zuul/zuul-jobs
Code Issues Proposed changes

ensure-docker: ensure docker.socket is stopped

Browse Source 
On Centos8, during the docker-ce installation, the docker.socket service
is start with a bogus state:

docker.socket: Socket unit configuration has changed while unit has been running, no open socket file descriptor left. The socket unit is not functional until restarted.

Later, when the `Assure docker service is running` task tries to start
the service, it fails with the following error:

dockerd[29743]: failed to load listeners: no sockets found via socket activation: make sure the service was started by systemd

Example:
https://0c7366f2ce9149f2de0c-399b55a396b5093070500a70ecbf09b9.ssl.cf1.rackcdn.com/410/c233496b96c70cfc6204e75d10116a96b08d4663/check/ansible-test-sanity-docker/787388f/ara-report/index.html

Another example: https://github.com/kata-containers/tests/issues/3103

Also: Remove use of kubectl --generator=run-pod/v1

This has been deprecated since 1.17 and removed since 1.20. run-pod wound
up being the only generator that did anything, so this parameter became a
no-op. This has to be squashed into this commit to unbreak the gate.

Change-Id: I666046fe2a3aa079643092c71573803851a67be2
This commit is contained in:
Gonéri Le Bouder 2021-04-20 13:09:43 -04:00 committed by Monty Taylor
parent 90c103eaad
commit 2bb9b4995a
4 changed files with 38 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
roles/ensure-docker/handlers/main.yaml
View File

@ -1,4 +1,11 @@
--- ---
- name: Stop docker.socket to avoid any conflict
become: true
service:
name: docker.socket
enabled: yes
state: stopped
listen: Restart docker
- name: Assure docker service is running - name: Assure docker service is running
become: true become: true
@ -8,6 +15,14 @@
state: started state: started
listen: Restart docker listen: Restart docker
- name: Assure docker.socket service is running
become: true
service:
name: docker.socket
enabled: yes
state: started
listen: Restart docker
- name: Correct group ownership on docker sock - name: Correct group ownership on docker sock
become: true become: true
file: file:

23
roles/ensure-docker/tasks/docker-setup.yaml
View File

@ -36,13 +36,28 @@
mtu: 1400 mtu: 1400
update_json_file_become: true update_json_file_become: true
- name: Get the status of the docket.socket unit
command: systemctl is-failed docker.socket # noqa command-instead-of-module
failed_when: false
become: true
register: _docker_socket_status
- name: Get the status of the docket unit
command: systemctl is-failed docker # noqa command-instead-of-module
failed_when: false
become: true
register: _docker_status
- name: Restart docker - name: Restart docker
when: >- when: >-
(docker_userland_proxy is defined) or (docker_userland_proxy is defined) or
(ansible_default_ipv4.mtu < 1500) (ansible_default_ipv4.mtu < 1500) or
service: (_docker_socket_status.stdout != 'active') or
name: docker (_docker_socket_status.stdout != 'active')
state: restarted debug:
msg: 'Trigger a Docker restart'
changed_when: true
notify: Restart docker
- name: Reset ssh connection to pick up docker group - name: Reset ssh connection to pick up docker group
meta: reset_connection meta: reset_connection

4
test-playbooks/registry/buildset-registry-k8s-crio.yaml
View File

@ -17,7 +17,7 @@
retries: 5 retries: 5
delay: 30 delay: 30
- name: Run a local test pod - name: Run a local test pod
command: kubectl run --generator=run-pod/v1 --image=quay.io/zuul/quay-testimage quaytest command: kubectl run --image=quay.io/zuul/quay-testimage quaytest
- name: Wait for the pod to be ready - name: Wait for the pod to be ready
command: kubectl wait --for=condition=Ready pod/quaytest --timeout=60s command: kubectl wait --for=condition=Ready pod/quaytest --timeout=60s
- name: Check the output of the pod - name: Check the output of the pod
@ -26,7 +26,7 @@
warn: false warn: false
- name: Run a remote test pod - name: Run a remote test pod
command: kubectl run --generator=run-pod/v1 --image=docker.io/debian:testing upstream-dockertest --command -- /bin/bash -c 'echo Upstream; sleep infinity' command: kubectl run --image=docker.io/debian:testing upstream-dockertest --command -- /bin/bash -c 'echo Upstream; sleep infinity'
- name: Wait for the pod to be ready - name: Wait for the pod to be ready
command: kubectl wait --for=condition=Ready pod/upstream-dockertest --timeout=60s command: kubectl wait --for=condition=Ready pod/upstream-dockertest --timeout=60s
- name: Check the output of the pod - name: Check the output of the pod

4
test-playbooks/registry/buildset-registry-k8s-docker.yaml
View File

@ -11,7 +11,7 @@
retries: 5 retries: 5
delay: 30 delay: 30
- name: Run a local test pod - name: Run a local test pod
command: kubectl run --generator=run-pod/v1 --image=zuul/docker-testimage dockertest command: kubectl run --image=zuul/docker-testimage dockertest
- name: Wait for the pod to be ready - name: Wait for the pod to be ready
command: kubectl wait --for=condition=Ready pod/dockertest --timeout=60s command: kubectl wait --for=condition=Ready pod/dockertest --timeout=60s
- name: Check the output of the pod - name: Check the output of the pod
@ -20,7 +20,7 @@
warn: false warn: false
- name: Run a remote test pod - name: Run a remote test pod
command: kubectl run --generator=run-pod/v1 --image=debian:testing upstream-dockertest --command -- /bin/bash -c 'echo Upstream; sleep infinity' command: kubectl run --image=debian:testing upstream-dockertest --command -- /bin/bash -c 'echo Upstream; sleep infinity'
- name: Wait for the pod to be ready - name: Wait for the pod to be ready
command: kubectl wait --for=condition=Ready pod/upstream-dockertest --timeout=60s command: kubectl wait --for=condition=Ready pod/upstream-dockertest --timeout=60s
- name: Check the output of the pod - name: Check the output of the pod