├── .gitignore
├── .travis.yml
├── .travis
    └── releaser.sh
├── .yamllint
├── CHANGELOG.md
├── LICENSE
├── README.md
├── defaults
    └── main.yml
├── handlers
    └── main.yml
├── meta
    └── main.yml
├── molecule
    ├── alternative
    │   ├── molecule.yml
    │   ├── playbook.yml
    │   ├── prepare.yml
    │   └── tests
    │   │   └── test_alternative.py
    └── default
    │   ├── create.yml
    │   ├── destroy.yml
    │   ├── molecule.yml
    │   ├── playbook.yml
    │   ├── prepare.yml
    │   └── tests
    │       └── test_default.py
├── tasks
    ├── configure.yml
    ├── install.yml
    ├── main.yml
    └── preflight.yml
├── templates
    └── docker.j2.service
├── test-requirements.txt
├── tox.ini
└── vars
    ├── debian.yml
    ├── main.yml
    └── redhat.yml


/.gitignore:
--------------------------------------------------------------------------------
 1 | # Ignore Vagrant cache files
 2 | /.vagrant/
 3 | 
 4 | # Ignore molecule and pytest files
 5 | __pycache__/
 6 | .molecule
 7 | .pytest_cache
 8 | .tox
 9 | 
10 | # Ignore retry files
11 | *.retry
12 | 
13 | .idea/


--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
 1 | sudo: required
 2 | language: python
 3 | cache: pip
 4 | services:
 5 |   - docker
 6 | env:
 7 |   - ANSIBLE=2.4
 8 |   - ANSIBLE=2.5
 9 |   - ANSIBLE=2.6
10 | install:
11 |   - pip install tox-travis git-semver
12 | script:
13 |   - tox
14 | deploy:
15 |   provider: script
16 |   skip_cleanup: true
17 |   script: .travis/releaser.sh
18 |   on:
19 |     branch: master
20 | branches:
21 |   only:
22 |     - master
23 | notifications:
24 |   webhooks: https://galaxy.ansible.com/api/v1/notifications/
25 | 


--------------------------------------------------------------------------------
/.travis/releaser.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | #
 3 | # Copyright (C) 2018 Pawel Krupa (@paulfantom) - All Rights Reserved
 4 | # Permission to copy and modify is granted under the MIT license
 5 | #
 6 | # Script to automatically do a couple of things:
 7 | #   - generate a new tag according to semver (https://semver.org/)
 8 | #   - generate CHANGELOG.md by using https://github.com/skywinder/github-changelog-generator
 9 | #   - sync CHANGELOG with GitHub releases by using https://github.com/mattbrictson/chandler
10 | #
11 | # Tags are generated by searching for a keyword in last commit message. Keywords are:
12 | #  - [patch] or [fix] to bump patch number
13 | #  - [minor], [feature] or [feat] to bump minor number
14 | #  - [major] or [breaking change] to bump major number
15 | # All keywords MUST be surrounded with square braces.
16 | #
17 | # Script uses git mechanisms for locking, so it can be used in parallel builds
18 | #
19 | # Requirements:
20 | #   - GH_TOKEN variable set with GitHub token. Access level: repo.public_repo
21 | #   - docker
22 | #   - git-semver python package (pip install git-semver)
23 | 
24 | # Exit when latest commit is tagged
25 | [[ $(git tag --points-at) ]] && exit 0
26 | 
27 | # Some basic variables
28 | GIT_MAIL="mail@carlosleon.info"
29 | GIT_USER="mongrelion"
30 | ORGANIZATION=$(echo "$TRAVIS_REPO_SLUG" | awk -F '/' '{print $1}')
31 | PROJECT=$(echo "$TRAVIS_REPO_SLUG" | awk -F '/' '{print $2}')
32 | GALAXY_NAME="${PROJECT#ansible-}"  # remove `ansible-` prefix
33 | GALAXY_NAME="${GALAXY_NAME#role-}"  # remove `role-` prefix, for roles which name start with `ansible-role-`
34 | GALAXY_URL="https://galaxy.ansible.com/${ORGANIZATION}/${GALAXY_NAME}"
35 | 
36 | # Git config
37 | git config --global user.email "${GIT_MAIL}"
38 | git config --global user.name "${GIT_USER}"
39 | GIT_URL=$(git config --get remote.origin.url)
40 | GIT_URL=${GIT_URL#*//}
41 | 
42 | # Generate TAG
43 | GIT_TAG=none
44 | echo "Last commit message: $TRAVIS_COMMIT_MESSAGE"
45 | case "${TRAVIS_COMMIT_MESSAGE}" in
46 |   *"[patch]"*|*"[fix]"* )                GIT_TAG=$(git semver --next-patch) ;;
47 |   *"[minor]"*|*"[feat]"*|*"[feature]"* ) GIT_TAG=$(git semver --next-minor) ;;
48 |   *"[major]"*|*"[breaking change]"* )    GIT_TAG=$(git semver --next-major) ;;
49 |   *) echo "Keyword not detected. Doing nothing" ;;
50 | esac
51 | if [ "$GIT_TAG" != "none" ]; then
52 |     echo "Assigning new tag: $GIT_TAG"
53 |     git tag "$GIT_TAG" -a -m "Automatic tag generation for travis build no. $TRAVIS_BUILD_NUMBER"
54 |     git push "https://${GH_TOKEN}:@${GIT_URL}" --tags || exit 0
55 | fi
56 | 
57 | # Generate CHANGELOG.md
58 | git checkout master
59 | git pull
60 | docker run -it --rm -v "$(pwd)":/usr/local/src/your-app ferrarimarco/github-changelog-generator \
61 |                -u "${ORGANIZATION}" -p "${PROJECT}" --token "${GH_TOKEN}" \
62 |                --release-url "${GALAXY_URL}" \
63 |                --unreleased-label "**Next release**" --no-compare-link
64 | 
65 | git add CHANGELOG.md
66 | git commit -m '[ci skip] Automatic changelog update'
67 | 
68 | git push "https://${GH_TOKEN}:@${GIT_URL}" || exit 0
69 | 
70 | # Sync changelog to github releases
71 | if [ "$GIT_TAG" != "none" ]; then
72 |     docker run -e CHANDLER_GITHUB_API_TOKEN="${GH_TOKEN}" -v "$(pwd)":/chandler -ti whizark/chandler push "${GIT_TAG}"
73 | fi
74 | 


