Fixes #21: DOCKER iptables chain problem when used with geerlingguy.firewall.
This commit is contained in:
Jeff Geerling
parent
fd8139c402
commit
07e05ef00f
|
|
@ -19,7 +19,11 @@ Available variables are listed below, along with default values (see `defaults/m
|
||||||
|
|
||||||
The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterprise Edition). You can also specify a specific version of Docker to install using a format like `docker-{{ docker_edition }}-<VERSION>`. And you can control whether the package is installed, uninstalled, or at the latest version by setting `docker_package_state` to `present`, `absent`, or `latest`, respectively.
|
The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterprise Edition). You can also specify a specific version of Docker to install using a format like `docker-{{ docker_edition }}-<VERSION>`. And you can control whether the package is installed, uninstalled, or at the latest version by setting `docker_package_state` to `present`, `absent`, or `latest`, respectively.
|
||||||
|
|
||||||
docker_install_compose: true
|
docker_restart_on_package_change: True
|
||||||
|
|
||||||
|
Whether to restart the Docker daemon after the Docker package is installed or updated. If this is set to `True`, this role will flush all handlers (run any of the handlers that have been notified by this and any other role up to this point in the play). The default setting helps avoid firewall clashes with Docker rules (e.g. when using custom `iptables` rules or the `geerlingguy.firewall` Ansible role).
|
||||||
|
|
||||||
|
docker_install_compose: True
|
||||||
docker_compose_version: "1.21.1"
|
docker_compose_version: "1.21.1"
|
||||||
docker_compose_path: /usr/local/bin/docker-compose
|
docker_compose_path: /usr/local/bin/docker-compose
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -3,9 +3,10 @@
|
||||||
docker_edition: 'ce'
|
docker_edition: 'ce'
|
||||||
docker_package: "docker-{{ docker_edition }}"
|
docker_package: "docker-{{ docker_edition }}"
|
||||||
docker_package_state: present
|
docker_package_state: present
|
||||||
|
docker_restart_on_package_change: True
|
||||||
|
|
||||||
# Docker Compose options.
|
# Docker Compose options.
|
||||||
docker_install_compose: true
|
docker_install_compose: True
|
||||||
docker_compose_version: "1.21.1"
|
docker_compose_version: "1.21.1"
|
||||||
docker_compose_path: /usr/local/bin/docker-compose
|
docker_compose_path: /usr/local/bin/docker-compose
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,10 @@
|
||||||
when: ansible_os_family == 'Debian'
|
when: ansible_os_family == 'Debian'
|
||||||
|
|
||||||
- name: Install Docker.
|
- name: Install Docker.
|
||||||
package: name={{ docker_package }} state={{ docker_package_state }}
|
package:
|
||||||
|
name: "{{ docker_package }}"
|
||||||
|
state: "{{ docker_package_state }}"
|
||||||
|
notify: restart docker
|
||||||
|
|
||||||
- name: Ensure Docker is started and enabled at boot.
|
- name: Ensure Docker is started and enabled at boot.
|
||||||
service:
|
service:
|
||||||
|
|
@ -14,5 +17,9 @@
|
||||||
state: started
|
state: started
|
||||||
enabled: yes
|
enabled: yes
|
||||||
|
|
||||||
|
- name: Ensure handlers are notified now to avoid firewall conflicts.
|
||||||
|
meta: flush_handlers
|
||||||
|
when: docker_restart_on_package_change
|
||||||
|
|
||||||
- include_tasks: docker-compose.yml
|
- include_tasks: docker-compose.yml
|
||||||
when: docker_install_compose
|
when: docker_install_compose
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user