86 lines
2.8 KiB
Markdown
86 lines
2.8 KiB
Markdown
# Proxmox Docker Update
|
|
|
|
Ansible playbooks for managing Docker containers across Proxmox VMs and LXCs, with Jenkins CI/CD integration.
|
|
|
|
## Overview
|
|
|
|
This project automates Docker container updates and maintenance using:
|
|
- **Proxmox dynamic inventory** - automatically discovers running VMs/LXCs tagged with `docker`
|
|
- **Ansible playbooks** - manages Docker Compose stacks and cleanup
|
|
- **Jenkins pipeline** - provides a UI for running playbooks with parameters
|
|
|
|
## Requirements
|
|
|
|
- Ansible with `community.docker` and `community.proxmox` collections
|
|
- Proxmox API token with inventory read access
|
|
- Jenkins (for CI/CD pipeline)
|
|
- Docker hosts must be tagged with `docker` in Proxmox
|
|
|
|
## Playbooks
|
|
|
|
| Playbook | Description |
|
|
|----------|-------------|
|
|
| `dockerUpdate.yml` | Pulls latest images and recreates containers for all Docker Compose stacks |
|
|
| `dockerPrune.yaml` | Removes unused containers, images, networks, volumes, and build cache |
|
|
|
|
## Usage
|
|
|
|
### Via Jenkins
|
|
|
|
The Jenkins pipeline provides a parameterized build with:
|
|
|
|
| Parameter | Description |
|
|
|-----------|-------------|
|
|
| `PLAYBOOK` | Select which playbook to run |
|
|
| `LIMIT` | Optionally limit to specific hosts (e.g., `plex`, `media-app`) |
|
|
| `DRY_RUN` | Run in check mode without making changes |
|
|
|
|
The pipeline automatically targets hosts in the `docker_hosts` group. When a limit is provided, it uses an intersection pattern (`docker_hosts:&<limit>`) to ensure only docker hosts matching the limit are affected.
|
|
|
|
### Via Command Line
|
|
|
|
```bash
|
|
# Update all docker hosts
|
|
ansible-playbook -i inventories/inventory.proxmox.yml playbooks/dockerUpdate.yml --limit docker_hosts
|
|
|
|
# Update a specific host
|
|
ansible-playbook -i inventories/inventory.proxmox.yml playbooks/dockerUpdate.yml --limit 'docker_hosts:&plex'
|
|
|
|
# Prune all docker hosts (dry run)
|
|
ansible-playbook -i inventories/inventory.proxmox.yml playbooks/dockerPrune.yaml --limit docker_hosts --check --diff
|
|
```
|
|
|
|
## Inventory
|
|
|
|
The dynamic inventory (`inventories/inventory.proxmox.yml`) automatically groups hosts by Proxmox tags:
|
|
|
|
| Group | Tag | Description |
|
|
|-------|-----|-------------|
|
|
| `docker_hosts` | `docker` | Hosts running Docker |
|
|
| `vms` | - | All QEMU virtual machines |
|
|
| `lxcs` | - | All LXC containers |
|
|
|
|
Hosts are resolved as `<hostname>.lan` and use the `jenkins` user for SSH.
|
|
|
|
## Environment Variables
|
|
|
|
Required for Proxmox API access:
|
|
|
|
```bash
|
|
export PROXMOX_TOKEN_SECRET=<your-token-secret>
|
|
```
|
|
|
|
In Jenkins, this is configured via the `PROXMOX_TOKEN_SECRET` credential.
|
|
|
|
## Project Structure
|
|
|
|
```
|
|
.
|
|
├── Jenkinsfile # CI/CD pipeline
|
|
├── inventories/
|
|
│ └── inventory.proxmox.yml # Proxmox dynamic inventory
|
|
└── playbooks/
|
|
├── dockerUpdate.yml # Container update playbook
|
|
└── dockerPrune.yaml # Cleanup playbook
|
|
```
|