repo by setting the respective vars to 1.

You can change docker_yum_gpg_key to a different url if you are behind a firewall or provide a trustworthy mirror. Usually in combination with changing docker_yum_repository as well.

docker_users:
  - user1
  - user2

A list of system users to be added to the docker group (so they can use Docker on the server).

docker_daemon_options:
  storage-driver: "devicemapper"
  log-opts:
    max-size: "100m"

Custom dockerd options can be configured through this dictionary representing the json file /etc/docker/daemon.json.

Use with Ansible (and docker Python library)

Many users of this role wish to also use Ansible to then build Docker images and manage Docker containers on the server where Docker is installed. In this case, you can easily add in the docker Python library using the geerlingguy.pip role:

- hosts: all

  vars:
    pip_install_packages:
      - name: docker

  roles:
    - geerlingguy.pip
    - geerlingguy.docker

Dependencies

None.

Example Playbook

- hosts: all
  roles:
    - geerlingguy.docker

Sponsors

• We Manage: Helping start-ups and grown-ups scaling their infrastructure in a sustainable way.

The above sponsor(s) are supporting Jeff Geerling on GitHub Sponsors. You can sponsor Jeff's work too, to help him continue improving these Ansible open source projects!

Download Details:

Author: Geerlingguy
Source Code: https://github.com/geerlingguy/ansible-role-docker 
License: MIT license

#ansible #docker #infrastructure #debian #ubuntu 

Ansible Role Docker: An Ansible Role That installs Docker on Linux

Ansible Role: Docker

An Ansible Role that installs Docker on Linux.

Requirements

None.

Role Variables

Available variables are listed below, along with default values (see defaults/main.yml):

# Edition can be one of: 'ce' (Community Edition) or 'ee' (Enterprise Edition).
docker_edition: 'ce'
docker_packages:
    - "docker-{{ docker_edition }}"
    - "docker-{{ docker_edition }}-cli"
    - "docker-{{ docker_edition }}-rootless-extras"
docker_packages_state: present

The docker_edition should be either ce (Community Edition) or ee (Enterprise Edition). You can also specify a specific version of Docker to install using the distribution-specific format: Red Hat/CentOS: docker-{{ docker_edition }}-<VERSION> (Note: you have to add this to all packages); Debian/Ubuntu: docker-{{ docker_edition }}=<VERSION> (Note: you have to add this to all packages).

You can control whether the package is installed, uninstalled, or at the latest version by setting docker_package_state to present, absent, or latest, respectively. Note that the Docker daemon will be automatically restarted if the Docker package is updated. This is a side effect of flushing all handlers (running any of the handlers that have been notified by this and any other role up to this point in the play).

docker_service_manage: true
docker_service_state: started
docker_service_enabled: true
docker_restart_handler_state: restarted

Variables to control the state of the docker service, and whether it should start on boot. If you're installing Docker inside a Docker container without systemd or sysvinit, you should set docker_service_manage to false.

docker_install_compose_plugin: false
docker_compose_package: docker-compose-plugin
docker_compose_package_state: present

Docker Compose Plugin installation options. These differ from the below in that docker-compose is installed as a docker plugin (and used with docker compose) instead of a standalone binary.

docker_install_compose: true
docker_compose_version: "1.26.0"
docker_compose_arch: "{{ ansible_architecture }}"
docker_compose_path: /usr/local/bin/docker-compose

Docker Compose installation options.

docker_repo_url: https://download.docker.com/linux

The main Docker repo URL, common between Debian and RHEL systems.

docker_apt_release_channel: stable
docker_apt_arch: "{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
docker_apt_repository: "deb [arch={{ docker_apt_arch }}] {{ docker_repo_url }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
docker_apt_ignore_key_error: True
docker_apt_gpg_key: "{{ docker_repo_url }}/{{ ansible_distribution | lower }}/gpg"

(Used only for Debian/Ubuntu.) You can switch the channel to nightly if you want to use the Nightly release.

You can change docker_apt_gpg_key to a different url if you are behind a firewall or provide a trustworthy mirror. Usually in combination with changing docker_apt_repository as well.

docker_yum_repo_url: "{{ docker_repo_url }}/{{ (ansible_distribution == 'Fedora') | ternary('fedora','centos') }}/docker-{{ docker_edition }}.repo"docker_edition }}.repo
docker_yum_repo_enable_nightly: '0'
docker_yum_repo_enable_test: '0'
docker_yum_gpg_key: "{{ docker_repo_url }}/centos/gpg"

(Used only for RedHat/CentOS.) You can enable the Nightly or Test repo by setting the respective vars to 1.