--------------------------------------------------------------------------------
/.yamllint:
--------------------------------------------------------------------------------
 1 | extends: default
 2 | ignore: |
 3 |   molecule/
 4 |   .travis/
 5 |   .travis.yml
 6 |   meta/
 7 | 
 8 | rules:
 9 |   braces:
10 |     max-spaces-inside: 1
11 |     level: error
12 |   brackets:
13 |     max-spaces-inside: 1
14 |     level: error
15 |   line-length: disable
16 |   # NOTE(retr0h): Templates no longer fail this lint rule.
17 |   #               Uncomment if running old Molecule templates.
18 |   # truthy: disable
19 | 


--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
 1 | # Change Log
 2 | 
 3 | ## [0.2.1](https://galaxy.ansible.com/mongrelion/docker) (2018-07-12)
 4 | **Merged pull requests:**
 5 | 
 6 | - Use role\_name in metadata [\#56](https://github.com/mongrelion/ansible-role-docker/pull/56) ([paulfantom](https://github.com/paulfantom))
 7 | - Ansible include module is deprecated in Ansible 2.4 and must be repla… [\#26](https://github.com/mongrelion/ansible-role-docker/pull/26) ([Jaczel](https://github.com/Jaczel))
 8 | 
 9 | ## [0.2.0](https://galaxy.ansible.com/mongrelion/docker) (2018-07-09)
10 | **Closed issues:**
11 | 
12 | - Clarify supported Docker versions [\#46](https://github.com/mongrelion/ansible-role-docker/issues/46)
13 | 
14 | **Merged pull requests:**
15 | 
16 | - use tox, ansible 2.6, and allow using remote docker host [\#55](https://github.com/mongrelion/ansible-role-docker/pull/55) ([paulfantom](https://github.com/paulfantom))
17 | - add centos support in ci pipeline [\#54](https://github.com/mongrelion/ansible-role-docker/pull/54) ([paulfantom](https://github.com/paulfantom))
18 | - Allow install docker also on RHEL OS [\#53](https://github.com/mongrelion/ansible-role-docker/pull/53) ([petr-balogh](https://github.com/petr-balogh))
19 | - Fix \_\_pycache\_\_ in .gitignore [\#51](https://github.com/mongrelion/ansible-role-docker/pull/51) ([Porkepix](https://github.com/Porkepix))
20 | - alternative test scenario [\#50](https://github.com/mongrelion/ansible-role-docker/pull/50) ([paulfantom](https://github.com/paulfantom))
21 | - move tests to molecule 2.x [\#49](https://github.com/mongrelion/ansible-role-docker/pull/49) ([paulfantom](https://github.com/paulfantom))
22 | - Add docker-common package to be removed before installation [\#48](https://github.com/mongrelion/ansible-role-docker/pull/48) ([lukas-bednar](https://github.com/lukas-bednar))
23 | - better docker\_version support [\#47](https://github.com/mongrelion/ansible-role-docker/pull/47) ([paulfantom](https://github.com/paulfantom))
24 | 
25 | ## [0.1.1](https://galaxy.ansible.com/mongrelion/docker) (2018-05-01)
26 | **Closed issues:**
27 | 
28 | - docker-compose ? [\#39](https://github.com/mongrelion/ansible-role-docker/issues/39)
29 | - Adding user\(s\) to docker group [\#38](https://github.com/mongrelion/ansible-role-docker/issues/38)
30 | - Auto-release? [\#34](https://github.com/mongrelion/ansible-role-docker/issues/34)
31 | - Unify variable naming [\#32](https://github.com/mongrelion/ansible-role-docker/issues/32)
32 | - Move away from installation script [\#31](https://github.com/mongrelion/ansible-role-docker/issues/31)
33 | - Can we start Tagging releases please [\#27](https://github.com/mongrelion/ansible-role-docker/issues/27)
34 | - Support for proxy in docker daemon is missing [\#25](https://github.com/mongrelion/ansible-role-docker/issues/25)
35 | - `docker daemon` is not supported on Linux. Please run `dockerd` directly [\#22](https://github.com/mongrelion/ansible-role-docker/issues/22)
36 | - Integration tests [\#13](https://github.com/mongrelion/ansible-role-docker/issues/13)
37 | 
38 | **Merged pull requests:**
39 | 
40 | - Typo: variable name reference [\#44](https://github.com/mongrelion/ansible-role-docker/pull/44) ([giannidallatorre](https://github.com/giannidallatorre))
41 | - Automatically create releases and changelog [\#43](https://github.com/mongrelion/ansible-role-docker/pull/43) ([paulfantom](https://github.com/paulfantom))
42 | - Allow adding users to docker group for priviledged access [\#42](https://github.com/mongrelion/ansible-role-docker/pull/42) ([paulfantom](https://github.com/paulfantom))
