My Note

自己理解のためのブログ

AnsibleでUbuntuにdockerとdocker-composeをインストールする

やること

UbuntuOSにAnsibleでdockerとdocker-composeを一般ユーザ(ubuntu)で実行できる環境を構築する

  • 環境

    • OS: Ubuntu16.04
    • kernel: 4.4.0-1072-aws
    • ansible 2.7.1
    • docker-compose version: 1.23.1
  • docker-composeのダウンロード

  • 権限の問題

    • ErrorMessage: docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock...
    • デフォルトでは、dockerはroot権限でしか実行できないようになっている
    • 対策: dockerグループに一般ユーザを追加し、/var/run/docker.sock のgroupをdockerに変更する
  • dockerのパスを一般ユーザ用に変更する

$ pwd
/usr/local/bin
ubuntu@hide-dev:/usr/local/bin$ ll docker
lrwxrwxrwx 1 root root 15 Nov 24 07:11 docker -> /usr/bin/docker*

Ansible

  • roles/docker/tasks/main.yml
---
- name: Apt-get install Packages
  apt: pkg={{ item }} state=present update_cache=yes
  with_items:
    - apt-transport-https
    - ca-certificates
    - software-properties-common
  become: yes

- name: Check docker gpg key
  command: apt-key fingerprint 0EBFCD88 | grep 0EBFCD88
  register: docker_gpg
  ignore_errors: True
  changed_when: False

- name: Add Docker official GPG key
  shell: curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
  when: docker_gpg | failed

- name: Define lsb_release -cs
  command: lsb_release -cs
  ignore_errors: True
  register: lsb_release

- name: Set up the stable repo
  command: add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ lsb_release.stdout }} stable"
  become: yes

- name: Install docker-ce
  apt: name=docker-ce state=present update_cache=yes
  notify:
    - Restart Docker
  sudo: yes

- name: Symlink docker command
  file:
    src: /usr/bin/docker
    dest: /usr/local/bin/docker
    state: link
  become: yes

- name: Join docker-group ubuntu
  user:
    name: ubuntu
    groups: "docker"
  become: yes

- name: Change dockr.sock
  file:
    path: /var/run/docker.sock
    owner: root
    group: docker
    mode: 0755
  become: yes
  notify:
    - Restart Docker

- name: Install docker-composee
  get_url:
    url: https://github.com/docker/compose/releases/download/1.23.1/docker-compose-Linux-x86_64
    dest: /usr/local/bin/docker-compose
  become: yes

- name: add execute permission
  file:
    path: /usr/local/bin/docker-compose
    owner: ubuntu
    group: ubuntu
    mode: 0755
  become: yes
  • roles/docker/handlers/main.yml
---
- name: Restart Docker
  systemd:
    name: docker
    state: restarted
    daemon_reload: yes
  become: yes

結果

  • $ which docker

    • /usr/local/bin/docker
  • $ which docker-compose

    • /usr/local/bin/docker-compose
  • $ cat /etc/group | grep docker

  • $ ll /var/run/docker.sock

    • srwxr-xr-x 1 root docker 0 Nov 24 07:56 /var/run/docker.sock=