progress on switching to docker in 11

hjwp · hjwp · commit 13d2c055ff41 · 2024-02-21T18:00:40.000Z
diff --git a/chapter_11_ansible.asciidoc b/chapter_11_ansible.asciidoc
@@ -207,7 +207,17 @@ so once you've set up your A-record,
 you can check its progress on a "propagation checking" service like this one:
 https://www.whatsmydns.net/#A/staging.ottg.co.uk.
 
-I'm planning to host my staging server at 'staging.ottg.co.uk':
+I'm planning to host my staging server at _staging.ottg.co.uk_
+
+=== Installing ansible
+
+TODO:
+
+https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html
+
+suggests pipx.  could also install it in the local virtualenv?
+may need to add docker-sdk
+
 
 
 === A first Cut of an Ansible Script
@@ -242,7 +252,6 @@ The "hate" part is that the actual syntax is surprisingly fiddly to get right:
 the difference between lists and key/value maps is subtle and I can never quite remember it honestly.]
 relationship with.
 
-TODO: forget podman, just use docker.
 
 [role="sourcecode"]
 .infra/ansible-provision.yaml (ch11l001)
@@ -289,6 +298,7 @@ TODO: forget podman, just use docker.
         state: started
         image: busybox
         command: echo hello world
+        become: true
 ----
 ====
 
@@ -301,28 +311,87 @@ TODO: forget podman, just use docker.
   The next few use the `builtin.apt` module which provides
   a wrapper around the `apt` Debian & Ubuntu package management tool.
 
-<3> Each module then provides a bunch of parameters which control
-  how it works.  Here we specify the `name` of the package we want to install ("docker")
-  and tell it update its cache first, which is required on a fresh server.
+<3> Each module then provides a bunch of parameters which control how it works.
+    Here we specify the `name` of the package we want to install ("docker")
+    and tell it update its cache first, which is required on a fresh server.
 
 Most ansible modules have pretty good documentation,
 check out the `builtin.apt` one for example.
-I often skip to the https://docs.ansible.com/ansible/latest/collections/ansible/builtin/apt_module.html#examples[Examples section].
+I often skip to the
+https://docs.ansible.com/ansible/latest/collections/ansible/builtin/apt_module.html#examples[Examples section].
+
 
 [subs="specialcharacters,quotes"]
 
 ----
 $ *ansible-playbook --user=elspeth -i 192.168.56.10, infra/ansible-provision.yaml -vv*
+PLAYBOOK: ansible-provision.yaml **********************************************
+1 plays in infra/ansible-provision.yaml
+
+PLAY [all] ********************************************************************
+
+TASK [Gathering Facts] ********************************************************
+task path: ...goat-book/infra/ansible-provision.yaml:2
+ok: [192.168.56.10]
+
+TASK [Add Docker GPG apt Key] *************************************************
+task path: ...goat-book/infra/ansible-provision.yaml:9
+changed: [192.168.56.10] => {"after": ["8D81803C0EBFCD88", "7EA0A9C3F273FCD8", "D94AA3F0EFE21092", "871920D1991BC93C"], "before": ["D94AA3F0EFE21092", "871920D1991BC93C"], "changed": true, "fp": "8D81803C0EBFCD88", "id": "8D81803C0EBFCD88", "key_id": "8D81803C0EBFCD88", "short_id": "0EBFCD88"}
+
+TASK [Add Docker Repository] **************************************************
+task path: ...goat-book/infra/ansible-provision.yaml:14
+changed: [192.168.56.10] => {"changed": true, "repo": "deb https://download.docker.com/linux/ubuntu jammy stable", "sources_added": ["/etc/apt/sources.list.d/download_docker_com_linux_ubuntu.list"], "sources_removed": [], "state": "present"}
+
+TASK [Update apt and install docker-ce] ***************************************
+task path: ...goat-book/infra/ansible-provision.yaml:19
+changed: [192.168.56.10] => {"cache_update_time": [...]
+changed: [192.168.56.10] => {"cache_update_time": 1706583891, "cache_updated":
+true, "changed": true, "stderr": "", "stderr_lines": [], "stdout": "Reading
+package lists...\nBuilding dependency tree...\nReading state
+information...\nThe following additional packages will be installed:\n
+containerd.io docker-buildx-plugin docker-ce-cli docker-ce-rootless-extras\n
+[...]
+TASK [Add our user to Docker allowed users] ***********************************
+changed: [192.168.56.10] => {"append": true, "changed": true, "comment": "",
+"group": 1001, "groups": "docker", "home": "/home/elspeth", "move_home": false,
+"name": "elspeth", "shell": "/bin/bash", "state": "present", "uid": 1001}
+TASK [Run test container] *****************************************************
+task path: ...goat-book/infra/ansible-provision.yaml:31
+changed: [192.168.56.10] => {"changed": true, "container": {"AppArmorProfile":
+"docker-default", "Args": ["hello", "world"], "Config": {"AttachStderr": true,
+"AttachStdin": false, "AttachStdout": true, "Cmd": ["echo", "hello", "world"],
+[...]
+
+PLAY RECAP ***********************************************************
+192.168.56.10              : ok=6    changed=6    unreachable=0    failed=0
+skipped=0    rescued=0    ignored=0
 ----
 
-TODO: show ansible output.
 TODO: stop using local ip
 
 
+////
+
+this goes wrong because groups don't work immediately:
+
+TASK [Run test container] *****************************************************
+fatal: [192.168.56.10]: FAILED! => {"changed": false, "msg": "Error connecting:
+Error while fetching server API version: ('Connection aborted.',
+PermissionError(13, 'Permission denied'))"}
+
+waiting a few minutes fixes it
+
+for now i'll just put become:true
+
+
+////
+
+
 === SSHing Into the Server and Viewing Container Logs
 
 Now ssh into the server, check it worked
 
+TODO: forget podman, just use docker.
 
 [role="server-commands"]
 [subs="specialcharacters,quotes"]
