openstack/ansible-role-container-registry
Code Issues Proposed changes
ansible-role-container-regi.../tasks/docker.yml
Chandan Kumar (raukadah) 57da8455f1 Remove CentOS 7 based job 
https://review.opendev.org/q/topic:ooo_c7_teardown is dropping
the c7 based jobs.

It also removes job definitions.

The last run https://zuul.openstack.org/builds?job_name=tripleo-ci-centos-7-undercloud-containers
was from 1 year ago.

We are removing these jobs as a part of ooo_c7_teardown[1].

Added py_modules=[] in setup.py to disable auto discovery
and fix linters job.

It also fixes tox molecule issues with no-changed-when
warning errors.

[1]. https://review.opendev.org/q/topic:ooo_c7_teardown

Signed-off-by: Chandan Kumar (raukadah) <chkumar@redhat.com>
Change-Id: I94d290321213ae0e097a9ac7d472878940edbafa
2022-05-02 11:14:01 +05:30

195 lines
6.1 KiB
YAML
Raw Blame History

---
# tasks file for ansible-role-container-registry
# NOTE(mfedosin): In order to verify that we have already configured docker
# we add a line `# Configured by Ansible container registry role` in
# /etc/sysconfig/docker config file when initial configuration is done,
# and check its existence later.
- name: Check that the configuration mark exists in /etc/sysconfig/docker
command: grep -Fq "# Configured by Ansible container registry role" /etc/sysconfig/docker
register: is_configured
check_mode: false
failed_when: false
changed_when: false
- name: configure docker registry block
when: not container_registry_skip_reconfiguration or is_configured.rc != 0
become: true
block:
# NOTE(aschultz): LP#1750194 - need to set ip_forward before docker starts
# so lets set it before we install the package if we're managing it.
- name: enable net.ipv4.ip_forward
sysctl:
name: net.ipv4.ip_forward
value: 1
sysctl_set: yes
state: present
reload: yes
# NOTE(aschultz): LP#1765121 - need to check that we don't have any ftype=0
# volumes because other wise docker is very unhappy
- name: Check if there are XFS volumes with ftype=0
shell: |
for dev in $(df -h | grep '/dev/' | grep -v 'tmp' | cut -d' ' -f1)
do
parseftype=$(xfs_info $dev | grep ftype=0);
if [[ ! -z "$parseftype" ]]; then
ftype="ftype=0";
break;
fi
done
echo $ftype;
register: ftype
changed_when: false
- name: Check ftype
fail:
msg: >
XFS volumes formatted using ftype=0 are incompatible
with the docker overlayfs driver.
when:
- not ansible_check_mode
- ftype.stdout == 'ftype=0'
- include_tasks: install-engine.yml
- name: manage /etc/systemd/system/docker.service.d
file:
path: /etc/systemd/system/docker.service.d
state: directory
mode: '0755'
when: ansible_facts['service_mgr'] == 'systemd'
- name: unset mountflags
ini_file:
path: /etc/systemd/system/docker.service.d/99-unset-mountflags.conf
section: Service
option: MountFlags
value: '""'
create: yes
mode: '0644'
register: _cfg_flags
when: ansible_facts['service_mgr'] == 'systemd'
- name: configure OPTIONS in /etc/sysconfig/docker
lineinfile:
path: /etc/sysconfig/docker
regexp: '^OPTIONS='
line: "OPTIONS='{{ _full_docker_options }}'"
create: yes
mode: '0644'
register: _cfg_options
- name: configure INSECURE_REGISTRY in /etc/sysconfig/docker
lineinfile:
path: /etc/sysconfig/docker
regexp: '^INSECURE_REGISTRY='
line: "INSECURE_REGISTRY='{{ registry_flags }}'"
mode: '0644'
when: container_registry_insecure_registries | length > 0
register: _cfg_insecure
vars:
registry_flags: --insecure-registry {{ container_registry_insecure_registries | join(' --insecure-registry ') }}
- name: Create additional socket directories
file:
path: "{{ item | dirname }}"
state: directory
mode: '0755'
register: _cfg_sockets
with_items: "{{ container_registry_additional_sockets }}"
when: container_registry_additional_sockets | length > 0
- name: manage /etc/docker/daemon.json
template:
src: docker-daemon.json.j2
dest: /etc/docker/daemon.json
mode: '0644'
register: _cfg_daemon
- name: configure DOCKER_STORAGE_OPTIONS in /etc/sysconfig/docker-storage
lineinfile:
path: /etc/sysconfig/docker-storage
regexp: '^DOCKER_STORAGE_OPTIONS='
line: "DOCKER_STORAGE_OPTIONS=' {{ container_registry_storage_options }}'"
create: yes
mode: '0644'
when: container_registry_storage_options | length > 0
register: _cfg_storage
- name: configure DOCKER_NETWORK_OPTIONS in /etc/sysconfig/docker-network
lineinfile:
path: /etc/sysconfig/docker-network
regexp: '^DOCKER_NETWORK_OPTIONS='
line: "DOCKER_NETWORK_OPTIONS=' {{ container_registry_network_options }}'"
create: yes
mode: '0644'
when: container_registry_network_options | length > 0
register: _cfg_network
- name: ensure docker group exists
group:
name: docker
state: present
register: _cfg_group
- name: add deployment user to docker group
user:
name: "{{ container_registry_deployment_user }}"
groups: docker
append: yes
register: _cfg_user
when: container_registry_deployment_user | length > 0
- name: reset ssh connection to pick up docker group
meta: reset_connection
when: _cfg_group is changed or _cfg_user is changed
- name: Handle docker restart
when:
- (_cfg_flags is changed
or _cfg_options is changed
or _cfg_insecure is changed
or _cfg_sockets is changed
or _cfg_daemon is changed
or _cfg_storage is changed
or _cfg_network is changed
or _cfg_group is changed
or _cfg_user is changed)
block:
- name: Reload systemd
systemd:
daemon_reload: yes
become: true
when:
- ansible_facts['service_mgr'] == 'systemd'
- _cfg_flags is changed
- name: Reload docker
service:
name: docker
enabled: true
state: restarted
become: true
- name: Pause while Docker restarts
shell: sleep 10
changed_when: false
- name: Wait for docker
command: /usr/bin/docker images
register: docker_ready
retries: 10
delay: 5
until: docker_ready.rc == 0
changed_when: false
- name: mark docker configured
lineinfile:
path: /etc/sysconfig/docker
line: "# Configured by Ansible container registry role"
insertafter: "^# /etc/sysconfig/docker$"
create: yes
mode: '0644'
View Git Blame Copy Permalink