Last active
May 30, 2018 13:57
-
-
Save billmetangmo/96607381a7e80901d7bf1998d31e8461 to your computer and use it in GitHub Desktop.
ansible playbook to set up a docker registry with xfs + proxies + limesurvey
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - hosts: registry | |
| become: true | |
| vars: | |
| public_ip: 10.197.138.130 | |
| tasks: | |
| - name: set selinux to permissive | |
| selinux: | |
| policy: targeted | |
| state: permissive | |
| tags: selinux | |
| - name: format /dev/vdb as a ext4 filesystem | |
| filesystem: | |
| fstype: xfs | |
| dev: /dev/vdb | |
| - name: mount /dev/vdb to /var/lib/data/ | |
| mount: | |
| path: /var/lib/data | |
| src: /dev/vdb | |
| fstype: xfs | |
| state: mounted | |
| - name: Allo tag/push directly from registry | |
| lineinfile: | |
| dest: /etc/hosts | |
| line: "{{public_ip}} registry" | |
| state: present | |
| ### TODO: ensure folder exist role | |
| - name: Ensure /var/lib/data/docker exists | |
| file: "path=/var/lib/data/${{item}} state=directory " | |
| with_items: | |
| - registry | |
| - docker | |
| ### TODO: docker-proxy-{version} role [BEGIN] | |
| - name: install python-docker | |
| yum: "name={{item}} state=latest" | |
| with_items: | |
| - python-docker-py | |
| - name: Setting docker repo | |
| yum_repository: | |
| name: docker-repo | |
| description: Docker Repository | |
| baseurl: https://yum.dockerproject.org/repo/main/centos/7/ | |
| enabled: no | |
| gpgcheck: no | |
| - name: install docker & htppd | |
| yum: name={{item}} state=latest enablerepo=docker-repo | |
| with_items: | |
| - docker-engine | |
| - httpd | |
| - name: enable docker & httpd | |
| systemd: name={{item}} enabled=True state=started | |
| with_items: | |
| - docker | |
| - httpd | |
| - name: Create dir /etc/systemd/system/docker.service.d | |
| file: "path={{item}} state=directory" | |
| with_items: | |
| - /etc/systemd/system/docker.service.d | |
| - name: Create file /etc/systemd/system/docker.service.d/proxy.conf | |
| file: "path=/etc/systemd/system/docker.service.d/proxy.conf state=touch" | |
| tags: proxy | |
| ### issue open: https://github.com/docker/for-linux/issues/180 | |
| - name: set docker proxies | |
| lineinfile: | |
| dest: /etc/systemd/system/docker.service.d/proxy.conf | |
| line: "{{ item }}" | |
| state: present | |
| with_items: | |
| - "[Service]" | |
| - 'Environment="HTTP_PROXY={{ansible_env.http_proxy}}" "HTTPS_PROXY={{ansible_env.https_proxy}}" "NO_PROXY=registry,{{ansible_env.no_proxy}}"' | |
| tags: proxy | |
| - name: persist docker data in /var/lib/data/docker instead of /var/lib/docker | |
| lineinfile: | |
| dest: /usr/lib/systemd/system/docker.service | |
| line: "ExecStart=/usr/bin/dockerd --data-root=/var/lib/data/docker --insecure-registry registry:5000" | |
| regexp: ExecStart=/usr/bin/dockerd | |
| state: present | |
| - name: start docker | |
| systemd: name=docker daemon_reload=yes state=restarted | |
| ### TODO: docker-proxy-{version} role [END] | |
| - name: start registry container | |
| docker_container: | |
| name: registry | |
| image: registry:2 | |
| network_mode: host | |
| restart_policy: always | |
| volumes: | |
| - "/var/lib/data/registry:/var/lib/registry" | |
| env: | |
| REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: "/var/lib/registry" | |
| REGISTRY_STORAGE_DELETE_ENABLED: true | |
| - name: start limesurvey container | |
| docker_container: | |
| name: limesurvey | |
| image: crramirez/limesurvey | |
| network_mode: host | |
| restart_policy: always |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment