Skip to content

Commit c419924

Browse files
XronophobeXronophobe
committed
add comments on rootless docker
1 parent fd3c907 commit c419924

File tree

1 file changed

+17
-0
lines changed

1 file changed

+17
-0
lines changed

chapter_11_ansible.asciidoc

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -401,6 +401,10 @@ PLAY RECAP ********************************************************************
401401
staging.ottg.co.uk : ok=3 changed=2 unreachable=0 failed=0
402402
skipped=0 rescued=0 ignored=0
403403
----
404+
// CSANAD: without rootless docker or adding the server's user to the docker
405+
// group, this requires a password for `sudo` on the server. I would add
406+
// a TIP or something similar to inform the reader it can be done with the `-K` flag:
407+
// ansible-playbook --user=elspeth -i staging.ottg.co.uk, infra/ansible-provision.yaml -K -vv
404408

405409
I don't know about you, but whenever I make a terminal spew out a stream
406410
of output, I like to make little _brrp brrp brrp_ noises, a bit like the
@@ -434,6 +438,8 @@ minutes ago testcontainer
434438
elspeth@server:$ *docker logs testcontainer*
435439
hello world
436440
----
441+
// CSANAD: we haven't set up rootless docker and haven't added the user to the
442+
// `docker` group either, so `docker ps` would only run with sudo.
437443

438444
TIP: Look out for that `elspeth@server`
439445
in the command-line listings in this chapter.
@@ -523,6 +529,17 @@ In Ansible config, it looks like this:
523529
====
524530
// CSANAD: I would add `update_cache: true` to the `Install docker` task back,
525531
// it's a good practice to update the apt cache before installing.
532+
//
533+
// Also because of the `delegate_to` the reader may face permission errors if they
534+
// have not set up rootless docker or haven't added their user to the docker group
535+
// on their local (developer) system.
536+
// TASK [Export container image locally] ****[...]
537+
// task path: /path/to/goat-book/infra/ansible-provision.yaml:12
538+
// fatal: [192.168.122.23 -> 127.0.0.1]: FAILED! => {"changed": false, "msg": "Error connecting: Error while fetching server API version: ('Connection aborted.', PermissionError(13, 'Permission denied'))"}
539+
//
540+
// They may get away with just using `sudo docker` but `sudo ansible-playbook`
541+
// will not work.
542+
//
526543

527544
<1> We export the docker image to a `.tar` file by using the `docker_image` module
528545
with the `archive_path` set to temp file, and setting the `delegate_to` attribute

0 commit comments

Comments
 (0)