一、配置阿里云docker apt源
Ubuntu 放弃了apt-key的GPG 密钥的管理方法,用户可以直接添加gpg密钥到/etc/apt/trusted.gpg.d/目录下。
同时添加删除apt source 直接在/etc/apt/sources.list.d/目录下操作即可。
1、删除旧的镜像源
bash
#旧版操作方法
apt-key list # 列出许可证,在/trusted.gpg.d/中的是列不出来的
sudo apt-key del 0EBFCD88 # 根据编号删除gpg密钥
sudo rm /etc/apt/sources.list.d/docker.list #删除之前的源
sudo apt-get update # 更新apt 目录index
#新版方法
ls /etc/apt/trusted.gpg.d/
sudo rm /etc/apt/trusted.gpg.d/docker-archive-keyring.gpg
sudo rm /etc/apt/sources.list.d/docker.list
sudo apt-get update2、添加阿里云docker apt源
bash
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/docker-archive-keyring.gpg
echo "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
#将 GPG 密钥存储在 /usr/share/keyrings/ 目录下,而不是 /etc/apt/trusted.gpg.d/ 目录下,这是因为新的推荐方法是使用 signed-by 选项将特定的密钥与特定的存储库关联起来。这种方法比将所有密钥存储在 /etc/apt/trusted.gpg.d/ 目录下更安全,因为它减少了一个密钥对多个存储库的信任范围。
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/nullansible-playbook方式实现
yaml
# 任务2:添加 Docker 的 GPG 密钥
# state: present # apt 模块会检查指定的软件包是否已经安装,如果尚未安装,则会安装它,如果已经安装,则>不会进行任何操作
- name: Add Docker GPG key
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
state: present
# 任务3:添加 Docker 软件包源
- name: Add Docker repository
apt_repository:
repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable
state: present
yaml
---
- name: Setup Docker and Kubernetes Repositories from Aliyun
hosts: localhost
become: yes
tasks:
- name: Add Docker GPG key from Aliyun
ansible.builtin.get_url:
url: https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg
dest: /usr/share/keyrings/docker-archive-keyring.gpg
- name: Add Docker repository from Aliyun
ansible.builtin.apt_repository:
repo: "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/ubuntu {{ ansible_distribution_release }} stable"
state: present
filename: docker
- name: Add Kubernetes GPG key from Aliyun
ansible.builtin.get_url:
url: https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg
dest: /usr/share/keyrings/kubernetes-archive-keyring.gpg
- name: Add Kubernetes repository from Aliyun
ansible.builtin.apt_repository:
repo: "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main"
state: present
filename: kubernetes
- name: Update apt cache
ansible.builtin.apt:
update_cache: yes