43 | - docker-compose support [\#41](https://github.com/mongrelion/ansible-role-docker/pull/41) ([paulfantom](https://github.com/paulfantom))
44 | - readme update [\#40](https://github.com/mongrelion/ansible-role-docker/pull/40) ([paulfantom](https://github.com/paulfantom))
45 | - ansible 2.5 [\#37](https://github.com/mongrelion/ansible-role-docker/pull/37) ([paulfantom](https://github.com/paulfantom))
46 | - Remove installation script [\#36](https://github.com/mongrelion/ansible-role-docker/pull/36) ([paulfantom](https://github.com/paulfantom))
47 | - Cleanup [\#35](https://github.com/mongrelion/ansible-role-docker/pull/35) ([paulfantom](https://github.com/paulfantom))
48 | - integration tests [\#30](https://github.com/mongrelion/ansible-role-docker/pull/30) ([paulfantom](https://github.com/paulfantom))
49 | - Change location of systemd service file [\#28](https://github.com/mongrelion/ansible-role-docker/pull/28) ([paulfantom](https://github.com/paulfantom))
50 | 
51 | ## [0.1.0](https://galaxy.ansible.com/mongrelion/docker) (2018-03-20)
52 | **Implemented enhancements:**
53 | 
54 | - any plans to support for Ubuntu 14.04, 16.04 ? [\#3](https://github.com/mongrelion/ansible-role-docker/issues/3)
55 | - Support different versions of Docker Engine with official Docker and Rancher setup scripts [\#12](https://github.com/mongrelion/ansible-role-docker/pull/12) ([marcusianlevine](https://github.com/marcusianlevine))
56 | - Syntax change and some variables [\#2](https://github.com/mongrelion/ansible-role-docker/pull/2) ([brucellino](https://github.com/brucellino))
57 | 
58 | **Fixed bugs:**
59 | 
60 | - Deploy breaks in 1.12 b/c docker.socket no longer part of distro [\#1](https://github.com/mongrelion/ansible-role-docker/issues/1)
61 | 
62 | **Closed issues:**
63 | 
64 | - md5sum of docker setup script changed. [\#19](https://github.com/mongrelion/ansible-role-docker/issues/19)
65 | - Role blocks when docker is already installed [\#16](https://github.com/mongrelion/ansible-role-docker/issues/16)
66 | - docker\_storagedriver is not expanded correctly [\#7](https://github.com/mongrelion/ansible-role-docker/issues/7)
67 | 
68 | **Merged pull requests:**
69 | 
70 | - Proxy Settings for docker [\#29](https://github.com/mongrelion/ansible-role-docker/pull/29) ([ageekymonk](https://github.com/ageekymonk))
71 | - Using dockerd as docker daemon has been deprecated [\#24](https://github.com/mongrelion/ansible-role-docker/pull/24) ([ageekymonk](https://github.com/ageekymonk))
72 | - Limit reloading the systemctl daemon to distributions using systemd [\#21](https://github.com/mongrelion/ansible-role-docker/pull/21) ([zanewestover](https://github.com/zanewestover))
73 | - Add yum-utils as dependency [\#20](https://github.com/mongrelion/ansible-role-docker/pull/20) ([petr-balogh](https://github.com/petr-balogh))
74 | - Since 17.06.2 md5 checksum changed to new one [\#18](https://github.com/mongrelion/ansible-role-docker/pull/18) ([petr-balogh](https://github.com/petr-balogh))
75 | - Only run install script when docker is not installed [\#17](https://github.com/mongrelion/ansible-role-docker/pull/17) ([mhutter](https://github.com/mhutter))
76 | - Use 17.06 as default version [\#15](https://github.com/mongrelion/ansible-role-docker/pull/15) ([mhutter](https://github.com/mhutter))
77 | - Make daemon.json settings configurable [\#10](https://github.com/mongrelion/ansible-role-docker/pull/10) ([mhutter](https://github.com/mhutter))
78 | - Added support for Ubuntu 17.04 repo [\#9](https://github.com/mongrelion/ansible-role-docker/pull/9) ([snoby](https://github.com/snoby))
79 | - \(resolve conflict in dbichko's fork\) set debian repository based on major version only [\#8](https://github.com/mongrelion/ansible-role-docker/pull/8) ([nerab](https://github.com/nerab))
80 | - Only update apt-cache when needed [\#4](https://github.com/mongrelion/ansible-role-docker/pull/4) ([drwahl](https://github.com/drwahl))
81 | 
82 | 
83 | 
84 | \* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2018 Carlos León
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | <p><img src="http://1000logos.net/wp-content/uploads/2017/07/Logo-Docker-500x394.jpg" alt="docker logo" title="docker" align="right" height="60" /></p>
