AnsibleShipyard · ludovicc · Aug 17, 2015 · Aug 19, 2015 · Aug 19, 2015 · Aug 19, 2015
diff --git a/.gitignore b/.gitignore
@@ -1,2 +1 @@
-.vagrant
-
+.vagrant/
diff --git a/Vagrantfile b/Vagrantfile
@@ -11,7 +11,7 @@ Vagrant.configure("2") do |config|
     c.vm.box = "precise-server-cloudimg-amd64-vagrant-disk1"
     c.vm.box_url = "https://cloud-images.ubuntu.com/vagrant/precise/current/precise-server-cloudimg-amd64-vagrant-disk1.box"
     c.vm.provision "shell" do |s|
-      s.inline = "apt-get update -y; apt-get install python-software-properties; add-apt-repository ppa:rquillo/ansible; apt-get update -y; apt-get install ansible -y"
+      s.inline = "apt-get update -y; apt-get install python-software-properties; add-apt-repository ppa:rquillo/ansible; apt-get update -y; apt-get install ansible -y; cd /home/vagrant/roles/ansible-docker/tests; ansible-playbook -i inventory playbook.yml"
       s.privileged = true
     end
   end
@@ -22,7 +22,7 @@ Vagrant.configure("2") do |config|
     c.vm.box = "trusty-server-cloudimg-amd64-vagrant-disk1"
     c.vm.box_url = "https://cloud-images.ubuntu.com/vagrant/trusty/current/trusty-server-cloudimg-amd64-vagrant-disk1.box"
     c.vm.provision "shell" do |s|
-      s.inline = "apt-get update -y; apt-get install -y software-properties-common; apt-add-repository ppa:ansible/ansible; apt-get update -y; apt-get install -y ansible"
+      s.inline = "apt-get update -y; apt-get install -y software-properties-common; apt-add-repository ppa:ansible/ansible; apt-get update -y; apt-get install -y ansible; cd /home/vagrant/roles/ansible-docker/tests; ansible-playbook -i inventory playbook.yml"
       s.privileged = true
     end
   end
@@ -32,7 +32,7 @@ Vagrant.configure("2") do |config|
     c.vm.network "private_network", ip: "192.168.100.5"
     c.vm.box = "centos/7"
     c.vm.provision "shell" do |s|
-      s.inline = "yum install -y epel-release; yum install -y ansible"
+      s.inline = "yum install -y epel-release; yum install -y ansible; cd /home/vagrant/roles/ansible-docker/tests; ansible-playbook -i inventory playbook.yml"
       s.privileged = true
     end
   end

diff --git a/ci/playbook.yml b/ci/playbook.yml
@@ -5,7 +5,7 @@
 
 - hosts: localhost
   connection: local
-  sudo: yes
+  become: yes
 
   roles:
     - {role: ../../}

diff --git a/ci/tests.yml b/ci/tests.yml
@@ -2,10 +2,15 @@
 
 - hosts: localhost
   connection: local
-  sudo: yes
+  become: yes
   gather_facts: false
-  
+
   tasks:
-    - command: docker run hello-world
+    - name: Wait for Docker to be up
+      wait_for: path=/var/run/docker.sock state=started delay=3 timeout=5
+
+    - name: Test that Docker can run hello-world
+      command: docker run --rm hello-world
       register: status
       failed_when: status.rc != 0
+      changed_when: false
diff --git a/handlers/main.yml b/handlers/main.yml
@@ -1,3 +1,19 @@
 ---
-- name: Restart Docker
-  service: name=docker state=restarted enabled=yes sleep=5
+- name: restart docker
+  become: yes
+  service:
+    name: docker
+    state: restarted
+    sleep: 5
+
+- name: restart rsyslog
+  become: yes
+  service:
+    name: rsyslog
+    state: restarted
+
+- name: reload docker
+  become: yes
+  command: systemctl daemon-reload
+  notify:
+    - restart docker
diff --git a/tasks/Debian.yml b/tasks/Debian.yml
@@ -1,15 +1,24 @@
 ---
 - name: Add specific key
   apt_key: id={{docker_repo_key}} keyserver=keyserver.ubuntu.com state=present
+  register: apt_key_status
 
 - name: Install https apt transport package
-  apt: pkg=apt-transport-https state=present update_cache=yes
+  apt: pkg=apt-transport-https state=present update_cache={{ apt_key_status|changed }}
 
 - name: Add docker repo
-  apt_repository: repo='deb {{ docker_repo }} docker main' state=present
+  apt_repository:
+    repo: "deb {{ docker_repo }} {{ ansible_lsb.id | lower}}-{{ ansible_lsb.codename | lower }} main"
+    state: present
 
