Ansible - Docker with Portainer on Ubuntu server installation
It’s another Ansible tutorial serving as a notes on my ansible journey. Must say that having own and custom ansible playbooks is a great background for high quality and repeatable installations. To create a complete playbook, like this one, one has to test a ‘full run’ a several times. To do it I’m using VirtualBox with fresh Ubuntu LTS server installation and after each ansible playbook run I can restore back an initial snapshot. That’s a very quick way how to go back to fresh Linux installation.
Prerequisites:
- Ubuntu server installed somewhere
- OpenSSH running in Ubuntu server installation, so we can connect and use ansible
- ansible installed and running on our client
Steps we have to do using Ansible
- install required Ubuntu server packages
- install Docker and DockerCompose
- install Portainer
- do a proper firewall setup
To run this playbook using sudo just simply call this (assumes we have ‘hosts’ available):
ansible-playbook docker.yml -i ./hosts --ask-pass --ask-become-pass
When running ansible-playbook command we are asked to enter the password for our admin user. become: true assures we are running in sudo environment.
# docker.yml
- hosts: ubuntu
user: admin
become: yes
vars:
docker_compose_version: "1.28.5"
tasks:
# UPGRADE AND INSTALL REQUIRED UBUNTU PACKAGES
- name: Update apt cache
apt: update_cache=yes cache_valid_time=3600
- name: Upgrade all apt packages
apt: upgrade=dist
- name: Install dependencies
apt:
name: "{{ packages }}"
state: present
update_cache: yes
vars:
packages:
- apt-transport-https
- ca-certificates
- curl
- software-properties-common
- gnupg-agent
# DOCKER INSTALLATION
- name: Add an apt signing key for Docker
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
state: present
- name: Add apt repository for stable version
apt_repository:
repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable
state: present
- name: Install Docker
apt:
name: "{{ packages }}"
state: present
update_cache: yes
vars:
packages:
- docker-ce
- docker-ce-cli
- containerd.io
- name: Add user to docker group
user:
name: "{{ansible_user}}"
group: docker
- name: Download docker-compose {{ docker_compose_version }}
get_url:
url: https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64
dest: ~/docker-compose
mode: "+x"
- name: Check docker-compose exists
stat: path=~/docker-compose
register: docker_compose
- name: Move docker-compose to /usr/local/bin/docker-compose
command: mv ~/docker-compose /usr/local/bin/docker-compose
when: docker_compose.stat.exists
# REQUIRED PACKAGES FOR USING ANSIBLE DOCKER (for portainer installation below)
- name: Install related Ubuntu packages
apt:
name: "{{ packages }}"
state: latest
vars:
packages:
- python3-pip
- mc
- name: Install python packages
pip:
name: docker
# https://docs.ansible.com/ansible/latest/collections/community/docker/docker_container_module.html#ansible-collections-community-docker-docker-container-module
- name: Create portainer container
docker_container:
name: portainer
image: portainer/portainer-ce
state: started
recreate: yes
restart_policy: always
published_ports:
- "8000:8000"
- "9000:9000"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- portainer_data:/data
# FIREWALL SETUP
- name: Open Portainer port
ufw:
state: enabled
rule: allow
port: "9000"
proto: tcp
- name: Open SSH port
ufw:
state: enabled
rule: allow
port: "22"
proto: tcp