arillso.container.docker role – Configure and manage Docker environment using Ansible

Note

This role is part of the arillso.container collection (version 1.0.2).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it use: ansible-galaxy collection install arillso.container.

To use it in a playbook, specify: arillso.container.docker.

Entry point main – Configure and manage Docker environment using Ansible

Synopsis

  • This spec defines the parameters for configuring Docker and its environment on various distributions using Ansible.

Parameters

Parameter

Comments

docker_daemon

dictionary

Defines the Docker daemon configuration options.

allow-nondistributable-artifacts

list / elements=string

A list of allowed nondistributable artifacts.

api-cors-header

string

Sets the CORS header for the Docker API.

authorization-plugins

list / elements=string

A list of authorization plugins to use with Docker.

bip

string

Specifies a custom network bridge IP address in CIDR notation. This is used for the default bridge network.

bridge

string

Specifies the network bridge Docker will use.

builder

dictionary

Configuration options for Docker builds.

gc

dictionary

Configuration options for build cache garbage collection.

defaultKeepStorage

string

The default amount of build cache storage to keep.

enabled

boolean

Enables or disables build cache garbage collection.

Choices:

  • false

  • true

policy

list / elements=dictionary

Policies for managing build cache storage.

all

boolean

Whether the policy applies to all build cache.

Choices:

  • false

  • true

filter

list / elements=string

Filters to apply for the policy.

keepStorage

string

The amount of build cache storage to keep.

cgroup-parent

string

Sets the parent cgroup for all containers.

containerd

string

The path to the containerd socket.

containerd-namespace

string

The namespace to use within containerd.

containerd-plugin-namespace

string

The namespace for containerd plugins.

data-root

string

The root directory of the Docker runtime. Defaults to /var/lib/docker.

debug

boolean

Enable debug mode with additional logging.

Choices:

  • false

  • true

default-address-pools

list / elements=dictionary

A list of IP address pools for dynamic network allocation. Each pool is specified with a base (in CIDR notation) and a size.

base

string

The base address in CIDR notation.

size

integer

The size of the network pool.

default-cgroupns-mode

string

The default namespace mode to use for cgroups.

default-gateway

string

The default IPv4 gateway.

default-gateway-v6

string

The default IPv6 gateway.

default-network-opts

dictionary

Default network options.

default-runtime

string

The default runtime to use for running containers.

default-shm-size

string

The default size of the shm for containers.

default-ulimits

dictionary

Default ulimits to set for containers.

disable-legacy-registry

boolean

Disables the use of the legacy V1 Docker registry.

Choices:

  • false

  • true

dns

list / elements=string

A list of DNS servers.

dns-opts

list / elements=string

A list of DNS options.

list / elements=string

A list of DNS search domains.

exec-opts

list / elements=string

Runtime execution options.

exec-root

string

The root directory for execution state files.

experimental

boolean

Enable experimental features.

Choices:

  • false

  • true

features

dictionary

A map of Docker daemon feature flags.

fixed-cidr

string

IPv4 subnet for fixed IPs.

fixed-cidr-v6

string

IPv6 subnet for fixed IPs.

group

string

The group for the Docker socket.

host-gateway-ip

string

The host gateway IP address.

hosts

list / elements=string

A list of daemon host addresses.

icc

boolean

Enable or disable inter-container communication.

Choices:

  • false

  • true

init

boolean

Use Docker’s init system.

Choices:

  • false

  • true

init-path

string

Path to the Docker init binary.

insecure-registries

list / elements=string

A list of insecure registries to allow for Docker pull and push operations.

ip

string

The IP address Docker will bind to.

ip-forward

boolean

Enable net.ipv4.ip_forward.

Choices:

  • false

  • true

ip-masq

boolean

Enable IP masquerading.

Choices:

  • false

  • true

ip6tables

boolean

Enable addition of ip6tables rules.

Choices:

  • false

  • true

iptables

boolean

Enable addition of iptables rules.

Choices:

  • false

  • true

ipv6

boolean

Enable IPv6 networking.

Choices:

  • false

  • true

labels

list / elements=string

A list of labels to set on the Docker daemon.

live-restore

boolean

Enables live restore of Docker when true.

Choices:

  • false

  • true ← (default)

log-driver

string

Defines the log driver to be used by Docker daemon.

Default: "journald"

log-level

string

The logging level. Valid values are “debug”, “info”, “warn”, “error”, “fatal”.

max-concurrent-downloads

integer

Sets the maximum number of parallel image downloads for the Docker daemon.

max-concurrent-uploads

integer

Sets the maximum number of parallel image uploads for the Docker daemon.

mtu

integer

Sets the maximum transmission unit (MTU) for the Docker daemon network interfaces.

no-new-privileges

boolean

Set no-new-privileges by default for new containers.

Choices:

  • false

  • true

oom-score-adjust

integer

Adjust the OOM score.

pidfile

string

Path to the PID file.

raw-logs

boolean

Enable raw logs.

Choices:

  • false

  • true

registry-mirrors

list / elements=string

A list of registry mirrors to use for Docker pull operations.

runtimes

dictionary

Specifies OCI compliant runtimes to use for running containers.

seccomp-profile

string

The path to the seccomp security profile.

selinux-enabled

boolean

Enable SELinux support.

Choices:

  • false

  • true

shutdown-timeout

integer

Sets the timeout value (in seconds) for the Docker daemon to wait before forcibly shutting down containers on daemon shutdown.

storage-driver

string

The storage driver to use. Popular options include overlay2, aufs, and btrfs.

swarm-default-advertise-addr

string

Set default swarm advertise address.

tlscacert

string

Trust certs signed only by this CA.

tlscert

string

Path to TLS certificate file.

tlskey

string

Path to TLS key file.

userland-proxy

boolean

Use userland proxy for loopback traffic.

Choices:

  • false

  • true

userland-proxy-path

string

Path to the userland proxy binary.

userns-remap

string

User/Group setting for user namespaces.

docker_systemd_units

list / elements=dictionary

List of systemd units to create for Docker pruning tasks.

name

string

The name of the systemd unit.

systemd_unit_generic_options

list / elements=string

Generic systemd options for the unit.

systemd_unit_install_options

list / elements=string

Install options for the systemd unit.

systemd_unit_options

list / elements=string

Specific options for the systemd service or timer.

type

string

The type of the systemd unit, e.g., service or timer.

docker_version

string

Specifies the version of Docker to be installed. If omitted, the latest version is installed.

Default: ""