- Aug 17, 2020 For this guide, we will install Docker Community Edition (CE). Prerequisites: A installation of Ubuntu 20.04 server. A user with privileges to run sudo command. Installing Docker on Ubuntu 20.04. To use the latest version of Docker, we will install it from the official Docker repository.
- Many users of this role wish to also use Ansible to then build Docker images and manage Docker containers on the server where Docker is installed. In this case, you can easily add in the docker Python library using the geerlingguy.pip role.
Sep 08, 2020 Ansible is a popular automation tool used by sysadmins and developers to keep their computer systems in prime condition. As is often the case with extensible frameworks, Ansible has limited use on its own, with its real power dwelling in its many modules. Ansible modules are, in a way, what commands are to a Linux computer. They provide solutions to specific problems, and one common task when. If you're attempting to migrate an older Docker-based AWX installation, see: Migrating Data from Local Docker The AWX Operator Starting in version 18.0, the AWX Operator is the preferred way to install AWX.
Ansible Tower (formerly ‘AWX’) is a web-based solution that makes Ansible even more easy to use for IT teams of all kinds. It’s designed to be the hub for all of your automation tasks.
Tower allows you to control access to who can access what, even allowing sharing of SSH credentials without someone being able to transfer those credentials. Inventory can be graphically managed or synced with a wide variety of cloud sources. It logs all of your jobs, integrates well with LDAP, and has an amazing browsable REST API. Command line tools are available for easy integration with Jenkins as well. Provisioning callbacks provide great support for autoscaling topologies.
AWX provides a web-based user interface, REST API, and task engine built on top of Ansible. It is the upstream project for Tower, a commercial derivative of AWX.
Prerequisites
Before you can run a deployment, you’ll need the following installed in your local environment:
- Ansible Requires Version 2.8+
- Docker
- A recent version
- docker Python module
- This is incompatible with
docker-py. If you have previously installeddocker-py, please uninstall it. - We use this module instead of
docker-pybecause it is what thedocker-composePython module requires.
- This is incompatible with
- Git Requires Version 1.8.4+
- Python 3.6+
- Node 10.x LTS version
- This is only required if you’re building your own container images with
use_container_for_build=false
- This is only required if you’re building your own container images with
- NPM 6.x LTS
- This is only required if you’re building your own container images with
use_container_for_build=false
- This is only required if you’re building your own container images with
System Requirements
The system that runs the AWX service will need to satisfy the following requirements
- At least 4GB of memory
- At least 2 cpu cores
- At least 20GB of space
- Running Docker, Openshift, or Kubernetes
- If you choose to use an external PostgreSQL database, please note that the minimum version is 10+.
Installation steps:
1. Install Dependencies
yum install -y epel-release
yum remove python-docker-py
yum install -y yum-utils device-mapper-persistent-data lvm2 ansible git python-devel python-pip python-docker-py vim-enhanced
pip install cryptography
pip install jsonschema
pip install docker-compose~=1.23.0
pip install docker –upgrade
2. Install docker
Configure docker ce stable repository.
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
Installing docker.
yum install docker-ce -y
Start docker service.
systemctl start docker
Enable docker service.
systemctl enable docker
3. Deploy AWX
Clone AWX repo
git clone https://github.com/ansible/awx.git
Clone commercial logos
cd awx/
git clone https://github.com/ansible/awx-logos.git
Configure AWX
cd installer/
$ vim inventory
awx_official=true
Deploy AWX
ansible-playbook -i inventory install.yml -vv
Check the status
docker ps -a
AWX is ready and can be accessed from the browser.
http://ipaddress:80/
the default username is “admin” and the password is “password”.
Final checks:
- verify whether the service is started or not with
ss -tlnp | grep 80 - make sure your firewall is open for port 80
- make sure your OS is using python 3.6+ and pip3
https://github.com/ansible/awx/blob/devel/INSTALL.md
The community.docker collection offers several modules and plugins for orchestrating Docker containers and Docker Swarm.
Most of the modules and plugins in community.docker require the Docker SDK for Python. The SDK needs to be installed on the machines where the modules and plugins are executed, and for the Python version(s) with which the modules and plugins are executed. You can use the community.general.python_requirements_info module to make sure that the Docker SDK for Python is installed on the correct machine and for the Python version used by Ansible.
Note that plugins (inventory plugins and connection plugins) are always executed in the context of Ansible itself. If you use a plugin that requires the Docker SDK for Python, you need to install it on the machine running ansible or ansible-playbook and for the same Python interpreter used by Ansible. To see which Python is used, run ansible--version.
You can install the Docker SDK for Python for Python 2.7 or Python 3 as follows:
For Python 2.6, you need a version before 2.0. For these versions, the SDK was called docker-py, so you need to install it as follows:
Please install only one of docker or docker-py. Installing both will result in a broken installation. If this happens, Ansible will detect it and inform you about it. If that happens, you must uninstall both and reinstall the correct version.
If in doubt, always install docker and never docker-py.
You can connect to a local or remote API using parameters passed to each task or by setting environment variables. The order of precedence is command line parameters and then environment variables. If neither a command line option nor an environment variable is found, Ansible uses the default value provided under Parameters.
