Install and configure Docker Engine and Docker Compose onto Ubuntu 16.04. Then, make sure "docker run" and "docker-compose up" work.
Ubuntu 16.04環境にDockerをインストールするためのNotebook。
このNotebookによりインストールできるソフトウェアは以下の通り。
Docker Engineのインストール手順は、Get Docker CE for Ubuntu (2017/11/7時点での最新版) を参考に作成している。また、Docker Composeのインストール手順は、Install Docker Compose (2017/11/7時点での最新版) を参考に作成している。
This is a cell for your own recording. ここに経緯を記述
このNotebookで行う設定は、以下のようにする。
/mnt
(Ephemeralなパーティション) に配置するする。
docker_optsの定義方法はDAEMON CONFIGURATION FILEを参照。
docker_tmp = "/mnt/docker-tmp"
docker_base = "/mnt/docker"
docker_opts ={"data-root": docker_base, "insecure-registries": ["XXX.XXX.XXX.93:5000"]}
Inventory中のgroup名でBind対象ホスト(Docker Engineをインストールしたいホスト)を指示する。
target_group = 'test-vm'
Bind対象への疎通状態を確認する。
!ansible -m ping {target_group}
XXX.XXX.XXX.66 | SUCCESS => { "changed": false, "failed": false, "ping": "pong" }
Prerequisitesに示されているとおり、このNotebookを使ってDockerをインストールする対象のホストは、以下の条件を満たしている必要がある。
もし、このインストール手順に失敗したら、この条件を満たす状態にマシンを戻す(パッケージの削除, マシンの再プロビジョニングなど)ことで、(このNotebookによって)Dockerをインストール可能な状態に戻すことができる。
Ubuntuのバージョンにかかわらず、Docker Engineを動作させるには64bit版が必要。
!ansible -a 'uname -m' {target_group}
XXX.XXX.XXX.66 | SUCCESS | rc=0 >> x86_64
3.10未満の古いバージョンの場合はDockerの機能の一部が使えなかったり、データロストやpanicを生じる可能性がある。
そのため、以下のバージョン表示が3.10以上であることを確認しておく。
!ansible -a 'uname -r' {target_group}
XXX.XXX.XXX.66 | SUCCESS | rc=0 >> 4.4.0-97-generic
加えて、このNotebookは、Ubuntu 16.04がインストールされた環境にBindingされることを前提として実装している。
以下のコマンドの出力が Ubuntu 16.04 であることを確認する。
16.04以外のUbuntuの場合はRepositoryのURLなどを適宜読み替えること
!ansible -a 'lsb_release -a' {target_group}
XXX.XXX.XXX.66 | SUCCESS | rc=0 >> Distributor ID: Ubuntu Description: Ubuntu 16.04.3 LTS Release: 16.04 Codename: xenialNo LSB modules are available.
Ubuntu-maintainedなDocker(docker-io
パッケージ)がすでにインストールされているとファイル構成など競合するかもしれない。そのため、念のため以下のコマンドに失敗する(FAILED) ことを確認しておく。
!ansible -b -m shell -a 'dpkg -l | grep docker.io' {target_group}
XXX.XXX.XXX.66 | FAILED | rc=1 >> non-zero return code
RuntimeErrorTraceback (most recent call last) <ipython-input-7-5f7bf2dbc96e> in <module>() ----> 1 get_ipython().system(u"ansible -b -m shell -a 'dpkg -l | grep docker.io' {target_group}") /home/bit_kun/.ipython/profile_default/startup/10-custom-get_ipython_system.py in <lambda>(x) 5 6 save_get_ipython_system = get_ipython().system ----> 7 get_ipython().system = lambda x: get_ipython_system(x) 8 9 # interactiveshell.py's system_piped() function comment saids: /home/bit_kun/.ipython/profile_default/startup/10-custom-get_ipython_system.py in get_ipython_system(cmd) 13 save_get_ipython_system(cmd) 14 if get_ipython().user_ns['_exit_code'] != 0: ---> 15 raise RuntimeError('Unexpected exit code: %d' % get_ipython().user_ns['_exit_code']) RuntimeError: Unexpected exit code: 2
古いrepositoryでは lxc-docker
というパッケージ名だった時代があった・・・これがインストールされていないことも念のため確認しておく。以下のコマンドに失敗する(FAILED) ことを確認しておく。
!ansible -b -m shell -a 'dpkg -l | grep lxc-docker' {target_group}
XXX.XXX.XXX.66 | FAILED | rc=1 >> non-zero return code
RuntimeErrorTraceback (most recent call last) <ipython-input-8-8f2bddecc41a> in <module>() ----> 1 get_ipython().system(u"ansible -b -m shell -a 'dpkg -l | grep lxc-docker' {target_group}") /home/bit_kun/.ipython/profile_default/startup/10-custom-get_ipython_system.py in <lambda>(x) 5 6 save_get_ipython_system = get_ipython().system ----> 7 get_ipython().system = lambda x: get_ipython_system(x) 8 9 # interactiveshell.py's system_piped() function comment saids: /home/bit_kun/.ipython/profile_default/startup/10-custom-get_ipython_system.py in get_ipython_system(cmd) 13 save_get_ipython_system(cmd) 14 if get_ipython().user_ns['_exit_code'] != 0: ---> 15 raise RuntimeError('Unexpected exit code: %d' % get_ipython().user_ns['_exit_code']) RuntimeError: Unexpected exit code: 2
