---
- name: Update apt cache
apt:
update_cache: yes
become: True
when: ansible_os_family == 'Debian'
# TODO(inc0): Gates don't seem to have ufw executable, check for it instead of ignore errors
- name: Set firewall default policy
become: True
ufw:
state: disabled
policy: allow
when: ansible_os_family == 'Debian'
ignore_errors: yes
- name: Check if firewalld is installed
command: rpm -q firewalld
register: firewalld_check
changed_when: false
failed_when: firewalld_check.rc > 1
args:
warn: false
when: ansible_os_family == 'RedHat'
- name: Disable firewalld
become: True
service:
name: "{{ item }}"
enabled: false
state: stopped
with_items:
- firewalld
when:
- ansible_os_family == 'RedHat'
- firewalld_check.rc == 0
# Upgrading docker engine may cause containers to stop. Take a snapshot of the
# running containers prior to a potential upgrade of Docker.
- name: Check which containers are running
command: docker ps -f 'status=running' -q
become: true
# If Docker is not installed this command may exit non-zero.
failed_when: false
changed_when: false
register: running_containers
- name: Install apt packages
package:
name: "{{ (debian_pkg_install | join(' ')).split() }}"
state: present
become: True
when: ansible_os_family == 'Debian'
register: apt_install_result
- name: Install deltarpm packages
package:
name: drpm
state: present
update_cache: yes
become: True
when: ansible_os_family == 'RedHat'
- name: Install RPM packages
package:
name: "{{ (redhat_pkg_install | join(' ')).split() }}"
state: present
update_cache: yes
become: True
when: ansible_os_family == 'RedHat'
register: rpm_install_result
# If any packages were updated, and any containers were running, wait for the
# daemon to come up and start all previously running containers.
- block:
# At some point (at least on CentOS 7) Docker CE stopped starting
# automatically after an upgrade from legacy docker . Start it manually.
- name: Start docker
service:
name: docker
state: started
enabled: yes
become: True
- name: Wait for Docker to start
command: docker info
become: true
changed_when: false
register: result
until: result is success
retries: 6
delay: 10
- name: Ensure containers are running after Docker upgrade
command: "docker start {{ running_containers.stdout }}"
become: true
when:
- install_result is changed
- running_containers.rc == 0
- running_containers.stdout != ''
vars:
install_result: "{{ rpm_install_result if ansible_os_family == 'RedHat' else apt_install_result }}"
- name: Install latest pip in the virtualenv
pip:
# NOTE(hrw) pip 19.3 is first version complaining about being run with Python 2
name: pip>19.3
virtualenv: "{{ virtualenv }}"
virtualenv_site_packages: "{{ virtualenv_site_packages }}"
virtualenv_python: "python{{ host_python_version }}"
become: True
when: virtualenv is not none
- name: Install docker SDK for python
pip:
# NOTE(hrw) docker 2.4.2 is in kolla-ansible requirements
name: docker>=2.4.2
executable: "{{ virtualenv is none | ternary('pip3', omit) }}"
virtualenv: "{{ virtualenv is none | ternary(omit, virtualenv) }}"
virtualenv_site_packages: "{{ virtualenv is none | ternary(omit, virtualenv_site_packages) }}"
virtualenv_python: "{{ virtualenv is none | ternary(omit, 'python' ~ host_python_version) }}"
become: True
- name: Remove packages
package:
name: "{{ (ubuntu_pkg_removals | join(' ')).split() }}"
state: absent
become: True
when: ansible_distribution|lower == "ubuntu"
- name: Remove packages
package:
name: "{{ (redhat_pkg_removals | join(' ')).split() }}"
state: absent
become: True
when: ansible_os_family == 'RedHat'