Ansible Pilot

Install Docker in RedHat-like systems - Ansible module rpm_key, yum_repository and yum

How to automate the installation of the docker-ce engine in Fedora 35 x86_64 (or amd64) using Ansible Playbook. The procedure is going to take care of the GPG signing key, add a repository into the sources list, and install the latest docker-ce package. Included Demo for RedHat-like workstation (RedHat Enterprise Linux, CentOS, CentOS Stream, Fedora).

January 24, 2022
Access the Complete Video Course and Learn Quick Ansible by 200+ Practical Lessons

How to Install Docker in RedHat-like systems with Ansible?

I’m going to show you a live demo with some simple Ansible code. I’m Luca Berton and welcome to today’s episode of Ansible Pilot.

Ansible install Docker in RedHat-like systems

In order to install Docker on a RedHat-like system we need to perform three different steps. The first step is to download the GPG signature key for the repository. You are going to use the ansible.builtin.rpm_key Ansible module. This encrypted key verifies the genuinity of the packages and the repository and guarantees that the software is the same as Docker releases. The second step is to add the add Docker repository to the distribution. It’s an extra website where yum/DNF, your distribution package manager looks like for software. You are going to use the ansible.builtin.yum_repository Ansible module. The third step is to update the yum cache for the available packages and install Docker using the ansible.builtin.yum Ansible module.

Parameters

For the ansible.builtin.rpm_key Ansible module I’m going to use two parameters: “key” and “state”. The “key” parameter specifies the URL or the key ID of the repository GPG signature key and the “state” verify that is present in our system after the execution. For the ansible.builtin.yum_repository Ansible module I’m going to use four parameters: “name”, “baseurl”, “gpgcheck” and “gpgkey”. The “name” parameter specifies the repository parameters and the “baseurl” URL of it. The “gpgcheck” parameter enables the GPG verification with the URL specified in “gpgkey” parameter. For the ansible.builtin.yum Ansible module I’m going to use three parameters: “name”, “state”, and “update_cache”. The “name” parameter specifies the package name (Docker in our use-case) and the “state” verify that is present in our system after the execution. Before installing the package the “update_cache” performs an update of the yum cache to ensure that the latest version of the package is going to be downloaded.

The Best Resources For Ansible

Video Course

Books

demo

Install Docker in RedHat-like systems with Ansible Playbook.

code

---
- name: install Docker
  hosts: all
  become: true
  tasks:
    - name: set mydistribution
      ansible.builtin.set_fact:
        mydistribution: "{{ 'rhel' if (ansible_distribution == 'Red Hat Enterprise Linux') else (ansible_distribution | lower) }}"

    - name: Add signing key
      ansible.builtin.rpm_key:
        key: "https://download.docker.com/linux/{{ mydistribution }}/gpg"
        state: present

    - name: Add repository into repo.d list
      ansible.builtin.yum_repository:
        name: docker
        description: docker repository
        baseurl: "https://download.docker.com/linux/{{ mydistribution }}/$releasever/$basearch/stable"
        enabled: true
        gpgcheck: true
        gpgkey: "https://download.docker.com/linux/{{ mydistribution }}/gpg"

    - name: Install Docker
      ansible.builtin.yum:
        name:
          - docker-ce
          - docker-ce-cli
          - containerd.io
        state: latest
        update_cache: true

    - name: Start Docker
      ansible.builtin.service:
        name: "docker"
        enabled: true
        state: started

execution

ansible-pilot $ ansible-playbook -i virtualmachines/fedora35/inventory install\ Docker/redhat.yml
PLAY [install Docker] *****************************************************************************
TASK [Gathering Facts] ****************************************************************************
ok: [fedora.example.com]
TASK [set mydistribution] *************************************************************************
ok: [fedora.example.com]
TASK [Add signing key] ****************************************************************************
changed: [fedora.example.com]
TASK [Add repository into repo.d list] ************************************************************
changed: [fedora.example.com]
TASK [Install Docker] *****************************************************************************
changed: [fedora.example.com]
TASK [Start Docker] *******************************************************************************
changed: [fedora.example.com]
PLAY RECAP ****************************************************************************************
fedora.example.com         : ok=6    changed=4    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
ansible-pilot $

idempotency

ansible-pilot $ ansible-playbook -i virtualmachines/fedora35/inventory install\ Docker/redhat.yml
PLAY [install Docker] *****************************************************************************
TASK [Gathering Facts] ****************************************************************************
ok: [fedora.example.com]
TASK [set mydistribution] *************************************************************************
ok: [fedora.example.com]
TASK [Add signing key] ****************************************************************************
ok: [fedora.example.com]
TASK [Add repository into repo.d list] ************************************************************
ok: [fedora.example.com]
TASK [Install Docker] *****************************************************************************
ok: [fedora.example.com]
TASK [Start Docker] *******************************************************************************
ok: [fedora.example.com]
PLAY RECAP ****************************************************************************************
fedora.example.com         : ok=6    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
ansible-pilot $