このNotebook適用時は、docker-engineのrepositoryが未登録であることを前提としている。すでにrepositoryが登録されている場合、このNotebookで指定したパッケージが適切にインストールされないかもしれない。念のため以下のコマンドの実行結果に、何もインストール候補バージョンが現れないことを確認しておく。
!ansible -b -m shell -a 'apt-get update && apt-cache policy docker-ce' {target_group}
[WARNING]: Consider using apt module rather than running apt-get XXX.XXX.XXX.66 | SUCCESS | rc=0 >> Hit:1 http://us.archive.ubuntu.com/ubuntu xenial InRelease Get:2 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB] Get:3 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB] Get:4 http://us.archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB] Get:5 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages [652 kB] Get:6 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages [381 kB] Get:7 http://us.archive.ubuntu.com/ubuntu xenial-updates/main i386 Packages [617 kB] Get:8 http://security.ubuntu.com/ubuntu xenial-security/main i386 Packages [352 kB] Get:9 http://security.ubuntu.com/ubuntu xenial-security/main Translation-en [168 kB] Get:10 http://us.archive.ubuntu.com/ubuntu xenial-updates/main Translation-en [273 kB] Get:11 http://security.ubuntu.com/ubuntu xenial-security/restricted amd64 Packages [7,472 B] Get:12 http://security.ubuntu.com/ubuntu xenial-security/restricted i386 Packages [7,472 B] Get:13 http://security.ubuntu.com/ubuntu xenial-security/restricted Translation-en [2,412 B] Get:14 http://security.ubuntu.com/ubuntu xenial-security/universe amd64 Packages [178 kB] Get:15 http://security.ubuntu.com/ubuntu xenial-security/universe i386 Packages [153 kB] Get:16 http://security.ubuntu.com/ubuntu xenial-security/universe Translation-en [94.3 kB] Get:17 http://security.ubuntu.com/ubuntu xenial-security/multiverse amd64 Packages [3,208 B] Get:18 http://security.ubuntu.com/ubuntu xenial-security/multiverse i386 Packages [3,388 B] Get:19 http://security.ubuntu.com/ubuntu xenial-security/multiverse Translation-en [1,336 B] Get:20 http://us.archive.ubuntu.com/ubuntu xenial-updates/restricted amd64 Packages [8,088 B] Get:21 http://us.archive.ubuntu.com/ubuntu xenial-updates/restricted i386 Packages [8,072 B] Get:22 http://us.archive.ubuntu.com/ubuntu xenial-updates/restricted Translation-en [2,672 B] Get:23 http://us.archive.ubuntu.com/ubuntu xenial-updates/universe amd64 Packages [543 kB] Get:24 http://us.archive.ubuntu.com/ubuntu xenial-updates/universe i386 Packages [517 kB] Get:25 http://us.archive.ubuntu.com/ubuntu xenial-updates/universe Translation-en [221 kB] Get:26 http://us.archive.ubuntu.com/ubuntu xenial-updates/multiverse amd64 Packages [16.2 kB] Get:27 http://us.archive.ubuntu.com/ubuntu xenial-updates/multiverse i386 Packages [15.3 kB] Get:28 http://us.archive.ubuntu.com/ubuntu xenial-updates/multiverse Translation-en [7,996 B] Fetched 4,540 kB in 3s (1,276 kB/s) Reading package lists... docker-ce: Installed: (none) Candidate: (none) Version table:
Bind対象にDocker Engineをインストールする。
!ansible -b -m shell -a 'apt-get update && \
apt-get install -y apt-transport-https ca-certificates curl' {target_group}
