ansible docekr 实例

目录结构

hosts
deployment
    - docker.yml
roles
    - docker
        - tasks
              -main.yml
        - templater
        - files

vim hosts

[docker]
192.168.106.130 hostname=rocky90-106-130
[timesyncclient]
192.168.106.130 hostname=rocky90-106-130
[aliyuan]
192.168.106.130 hostname=rocky90-106-130
[init]
192.168.106.130 hostname=rocky90-106-130

[all:vars]
ansible_ssh_user=root
ansible_ssh_pass=kc@123456
ansible_ssh_port=22

deployment/docker.yml

---
- hosts: docker
  sudo: yes
  roles: 
    - ../roles/docker

vim roles/docker/tasks/main.yml

mkdir -p roles/docker/{tasks,templater,files}
vim roles/docker/tasks/main.yml
##################################################################################
---
### 安装并配置 docker 服务 ###

########################### to centos7 or rockylinux9 ############################
# 安装docker-ce依赖包
- name: Cenots7.x_Rocky9.x_install_docker_depend
  package:
    name:
      - yum-utils
      - device-mapper-persistent-data
      - lvm2
    state: present
  when: ansible_os_family == 'RedHat'
# 添加 docker GPG KEY 阿里源docker的gpg key
- name: Add_Docker_GPG_key
  yum_key:
    url: https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg
    state: present
  when: ansible_os_family == 'RedHat'
# 配置 阿里源 docker安装源 
- name: Cenots7.x_Rocky9.x_install_docker_repo
  copy: src=docker-ce.repo_centos7_and_rocky9  dest=/etc/yum.repos.d/docker-ce.repo mode=0755
  when: ansible_os_family == 'RedHat'
# 更新源 centos7.x
- name: Cenots7.x_update_yum_cache
  shell: "yum makecache fast"
  when: ansible_distribution=="CentOS"
# 更新源 rocky9.x
- name: Rocky9.x_update_dnf_cache
  shell: "dnf makecache"
  when: ansible_distribution=="Rocky"
# 安装docker-ce  centos7.x package参数通用相当于(apt、yum、dnf、zypper 等)
- name: Cenots7.x_Rocky9.x_install_docker_service
  package:
    name: docker-ce
    state: present
  when: ansible_os_family == 'RedHat'

# 重启 docker 服务并开机启动
- name: Cenots7.x_Rocky9.x_restart_docker_service
  service:
    name: docker
    state: restarted
    enabled: yes
  when: ansible_os_family == 'RedHat'
# 添加 docker 配置文件 为了限制log大小/指定内网仓库/使用GPU/加速源
- name: Cenots7.x_Rocky9.x_add_docker_conf_cpu
  template: src=daemon.json-cpu.j2  dest=/etc/docker/daemon.json
  when: ansible_os_family == 'RedHat'
#- name: Cenots7.x_Rocky9.x_add_docker_conf_gpu
#  template: src=daemon.json-gpu.j2   dest=/etc/docker/daemon.json
#  when: ansible_distribution=="CentOS" or ansible_distribution=="Rocky"
# 重启 docker 服务 加载daemon.json
- name: Cenots7.x_Rocky9.x_restart_docker_load_daemon.json
  service:
    name: docker
    state: restarted
  when: ansible_os_family == 'RedHat'
############################## to ubuntu server ##############################
# 安装 docker-ce 依赖
- name: Ubuntu_install_docker_depend
  shell: "apt -y install apt-transport-https ca-certificates curl software-properties-common"
  when: ansible_distribution=="Ubuntu"
# 添加 docker 源GPG证书
- name: Ubuntu_add_docker_yuan_gpg
  shell: "curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -"
  when: ansible_distribution=="Ubuntu"
# 写入docker源信息
- name: Ubuntu_add_docker-ce_yuan_list
  shell: 'add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"'
  when: ansible_distribution=="Ubuntu"
# 删除锁文件
- name: Ubuntu_delete_lock_files
  file:
    path: "{{ item }}"
    state: absent
  loop:
    - /var/lib/dpkg/lock
    - /var/lib/apt/lists/lock
    - /var/cache/apt/archives/lock
  when: ansible_distribution=="Ubuntu"
# 强制更新软件源
- name: Ubuntu_apt_update
  apt:
    update_cache: yes 
    force: yes 
  when: ansible_distribution=="Ubuntu"
# 安装docker服务
- name: Ubuntu_install_docker-ce
  apt:
    name: docker-ce
    state: present 
  when: ansible_distribution=="Ubuntu"
# 重启docker并开机启动
- name: Ubuntu_restart_docker
  systemd:
    name: docker
    state: restarted
    enabled: yes
  when: ansible_distribution=="Ubuntu"
# 添加 docker 配置文件 为了限制log大小/指定内网仓库/使用GPU/加速源
- name: Ubuntu_add_docker_conf_cpu
  template: src=daemon.json-cpu.j2  dest=/etc/docker/daemon.json
  when: ansible_distribution=="Ubuntu"
#- name: Ubuntu_add_docker_conf_gpu
#  template: src=daemon.json-gpu.j2  dest=/etc/docker/daemon.json
#  when: ansible_distribution=="Ubuntu"
# 重启docker 加载daemon.json
- name: Ubuntu_restart_docker_load_daemon.json
  systemd:
    name: docker
    state: restarted
  when: ansible_distribution=="Ubuntu"

docker-ce.repo_centos7_and_rocky9

curl -o \
roles/docker/files/docker-ce.repo_centos7_and_rocky9 \
https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

vim roles/docker/templates/daemon.json-cpu.j2 加速 仓库 日志大小

{
  "registry-mirrors": [
    "https://sjpo25jn.mirror.aliyuncs.com",
    "http://hub-mirror.c.163.com",
    "https://docker.mirrors.ustc.edu.cn",
    "https://registry.docker-cn.com"
  ],
  "insecure-registries": [
    "{{ docker_pricate_registry }}"
  ],
  "log-driver": "json-file",
  "log-opts": {"max-size": "25m", "max-file": "2"}
}

vim roles/docker/templates/daemon.json-gpu.j2

{
  "registry-mirrors": [
    "https://sjpo25jn.mirror.aliyuncs.com",
    "http://hub-mirror.c.163.com",
    "https://docker.mirrors.ustc.edu.cn",
    "https://registry.docker-cn.com"
  ],
  "insecure-registries": [
    "{{ docker_pricate_registry }}"
  ],
  "log-driver": "json-file",
  "log-opts": {"max-size": "25m", "max-file": "2"},
  "default-runtime": "nvidia",
  "runtimes": {
    "nvidia": {
      "path": "/usr/bin/nvidia-container-runtime",
      "runtimeArgs": []
    }
  },
}

执行命令

ansible-playbook -i hosts deployment/docker.yml

posted on 2025-10-30 09:33  luokeli  阅读(0)  评论(0)    收藏  举报

导航