The full Ansible playbook is available but I’m going to breakdown what went in to it. The file is designed so that you can drop it on to a box as a fresh root user and it will handle everything for you.
I’m not coordinating multiple machines so the script will be run locally on the box you want to configure using the default localhost configuration:
I’ve configured the playbook to prompt for a password to use with for the docker user since there is no secretes management tool. That could be a nice to have but would be overkill for such a simple demo application.
First we need a non root user to run the containers with. Instead of running these commands:
We can use the user module:
The docker user will also be added to the render and video groups to enable access to hardware transcoding.
The Docker documentation recommends the following installation process:
This involves installing some dependencies, adding a key and a new repository to the package manager and installing docker. Ansible has built in support for many of these operations which simplifies tasks.
The apt module allows us to install dependencies. By using “update_cache: yes” we can skip having a separate update step:
The apt_key module lets us pull in a new key from a URL:
The apt_repository module lets us add a new repository. Since I specified “gather_facts: yes” at the start of the playbook Ansible collected information about the machine before it started. This includes a “ansible_distribution_release” value that lets us use the correct repository for our Debian release:
Then we can install Docker from the new repository:
Finally instead having to do this to enable the docker service to run on startup:
The systemd module can be used instead:
Install Docker Compose
The Docker Compose documentation recommends the following installation process:
This pulls a binary from Github, saves the binary under /usr/local/bin and sets the appropriate permissions for it.
The get_url module lets us fetch the binary off of GitHub. We use “ansible_system” and “ansible_architecture” from the gathered facts to generate the URL as opposed to uname. As a part of getting the binary we can set the mode to 755 for the docker user to avoid doing this in a second step. Also as per the docs “You must either add a leading zero so that Ansible’s YAML parser knows it is an octal number (like 0644 or 01777) or quote it (like ‘644’ or ‘1777’) so Ansible receives a string and can do its own conversion from string into number.”
Running the Playbook
At this point you can curl the playbook to a fresh Debian machine and run the following:
Now you will have Docker and Docker Compose ready to use on your machine.