[WARNING]: Consider using apt module rather than running apt-get XXX.XXX.XXX.66 | SUCCESS | rc=0 >> Hit:1 http://us.archive.ubuntu.com/ubuntu xenial InRelease Hit:2 http://security.ubuntu.com/ubuntu xenial-security InRelease Hit:3 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease Hit:4 http://us.archive.ubuntu.com/ubuntu xenial-backports InRelease Reading package lists... Reading package lists... Building dependency tree... Reading state information... ca-certificates is already the newest version (20170717~16.04.1). ca-certificates set to manually installed. The following additional packages will be installed: libasn1-8-heimdal libcurl3-gnutls libgssapi3-heimdal libhcrypto4-heimdal libheimbase1-heimdal libheimntlm0-heimdal libhx509-5-heimdal libkrb5-26-heimdal libldap-2.4-2 libroken18-heimdal librtmp1 libsasl2-2 libsasl2-modules libsasl2-modules-db libwind0-heimdal Suggested packages: libsasl2-modules-otp libsasl2-modules-ldap libsasl2-modules-sql libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal The following NEW packages will be installed: apt-transport-https curl libasn1-8-heimdal libcurl3-gnutls libgssapi3-heimdal libhcrypto4-heimdal libheimbase1-heimdal libheimntlm0-heimdal libhx509-5-heimdal libkrb5-26-heimdal libldap-2.4-2 libroken18-heimdal librtmp1 libsasl2-2 libsasl2-modules libsasl2-modules-db libwind0-heimdal 0 upgraded, 17 newly installed, 0 to remove and 25 not upgraded. Need to get 1,473 kB of archives. After this operation, 5,133 kB of additional disk space will be used. Get:1 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libroken18-heimdal amd64 1.7~git20150920+dfsg-4ubuntu1.16.04.1 [41.4 kB] Get:2 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libasn1-8-heimdal amd64 1.7~git20150920+dfsg-4ubuntu1.16.04.1 [174 kB] Get:3 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libhcrypto4-heimdal amd64 1.7~git20150920+dfsg-4ubuntu1.16.04.1 [85.0 kB] Get:4 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libheimbase1-heimdal amd64 1.7~git20150920+dfsg-4ubuntu1.16.04.1 [29.3 kB] Get:5 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libwind0-heimdal amd64 1.7~git20150920+dfsg-4ubuntu1.16.04.1 [47.8 kB] Get:6 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libhx509-5-heimdal amd64 1.7~git20150920+dfsg-4ubuntu1.16.04.1 [107 kB] Get:7 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libkrb5-26-heimdal amd64 1.7~git20150920+dfsg-4ubuntu1.16.04.1 [202 kB] Get:8 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libheimntlm0-heimdal amd64 1.7~git20150920+dfsg-4ubuntu1.16.04.1 [15.1 kB] Get:9 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libgssapi3-heimdal amd64 1.7~git20150920+dfsg-4ubuntu1.16.04.1 [96.1 kB] Get:10 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 libsasl2-modules-db amd64 2.1.26.dfsg1-14build1 [14.5 kB] Get:11 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 libsasl2-2 amd64 2.1.26.dfsg1-14build1 [48.7 kB] Get:12 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libldap-2.4-2 amd64 2.4.42+dfsg-2ubuntu3.2 [160 kB] Get:13 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 librtmp1 amd64 2.4+20151223.gitfa8646d-1ubuntu0.1 [54.4 kB] Get:14 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libcurl3-gnutls amd64 7.47.0-1ubuntu2.4 [184 kB] Get:15 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 apt-transport-https amd64 1.2.24 [26.1 kB] Get:16 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 libsasl2-modules amd64 2.1.26.dfsg1-14build1 [47.5 kB] Get:17 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 curl amd64 7.47.0-1ubuntu2.4 [139 kB] Fetched 1,473 kB in 2s (505 kB/s) Processing triggers for libc-bin (2.23-0ubuntu9) ...
