-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathmain.yml
106 lines (89 loc) · 3.6 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
---
# tasks file for docker.ubuntu
# These are the version of Ubuntu for which this role has been tested.
- name: Fail if not a new release of Ubuntu
fail: msg="{{ ansible_distribution_version }} is not an acceptable version of Ubuntu for this role"
when: "ansible_distribution_version not in ['12.04', '13.04', '13.10', '14.04', '16.04']"
- name: check that docker_version is set
fail: msg="Required variable \"docker_version\" is not defined."
when: docker_version is not defined
# https://docs.docker.com/installation/ubuntulinux/
- name: Install trusty kernel onto 12.04
apt:
pkg: "{{ item }}"
state: latest
update_cache: yes
cache_valid_time: "{{ docker_role_apt_cache_valid_time }}"
with_items:
- linux-image-generic-lts-trusty
- linux-headers-generic-lts-trusty
register: kernel_result
when: ansible_distribution_version == '12.04'
- name: Install latest kernel extras for Ubuntu 13.04+
apt:
pkg: "linux-image-extra-{{ ansible_kernel }}"
state: "{{ kernel_pkg_state }}"
update_cache: yes
cache_valid_time: "{{ docker_role_apt_cache_valid_time }}"
when: ansible_distribution_version != '12.04'
# Fix for https://github.com/dotcloud/docker/issues/4568
- name: Install cgroup-lite for Ubuntu 13.10
apt:
pkg: cgroup-lite
state: "{{ cgroup_lite_pkg_state }}"
update_cache: yes
cache_valid_time: "{{ docker_role_apt_cache_valid_time }}"
register: cgroup_lite_result
when: ansible_distribution_version == '13.10'
- name: Reboot instance
command: /sbin/shutdown -r now
register: reboot_result
when: "(ansible_distribution_version == '12.04' and kernel_result|changed)
or (ansible_distribution_version == '13.10' and cgroup_lite_result|changed)"
- name: Wait for instance to come online
local_action:
module: wait_for
host: "{{ ansible_ssh_host|default(inventory_hostname) }}"
port: "{{ ansible_ssh_port|default(ssh_port) }}"
delay: 30
timeout: 600
state: started
when: "(ansible_distribution_version == '12.04' and reboot_result|changed)
or (ansible_distribution_version == '13.10' and cgroup_lite_result|changed)"
# Newer versions of Docker no longer require apparmor, but it seems like a good thing to have.
- name: Install apparmor
apt: pkg=apparmor state=present
- name: Write /etc/default/docker config file
template: src=etc_default_docker.j2 dest=/etc/default/docker
register: r_etc_default_docker
- name: Install LXC Docker
include: lxc-docker.yml
when: docker_version == '1.5.0'
- name: Install Docker Engine
include: docker-engine.yml
when: docker_version != '1.5.0'
# if we changed the config, but didn't reinstall docker, then restart it
- name: Restart docker on config change
service: name=docker state=restarted
when: r_etc_default_docker|changed and not r_docker_package_install|changed
- name: Ensure that Docker is running
service: name="docker" state=started
- name: Wait until docker daemon is available
command: docker info
register: r_docker_info
# need a special case here, or this always fails in check mode.
until: r_docker_info|skipped or r_docker_info.rc == 0
retries: "{{ docker_daemon_startup_timeout_sec }}"
delay: 1
- name: reread docker facts
setup: filter=ansible_docker0
when: r_etc_default_docker|changed or r_docker_package_install|changed
- name: Check if /etc/default/ufw exists
stat: path=/etc/default/ufw
register: ufw_default_exists
- name: Change ufw default forward policy from drop to accept
lineinfile:
dest: /etc/default/ufw
regexp: "^DEFAULT_FORWARD_POLICY="
line: "DEFAULT_FORWARD_POLICY=\"ACCEPT\""
when: ufw_default_exists.stat.exists