cluster/k3s-cluster/ansible/common/install-docker.yml

# command: ansible-playbook -i config/<target manifest>.ini common/install-docker.yml
---
- name: Install Docker and Test
  hosts: all
  become: true
  become_method: sudo

  tasks:
    - name: Ensure required apt packages are installed
      ansible.builtin.apt:
        name:
          - apt-transport-https
          - ca-certificates
          - curl
          - gnupg
          - lsb-release
        state: present
        update_cache: yes

    - name: Ensure gpg is installed
      ansible.builtin.apt:
        name: gpg
        state: present

    - name: Remove old Docker keyring files if present
      ansible.builtin.file:
        path: "{{ item }}"
        state: absent
      loop:
        - /usr/share/keyrings/docker-archive-keyring.gpg
        - /usr/share/keyrings/docker-archive-keyring.gpg.asc

    - name: Download Docker's official GPG key (ASCII)
      ansible.builtin.get_url:
        url: https://download.docker.com/linux/ubuntu/gpg
        dest: /usr/share/keyrings/docker-archive-keyring.gpg.asc
        mode: '0644'
        force: yes

    - name: Convert Docker GPG key to binary format
      ansible.builtin.command: >
        gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg /usr/share/keyrings/docker-archive-keyring.gpg.asc

    - name: Add Docker repository if not present (modern method)
      ansible.builtin.apt_repository:
        repo: "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable"
        state: present
        filename: docker

    - name: Update apt cache after adding Docker repo
      ansible.builtin.apt:
        update_cache: yes

    - name: Check if Docker is already installed
      ansible.builtin.command: docker --version
      register: docker_check
      ignore_errors: true
      changed_when: false

    - name: Install Docker Engine
      ansible.builtin.apt:
        name:
          - docker-ce
          - docker-ce-cli
          - containerd.io
        state: present
      when: docker_check.rc != 0

    - name: Check Docker version (post-install)
      ansible.builtin.command: docker --version
      register: docker_version
      changed_when: false

    - name: Show Docker version
      ansible.builtin.debug:
        var: docker_version.stdout

    - name: Run hello-world container to test Docker
      ansible.builtin.command: docker run --name hello-test --rm hello-world
      register: hello_world_output
      changed_when: false

    - name: Show hello-world output
      ansible.builtin.debug:
        var: hello_world_output.stdout