GPG keyを追加しておく。
!ansible -b -m shell \
-a 'curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -' {target_group}
[WARNING]: Consider using get_url or uri module rather than running curl XXX.XXX.XXX.66 | SUCCESS | rc=0 >> OK
以下のコマンドで現れるfingerprintが 9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88
であることを確認しておく。
!ansible -b -a 'apt-key fingerprint 0EBFCD88' {target_group}
XXX.XXX.XXX.66 | SUCCESS | rc=0 >> pub 4096R/0EBFCD88 2017-02-22 Key fingerprint = 9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88 uid Docker Release (CE deb) <docker@docker.com> sub 4096R/F273FCD8 2017-02-22
Ubuntuのバージョンに応じたrepositoryのURLを追加する。このNotebookでは 16.04(Xenial) を追加。
!ansible -b -m shell -a 'echo deb [arch=amd64] https://download.docker.com/linux/ubuntu \
xenial stable \
> /etc/apt/sources.list.d/docker.list' {target_group}
XXX.XXX.XXX.66 | SUCCESS | rc=0 >>
aptがrepositoryから情報を取得できているかの確認。
!ansible -b -m shell -a 'apt-get update && \
apt-cache policy docker-ce' {target_group}
[WARNING]: Consider using apt module rather than running apt-get XXX.XXX.XXX.66 | SUCCESS | rc=0 >> Get:1 https://download.docker.com/linux/ubuntu xenial InRelease [49.8 kB] Hit:2 http://us.archive.ubuntu.com/ubuntu xenial InRelease Hit:3 http://security.ubuntu.com/ubuntu xenial-security InRelease Get:4 https://download.docker.com/linux/ubuntu xenial/stable amd64 Packages [2,579 B] Hit:5 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease Hit:6 http://us.archive.ubuntu.com/ubuntu xenial-backports InRelease Fetched 52.4 kB in 0s (59.8 kB/s) Reading package lists... docker-ce: Installed: (none) Candidate: 17.09.0~ce-0~ubuntu Version table: 17.09.0~ce-0~ubuntu 500 500 https://download.docker.com/linux/ubuntu xenial/stable amd64 Packages 17.06.2~ce-0~ubuntu 500 500 https://download.docker.com/linux/ubuntu xenial/stable amd64 Packages 17.06.1~ce-0~ubuntu 500 500 https://download.docker.com/linux/ubuntu xenial/stable amd64 Packages 17.06.0~ce-0~ubuntu 500 500 https://download.docker.com/linux/ubuntu xenial/stable amd64 Packages 17.03.2~ce-0~ubuntu-xenial 500 500 https://download.docker.com/linux/ubuntu xenial/stable amd64 Packages 17.03.1~ce-0~ubuntu-xenial 500 500 https://download.docker.com/linux/ubuntu xenial/stable amd64 Packages 17.03.0~ce-0~ubuntu-xenial 500 500 https://download.docker.com/linux/ubuntu xenial/stable amd64 Packages
docker-ce
パッケージをインストールする。
!ansible -b -m shell -a 'apt-get update && \
apt-get install -y docker-ce' {target_group}
[WARNING]: Consider using apt module rather than running apt-get XXX.XXX.XXX.66 | SUCCESS | rc=0 >> Hit:1 https://download.docker.com/linux/ubuntu xenial InRelease Hit:2 http://us.archive.ubuntu.com/ubuntu xenial InRelease Hit:3 http://security.ubuntu.com/ubuntu xenial-security InRelease Hit:4 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease Hit:5 http://us.archive.ubuntu.com/ubuntu xenial-backports InRelease Reading package lists... Reading package lists... Building dependency tree... Reading state information... The following additional packages will be installed: apparmor aufs-tools cgroupfs-mount git git-man iptables libapparmor-perl liberror-perl libgdbm3 libltdl7 libnfnetlink0 libperl5.22 patch perl perl-modules-5.22 rename rsync xz-utils Suggested packages: apparmor-profiles apparmor-profiles-extra apparmor-docs apparmor-utils mountall git-daemon-run | git-daemon-sysvinit git-doc git-el git-email git-gui gitk gitweb git-arch git-cvs git-mediawiki git-svn ed diffutils-doc perl-doc libterm-readline-gnu-perl | libterm-readline-perl-perl make The following NEW packages will be installed: apparmor aufs-tools cgroupfs-mount docker-ce git git-man iptables libapparmor-perl liberror-perl libgdbm3 libltdl7 libnfnetlink0 libperl5.22 patch perl perl-modules-5.22 rename rsync xz-utils 0 upgraded, 19 newly installed, 0 to remove and 25 not upgraded. Need to get 32.6 MB of archives. After this operation, 170 MB of additional disk space will be used. Get:1 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 libgdbm3 amd64 1.8.3-13.1 [16.9 kB] Get:2 https://download.docker.com/linux/ubuntu xenial/stable amd64 docker-ce amd64 17.09.0~ce-0~ubuntu [21.0 MB] Get:3 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 libnfnetlink0 amd64 1.0.1-3 [13.3 kB] Get:4 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 perl-modules-5.22 all 5.22.1-9 [2,641 kB] Get:5 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 libperl5.22 amd64 5.22.1-9 [3,371 kB] Get:6 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 perl amd64 5.22.1-9 [237 kB] Get:7 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libapparmor-perl amd64 2.10.95-0ubuntu2.7 [31.6 kB] Get:8 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 apparmor amd64 2.10.95-0ubuntu2.7 [450 kB] Get:9 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 iptables amd64 1.6.0-2ubuntu3 [266 kB] Get:10 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 rsync amd64 3.1.1-3ubuntu1 [325 kB] Get:11 http://us.archive.ubuntu.com/ubuntu xenial/universe amd64 aufs-tools amd64 1:3.2+20130722-1.1ubuntu1 [92.9 kB] Get:12 http://us.archive.ubuntu.com/ubuntu xenial/universe amd64 cgroupfs-mount all 1.2 [4,970 B] Get:13 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 libltdl7 amd64 2.4.6-0.1 [38.3 kB] Get:14 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 liberror-perl all 0.17-1.2 [19.6 kB] Get:15 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 git-man all 1:2.7.4-0ubuntu1.3 [736 kB] Get:16 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 git amd64 1:2.7.4-0ubuntu1.3 [3,102 kB] Get:17 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 patch amd64 2.7.5-1 [90.4 kB] Get:18 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 rename all 0.20-4 [12.0 kB] Get:19 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 xz-utils amd64 5.1.1alpha+20120614-2ubuntu2 [78.8 kB] Preconfiguring packages ... Fetched 32.6 MB in 5s (6,284 kB/s) Processing triggers for ureadahead (0.100.0-19) ...
