|  | 3 年之前 | |
|---|---|---|
| .. | ||
| defaults | 3 年之前 | |
| handlers | 3 年之前 | |
| tasks | 3 年之前 | |
| templates | 3 年之前 | |
| .travis.yml | 3 年之前 | |
| readme.md | 3 年之前 | |
This role will install Docker and given a list of containers to deploy, will do the following:
This role is only tested on Fedora/CentOS machines.
container_user: user name to run containers as (will be generated if not exists)
container_uid: uid of above user name
container_group: group name of container_user (will be generated if not exists)
container_gid: gid of above group name
Automated pulls and purges are handled by systemd timers. Any valid systemd timer calendar event expression may be passed to them:
docker_pull_timer: weekly
docker_purge_timer: monthly
global_env_vars: # will be set on any container which has include_global_env_vars: true
  - PUID={{ container_uid }}
  - PGID={{ container_gid }}
  - TZ=America/Los_Angeles
firewall_ports: # list of ports to open up on the host
  - 80/tcp
  - 443/tcp
Since this role sets up each container individually, if multiple containers need to talk directly to each other container networks must be outlined:
This role sets up each container as an individual docker-compose.yml file with a 1-to-1 relationship with it's systemd service. This means we can not rely on docker-compose's built-in networking feature for connecting multiple containers together.
Outline any networks you need via container_networks:
container_networks:
  - name: nginx-proxy
    driver: bridge
    subnet: 172.21.10.0/24
    ip_range: 172.21.10.0/24
    gateway: 172.21.10.1
And specify those networks in the corresponding container's dictionary:
containers:
  - name: swag
    active: true
    image: linuxserver/swag
    ports:
      - 80:80
      - 443:443
    volumes:
      - /opt/swag:/config
    include_global_env_vars: true
    environment:
      - URL=myexamplesite.biz
      - VALIDATION=http
      - SUBDOMAINS=www,git,
      - EMAIL=admin@myexamplesite.biz
    restart: unless-stopped
    memlimit: 300m
    networks:
      - nginx-proxy
    - name: gogs
      active: true
      image: gogs/gogs
      ports:
        - "10022:22" # https://github.com/go-yaml/yaml/issues/34#issuecomment-55772666
      volumes:
        - /opt/gogs:/data
      include_global_env_vars: false
      restart: unless-stopped
      memlimit: 500m
      networks:
        - nginx-proxy
This role creates docker-compose.yml files for each entry in the list of containers under the filename:
/root/docker/<name>/docker-compose.yml
It also generates systemd services files of the name:
/etc/systemd/system/<name>.service
This file is a simple wrapper around docker-compose:
[root@shareunderware ~]# systemctl cat swag.service
# /etc/systemd/system/swag.service
# This file is managed by Ansible. Any local changes may be wiped out!
[Unit]
Description=systemd wrapper around docker swag service
Requires=docker.service
After=docker.service
[Service]
Restart=always
User=root
Group=docker
ExecStartPre=/usr/bin/docker-compose -f /root/docker/swag/docker-compose.yml down -v
ExecStart=/usr/bin/docker-compose -f /root/docker/swag/docker-compose.yml up
ExecStop=/usr/bin/docker-compose -f /root/docker/swag/docker-compose.yml down -v
[Install]
WantedBy=multi-user.target
This method allows the logs to be captured via journald and can be queried just like any other service:
[root@shareunderware ~]# journalctl -fu swag.service 
Apr 25 04:20:59 shareunderware docker-compose[1956]: swag    | [cont-init.d] 70-templates: exited 0.
Apr 25 04:20:59 shareunderware docker-compose[1956]: swag    | [cont-init.d] 90-custom-folders: executing...
Apr 25 04:20:59 shareunderware docker-compose[1956]: swag    | [cont-init.d] 90-custom-folders: exited 0.
Apr 25 04:20:59 shareunderware docker-compose[1956]: swag    | [cont-init.d] 99-custom-files: executing...
Apr 25 04:20:59 shareunderware docker-compose[1956]: swag    | [custom-init] no custom files found exiting...
Apr 25 04:20:59 shareunderware docker-compose[1956]: swag    | [cont-init.d] 99-custom-files: exited 0.
Apr 25 04:20:59 shareunderware docker-compose[1956]: swag    | [cont-init.d] done.
Apr 25 04:20:59 shareunderware docker-compose[1956]: swag    | [services.d] starting services
Apr 25 04:20:59 shareunderware docker-compose[1956]: swag    | [services.d] done.
Apr 25 04:21:03 shareunderware docker-compose[1956]: swag    | Server ready
GPLv3