用ansible管理ubuntu22.04, 批量安装docker-摩杜云开发者社区

替换一下hosts：对应内容，搞了半天，记录下

用apt_key 添加key是有问题的

gpg --dearmor 命令用于将ASCII码格式的gpg数据转换回二进制格式。

GPG加密或签名的数据默认是二进制格式,不方便人们阅读和分发。所以GPG允许将数据转换为ASCII码格式,这就是所谓的ASCII armor(护甲)格式。这种格式使用ASCII printable字符,可以方便地在邮件、新闻组和论坛上分发。

使用--armor选项可以将数据转换为ASCII armor格式。例如:

gpg --armor --output file.asc --encrypt file
gpg --armor --output file.asc --sign file
gpg --armor --export your_key_id > public.key

而--dearmor选项则是将ASCII armor格式转换回二进制格式。例如:
gpg --dearmor file.asc > file   # 解密或校验文件
gpg --dearmor public.key > your_public.key # 导入公钥

--dearmor的主要作用是将GPG软件外传播和分发的ASCII格式的加密文件、签名文件或公钥文件转换回GPG软件内部使用的二进制格式。

总结一下,--armor选项用来产生可以人工阅读的ASCII文件,--dearmor选项则是将其还原回二进制格式以供GPG使用。两者是相对应的。

---
- hosts: tmp1
  remote_user: root
  gather_facts: yes
  ignore_unreachable: yes
  become: yes
  tasks:
    - name: Update apt cache
      apt:
        update_cache: yes
    - name: Install required packages
      apt:
        name:
          - ca-certificates
          - curl
          - gnupg
    - name: Create /etc/apt/keyrings directory
      ansible.builtin.file:
        path: /etc/apt/keyrings
        state: directory
        mode: '0755'
    - name: Download Docker GPG key
      get_url:
        url: https://download.docker.com/linux/ubuntu/gpg
        dest: /tmp/docker.gpg
        mode: '0644'
    - name: Convert ASCII armored GPG key to binary key
      shell: |
        curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
  
    - name: Add Docker repository
      ansible.builtin.apt_repository:
        repo: "deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu  {{ ansible_distribution_release }} stable"
        state: present
        filename: docker-ce
    - name: Update apt cache
      apt:
        update_cache: yes
    - name: Install Docker and related components
      apt:
        name:
          - docker-ce
          - docker-ce-cli
          - containerd.io
          - docker-buildx-plugin
          - docker-compose-plugin
        state: latest
        update_cache: true
    - name: Add registry mirrors
      copy:
        content: |
          {
            "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn", "https://x31x8hjg.mirror.aliyuncs.com", "https://registry.docker-cn.com", "http://hub-mirror.c.163.com"],
            "insecure-registries":[],
            "exec-opts": [], 
            "log-driver": "",  
            "log-opts": {},  
            "storage-driver": "",
            "live-restore": true,
            "default-shm-size": "256M",
            "max-concurrent-downloads": 10,
            "max-concurrent-uploads": 10,   
            "debug": false
          }
        dest: /etc/docker/daemon.json
    - name: Restart Docker 
      service: 
        name: docker
        state: restarted

确认生效

用ansible管理ubuntu22.04, 批量安装docker_Docker