あらかじめ定義した設定情報にしたがい、Docker Engineに与えるDefault Configを指定する。
import tempfile
temp_dir = tempfile.mkdtemp()
temp_dir
'/tmp/tmpkLyFWr'
import os
import json
with open(os.path.join(temp_dir, 'daemon.json'), 'w') as f:
f.write(json.dumps(docker_opts))
!cat {temp_dir}/daemon.json
{"data-root": "/mnt/docker", "insecure-registries": []}
import os
with open(os.path.join(temp_dir, 'tmpdir.conf'), 'w') as f:
f.write('''# Systemd drop-in configuration for Docker
[Service]
Environment="DOCKER_TMPDIR={docker_tmp}"'''.format(docker_tmp=docker_tmp))
!cat {temp_dir}/tmpdir.conf
# Systemd drop-in configuration for Docker [Service] Environment="DOCKER_TMPDIR=/mnt/docker-tmp"
ローカルに作った configファイル を、Bind対象の/etc/default/dockerにコピーし、Docker Engineに反映する。
!ansible -b -m copy -a 'src={temp_dir}/daemon.json dest=/etc/docker/daemon.json' {target_group}
!ansible -b -m file -a 'path=/etc/systemd/system/docker.service.d state=directory' {target_group}
!ansible -b -m copy -a 'src={temp_dir}/tmpdir.conf dest=/etc/systemd/system/docker.service.d/tmpdir.conf' {target_group}
!ansible -b -m file -a 'path={docker_tmp} state=directory' {target_group}
!ansible -b -a 'systemctl daemon-reload' {target_group}
!ansible -b -m service -a 'name=docker state=restarted' {target_group}
XXX.XXX.XXX.66 | SUCCESS => { "changed": true, "checksum": "d7af45d32223f16ef2c90c84519f37e8bd425777", "dest": "/etc/docker/daemon.json", "failed": false, "gid": 0, "group": "root", "md5sum": "d24bc7e71c6f5bb90f4c60847e086406", "mode": "0644", "owner": "root", "size": 55, "src": "/home/ansible/.ansible/tmp/ansible-tmp-1510008598.03-253168517244957/source", "state": "file", "uid": 0 } XXX.XXX.XXX.66 | SUCCESS => { "changed": true, "failed": false, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/etc/systemd/system/docker.service.d", "size": 6, "state": "directory", "uid": 0 } XXX.XXX.XXX.66 | SUCCESS => { "changed": true, "checksum": "17e2db6d5b09b4a11d6ad962ea1b86da7d2c553b", "dest": "/etc/systemd/system/docker.service.d/tmpdir.conf", "failed": false, "gid": 0, "group": "root", "md5sum": "2aea202d5e2f6713a286fb9f187cd3dd", "mode": "0644", "owner": "root", "size": 96, "src": "/home/ansible/.ansible/tmp/ansible-tmp-1510008600.97-188521196625471/source", "state": "file", "uid": 0 } XXX.XXX.XXX.66 | SUCCESS => { "changed": true, "failed": false, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/mnt/docker-tmp", "size": 6, "state": "directory", "uid": 0 } XXX.XXX.XXX.66 | SUCCESS | rc=0 >> XXX.XXX.XXX.66 | SUCCESS => { "changed": true, "failed": false, "name": "docker", "state": "started", "status": { "ActiveEnterTimestamp": "Tue 2017-11-07 07:49:07 JST", "ActiveEnterTimestampMonotonic": "310512614468", "ActiveExitTimestampMonotonic": "0", "ActiveState": "active", "After": "docker.socket basic.target systemd-journald.socket firewalld.service network-online.target sysinit.target system.slice", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Tue 2017-11-07 07:49:05 JST", "AssertTimestampMonotonic": "310511149702", "Before": "multi-user.target shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CPUUsageNSec": "18446744073709551615", "CanIsolate": "no", "CanReload": "yes", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "yes", "ConditionTimestamp": "Tue 2017-11-07 07:49:05 JST", "ConditionTimestampMonotonic": "310511149702", "Conflicts": "shutdown.target", "ConsistsOf": "docker.socket", "ControlGroup": "/system.slice/docker.