 2 | 
 3 | # Ansible role: docker
 4 | 
 5 | [![Build Status](https://travis-ci.org/mongrelion/ansible-role-docker.svg?branch=master)](https://travis-ci.org/mongrelion/ansible-role-docker)
 6 | [![License](https://img.shields.io/badge/license-MIT%20License-brightgreen.svg)](https://opensource.org/licenses/MIT)
 7 | [![Ansible Role](https://img.shields.io/badge/ansible%20role-mongrelion.docker-blue.svg)](https://galaxy.ansible.com/mongrelion/docker/)
 8 | 
 9 | ## Description
10 | 
11 | Install and configure [docker](https://www.docker.com) containerization platform.
12 | 
13 | ## Requirements
14 | 
15 | - Ansible >= 2.4
16 | 
17 | ## Role Variables
18 | 
19 | All variables which can be overridden are stored in [defaults/main.yml](defaults/main.yml) file as well as in table below.
20 | 
21 | | Name           | Default Value | Description                        |
22 | | -------------- | ------------- | -----------------------------------|
23 | | `docker_compose` | yes | Install docker-compose package |
24 | | `docker_proxy` | no | Enable HTTP proxy setup |
25 | | `docker_http_proxy` | "" | HTTP proxy server address |
26 | | `docker_https_proxy` | "" | HTTPS proxy server address |
27 | | `docker_no_proxy` | "" | Comma-separated list of hosts which won't use HTTP proxy |
28 | | `docker_version` | "17.06" | docker version which should be installed on target server. Can use `latest` for updates |
29 | | `docker_default_config` | [ storage-driver: devicemapper, log-level: info ] | Docker daemon configuration |
30 | | `docker_users` | [] | Add users to docker group. Users must exist before adding. Construct like `- {{ ansible_env['SUDO_USER'] \| default(ansible_user_id) }}` could be used to specify user which is used for ansible connection to host. |
31 | 
32 | ## Example
33 | 
34 | ### Playbooks
35 | 
36 | Just install Docker with default config
37 | ```yaml
38 | - hosts: servers
39 |   roles:
40 |     - mongrelion.docker
41 | ```
42 | 
43 | Install and configure docker daemon
44 | ```yaml
45 | - hosts: servers
46 |   roles:
47 |     - role: mongrelion.docker
48 |       docker_config:
49 |         live-restore: true
50 |         userland-proxy: false
51 | ```
52 | 
53 | ## Local Testing
54 | 
55 | The preferred way of locally testing the role is to use Docker and [molecule](https://github.com/metacloud/molecule) (v2.x). You will have to install Docker on your system. See "Get started" for a Docker package suitable to for your system.
56 | We are using tox to simplify process of testing on multiple ansible versions. To install tox execute:
57 | ```sh
58 | pip install tox
59 | ```
60 | To run tests on all ansible versions (WARNING: this can take some time)
61 | ```sh
62 | tox
63 | ```
64 | To run a custom molecule command on custom environment with only default test scenario:
65 | ```sh
66 | tox -e py27-ansible25 -- molecule test -s default
67 | ```
68 | For more information about molecule go to their [docs](http://molecule.readthedocs.io/en/latest/).
69 | 
70 | If you would like to run tests on remote docker host just specify `DOCKER_HOST` variable before running tox tests.
71 | 
72 | ## License
73 | 
74 | This project is licensed under MIT License. See [LICENSE](/LICENSE) for more details.
75 | 
76 | ## Author Information
77 | 
78 | You can find me on Twitter: [@mongrelion](https://twitter.com/mongrelion)
79 | 
80 | ## Contributors
81 | 
82 | - Carlos Leon ([@mongrelion](https://github.com/mongrelion))
83 | - Paweł Krupa ([@paulfantom](https://github.com/paulfantom))
84 | - Marcus Levine ([@marcusianlevine](https://github.com/marcusianlevine))
85 | - Manuel Hutter ([@mhutter](https://github.com/mhutter))
86 | - Dmitri Bichko ([@dbichko](https://github.com/dbichko))
87 | - Zane Westover ([@zanewestover](https://github.com/zanewestover))
88 | - Bruce Becker ([@brucellino](https://github.com/brucellino))
89 | - David Wahlstrom ([@drwahl](https://github.com/drwahl))
90 | - Max Oreshnikov ([@maxim0r](https://github.com/maxim0r))
91 | - Nicholas E. Rabenau ([@nerab](https://github.com/nerab))
92 | - Petr Balogh ([@petr-balogh](https://github.com/petr-balogh))
93 | - ramz ([@ageekymonk](https://github.com/ageekymonk))
94 | 


