a11.ansible 生产实战案例 --docker基于二进制 roles
作者:互联网
docker基于二进制 roles
[root@ansible-server ansible]# mkdir -p roles/docker-binary/{tasks,files,vars}
[root@ansible-server ansible]# cd roles/docker-binary/
[root@ansible-server docker-binary]# ls
files tasks vars
[root@ansible-server docker-binary]# wget https://mirrors.cloud.tencent.com/docker-ce/linux/static/stable/x86_64/docker-20.10.9.tgz -P files/
[root@ansible-server docker-binary]# vim vars/main.yml
DOCKER_VERSION: 20.10.9
[root@ansible-server docker-binary]# vim files/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H unix://var/run/docker.sock
ExecReload=/bin/kill -s HUP \$MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
[root@ansible-server docker-binary]# vim files/daemon.json
{
"registry-mirrors": [
"https://hzw5xiv7.mirror.aliyuncs.com",
"https://docker.mirrors.ustc.edu.cn",
"http://f1361db2.m.daocloud.io",
"https://registry.docker-cn.com",
"https://dockerhub.azk8s.cn",
"https://reg-mirror.qiniu.com",
"https://hub-mirror.c.163.com",
"https://mirror.ccs.tencentyun.com"
]
}
[root@ansible-server docker-binary]# vim tasks/docker_files.yml
- name: unarchive docker package
unarchive:
src: "docker-{{ DOCKER_VERSION }}.tgz"
dest: /usr/local/src
- name: move docker files
shell:
cmd: mv /usr/local/src/docker/* /usr/bin/
[root@ansible-server docker-binary]# vim tasks/service_file.yml
- name: copy docker.service file
copy:
src: docker.service
dest: /lib/systemd/system/docker.service
[root@ansible-server docker-binary]# vim tasks/set_mirror_accelerator.yml
- name: mkdir /etc/docker
file:
path: /etc/docker
state: directory
- name: set mirror_accelerator
copy:
src: daemon.json
dest: /etc/docker/
[root@ansible-server docker-binary]# vim tasks/set_alias.yml
- name: set docker alias
lineinfile:
path: ~/.bashrc
line: "{{ item }}"
loop:
- "alias rmi=\"docker images -qa|xargs docker rmi -f\""
- "alias rmc=\"docker ps -qa|xargs docker rm -f\""
[root@ansible-server docker-binary]# vim tasks/service.yml
- name: start docker
systemd:
name: docker
state: started
enabled: yes
daemon_reload: yes
[root@ansible-server docker-binary]# vim tasks/set_swap.yml
- name: set WARNING No swap limit support
replace:
path: /etc/default/grub
regexp: '^(GRUB_CMDLINE_LINUX=.*)\"$'
replace: '\1 swapaccount=1"'
when:
- ansible_distribution=="Ubuntu"
- name: update-grub
shell:
cmd: update-grub
when:
- ansible_distribution=="Ubuntu"
- name: reboot Ubuntu system
reboot:
when:
- ansible_distribution=="Ubuntu"
[root@ansible-server docker-binary]# vim tasks/main.yml
- include: docker_files.yml
- include: service_file.yml
- include: set_mirror_accelerator.yml
- include: set_alias.yml
- include: service.yml
- include: set_swap.yml
[root@ansible-server docker-binary]# cd ../../
[root@ansible-server ansible]# tree roles/docker-binary/
roles/docker-binary/
├── files
│ ├── daemon.json
│ ├── docker-20.10.9.tgz
│ └── docker.service
├── tasks
│ ├── docker_files.yml
│ ├── main.yml
│ ├── service_file.yml
│ ├── service.yml
│ ├── set_alias.yml
│ ├── set_mirror_accelerator.yml
│ └── set_swap.yml
└── vars
└── main.yml
3 directories, 11 files
[root@ansible-server ansible]# vim docker_binary_role.yml
---
- hosts: all
roles:
- role: docker-binary
[root@ansible-server ansible]# ansible-playbook docker_binary_role.yml
PLAY [all] ************************************************************************************************************************************
TASK [Gathering Facts] ************************************************************************************************************************
ok: [172.31.0.103]
ok: [172.31.0.104]
ok: [172.31.0.105]
ok: [172.31.0.101]
ok: [172.31.0.102]
TASK [docker-binary : unarchive docker package] **********************************************************************************************
changed: [172.31.0.102]
changed: [172.31.0.101]
changed: [172.31.0.104]
changed: [172.31.0.103]
changed: [172.31.0.105]
TASK [docker-binary : move docker files] ******************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.105]
changed: [172.31.0.101]
changed: [172.31.0.102]
TASK [docker-binary : copy docker.service file] ***********************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.105]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.101]
TASK [docker-binary : mkdir /etc/docker] ******************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.105]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.101]
TASK [docker-binary : set mirror_accelerator] *************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.105]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.101]
TASK [docker-binary : set docker alias] *******************************************************************************************************
changed: [172.31.0.103] => (item=alias rmi="docker images -qa|xargs docker rmi -f")
changed: [172.31.0.104] => (item=alias rmi="docker images -qa|xargs docker rmi -f")
changed: [172.31.0.105] => (item=alias rmi="docker images -qa|xargs docker rmi -f")
changed: [172.31.0.102] => (item=alias rmi="docker images -qa|xargs docker rmi -f")
changed: [172.31.0.101] => (item=alias rmi="docker images -qa|xargs docker rmi -f")
changed: [172.31.0.103] => (item=alias rmc="docker ps -qa|xargs docker rm -f")
changed: [172.31.0.105] => (item=alias rmc="docker ps -qa|xargs docker rm -f")
changed: [172.31.0.104] => (item=alias rmc="docker ps -qa|xargs docker rm -f")
changed: [172.31.0.101] => (item=alias rmc="docker ps -qa|xargs docker rm -f")
changed: [172.31.0.102] => (item=alias rmc="docker ps -qa|xargs docker rm -f")
TASK [docker-binary : start docker] ***********************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.101]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.105]
TASK [docker-binary : set WARNING No swap limit support] **************************************************************************************
skipping: [172.31.0.101]
skipping: [172.31.0.102]
skipping: [172.31.0.103]
changed: [172.31.0.105]
changed: [172.31.0.104]
TASK [docker-binary : update-grub] ************************************************************************************************************
skipping: [172.31.0.101]
skipping: [172.31.0.102]
skipping: [172.31.0.103]
changed: [172.31.0.105]
changed: [172.31.0.104]
TASK [docker-binary : reboot Ubuntu system] ***************************************************************************************************
skipping: [172.31.0.101]
skipping: [172.31.0.102]
skipping: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.105]
PLAY RECAP ************************************************************************************************************************************
172.31.0.101 : ok=8 changed=7 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0
172.31.0.102 : ok=8 changed=7 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0
172.31.0.103 : ok=8 changed=7 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0
172.31.0.104 : ok=11 changed=10 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.31.0.105 : ok=11 changed=10 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
标签:binary,a11,roles,--,changed,yml,ansible,docker,172.31 来源: https://blog.csdn.net/qq_25599925/article/details/122175804