This Ansible role will setup and configure a Docker service on a RHEL-like (CentOS, Fedora also supported) system. There's also support for enabling some workarounds to improve Docker stability.

So far, there's only support for "direct-lvm" storage backend, where a whole block device is dedicated to store the container images. This is a production-ready storage backend to use, and it's the most stable one with very good performance, with the drawback of increased memory usage.

You must have a dedicated block device for the role to create a LVM PV, VG and setup the needed LVs on it. The intended device should be passed as a variable to the role, but the role will check if there's already some filesystem signature on it and abort if that's the case (set docker_vg.create to true to force overwriting).

Here's an example playbook:

- name: configure docker
  hosts: all
  become: true
  roles:
    - stone-payments.docker
  vars:
    docker_vg: #this whole dict may be omitted if you intend to use the default "/dev/sdb"
      name: docker #purely informative, but there should be a name
      create: false #wipe devices listed on docker_vg.devs
      devs: #you may use more than a single block device here if needed, they will be joined to create a VG
        - "/dev/sdb"

In the defaults\main.yml file you may find advanced settings to fine-tune the role to your environment. The available options include:

• Docker version to use (must be available on the system);
• TLS configuration of the Docker API socket;
• Fraction of available space to use for container images and for container-generated data;
• Enable/disable workarounds of some Docker bugs;
• Enable/disable some Docker plugins (so far, only support for RHEL registry plugin);
• Custom configs that should be passed directly to /etc/docker/daemon.json config file.

This project uses py.test and testinfra packages to run tests.

First, install the dependencies and activate the virtualenv with:

pipenv install
pipenv shell

Then run tests:

pytest

You must have Docker 17.06 or greater on your machine since the tests run inside a container and uses the --mount docker flag.

Just open a PR! We love PRs.

This role is distributed under the MIT license.