AnsibleでUbuntuにdockerとdocker-composeをインストールする
やること
UbuntuOSにAnsibleでdockerとdocker-composeを一般ユーザ(ubuntu)で実行できる環境を構築する
環境
- OS: Ubuntu16.04
- kernel: 4.4.0-1072-aws
- ansible 2.7.1
- docker-compose version: 1.23.1
docker-composeのダウンロード
権限の問題
- ErrorMessage:
docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock...
- デフォルトでは、dockerはroot権限でしか実行できないようになっている
- 対策: dockerグループに一般ユーザを追加し、
/var/run/docker.sock
のgroupをdockerに変更する
- ErrorMessage:
dockerのパスを一般ユーザ用に変更する
/usr/bin/docker --> /usr/local/bin/docker
シンボリックリンクをはった
$ pwd /usr/local/bin ubuntu@hide-dev:/usr/local/bin$ ll docker lrwxrwxrwx 1 root root 15 Nov 24 07:11 docker -> /usr/bin/docker*
Ansible
- roles/docker/tasks/main.yml
--- - name: Apt-get install Packages apt: pkg={{ item }} state=present update_cache=yes with_items: - apt-transport-https - ca-certificates - software-properties-common become: yes - name: Check docker gpg key command: apt-key fingerprint 0EBFCD88 | grep 0EBFCD88 register: docker_gpg ignore_errors: True changed_when: False - name: Add Docker official GPG key shell: curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - when: docker_gpg | failed - name: Define lsb_release -cs command: lsb_release -cs ignore_errors: True register: lsb_release - name: Set up the stable repo command: add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ lsb_release.stdout }} stable" become: yes - name: Install docker-ce apt: name=docker-ce state=present update_cache=yes notify: - Restart Docker sudo: yes - name: Symlink docker command file: src: /usr/bin/docker dest: /usr/local/bin/docker state: link become: yes - name: Join docker-group ubuntu user: name: ubuntu groups: "docker" become: yes - name: Change dockr.sock file: path: /var/run/docker.sock owner: root group: docker mode: 0755 become: yes notify: - Restart Docker - name: Install docker-composee get_url: url: https://github.com/docker/compose/releases/download/1.23.1/docker-compose-Linux-x86_64 dest: /usr/local/bin/docker-compose become: yes - name: add execute permission file: path: /usr/local/bin/docker-compose owner: ubuntu group: ubuntu mode: 0755 become: yes
- roles/docker/handlers/main.yml
--- - name: Restart Docker systemd: name: docker state: restarted daemon_reload: yes become: yes
結果
$ which docker
- /usr/local/bin/docker
$ which docker-compose
- /usr/local/bin/docker-compose
$ cat /etc/group | grep docker
- docker:x:999:ubuntu
$ ll /var/run/docker.sock
- srwxr-xr-x 1 root docker 0 Nov 24 07:56 /var/run/docker.sock=