marcus/ansible_role_containerhost
1
0
Fork 0
Code Releases 7 Activity
Ansible role to configure a container host.
59 commits 2 branches 7 tags 105 KiB
Find a file
Exact
marcus e8c9d8220d Merge pull request 'release/v0.4.0' (#40) from release/v0.4.0 into main 
Reviewed-on: https://code.m4rcu5.lan/marcus/ansible_role_containerhost/pulls/40
2026-02-11 00:39:35 +01:00
defaults fix(swarm): default unnamed swarm 2026-02-03 03:15:56 +01:00
handlers feature/configure_insecure_registries (#24) 2024-12-18 03:42:34 +01:00
meta chore(role): rename to containerhost 2025-11-26 00:14:00 +01:00
tasks fix(swarm): avoid None length checks 2026-02-10 23:43:49 +01:00
templates Version 0.0.1 (#1) 2023-09-23 01:31:51 +02:00
vars feat(swarm): add docker swarm support 2026-02-03 01:00:50 +01:00
.gitignore Ignore .vscode folder. 2023-08-25 01:02:47 +02:00
AGENTS.md chore(vars): prefix internal vars 2025-12-28 22:10:56 +01:00
CHANGELOG.md chore(release): finalize the release 2026-02-11 00:37:56 +01:00
README.md refactor(swarm): simplify labels and tagging 2026-02-03 02:51:56 +01:00

README.md

WARNING: Before the release of version 1.0.0, backwards compatibility is not a thing! This means that the role's API may change between releases. If you want to use this role in a production environment, please lock the role to a specific version or commit.

Containerhost

This role installs and configures either Docker or Podman on a host. Not much more to it, really. Docker wil be installed largely following the official installation guide, while Podman will be installed from the distro's repository.

Dependencies

None, really. The role will install dependencies needed for any of the modules in the community.docker collection it uses.

Requirements

On RHEL based systems, the EPEL repository must be enabled for the role to work properly. This is because some of the packages required to not make me a liar in the Dependencies section are only available in EPEL.

Role variables

Variable Description Type Default
containerhost_runtime The container runtime to install/use. (either docker or podman) (required) string null
containerhost_docker_plugins This enables you to install Docker plugins like the Loki logging driver, for example. list[dict] []
containerhost_docker_daemon_options This enables you to configure options like insecure registries, log level, etc. for the Docker daemon. dict {}
containerhost_docker_registries This enables you to configure private CA certs for registries that require them. list[dict] []
containerhost_docker_swarms Define one or more Docker Swarms and the inventory groups that map to managers/workers/nodes. list[dict] []
containerhost_docker_swarm_node_labels Swarm node labels (per-host mapping or host_vars labels). dict {}

Note: A single Docker daemon can only participate in one swarm at a time, so ensure each host is only a member of one swarm group across your inventory.

Tags

The following tags are available to fine tune the execution of this role:

Tag Description
containerhost Covers the entire role.
containerhost:install Covers installation tasks.
containerhost:configure Covers configuration tasks.
containerhost:configure:swarm Covers Docker Swarm configuration tasks.

Examples

A selfcontaining Playbook:

- name: Prepare container hosts.
  hosts: container_hosts
  gather_facts: false

  roles:
    - role: "containerhost"
      become: true
      containerhost_runtime: "docker"
      containerhost_docker_plugins:
        - name: "grafana/loki-docker-driver:3.3.2-amd64"
          alias: "loki"
          state: "enable"
      containerhost_docker_daemon_options:
        insecure-registries:
          - "10.133.7.69:5000"
        log-driver: "json-file"
        log-opts:
          max-size: "10m"
          max-file: "3"

  tasks:
    ...

Docker Swarm (single swarm)

- name: Configure Docker Swarm nodes
  hosts: swarm_node
  gather_facts: true

  roles:
    - role: "containerhost"
      become: true
      containerhost_runtime: "docker"
      containerhost_docker_swarms:
        - name: "lan"
          manager_group: "swarm_manager"
          worker_group: "swarm_worker"
          node_group: "swarm_node"
      containerhost_docker_swarm_node_labels:
        manager01:
          zone: "lan"
          role: "manager"
        worker01:
          zone: "lan"

Docker Swarm (host_vars labels)

- name: Configure Docker Swarm nodes
  hosts: swarm_node
  gather_facts: true

  roles:
    - role: "containerhost"
      become: true
      containerhost_runtime: "docker"
      containerhost_docker_swarms:
        - name: "lan"
          manager_group: "swarm_manager"
          worker_group: "swarm_worker"
          node_group: "swarm_node"
      containerhost_docker_swarm_node_labels:
        ingress_http: "true"

Docker Swarm (multiple swarms)

- name: Configure Docker Swarm nodes
  hosts: swarm_node:dmz_swarm_node
  gather_facts: true

  roles:
    - role: "containerhost"
      become: true
      containerhost_runtime: "docker"
      containerhost_docker_swarms:
        - name: "lan"
          manager_group: "swarm_manager"
          worker_group: "swarm_worker"
          node_group: "swarm_node"
        - name: "dmz"
          manager_group: "dmz_swarm_manager"
          worker_group: "dmz_swarm_worker"
          node_group: "dmz_swarm_node"
      containerhost_docker_swarm_node_labels:
        manager01:
          zone: "lan"
        worker01:
          zone: "lan"
        dmz-manager01:
          zone: "dmz"
        dmz-worker01:
          zone: "dmz"