-- name: Install lxc-docker package
-  apt: pkg=lxc-docker state=present update_cache=yes
+- name: Install docker-engine package
+  apt:
+    pkg: "{{item}}"
+    state: present
+    update_cache: yes
+    cache_valid_time: 600
+  with_items:
+    - "docker-engine={{ docker_version }}-{{ docker_package_version }}~{{ ansible_lsb.id | lower }}-{{ ansible_lsb.codename | lower }}"
 
 # consider separate role here
 - name: Change ufw forward policy to ACCEPT

diff --git a/tasks/RedHat.yml b/tasks/RedHat.yml
@@ -1,7 +1,7 @@
 
 - name: Install Docker Repository
   template: src=docker-repo.j2 dest=/etc/yum.repos.d/docker.repo
- 
+
 - name: Install Docker Engine
   yum: name=docker-engine state=present
 
diff --git a/tasks/init.yml b/tasks/init.yml
@@ -1,33 +1,97 @@
 
+- name: create rsyslog.d
+  become: yes
+  file:
+    dest: /etc/rsyslog.d
+    state: directory
+  tags:
+    - docker
+    - bootstrap
+
+- name: create docker entry for syslogd
+  become: yes
+  copy:
+    dest: /etc/rsyslog.d/10-docker.conf
+    content: |
+      # Docker logging
+      :syslogtag, isequal, "docker:"  /var/log/docker/docker.log
+      & ~
+  notify:
+    - restart rsyslog
+  tags:
+    - docker
+    - bootstrap
+
 - name: Check if /etc/init exists
   stat: path=/etc/init/
   register: etc_init
 
+- name: Check if systemd exists
+  stat: path=/bin/systemctl
+  register: systemd_check
+
 - name: Docker upstart default config file
   template: src=docker-defaults.j2 dest=/etc/default/docker
-  when: etc_init.stat.exists == true
-  notify: 
-    - Restart Docker
+  when: etc_init.stat.exists == true and systemd_check.stat.exists == false
+  notify:
+    - restart docker
 
 - name: Docker init file
   template: src=docker-init.j2 dest=/etc/init/docker.conf
-  when: etc_init.stat.exists == true
-  notify: 
-    - Restart Docker
+  when: etc_init.stat.exists == true and systemd_check.stat.exists == false
+  notify:
+    - restart docker
 
-- name: Check if systemd exists
-  stat: path=/usr/lib/systemd/system/
-  register: systemd_check
+- name: create /etc/sysconfig
+  become: yes
+  file:
+    dest: /etc/sysconfig
+    state: directory
+  tags:
+    - docker
 
 - name: Docker systemd default config file
   template: src=docker-sysconfig.j2 dest=/etc/sysconfig/docker
   when: systemd_check.stat.exists == true
-  notify: 
-    - Restart Docker
-  
+  notify:
+    - restart docker
+
 - name: Docker systemd file
   template: src=docker-service.j2 dest=/lib/systemd/system/docker.service backup=yes
   when: systemd_check.stat.exists == true
-  notify: 
-    - Restart Docker
+  notify:
+    - reload docker
+    - restart docker
+
+- name: create docker.system.d
+  become: yes
+  file:
+    dest: /etc/systemd/system/docker.service.d
+    state: directory
+  tags:
+    - docker
+
+- name: create local docker service override
+  become: yes
+  copy:
+    dest: /etc/systemd/system/docker.service.d/local.conf
+    content: |
+      [Service]
+      EnvironmentFile=-/etc/sysconfig/docker
+      ExecStart=
+      ExecStart=/usr/bin/docker daemon -H fd:// $other_arg
+  when: systemd_check.stat.exists == true
+  notify:
+    - reload docker
+  tags:
+    - docker
 
+- name: enable docker
+  become: yes
+  service:
+    name: docker
+    enabled: yes
+    state: started
+  tags:
+    - docker
+    - bootstrap # needed to install Docker images during bootstrap
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -7,10 +7,10 @@
   when: docker_create_group
   tags:
     - config
-  
+
 - include: Debian.yml
   when: ansible_os_family == "Debian"
-  
+
 - include: RedHat.yml
   when: ansible_os_family == "RedHat"
 

diff --git a/templates/docker-defaults.j2 b/templates/docker-defaults.j2
@@ -1,3 +1,4 @@
 # Generated by Ansible for {{ansible_fqdn}}
 
-DOCKER_OPTS={{docker_opts}}
+DOCKER_OPTS="{{docker_opts}}"
+
diff --git a/templates/docker-init.j2 b/templates/docker-init.j2
@@ -1,12 +1,62 @@
 # Generated by Ansible for {{ansible_fqdn}}
+
 description "Docker daemon"
 