before execution

ansible-pilot $ ssh [email protected]
The authenticity of host 'fedora.example.com (192.168.0.202)' can't be established.
ECDSA key fingerprint is SHA256:0p22EqPJKxL+ytcLbPjHTXu/bjWp2pNkPbfr+EKYxtQ.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'fedora.example.com,192.168.0.202' (ECDSA) to the list of known hosts.
[[email protected] ~]$ sudo su
[[email protected] devops]# cat /etc/os-release 
NAME="Fedora Linux"
VERSION="35 (Cloud Edition)"
ID=fedora
VERSION_ID=35
VERSION_CODENAME=""
PLATFORM_ID="platform:f35"
PRETTY_NAME="Fedora Linux 35 (Cloud Edition)"
ANSI_COLOR="0;38;2;60;110;180"
LOGO=fedora-logo-icon
CPE_NAME="cpe:/o:fedoraproject:fedora:35"
HOME_URL="https://fedoraproject.org/"
DOCUMENTATION_URL="https://docs.fedoraproject.org/en-US/fedora/f35/system-administrators-guide/"
SUPPORT_URL="https://ask.fedoraproject.org/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Fedora"
REDHAT_BUGZILLA_PRODUCT_VERSION=35
REDHAT_SUPPORT_PRODUCT="Fedora"
REDHAT_SUPPORT_PRODUCT_VERSION=35
PRIVACY_POLICY_URL="https://fedoraproject.org/wiki/Legal:PrivacyPolicy"
VARIANT="Cloud Edition"
VARIANT_ID=cloud
[[email protected] devops]# ls -al /etc/yum.repos.d/
total 28
drwxr-xr-x. 1 root root  328 Oct 26 05:41 .
drwxr-xr-x. 1 root root 2638 Jan 24 17:57 ..
-rw-r--r--. 1 root root  728 Oct 11 17:29 fedora-cisco-openh264.repo
-rw-r--r--. 1 root root 1302 Oct 11 17:29 fedora-modular.repo
-rw-r--r--. 1 root root 1239 Oct 11 17:29 fedora.repo
-rw-r--r--. 1 root root 1349 Oct 11 17:29 fedora-updates-modular.repo
-rw-r--r--. 1 root root 1286 Oct 11 17:29 fedora-updates.repo
-rw-r--r--. 1 root root 1391 Oct 11 17:29 fedora-updates-testing-modular.repo
-rw-r--r--. 1 root root 1344 Oct 11 17:29 fedora-updates-testing.repo
[[email protected] devops]# docker --version
bash: docker: command not found
[[email protected] devops]# rpm -qa | grep docker
[[email protected] devops]# yum list installed docker-ce
Error: No matching Packages to list
[[email protected] devops]#

after execution

ansible-pilot $ ssh [email protected]
Last login: Mon Jan 24 18:02:56 2022 from 192.168.0.102
[[email protected] ~]$ sudo su
[[email protected] devops]# ls -al /etc/yum.repos.d/
total 32
drwxr-xr-x. 1 root root  350 Jan 24 18:00 .
drwxr-xr-x. 1 root root 2670 Jan 24 18:02 ..
-rw-r--r--. 1 root root  204 Jan 24 18:00 docker.repo
-rw-r--r--. 1 root root  728 Oct 11 17:29 fedora-cisco-openh264.repo
-rw-r--r--. 1 root root 1302 Oct 11 17:29 fedora-modular.repo
-rw-r--r--. 1 root root 1239 Oct 11 17:29 fedora.repo
-rw-r--r--. 1 root root 1349 Oct 11 17:29 fedora-updates-modular.repo
-rw-r--r--. 1 root root 1286 Oct 11 17:29 fedora-updates.repo
-rw-r--r--. 1 root root 1391 Oct 11 17:29 fedora-updates-testing-modular.repo
-rw-r--r--. 1 root root 1344 Oct 11 17:29 fedora-updates-testing.repo
[[email protected] devops]# cat /etc/yum.repos.d/docker.repo 
[docker]
async = 1
baseurl = https://download.docker.com/linux/fedora/$releasever/$basearch/stable
enabled = 1
gpgcheck = 1
gpgkey = https://download.docker.com/linux/fedora/gpg
name = docker repository
[[email protected] devops]# rpm -qa | grep docker
docker-scan-plugin-0.12.0-3.fc35.x86_64
docker-ce-cli-20.10.12-3.fc35.x86_64
docker-ce-rootless-extras-20.10.12-3.fc35.x86_64
docker-ce-20.10.12-3.fc35.x86_64
[[email protected] devops]# yum list installed docker-ce
Installed Packages
docker-ce.x86_64                             3:20.10.12-3.fc35                              @docker
[[email protected] devops]# docker --version
Docker version 20.10.12, build e91ed57
[[email protected] devops]# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
2db29710123e: Pull complete 
Digest: sha256:975f4b14f326b05db86e16de00144f9c12257553bba9484fed41f9b6f2257800
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/
For more examples and ideas, visit:
 https://docs.docker.com/get-started/
[[email protected] devops]#

code with ❤️ in GitHub

Recap

Now you know how to install Docker in RedHat-like systems with Ansible.

Subscribe to the YouTube channel, Medium, Website, Twitter, and Substack to not miss the next episode of the Ansible Pilot.

Academy

Learn the Ansible automation technology with some real-life examples in my

My book Ansible By Examples: 200+ Automation Examples For Linux and Windows System Administrator and DevOps

BUY the Complete PDF BOOK to easily Copy and Paste the 200+ Ansible code

Want to keep this project going? Please donate

Access the Complete Video Course and Learn Quick Ansible by 200+ Practical Lessons
Trustpilot
Follow me

Subscribe not to miss any new releases

FREE Top 10 Best Practices

Top 10 Best Practices of Ansible Automation: save time, reduce errors and stress