You can change docker_yum_gpg_key to a different url if you are behind a firewall or provide a trustworthy mirror. Usually in combination with changing docker_yum_repository as well.

docker_users:
  - user1
  - user2

A list of system users to be added to the docker group (so they can use Docker on the server).

docker_daemon_options:
  storage-driver: "devicemapper"
  log-opts:
    max-size: "100m"

Custom dockerd options can be configured through this dictionary representing the json file /etc/docker/daemon.json.

Use with Ansible (and docker Python library)

Many users of this role wish to also use Ansible to then build Docker images and manage Docker containers on the server where Docker is installed. In this case, you can easily add in the docker Python library using the geerlingguy.pip role:

- hosts: all

  vars:
    pip_install_packages:
      - name: docker

  roles:
    - geerlingguy.pip
    - geerlingguy.docker

Dependencies

None.

Example Playbook

- hosts: all
  roles:
    - geerlingguy.docker

License

MIT / BSD

Sponsors

• We Manage: Helping start-ups and grown-ups scaling their infrastructure in a sustainable way.

The above sponsor(s) are supporting Jeff Geerling on GitHub Sponsors. You can sponsor Jeff's work too, to help him continue improving these Ansible open source projects!

Author Information

This role was created in 2017 by Jeff Geerling, author of Ansible for DevOps.

---

Download Details:

Author: geerlingguy
Source Code: https://github.com/geerlingguy/ansible-role-docker

License: MIT license

#ansible #docker #linux 

Awesome Ansible List

Awesome Ansible

A collaborative curated list of awesome Ansible resources, tools, Roles, tutorials and other related stuff.

Ansible is an open source toolkit, written in Python, it is used for configuration management, application deployment, continuous delivery, IT infrastructure automation and automation in general.

Official resources

Official resources by and for Ansible.

• Latest Ansible Documentation - Latest user guide and documentation for Ansible.
• Ansible Galaxy Website - Official repository and community site for Ansible Roles.
• Ansible Blog - Official Ansible blog.

Community

Places where to chat with the Ansible community

• About code - GitHub.com/ansible, GitHub.com/ansible-collections and GitHub.com/ansible-community.
• IRC - #ansible, #ansible-devel and #ansible-community amongst others on libera.chat.
• reddit.com/r/ansible - The Ansible subreddit.
• Discord - The Ansible discord.
• ansible.com/community - Twitter, mailing lists, meetups and more.

Tutorials

Tutorials and courses to learn Ansible.

• How To Manage Remote Servers with Ansible - This Tutorial goes over how to use Ansible to manage remote servers.
• Ansible Tutorial by leucos - 12 Step Tutorial for Ansible.
• Programming Community Curated Resources for learning Ansible - A list of recommended resources.
• Ansible TopTechSkills.com Tutorial Series on Ansible - Tutorials on how to Install and use Ansible.
• Official Ansible labs by Red Hat - Training Course for Ansible Automation Platform.
• Ansible Tutorials on DigitalOcean - Basic tutorials on DigitalOcean.com.
• Ansible Tutorial by BlueBanquise team - Basic Ansible tutorial.
• Ansible Tutorial for Beginners: Playbook & Examples - Introduction to Ansible for beginners.

Books

Books about Ansible.

• Ansible for DevOps - This book helps to start using Ansible to provision and manage anywhere from one to thousands of servers. Free sample can be read here.
• Ansible for Kubernetes - Deploy and maintain real-world massively-scalable and high-available applications with Ansible.
• How To Manage Remote Servers with Ansible eBook - This book is based on the "How To Manage Remote Servers with Ansible" tutorial series.

Videos

Video tutorials and Ansible training.

• Ansible YouTube Channel - Official Ansible YouTube channel.
• Introduction to Ansible - Introduction to Ansible by Cloud Academy.
• Ansible 101 by Jeff Geerling - Great video series on Ansible, by Jeff Geerling.
• Ansible TopTechSkills.com Tutorial Series on YouTube - Video tutorials on Ansible.
• Ansible Essentials - Course - Free Video Classroom on Ansible essentials by Red Hat.
• Complete Ansible Course 2020 by DevOps Journey - Free Video Course on Ansible including labs to follow along.
• Getting started with Ansible - YouTube tutorial series by LearnLinuxTV.

Tools

Tools for and using Ansible.