--------------------------------------------------------------------------------
/defaults/main.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | docker_compose: true
 3 | 
 4 | docker_proxy: false
 5 | docker_http_proxy: ""
 6 | docker_https_proxy: ""
 7 | docker_no_proxy: ""
 8 | 
 9 | docker_version: "18.06.1"
10 | # docker_version: "latest"
11 | # docker_upgrade: false
12 | 
13 | docker_default_config:
14 |   storage-driver: overlay2
15 |   log-level: info
16 | 
17 | docker_users: []
18 | 


--------------------------------------------------------------------------------
/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: restart docker
3 |   become: true
4 |   systemd:
5 |     name: docker
6 |     state: restarted
7 |     daemon_reload: true
8 | 


--------------------------------------------------------------------------------
/meta/main.yml:
--------------------------------------------------------------------------------
 1 | galaxy_info:
 2 |   author: Carlos León
 3 |   description: Docker
 4 |   company: Container Solutions
 5 |   role_name: docker
 6 |   license: MIT
 7 |   min_ansible_version: 2.4
 8 |   platforms:
 9 |   - name: EL
10 |     versions:
11 |     - 7
12 |   - name: Debian
13 |     versions:
14 |       - jessie
15 |   - name: Ubuntu
16 |     versions:
17 |       - xenial
18 |       #- zesty
19 |   galaxy_tags:
20 |     - docker
21 |     - swarm
22 |     - swarmkit
23 |     - dockerswarm
24 |     - dockerswarmkit
25 | 
26 | dependencies: []
27 | 


--------------------------------------------------------------------------------
/molecule/alternative/molecule.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | dependency:
 3 |   name: galaxy
 4 | driver:
 5 |   name: docker
 6 | lint:
 7 |   name: yamllint
 8 | platforms:
 9 |   - name: xenial
10 |     image: paulfantom/ubuntu-molecule:16.04
11 |     docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
12 |     privileged: true
13 |     volumes:
14 |       - /sys/fs/cgroup:/sys/fs/cgroup:ro
15 |   - name: jessie
16 |     image: paulfantom/debian-molecule:8
17 |     docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
18 |     privileged: true
19 |     volumes:
20 |       - /sys/fs/cgroup:/sys/fs/cgroup:ro
21 |   - name: centos7
22 |     image: paulfantom/centos-molecule:7
23 |     docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
24 |     privileged: true
25 |     volumes:
26 |       - /sys/fs/cgroup:/sys/fs/cgroup:ro
27 | provisioner:
28 |   name: ansible
29 |   lint:
30 |     name: ansible-lint
31 |   playbooks:
32 |     create: ../default/create.yml
33 |     prepare: prepare.yml
34 |     converge: playbook.yml
35 |     destroy: ../default/destroy.yml
36 | scenario:
37 |   name: alternative
38 | verifier:
39 |   name: testinfra
40 |   lint:
41 |     name: flake8
42 |     enabled: true
43 | 


--------------------------------------------------------------------------------
/molecule/alternative/playbook.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - name: Alternative variables test
 3 |   hosts: all
 4 |   any_errors_fatal: true
 5 |   become: true
 6 |   roles:
 7 |     - ansible-role-docker
 8 |   vars:
 9 |     docker_compose: false
10 |     docker_version: latest
11 |     docker_default_config:
12 |       storage-driver: "vfs"
13 |     docker_users:
14 |       - test
15 | 


--------------------------------------------------------------------------------
/molecule/alternative/prepare.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - name: Prepare Environment
 3 |   hosts: all
 4 |   become: true
 5 |   tasks:
 6 |     - name: Create test user
 7 |       user:
 8 |         name: test
 9 |         shell: /bin/sh
10 |         system: no
11 |         createhome: yes
12 |         home: /home/test
13 | 


--------------------------------------------------------------------------------
/molecule/alternative/tests/test_alternative.py:
--------------------------------------------------------------------------------
 1 | import os
 2 | import testinfra.utils.ansible_runner
 3 | 
 4 | testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 5 |     os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
 6 | 
 7 | 
 8 | def test_directories(host):
 9 |     present = [
10 |         "/etc/docker",
11 |     ]
12 |     absent = []
13 |     if present:
14 |         for directory in present:
15 |             d = host.file(directory)
16 |             assert d.is_directory
17 |             assert d.exists
18 |     if absent:
19 |         for directory in absent:
20 |             d = host.file(directory)
21 |             assert not d.exists
22 | 
23 | 
24 | def test_files(host):
25 |     present = [
26 |         "/etc/docker/daemon.json",
27 |     ]
28 |     if present:
29 |         for file in present:
30 |             f = host.file(file)
31 |             assert f.exists
32 |             assert f.is_file
33 | 
34 | 
35 | # def test_socket(host):
36 | #     assert host.socket("unix:///var/run/docker.sock").is_listening
37 | 
38 | 
39 | def test_service(host):
40 |     present = [
41 |         "docker"
42 |     ]
43 |     if present:
44 |         for service in present:
45 |             s = host.service(service)
46 |             assert s.is_running
47 |             assert s.is_enabled
48 | 
49 | 
50 | def test_packages(host):
51 |     assert host.package('docker-ce').is_installed
52 |     # host.package doesn't support checking if package doesn't exist
53 |     # assert not host.package('python-pip').is_installed
54 |     assert not host.file('/usr/bin/pip').exists
55 | 
56 | 
57 | def test_user(host):
58 |     assert 'docker' in host.user("test").groups
59 | 