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "yes", "Description": "Docker Application Container Engine", "DevicePolicy": "auto", "Documentation": "https://docs.docker.com", "DropInPaths": "/etc/systemd/system/docker.service.d/tmpdir.conf", "Environment": "DOCKER_TMPDIR=/mnt/docker-tmp", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "4640", "ExecMainStartTimestamp": "Tue 2017-11-07 07:49:06 JST", "ExecMainStartTimestampMonotonic": "310511184150", "ExecMainStatus": "0", "ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -s HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStart": "{ path=/usr/bin/dockerd ; argv[]=/usr/bin/dockerd -H fd:// ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/lib/systemd/system/docker.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "docker.service", "IgnoreOnIsolate": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestamp": "Tue 2017-11-07 07:49:06 JST", "InactiveExitTimestampMonotonic": "310511184182", "JobTimeoutAction": "none", "JobTimeoutUSec": "infinity", "KillMode": "process", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitASSoft": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCORESoft": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitCPUSoft": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitDATASoft": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitFSIZESoft": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitLOCKSSoft": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMEMLOCKSoft": "65536", "LimitMSGQUEUE": "819200", "LimitMSGQUEUESoft": "819200", "LimitNICE": "0", "LimitNICESoft": "0", "LimitNOFILE": "1048576", "LimitNOFILESoft": "1048576", "LimitNPROC": "18446744073709551615", "LimitNPROCSoft": "18446744073709551615", "LimitRSS": "18446744073709551615", "LimitRSSSoft": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTPRIOSoft": "0", "LimitRTTIME": "18446744073709551615", "LimitRTTIMESoft": "18446744073709551615", "LimitSIGPENDING": "96307", "LimitSIGPENDINGSoft": "96307", "LimitSTACK": "18446744073709551615", "LimitSTACKSoft": "8388608", "LoadState": "loaded", "MainPID": "4640", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "NFileDescriptorStore": "0", "Names": "docker.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "main", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "docker.socket sysinit.target system.slice", "Restart": "on-failure", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "RuntimeMaxUSec": "infinity", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "3", "StartLimitInterval": "60000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StateChangeTimestamp": "Tue 2017-11-07 07:49:07 JST", "StateChangeTimestampMonotonic": "310512614468", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogFacility": "3", "SyslogLevel": "6", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "infinity", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "TriggeredBy": "docker.socket", "Type": "notify", "UMask": "0022", "UnitFilePreset": "enabled", "UnitFileState": "enabled", "UtmpMode": "init", "WantedBy": "multi-user.target", "Wants": "network-online.target", "WatchdogTimestamp": "Tue 2017-11-07 07:49:07 JST", "WatchdogTimestampMonotonic": "310512614467", "WatchdogUSec": "0" } }
念のため、Docker Engineにより /mnt/docker, /mnt/docker-tmp にファイルが作成されていることを確認する。
!ansible -b -a 'ls -la {docker_tmp} {docker_base}' {target_group}
XXX.XXX.XXX.66 | SUCCESS | rc=0 >> /mnt/docker: total 0 drwx--x--x 11 root root 139 Nov 7 07:50 . drwxr-xr-x 4 root root 38 Nov 7 07:50 .. drwx------ 2 root root 24 Nov 7 07:50 builder drwx------ 2 root root 6 Nov 7 07:50 containers drwx------ 3 root root 22 Nov 7 07:50 image drwxr-x--- 3 root root 19 Nov 7 07:50 network drwx------ 3 root root 40 Nov 7 07:50 overlay2 drwx------ 4 root root 32 Nov 7 07:50 plugins drwx------ 2 root root 6 Nov 7 07:50 swarm drwx------ 2 root root 6 Nov 7 07:50 trust drwx------ 2 root root 25 Nov 7 07:50 volumes /mnt/docker-tmp: total 0 drwxr-xr-x 2 root root 6 Nov 7 07:50 . drwxr-xr-x 4 root root 38 Nov 7 07:50 ..
