当前位置: 首页 > news >正文

ansible docekr 实例

news 2026/3/31 20:54:17

ansible docekr 实例

目录结构

hosts
deployment- docker.yml
roles- docker- tasks-main.yml- templater- files

vim hosts

[docker]
192.168.106.130 hostname=rocky90-106-130
[timesyncclient]
192.168.106.130 hostname=rocky90-106-130
[aliyuan]
192.168.106.130 hostname=rocky90-106-130
[init]
192.168.106.130 hostname=rocky90-106-130[all:vars]
ansible_ssh_user=root
ansible_ssh_pass=kc@123456
ansible_ssh_port=22

deployment/docker.yml

---
- hosts: dockersudo: yesroles: - ../roles/docker

vim roles/docker/tasks/main.yml

mkdir -p roles/docker/{tasks,templater,files}
vim roles/docker/tasks/main.yml
##################################################################################
---
### 安装并配置 docker 服务 ############################## to centos7 or rockylinux9 ############################
# 安装docker-ce依赖包
- name: Cenots7.x_Rocky9.x_install_docker_dependpackage:name:- yum-utils- device-mapper-persistent-data- lvm2state: presentwhen: ansible_os_family == 'RedHat'
# 添加 docker GPG KEY 阿里源docker的gpg key
- name: Add_Docker_GPG_keyyum_key:url: https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpgstate: presentwhen: ansible_os_family == 'RedHat'
# 配置 阿里源 docker安装源 
- name: Cenots7.x_Rocky9.x_install_docker_repocopy: src=docker-ce.repo_centos7_and_rocky9  dest=/etc/yum.repos.d/docker-ce.repo mode=0755when: ansible_os_family == 'RedHat'
# 更新源 centos7.x
- name: Cenots7.x_update_yum_cacheshell: "yum makecache fast"when: ansible_distribution=="CentOS"
# 更新源 rocky9.x
- name: Rocky9.x_update_dnf_cacheshell: "dnf makecache"when: ansible_distribution=="Rocky"
# 安装docker-ce  centos7.x package参数通用相当于(apt、yum、dnf、zypper 等)
- name: Cenots7.x_Rocky9.x_install_docker_servicepackage:name: docker-cestate: presentwhen: ansible_os_family == 'RedHat'# 重启 docker 服务并开机启动
- name: Cenots7.x_Rocky9.x_restart_docker_serviceservice:name: dockerstate: restartedenabled: yeswhen: ansible_os_family == 'RedHat'
# 添加 docker 配置文件 为了限制log大小/指定内网仓库/使用GPU/加速源
- name: Cenots7.x_Rocky9.x_add_docker_conf_cputemplate: src=daemon.json-cpu.j2  dest=/etc/docker/daemon.jsonwhen: ansible_os_family == 'RedHat'
#- name: Cenots7.x_Rocky9.x_add_docker_conf_gpu
#  template: src=daemon.json-gpu.j2   dest=/etc/docker/daemon.json
#  when: ansible_distribution=="CentOS" or ansible_distribution=="Rocky"
# 重启 docker 服务 加载daemon.json
- name: Cenots7.x_Rocky9.x_restart_docker_load_daemon.jsonservice:name: dockerstate: restartedwhen: ansible_os_family == 'RedHat'
############################## to ubuntu server ##############################
# 安装 docker-ce 依赖
- name: Ubuntu_install_docker_dependshell: "apt -y install apt-transport-https ca-certificates curl software-properties-common"when: ansible_distribution=="Ubuntu"
# 添加 docker 源GPG证书
- name: Ubuntu_add_docker_yuan_gpgshell: "curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -"when: ansible_distribution=="Ubuntu"
# 写入docker源信息
- name: Ubuntu_add_docker-ce_yuan_listshell: 'add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"'when: ansible_distribution=="Ubuntu"
# 删除锁文件
- name: Ubuntu_delete_lock_filesfile:path: "{{ item }}"state: absentloop:- /var/lib/dpkg/lock- /var/lib/apt/lists/lock- /var/cache/apt/archives/lockwhen: ansible_distribution=="Ubuntu"
# 强制更新软件源
- name: Ubuntu_apt_updateapt:update_cache: yes force: yes when: ansible_distribution=="Ubuntu"
# 安装docker服务
- name: Ubuntu_install_docker-ceapt:name: docker-cestate: present when: ansible_distribution=="Ubuntu"
# 重启docker并开机启动
- name: Ubuntu_restart_dockersystemd:name: dockerstate: restartedenabled: yeswhen: ansible_distribution=="Ubuntu"
# 添加 docker 配置文件 为了限制log大小/指定内网仓库/使用GPU/加速源
- name: Ubuntu_add_docker_conf_cputemplate: src=daemon.json-cpu.j2  dest=/etc/docker/daemon.jsonwhen: ansible_distribution=="Ubuntu"
#- name: Ubuntu_add_docker_conf_gpu
#  template: src=daemon.json-gpu.j2  dest=/etc/docker/daemon.json
#  when: ansible_distribution=="Ubuntu"
# 重启docker 加载daemon.json
- name: Ubuntu_restart_docker_load_daemon.jsonsystemd:name: dockerstate: restartedwhen: ansible_distribution=="Ubuntu"

docker-ce.repo_centos7_and_rocky9

curl -o \
roles/docker/files/docker-ce.repo_centos7_and_rocky9 \
https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

vim roles/docker/templates/daemon.json-cpu.j2 加速 仓库 日志大小

{"registry-mirrors": ["https://sjpo25jn.mirror.aliyuncs.com","http://hub-mirror.c.163.com","https://docker.mirrors.ustc.edu.cn","https://registry.docker-cn.com"],"insecure-registries": ["{{ docker_pricate_registry }}"],"log-driver": "json-file","log-opts": {"max-size": "25m", "max-file": "2"}
}

vim roles/docker/templates/daemon.json-gpu.j2

{"registry-mirrors": ["https://sjpo25jn.mirror.aliyuncs.com","http://hub-mirror.c.163.com","https://docker.mirrors.ustc.edu.cn","https://registry.docker-cn.com"],"insecure-registries": ["{{ docker_pricate_registry }}"],"log-driver": "json-file","log-opts": {"max-size": "25m", "max-file": "2"},"default-runtime": "nvidia","runtimes": {"nvidia": {"path": "/usr/bin/nvidia-container-runtime","runtimeArgs": []}},
}

执行命令

ansible-playbook -i hosts deployment/docker.yml