--------------------------------------------------------------------------------
/molecule/default/create.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - name: Create
 3 |   hosts: localhost
 4 |   connection: local
 5 |   gather_facts: false
 6 |   no_log: "{{ not lookup('env', 'MOLECULE_DEBUG') | bool }}"
 7 |   tasks:
 8 |     - name: Create molecule instance(s)
 9 |       docker_container:
10 |         name: "{{ item.name }}"
11 |         docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
12 |         hostname: "{{ item.name }}"
13 |         image: "{{ item.image }}"
14 |         state: started
15 |         recreate: false
16 |         log_driver: json-file
17 |         command: "{{ item.command | default(omit) }}"
18 |         privileged: "{{ item.privileged | default(omit) }}"
19 |         volumes: "{{ item.volumes | default(omit) }}"
20 |         capabilities: "{{ item.capabilities | default(omit) }}"
21 |         exposed_ports: "{{ item.exposed_ports | default(omit) }}"
22 |         published_ports: "{{ item.published_ports | default(omit) }}"
23 |         ulimits: "{{ item.ulimits | default(omit) }}"
24 |         networks: "{{ item.networks | default(omit) }}"
25 |         dns_servers: "{{ item.dns_servers | default(omit) }}"
26 |       register: server
27 |       with_items: "{{ molecule_yml.platforms }}"
28 |       async: 7200
29 |       poll: 0
30 | 
31 |     - name: Wait for instance(s) creation to complete
32 |       async_status:
33 |         jid: "{{ item.ansible_job_id }}"
34 |       register: docker_jobs
35 |       until: docker_jobs.finished
36 |       retries: 300
37 |       with_items: "{{ server.results }}"
38 | 


--------------------------------------------------------------------------------
/molecule/default/destroy.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - name: Destroy
 3 |   hosts: localhost
 4 |   connection: local
 5 |   gather_facts: false
 6 |   no_log: "{{ not lookup('env', 'MOLECULE_DEBUG') | bool }}"
 7 |   tasks:
 8 |     - name: Destroy molecule instance(s)
 9 |       docker_container:
10 |         name: "{{ item.name }}"
11 |         docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
12 |         state: absent
13 |         force_kill: "{{ item.force_kill | default(true) }}"
14 |       register: server
15 |       with_items: "{{ molecule_yml.platforms }}"
16 |       async: 7200
17 |       poll: 0
18 | 
19 |     - name: Wait for instance(s) deletion to complete
20 |       async_status:
21 |         jid: "{{ item.ansible_job_id }}"
22 |       register: docker_jobs
23 |       until: docker_jobs.finished
24 |       retries: 300
25 |       with_items: "{{ server.results }}"
26 | 
27 |     - name: Delete docker network(s)
28 |       docker_network:
29 |         name: "{{ item }}"
30 |         docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
31 |         state: absent
32 |       with_items: "{{ molecule_yml.platforms | molecule_get_docker_networks }}"
33 | 


--------------------------------------------------------------------------------
/molecule/default/molecule.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | dependency:
 3 |   name: galaxy
 4 | driver:
 5 |   name: docker
 6 | lint:
 7 |   name: yamllint
 8 | platforms:
 9 |   - name: xenial
10 |     image: paulfantom/ubuntu-molecule:16.04
11 |     docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
12 |     privileged: true
13 |     volumes:
14 |       - /sys/fs/cgroup:/sys/fs/cgroup:ro
15 |   - name: jessie
16 |     image: paulfantom/debian-molecule:8
17 |     docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
18 |     privileged: true
19 |     volumes:
20 |       - /sys/fs/cgroup:/sys/fs/cgroup:ro
21 |   - name: centos7
22 |     image: paulfantom/centos-molecule:7
23 |     docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
24 |     privileged: true
25 |     volumes:
26 |       - /sys/fs/cgroup:/sys/fs/cgroup:ro
27 | provisioner:
28 |   name: ansible
29 |   lint:
30 |     name: ansible-lint
31 | scenario:
32 |   name: default
33 | verifier:
34 |   name: testinfra
35 |   lint:
36 |     name: flake8
37 |     enabled: true
38 | 


--------------------------------------------------------------------------------
/molecule/default/playbook.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - name: Default variables test
 3 |   hosts: all
 4 |   become: yes
 5 |   roles:
 6 |     - ansible-role-docker
 7 |   vars:
 8 |     docker_default_config:
 9 |       storage-driver: "vfs"
10 | 
11 | 


--------------------------------------------------------------------------------
/molecule/default/prepare.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Prepare
3 |   hosts: all
4 |   tasks: []
5 | 


--------------------------------------------------------------------------------
/molecule/default/tests/test_default.py:
--------------------------------------------------------------------------------
 1 | import os
 2 | import testinfra.utils.ansible_runner
 3 | 
 4 | testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 5 |     os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
 6 | 
 7 | 
 8 | def test_directories(host):
 9 |     present = [
10 |         "/etc/docker",
11 |     ]
12 |     absent = []
13 |     if present:
14 |         for directory in present:
15 |             d = host.file(directory)
16 |             assert d.is_directory
17 |             assert d.exists
18 |     if absent:
19 |         for directory in absent:
20 |             d = host.file(directory)
21 |             assert not d.exists
22 | 
23 | 
24 | def test_files(host):
25 |     present = [
26 |         "/etc/docker/daemon.json",
27 |     ]
28 |     if present:
29 |         for file in present:
30 |             f = host.file(file)
31 |             assert f.exists
32 |             assert f.is_file
33 | 
34 | 
35 | # def test_socket(host):
36 | #     assert host.socket("unix:///var/run/docker.sock").is_listening
37 | 
38 | 
39 | def test_service(host):
40 |     present = [
41 |         "docker"
42 |     ]
43 |     if present:
44 |         for service in present:
45 |             s = host.service(service)
46 |             assert s.is_running
47 |             assert s.is_enabled
48 | 
49 | 
50 | def test_packages(host):
51 |     assert host.package('docker-ce').is_installed
52 | 
53 | 
54 | def test_pip(host):
55 |     assert 'docker-compose' in host.pip_package.get_packages()
56 | 


--------------------------------------------------------------------------------
/tasks/configure.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - name: ensure needed directories are present
 3 |   file:
 4 |     path: "{{ item }}"
 5 |     state: directory
 6 |   with_items:
 7 |     - /etc/docker
 8 |     - /etc/systemd/system
 9 | 
10 | - name: ensure daemon config file is present
11 |   copy:
12 |     content: |
13 |       {{ docker_json | to_nice_json(indent=2) }}
14 |     dest: /etc/docker/daemon.json
15 |   notify: restart docker
16 | 
17 | - name: create directory for proxy file
18 |   file:
19 |     path: /etc/systemd/system/docker.service.d
20 |     state: directory
21 |   when: docker_proxy
22 | 
23 | - name: create http-proxy.conf
24 |   copy:
25 |     content: |
26 |       [Service]
27 |       Environment="HTTP_PROXY={{ docker_http_proxy }}" "HTTPS_PROXY={{ docker_https_proxy }}" "NO_PROXY={{ docker_no_proxy }}"
28 |     dest: /etc/systemd/system/docker.service.d/http-proxy.conf
29 |   notify: restart docker
30 |   when: docker_proxy
31 | 
32 | - name: ensure unit file is present & up to date
33 |   template:
34 |     src: docker.j2.service
35 |     dest: /etc/systemd/system/docker.service
36 |   notify: restart docker
37 | 
38 | - name: Add privileged users to docker group
39 |   user:
40 |     name: "{{ item }}"
41 |     groups: docker
42 |     append: true
43 |   with_items: "{{ docker_users }}"
44 | 


--------------------------------------------------------------------------------
/tasks/install.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - name: install system dependencies
 3 |   package:
 4 |     name: "{{ item }}"
 5 |     state: present
 6 |   register: __ret
 7 |   retries: 5
 8 |   until: __ret is succeeded
 9 |   with_items: "{{ docker_dependencies }}"
10 | 
11 | - name: remove old versions
12 |   package:
13 |     name: "{{ item }}"
14 |     state: absent
15 |   with_items:
16 |     - lxc-docker
17 |     - docker-engine
18 |     - docker
19 |     - docker-common
20 |     - docker.io
21 | 
22 | - block:
23 |     - name: add GPG key
24 |       apt_key:
25 |         url: "https://download.docker.com/linux/{{ docker_repo_distribution }}/gpg"
26 |         state: present
27 | 
28 |     - name: add docker repository | Debian
29 |       apt_repository:
30 |         repo: "deb [arch=amd64] https://download.docker.com/linux/{{ docker_repo_distribution }} {{ ansible_distribution_release }} stable"
31 |         state: present
32 |   when: ansible_os_family == "Debian"
33 | 
34 | - name: add docker repository | RedHat
35 |   yum_repository:
36 |     name: docker-ce-stable
37 |     description: "Docker CE Stable - $basearch"
38 |     baseurl: "https://download.docker.com/linux/{{ docker_repo_distribution }}/{{ ansible_distribution_major_version }}/$basearch/stable"
39 |     gpgcheck: true
40 |     gpgkey: "https://download.docker.com/linux/{{ docker_repo_distribution }}/gpg"
41 |   when: ansible_os_family == "RedHat" and ansible_distribution != "OracleLinux"
42 | 
43 | - name: Install docker
44 |   package:
45 |     name: "{{ docker_package }}"
46 |     state: "{{ (docker_version == 'latest') | ternary('latest', 'present') }}"
47 |     update_cache: true
48 |   register: __ret
49 |   retries: 10
50 |   until: __ret is succeeded
51 |   notify:
52 |     - restart docker
53 | 
54 | - block:
55 |     - name: Install pip
56 |       package:
57 |         name: python2-pip
58 |         state: present
59 |       when: ansible_os_family | lower != "debian"
60 | 
61 |     - name: Install pip | Debian
62 |       apt:
63 |         name: python-pip
64 |         state: present
65 |       register: __pip
66 |       when: ansible_os_family | lower == "debian"
67 | 
68 |     # https://stackoverflow.com/questions/27341064/how-do-i-fix-importerror-cannot-import-name-incompleteread
69 |     - name: Upgrade pip | Debian
70 |       command: pip install --upgrade pip
71 |       when: __pip is changed
72 | 
73 |     - name: ensure docker-compose is installed
74 |       pip:
75 |         name: "{{ item }}"
76 |       with_items:
77 |         - docker-compose
78 |   when: docker_compose
79 | 