-start on filesystem
+start on (filesystem and net-device-up IFACE!=lo)
 stop on runlevel [!2345]
+limit nofile 524288 1048576
+limit nproc 524288 1048576
 
 respawn
 
+kill timeout 20
+
+pre-start script
+	# see also https://github.com/tianon/cgroupfs-mount/blob/master/cgroupfs-mount
+	if grep -v '^#' /etc/fstab | grep -q cgroup \
+		|| [ ! -e /proc/cgroups ] \
+		|| [ ! -d /sys/fs/cgroup ]; then
+		exit 0
+	fi
+	if ! mountpoint -q /sys/fs/cgroup; then
+		mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup
+	fi
+	(
+		cd /sys/fs/cgroup
+		for sys in $(awk '!/^#/ { if ($4 == 1) print $1 }' /proc/cgroups); do
+			mkdir -p $sys
+			if ! mountpoint -q $sys; then
+				if ! mount -n -t cgroup -o $sys cgroup $sys; then
+					rmdir $sys || true
+				fi
+			fi
+		done
+	)
+end script
+
 script
-  [ ! -f /etc/default/docker ] || . /etc/default/docker
-  /usr/bin/docker -d $DOCKER_OPTS
+	# modify these in /etc/default/$UPSTART_JOB (/etc/default/docker)
+	DOCKER=/usr/bin/$UPSTART_JOB
+	DOCKER_OPTS=
+	if [ -f /etc/default/$UPSTART_JOB ]; then
+		. /etc/default/$UPSTART_JOB
+	fi
+	exec "$DOCKER" daemon $DOCKER_OPTS
+end script
+
+# Don't emit "started" event until docker.sock is ready.
+# See https://github.com/docker/docker/issues/6647
+post-start script
+	DOCKER_OPTS=
+	if [ -f /etc/default/$UPSTART_JOB ]; then
+		. /etc/default/$UPSTART_JOB
+	fi
+	if ! printf "%s" "$DOCKER_OPTS" | grep -qE -e '-H|--host'; then
+		while ! [ -e /var/run/docker.sock ]; do
+			initctl status $UPSTART_JOB | grep -qE "(stop|respawn)/" && exit 1
+			echo "Waiting for /var/run/docker.sock"
+			sleep 0.1
+		done
+		echo "/var/run/docker.sock is up"
+	fi
 end script
diff --git a/templates/docker-service.j2 b/templates/docker-service.j2
@@ -9,7 +9,7 @@ Requires=docker.socket
 [Service]
 Type=notify
 EnvironmentFile=-/etc/sysconfig/docker
-ExecStart=/usr/bin/docker -d -H fd:// $OPTIONS
+ExecStart=/usr/bin/docker daemon -H fd:// $OPTIONS
 {% if docker_service_start_timeout != '' %}
 TimeoutStartSec={{ docker_service_start_timeout }}
 {% endif %}

diff --git a/templates/docker-sysconfig.j2 b/templates/docker-sysconfig.j2
@@ -1,6 +1,3 @@
 # {{ansible_managed}}
 
-OPTIONS={{docker_opts}}
-
-# CentOS 6, RHEL 6
-other_args={{docker_opts}}
+other_arg='{{docker_opts}}'
diff --git a/tests/inventory b/tests/inventory
@@ -0,0 +1,2 @@
+[local]
+localhost
diff --git a/tests/main.yml b/tests/main.yml
@@ -0,0 +1,15 @@
+---
+
+- hosts: localhost
+  connection: local
+  become: yes
+
+  tasks:
+    - name: Wait for Docker to be up
+      wait_for: path=/var/run/docker.sock state=started delay=3 timeout=5
+
+    - name: Test that Docker can run hello-world
+      command: docker run --rm hello-world
+      register: status
+      failed_when: status.rc != 0
+      changed_when: false
diff --git a/tests/playbook.yml b/tests/playbook.yml
@@ -0,0 +1,13 @@
+---
+#
+# Test Playbook
+#
+
+- hosts: localhost
+  connection: local
+  become: yes
+
+  roles:
+    - {role: ../../}
+
+- include: main.yml
diff --git a/vars/Debian.yml b/vars/Debian.yml
@@ -1,3 +1,3 @@
 # replace with gist variant
-docker_repo_key: "36A1D7869245C8950F966E92D8576A8BA88D21E9"
-docker_repo: "https://get.docker.io/ubuntu"
+docker_repo_key: "58118E89F3A912897C070ADBF76221572C52609D"
+docker_repo: "https://apt.dockerproject.org/repo"
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		[local]
Copy link Contributor ninthnails Oct 17, 2015 Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. There is already an `ci/` folder for testing, why adding this one or not removing the other ?
		localhost