!ansible -b -a 'systemctl status docker' {target_group}
XXX.XXX.XXX.66 | SUCCESS | rc=0 >> ● docker.service - Docker Application Container Engine Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled) Drop-In: /etc/systemd/system/docker.service.d └─tmpdir.conf Active: active (running) since Tue 2017-11-07 07:50:08 JST; 12s ago Docs: https://docs.docker.com Main PID: 5046 (dockerd) Tasks: 23 Memory: 23.1M CPU: 207ms CGroup: /system.slice/docker.service ├─5046 /usr/bin/dockerd -H fd:// └─5057 docker-containerd -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --metrics-interval=0 --start-timeout 2m --state-dir /var/run/docker/libcontainerd/containerd --shim docker-containerd-shim --runtime docker-runc Nov 07 07:50:08 ubuntu dockerd[5046]: time="2017-11-07T07:50:08.040890717+09:00" level=warning msg="Your kernel does not support swap memory limit" Nov 07 07:50:08 ubuntu dockerd[5046]: time="2017-11-07T07:50:08.041074723+09:00" level=warning msg="Your kernel does not support cgroup rt period" Nov 07 07:50:08 ubuntu dockerd[5046]: time="2017-11-07T07:50:08.041269724+09:00" level=warning msg="Your kernel does not support cgroup rt runtime" Nov 07 07:50:08 ubuntu dockerd[5046]: time="2017-11-07T07:50:08.041789087+09:00" level=info msg="Loading containers: start." Nov 07 07:50:08 ubuntu dockerd[5046]: time="2017-11-07T07:50:08.103748312+09:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address" Nov 07 07:50:08 ubuntu dockerd[5046]: time="2017-11-07T07:50:08.134515798+09:00" level=info msg="Loading containers: done." Nov 07 07:50:08 ubuntu dockerd[5046]: time="2017-11-07T07:50:08.164633962+09:00" level=info msg="Docker daemon" commit=afdb6d4 graphdriver(s)=overlay2 version=17.09.0-ce Nov 07 07:50:08 ubuntu dockerd[5046]: time="2017-11-07T07:50:08.164936349+09:00" level=info msg="Daemon has completed initialization" Nov 07 07:50:08 ubuntu systemd[1]: Started Docker Application Container Engine. Nov 07 07:50:08 ubuntu dockerd[5046]: time="2017-11-07T07:50:08.174620764+09:00" level=info msg="API listen on /var/run/docker.sock"
Docker Engineのバージョンを確認する。
!ansible -b -a 'docker version' {target_group}
XXX.XXX.XXX.66 | SUCCESS | rc=0 >> Client: Version: 17.09.0-ce API version: 1.32 Go version: go1.8.3 Git commit: afdb6d4 Built: Tue Sep 26 22:42:18 2017 OS/Arch: linux/amd64 Server: Version: 17.09.0-ce API version: 1.32 (minimum version 1.12) Go version: go1.8.3 Git commit: afdb6d4 Built: Tue Sep 26 22:40:56 2017 OS/Arch: linux/amd64 Experimental: false
Docker Engineの設定状況も確認しておく。
!ansible -b -a 'docker info' {target_group}
XXX.XXX.XXX.66 | SUCCESS | rc=0 >> Containers: 0 Running: 0 Paused: 0 Stopped: 0 Images: 0 Server Version: 17.09.0-ce Storage Driver: overlay2 Backing Filesystem: xfs Supports d_type: true Native Overlay Diff: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge host macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog Swarm: inactive Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: 06b9cb35161009dcb7123345749fef02f7cea8e0 runc version: 3f2f8b84a77f73d38244dd690525642a72156c64 init version: 949e6fa Security Options: apparmor seccomp Profile: default Kernel Version: 4.4.0-97-generic Operating System: Ubuntu 16.04.3 LTS OSType: linux Architecture: x86_64 CPUs: 6 Total Memory: 23.55GiB Name: ubuntu ID: J5HS:7GY5:4GOE:7DYW:S3U3:UOLS:YDCL:SJCW:DVR2:KRW4:O3FA:NV5P Docker Root Dir: /mnt/docker Debug Mode (client): false Debug Mode (server): false Registry: https://index.docker.io/v1/ Experimental: false Insecure Registries: 127.0.0.0/8 Live Restore Enabled: falseWARNING: No swap limit support
2017/11/7時点 では、docker-composeのバージョンは1.17.0となる。
!ansible -b -m shell \
-a 'curl -L https://github.com/docker/compose/releases/download/1.17.0/docker-compose-`uname -s`-`uname -m` \
> /usr/local/bin/docker-compose' {target_group}
[WARNING]: Consider using get_url or uri module rather than running curl XXX.XXX.XXX.66 | SUCCESS | rc=0 >> % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 617 0 617 0 0 702 0 --:--:-- --:--:-- --:--:-- 701 100 8649k 100 8649k 0 0 1128k 0 0:00:07 0:00:07 --:--:-- 1920k