--------------------------------------------------------------------------------
/tasks/main.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - name: Gather variables for each operating system
 3 |   include_vars: "{{ item }}"
 4 |   with_items: "{{ ansible_os_family | lower }}.yml"
 5 |   tags:
 6 |     - always
 7 | 
 8 | - include_tasks: preflight.yml
 9 | 
10 | - include_tasks: install.yml
11 | 
12 | - include_tasks: configure.yml
13 | 
14 | - name: ensure starts on system boot
15 |   systemd:
16 |     name: docker
17 |     enabled: true
18 | 


--------------------------------------------------------------------------------
/tasks/preflight.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - name: Set backwards compatibility for docker_upgrade var
 3 |   set_fact:
 4 |     docker_version: latest
 5 |   when: upgrade_docker is defined or docker_upgrade is defined
 6 | 
 7 | - name: Set backwards compatibility for default_config
 8 |   set_fact:
 9 |     docker_default_config: "{{ default_docker_config }}"
10 |   when: default_docker_config is defined
11 | 
12 | - name: apply default daemon config
13 |   set_fact:
14 |     docker_json: "{{ docker_default_config | combine(docker_config | default({})) }}"
15 | 


--------------------------------------------------------------------------------
/templates/docker.j2.service:
--------------------------------------------------------------------------------
 1 | [Unit]
 2 | Description=Docker Application Container Engine
 3 | Documentation=https://docs.docker.com
 4 | After=network.target
 5 | 
 6 | [Service]
 7 | Type=notify
 8 | # the default is not to use systemd for cgroups because the delegate issues still
 9 | # exists and systemd currently does not support the cgroup feature set required
10 | # for containers run by docker
11 | ExecStart=/usr/bin/dockerd -H unix:///var/run/docker.sock
12 | ExecReload=/bin/kill -s HUP $MAINPID
13 | LimitNOFILE=1048576
14 | LimitNPROC=1048576
15 | LimitCORE=infinity
16 | # Uncomment TasksMax if your systemd version supports it.
17 | # Only systemd 226 and above support this version.
18 | #TasksMax=infinity
19 | TimeoutStartSec=0
20 | # set delegate yes so that systemd does not reset the cgroups of docker containers
21 | Delegate=yes
22 | # kill only the docker process, not all processes in the cgroup
23 | KillMode=process
24 | 
25 | [Install]
26 | WantedBy=multi-user.target
27 | 


--------------------------------------------------------------------------------
/test-requirements.txt:
--------------------------------------------------------------------------------
1 | molecule>=2.15.0
2 | docker
3 | ansible-lint>=3.4.0
4 | testinfra>=1.7.0
5 | jmespath
6 | 


--------------------------------------------------------------------------------
/tox.ini:
--------------------------------------------------------------------------------
 1 | [tox]
 2 | minversion = 1.8
 3 | envlist = py{27}-ansible{24,25,26}
 4 | skipsdist = true
 5 | 
 6 | [travis:env]
 7 | ANSIBLE=
 8 |   2.4: ansible24
 9 |   2.5: ansible25
10 |   2.6: ansible26
11 | 
12 | [testenv]
13 | passenv = *
14 | deps =
15 |     -rtest-requirements.txt
16 |     ansible24: ansible<2.5
17 |     ansible25: ansible<2.6
18 |     ansible26: ansible<2.7
19 | commands =
20 |     {posargs:molecule test --all --destroy always}
21 | 


--------------------------------------------------------------------------------
/vars/debian.yml:
--------------------------------------------------------------------------------
1 | ---
2 | docker_package: "docker-ce{{ (docker_version != 'latest') | ternary('=' ~ docker_version ~ '*', '') }}"
3 | docker_dependencies:
4 |   - apt-transport-https
5 |   - ca-certificates
6 |   - software-properties-common
7 | 


--------------------------------------------------------------------------------
/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | docker_gpg_key: 58118E89F3A912897C070ADBF76221572C52609D
3 | key_server: hkp://p80.pool.sks-keyservers.net:80
4 | docker_repo_distribution: "{{ ansible_distribution | lower }}"
5 | 


--------------------------------------------------------------------------------
/vars/redhat.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | # allows also install on RHEL with CentOS repos.
 3 | docker_repo_distribution: "{{ (ansible_distribution == 'RedHat')| ternary('centos', ansible_distribution) | lower }}"
 4 | docker_package: "docker-ce{{ (docker_version != 'latest') | ternary('-' ~ docker_version ~ '*', '') }}"
 5 | docker_dependencies:
 6 |   - ca-certificates
 7 |   - yum-utils
 8 |   - epel-release
 9 |   - e2fsprogs
10 | 


--------------------------------------------------------------------------------