Parameters¶
Most plugins and modules can be configured by the following parameters:
The URL or Unix socket path used to connect to the Docker API. Defaults to unix://var/run/docker.sock. To connect to a remote host, provide the TCP connection string (for example: tcp://192.0.2.23:2376). If TLS is used to encrypt the connection to the API, then the module will automatically replace ‘tcp’ in the connection URL with ‘https’.
The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported by the Docker SDK for Python installed.
The maximum amount of time in seconds to wait on a response from the API. Defaults to 60 seconds.
Secure the connection to the API by using TLS without verifying the authenticity of the Docker host server. Defaults to false.
Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server. Default is false.
Use a CA certificate when performing server verification by providing the path to a CA certificate file.
Path to the client’s TLS certificate file.
Path to the client’s TLS key file.
When verifying the authenticity of the Docker Host server, provide the expected name of the server. Defaults to localhost.
Provide a valid SSL version number. The default value is determined by the Docker SDK for Python.
Environment variables¶
You can also control how the plugins and modules connect to the Docker API by setting the following environment variables.
For plugins, they have to be set for the environment Ansible itself runs in. For modules, they have to be set for the environment the modules are executed in. For modules running on remote machines, the environment variables have to be set on that machine for the user used to execute the modules with.
The URL or Unix socket path used to connect to the Docker API.
The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supportedby docker-py.
The maximum amount of time in seconds to wait on a response from the API.
Path to the directory containing the client certificate, client key and CA certificate.
Provide a valid SSL version number.
Secure the connection to the API by using TLS without verifying the authenticity of the Docker Host.
Secure the connection to the API by using TLS and verify the authenticity of the Docker Host.
For working with a plain Docker daemon, that is without Swarm, there are connection plugins, an inventory plugin, and several modules available:
The community.docker.docker connection plugin uses the Docker CLI utility to connect to Docker containers and execute modules in them. It essentially wraps dockerexec and dockercp. This connection plugin is supported by the ansible.posix.synchronize module.
The community.docker.docker_api connection plugin talks directly to the Docker daemon to connect to Docker containers and execute modules in them.
The community.docker.docker_containers inventory plugin allows you to dynamically add Docker containers from a Docker Daemon to your Ansible inventory. See Working with dynamic inventory for details on dynamic inventories.
The docker inventory script is deprecated. Please use the inventory plugin instead. The inventory plugin has several compatibility options. If you need to collect Docker containers from multiple Docker daemons, you need to add every Docker daemon as an individual inventory source.
The community.docker.docker_host_info module allows you to retrieve information on a Docker daemon, such as all containers, images, volumes, networks and so on.
The community.docker.docker_login module allows you to log in and out of a remote registry, such as Docker Hub or a private registry. It provides similar functionality to the dockerlogin and dockerlogout CLI commands.
The community.docker.docker_prune module allows you to prune no longer needed containers, images, volumes and so on. It provides similar functionality to the dockerprune CLI command.
The community.docker.docker_image module provides full control over images, including: build, pull, push, tag and remove.
The community.docker.docker_image_info module allows you to list and inspect images.
The community.docker.docker_network module provides full control over Docker networks.
The community.docker.docker_network_info module allows you to inspect Docker networks.
The community.docker.docker_volume_info module provides full control over Docker volumes.
The community.docker.docker_volume module allows you to inspect Docker volumes.
The community.docker.docker_container module manages the container lifecycle by providing the ability to create, update, stop, start and destroy a Docker container.
The community.docker.docker_container_info module allows you to inspect a Docker container.
The community.docker.docker_compose moduleallows you to use your existing Docker compose files to orchestrate containers on a single Docker daemon or on Swarm.Supports compose versions 1 and 2.
Docker Install Linux
Next to Docker SDK for Python, you need to install docker-compose on the remote machines to use the module.
The community.docker.docker_machine inventory plugin allows you to dynamically add Docker Machine hosts to your Ansible inventory.
The community.docker.docker_stack module module allows you to control Docker stacks. Information on stacks can be retrieved by the community.docker.docker_stack_info module, and information on stack tasks can be retrieved by the community.docker.docker_stack_task_info module.
The community.docker collection provides multiple plugins and modules for managing Docker Swarms.
Swarm management¶
One inventory plugin and several modules are provided to manage Docker Swarms:
The community.docker.docker_swarm inventory plugin allows you to dynamically add all Docker Swarm nodes to your Ansible inventory.
The community.docker.docker_swarm module allows you to globally configure Docker Swarm manager nodes to join and leave swarms, and to change the Docker Swarm configuration.
Ansible Install Docker-compose
The community.docker.docker_swarm_info module allows you to retrieve information on Docker Swarm.
The community.docker.docker_node module allows you to manage Docker Swarm nodes.
Ansible Yum Install Docker
The community.docker.docker_node_info module allows you to retrieve information on Docker Swarm nodes.
Configuration management¶
The community.docker collection offers modules to manage Docker Swarm configurations and secrets:
The community.docker.docker_config module allows you to create and modify Docker Swarm configs.
The community.docker.docker_secret module allows you to create and modify Docker Swarm secrets.
Swarm services¶
Docker Swarm services can be created and updated with the community.docker.docker_swarm_service module, and information on them can be queried by the community.docker.docker_swarm_service_info module.
Still using Dockerfile to build images? Check out ansible-bender, and start building images from your Ansible playbooks.
Use Ansible Operator to launch your docker-compose file on OpenShift. Go from an app on your laptop to a fully scalable app in the cloud with Kubernetes in just a few moments.