• Ansible Tower - Ansible Tower by Red Hat helps you scale IT automation, manage complex deployments and speed productivity. Extend the power of Ansible to your entire team.
• AWX - AWX provides a web-based user interface, REST API, and task engine built on top of Ansible. It is the upstream project for Tower, a commercial derivative of AWX.
• Ansible Lint - Checks Playbooks for best practices and behavior that could potentially be improved.
• Ansible Later - Another best practice scanner. Checks Playbooks and Roles for best practices and behavior that could potentially be improved.
• Ansible Doctor - Simple annotation like documentation generator for Ansible roles based on Jinja2 templates.
• Ansible cmdb - Takes the output of Ansible's fact gathering and converts it into a static HTML page.
• ARA - ARA Records Ansible playbooks and makes them easier to understand and troubleshoot with a reporting API, UI and CLI.
• Mitogen for Ansible - Speed up Ansible substantially with Mitogen.
• Molecule - Molecule aids in the development and testing of Ansible roles.
• Packer Ansible Provisioner - This Provisioner can be used to automate VM Image creation via Packer with Ansible.
• Excel Ansible Inventory - Turn any Excel Spreadsheet into an Ansible Inventory.
• terraform.py - Ansible dynamic inventory script for parsing Terraform state files.
• ansible-navigator - A text-based user interface (TUI) for Ansible.
• squest - Self-service portal for Ansible Tower job templates.
• ansible-bender - Tool which bends containers using Ansible playbooks and turns them into container images.
• ansible-runner - A tool and python library that helps when interfacing with Ansible directly or as part of another system whether that be through a container image interface, as a standalone tool, or as a Python module that can be imported.
• ansible-builder - Using Ansible content that depends on non-default dependencies can be tricky. Packages must be installed on each node, play nicely with other software installed on the host system, and be kept in sync.
• kics - SAST Tool that scans your ansible infrastructure as code playbooks for security vulnverables, compliance issues and misconfigurations.
• php-ansible Library - OOP-Wrapper for Ansible, making Ansible available in PHP.
• TD4A - Design aid for building and testing jinja2 templates, combines data in yaml format with a jinja2 template and render the output.
• Ansible Playbook Grapher - Command line tool to create a graph representing your Ansible playbook plays, tasks and roles.
• ansible-doc-extractor - A tool that extracts documentation from Ansible modules in the HTML form.
• Ansible Semaphore - Ansible Semaphore is a modern UI for Ansible.

Blog posts and opinions

Best practices and other opinions on Ansible.

• Ansible (Real Life) Good Practices - Best practice guidelines.
• Testing Ansible Roles Against Windows with Test-Kitchen - Using Test-Kitchen with Ansible to apply playbooks to Windows machines and test them with Pester.
• Ansible Best Practices by AndiDog - Practices covering many aspects of an Ansible setup, including hints to support different environments (testing, staging, production).
• Getting started with Ansible - Introduces Ansible, provides installation instructions and gives an interactive walkthrough of Ansible's basic functionalities, like running Ansible playbooks and installing Ansible content.
• Taking Ansible apart - Describes and shows how most commonly used Ansible components work.

German

• Ansible – Was ich am Ad-hoc-Modus schätze - Opinion what the author likes about the Ansible Ad-Hoc mode.

Playbooks, Roles and Collections

Awesome production ready Playbooks, Roles and Collections to get you up and running.

• Ansible Vagrant Examples by geerlingguy - Ansible examples using Vagrant to deploy to local VMs.
• Ansible playbook for Linux machine setup - Ansible playbook for setting up a self-updating, hardened Debian/Ubuntu machine with Docker daemon.
• DevSec Hardening Framework - The DevSec collection helps you harden your Linux Based OS as well as MySQL, NGINX and SSH Server/Services.
• T.A.D.S. boilerplate - Provision and deploy a Docker Swarm cluster to development environment and to production. Infrastructure as Code and DevOps best practices.
• Openstack Ansible - Ansible Playbooks for deploying OpenStack.
• Robert de Bock - A extensive collection of Ansible roles.
• DebOps - A extensive collection of Debian based Ansible Playbooks.
• ansible-ssm - An ansible role to provision physical and virtual hosts with the AWS SSM agent.
• BlueBanquise - An ansible coherent roles collection to deploy clusters.

---

Download Details:

Author: ansible-community
Source Code: https://github.com/ansible-community/awesome-ansible

License: CC0-1.0 license

#ansible 

Docker Architecture Overview & Docker Components [For Beginners]

If you have recently come across the world of containers, it’s probably not a bad idea to understand the underlying elements that work together to offer containerisation benefits. But before that, there’s a question that you may ask. What problem do containers solve?

After building an application in a typical development lifecycle, the developer sends it to the tester for testing purposes. However, since the development and testing environments are different, the code fails to work.

Now, predominantly, there are two solutions to this – either you use a Virtual Machine or a containerised environment such as Docker. In the good old times, organisations used to deploy VMs for running multiple applications.

So, why did they started adopting containerisation over VMs? In this article, we will provide detailed explanations of all such questions.

#docker containers #docker engine #docker #docker architecture