!ansible -b -a 'chmod +x /usr/local/bin/docker-compose' {target_group}
[WARNING]: Consider using file module with mode rather than running chmod XXX.XXX.XXX.66 | SUCCESS | rc=0 >>
!ansible -b -a 'docker-compose --version' {target_group}
XXX.XXX.XXX.66 | SUCCESS | rc=0 >> docker-compose version 1.17.0, build ac53b73
まずはお試しで、hello-worldイメージを実行してみる。Hello from Docker
のようなメッセージが表示されたらOK。
!ansible -b -a 'docker run hello-world' {target_group}
XXX.XXX.XXX.66 | SUCCESS | rc=0 >> Hello from Docker! This message shows that your installation appears to be working correctly. To generate this message, Docker took the following steps: 1. The Docker client contacted the Docker daemon. 2. The Docker daemon pulled the "hello-world" image from the Docker Hub. 3. The Docker daemon created a new container from that image which runs the executable that produces the output you are currently reading. 4. The Docker daemon streamed that output to the Docker client, which sent it to your terminal. To try something more ambitious, you can run an Ubuntu container with: $ docker run -it ubuntu bash Share images, automate workflows, and more with a free Docker ID: https://cloud.docker.com/ For more examples and ideas, visit: https://docs.docker.com/engine/userguide/Unable to find image 'hello-world:latest' locally latest: Pulling from library/hello-world 9a0669468bf7: Pulling fs layer 9a0669468bf7: Download complete 9a0669468bf7: Pull complete Digest: sha256:0e06ef5e1945a718b02a8c319e15bae44f47039005530bc617a5d071190ed3fc Status: Downloaded newer image for hello-world:latest
Dockerのhello-worldイメージが実行された。OK。
!mkdir -p {temp_dir}/hello-compose/
%%writefile {temp_dir}/hello-compose/docker-compose.yml
version: '2'
services:
test-hello-world:
image: hello-world
Writing /tmp/tmpkLyFWr/hello-compose/docker-compose.yml
作成したdocker-compose.ymlを、Bind対象ホストにアップロードする。
!ansible -b -m copy -a 'src={temp_dir}/hello-compose dest=~' {target_group}
XXX.XXX.XXX.66 | SUCCESS => { "changed": true, "checksum": "19f3b6e911e6461b09d1ddaf5a5f7f8dbc538a6e", "dest": "/root/hello-compose/docker-compose.yml", "failed": false, "gid": 0, "group": "root", "md5sum": "a157d75e4107e5c1aa63441b9ff90758", "mode": "0644", "owner": "root", "size": 65, "src": "/home/ansible/.ansible/tmp/ansible-tmp-1510008665.9-219846645213383/source", "state": "file", "uid": 0 }
実行してみる。Hello from Docker
のようなメッセージが表示されたらOK。
!ansible -b -a 'chdir=~/hello-compose docker-compose up' {target_group}
XXX.XXX.XXX.66 | SUCCESS | rc=0 >> Attaching to hellocompose_test-hello-world_1 test-hello-world_1 | test-hello-world_1 | Hello from Docker! test-hello-world_1 | This message shows that your installation appears to be working correctly. test-hello-world_1 | test-hello-world_1 | To generate this message, Docker took the following steps: test-hello-world_1 | 1. The Docker client contacted the Docker daemon. test-hello-world_1 | 2. The Docker daemon pulled the "hello-world" image from the Docker Hub. test-hello-world_1 | 3. The Docker daemon created a new container from that image which runs the test-hello-world_1 | executable that produces the output you are currently reading. test-hello-world_1 | 4. The Docker daemon streamed that output to the Docker client, which sent it test-hello-world_1 | to your terminal. test-hello-world_1 | test-hello-world_1 | To try something more ambitious, you can run an Ubuntu container with: test-hello-world_1 | $ docker run -it ubuntu bash test-hello-world_1 | test-hello-world_1 | Share images, automate workflows, and more with a free Docker ID: test-hello-world_1 | https://cloud.docker.com/ test-hello-world_1 | test-hello-world_1 | For more examples and ideas, visit: test-hello-world_1 | https://docs.docker.com/engine/userguide/ test-hello-world_1 | hellocompose_test-hello-world_1 exited with code 0 Creating network "hellocompose_default" with the default driver Creating hellocompose_test-hello-world_1
一時ディレクトリを削除する。
!rm -fr {temp_dir}