This role will install Docker on a target machine running Debian or Ubuntu.
| Variable | Description | Default value |
|---|---|---|
| docker_compose | install docker-compose | true |
| docker_user | name of the user who is going to use docker | root |
| docker_rootless | run the Docker daemon as a non-root user (Rootless mode) | false |
| docker_pinned | see section Select the Docker version bellow | None |
| docker_compose_version | see section Select the Docker-compose version bellow | None |
| docker_registry_login | see bellow | None |
docker_registry_login is used when you need to define an url/username/password to access specific dockers registries.
The object is defined like this:
docker_registry_login:
- url: "docker.cosium.dev"
username: "user"
password: "pass"
- url: "something"
username: "user"
password: "pass"
By default, the latest version of Docker will be installed, but you can specify a version by setting this variable:
docker_pinned: "17.09.0~ce-0~debian"
# Or only pin the major version {#or-only-pin-the-major-version}
docker_pinned: "27*"
To find out the list of available versions, use this command on the target server:
# apt-cache madison docker-ce {#apt-cache-madison-docker-ce}
docker-ce | 17.09.0~ce-0~debian | https://download.docker.com/linux/debian stretch/stable amd64 Packages
docker-ce | 17.06.2~ce-0~debian | https://download.docker.com/linux/debian stretch/stable amd64 Packages
docker-ce | 17.06.1~ce-0~debian | https://download.docker.com/linux/debian stretch/stable amd64 Packages
docker-ce | 17.06.0~ce-0~debian | https://download.docker.com/linux/debian stretch/stable amd64 Packages
docker-ce | 17.03.2~ce-0~debian-stretch | https://download.docker.com/linux/debian stretch/stable amd64 Packages
docker-ce | 17.03.1~ce-0~debian-stretch | https://download.docker.com/linux/debian stretch/stable amd64 Packages
docker-ce | 17.03.0~ce-0~debian-stretch | https://download.docker.com/linux/debian stretch/stable amd64 Packages
By default, this role will install the latest version of docker-compose. You can also select a specific docker-compose version by setting this variable:
docker_compose_version: "1.17.1"
You can find the list of docker-compose release here: https://github.com/docker/compose/releases/
This role let docker create the docker0 bridge interface. This means that if docker sees a route for all the rfc1918 networks (10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16), it will fail.
This basically is the case for the machines in the DMZ: all those routes are defined so that the default gateway can be the BGP router, typically you have such configuration for their DMZ interface:
# DMZ6 {#dmz6}
auto eth136
iface eth136 inet static
address 10.12.36.96
netmask 24
dns-nameservers 10.12.1.207 10.12.1.2
dns-search cosium.com
# static route {#static-route}
up route add -net 10.0.0.0 netmask 255.0.0.0 gw 10.12.36.254 dev eth136
up route add -net 172.16.0.0 netmask 255.240.0.0 gw 10.12.36.254 dev eth136
up route add -net 192.168.0.0 netmask 255.255.0.0 gw 10.12.36.254 dev eth136
To allow doker to create the docker0 interface, you basically have to remove the last line. Currently we don't use any 192.168.0.0/16 network so it won't be an issue.
To perform an update, add this parameter: --extra-vars "docker_compose_update_now=true" , true is case-sensitive since it's evaluated as a string in this case.
This role will also update if this parameter is present: --extra-vars "global_update_now=true" , true is also case-sensitive since it's evaluated as a string in this case.
The update will be skipped if you already have the latest version of the binary.