efb8b8bd27
In the Train cycle, Kolla Ansible added support for docker_custom_config, and writes out configuration to /etc/docker/daemon.json. This will conflict with Kayobe's configuration of that file, and changes made by kayobe will be reversed when kolla-ansible bootstrap-servers is run. This change uses the new variable to pass daemon.json configuration through to kolla ansible. Because the ordering has changed, we also need to separate out the devicemapper setup and run this prior to starting docker. Change-Id: Idc3fa9fefd8242ef9db76d4d773885e3594b453a Depends-On: https://review.opendev.org/691001 Story: 2006764 Task: 37277
74 lines
2.4 KiB
YAML
74 lines
2.4 KiB
YAML
---
|
|
- name: Set a fact about the virtualenv on the remote system
|
|
set_fact:
|
|
virtualenv: "{{ ansible_python_interpreter | dirname | dirname }}"
|
|
when:
|
|
- ansible_python_interpreter is defined
|
|
- not ansible_python_interpreter.startswith('/bin/')
|
|
- not ansible_python_interpreter.startswith('/usr/bin/')
|
|
|
|
- name: Ensure docker SDK for python is installed
|
|
pip:
|
|
name: docker
|
|
state: latest
|
|
extra_args: "{% if docker_upper_constraints_file %}-c {{ docker_upper_constraints_file }}{% endif %}"
|
|
virtualenv: "{{ virtualenv is defined | ternary(virtualenv, omit) }}"
|
|
become: "{{ virtualenv is not defined }}"
|
|
|
|
- name: Ensure user is in the docker group
|
|
user:
|
|
name: "{{ ansible_user_id }}"
|
|
groups: docker
|
|
append: yes
|
|
register: group_result
|
|
become: True
|
|
|
|
# After adding the user to the docker group, we need to log out and in again to
|
|
# pick up the group membership. We do this by removing the SSH ControlPersist
|
|
# connection.
|
|
|
|
# NOTE: Ideally we'd use a meta task with the reset_connection option but due
|
|
# to https://github.com/ansible/ansible/issues/27520 this does not work
|
|
# (checked in Ansible 2.3.2.0). Instead, we use the heavy handed method of
|
|
# removing all ansible control sockets. Limitation: if this user is running
|
|
# another ansible process, we will kill its connections.
|
|
- name: Find persistent SSH connection control sockets
|
|
local_action:
|
|
module: find
|
|
file_type: any
|
|
path: "~/.ansible/cp/"
|
|
patterns: '[a-f0-9]{10}'
|
|
use_regex: True
|
|
register: cp_sockets
|
|
run_once: True
|
|
when:
|
|
- group_result is changed
|
|
|
|
- name: Drop all persistent SSH connections to activate the new group membership
|
|
local_action:
|
|
module: shell ssh -O stop None -o ControlPath={{ item.path }}
|
|
with_items: "{{ cp_sockets.files }}"
|
|
run_once: True
|
|
when: cp_sockets is not skipped
|
|
|
|
- name: Ensure Docker daemon is started
|
|
service:
|
|
name: docker
|
|
state: started
|
|
become: True
|
|
|
|
- name: Ensure the path for CA file for private registry exists
|
|
file:
|
|
path: "/etc/docker/certs.d/{{ docker_registry }}"
|
|
state: directory
|
|
become: True
|
|
when: docker_registry is not none and docker_registry_ca is not none
|
|
|
|
- name: Ensure the CA file for private registry exists
|
|
copy:
|
|
src: "{{ docker_registry_ca }}"
|
|
dest: "/etc/docker/certs.d/{{ docker_registry }}/ca.crt"
|
|
become: True
|
|
when: docker_registry is not none and docker_registry_ca is not none
|
|
notify: reload docker service
|