Use upstream ensure-docker role instead of docker-install

Change-Id: I2d83a02d1520efd90d68df940ac0f045785101b5
Signed-off-by: Andrii Ostapenko <andrii.ostapenko@att.com>
This commit is contained in:
Andrii Ostapenko 2021-11-01 17:54:32 -06:00
parent b20403332b
commit ebc4d99215
No known key found for this signature in database
GPG Key ID: F3E83668DBB223B3
12 changed files with 11 additions and 238 deletions

View File

@ -13,5 +13,5 @@
- hosts: all
become: yes
roles:
- docker-install
- ensure-docker
- aiap-build-images

View File

@ -13,5 +13,5 @@
- hosts: all
become: yes
roles:
- docker-install
- ensure-docker
- aiap-publish-images

View File

@ -30,7 +30,7 @@
- name: docker install
include_role:
name: docker-install
name: ensure-docker
- name: install kustomize
include_role:

View File

@ -13,5 +13,5 @@
- hosts: all
become: yes
roles:
- docker-install
- ensure-docker
- airshipctl-build-images

View File

@ -12,4 +12,4 @@
- hosts: all
roles:
- docker-install
- ensure-docker

View File

@ -12,7 +12,7 @@
- hosts: primary
roles:
- docker-install
- ensure-docker
- install-kubectl
tasks:
- name: "Build and install airshipctl"

View File

@ -13,5 +13,5 @@
- hosts: all
become: yes
roles:
- docker-install
- ensure-docker
- airshipctl-publish-images

View File

@ -1,28 +0,0 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
docker_config_path: "/etc/docker"
docker_config_log_driver: "journald"
docker_config_log_opts: {}
docker_config: |
{
"log-driver": "{{ docker_config_log_driver }}",
"log-opts": {{ docker_config_log_opts | to_json }}
}
proxy:
enabled: false
http:
https:
noproxy:

View File

@ -1,173 +0,0 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
- name: Ensure older docker versions are removed
become: yes
package:
name:
- docker
- docker-engine
- docker.io
- containerd
- runc
state: absent
- name: Ensure docker support packages are present
become: yes
package:
name:
- apt-transport-https
- ca-certificates
- curl
- gnupg
- lsb-release
update_cache: yes
state: latest
- name: Add Docker GPG apt key
become: yes
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
keyring: /usr/share/keyrings/docker-archive-keyring.gpg
state: present
- name: Get DEB architecture
shell: dpkg --print-architecture
register: deb_architecture
- name: Add Docker Repository
become: yes
apt_repository:
repo: deb [arch={{ deb_architecture.stdout }} signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable
filename: docker
state: present
- name: Ensure docker packages are present
become: yes
package:
name:
- docker-ce
- docker-ce-cli
- containerd.io
update_cache: yes
state: latest
- name: Ensure docker group exists
group:
name: docker
state: present
- name: Add user "{{ ansible_user }}" to docker group
become: yes
user:
name: "{{ ansible_user }}"
groups:
- docker
append: yes
- name: Reset ssh connection to add docker group to user
meta: reset_connection
ignore_errors: true
- block:
- name: Create docker service directory
file:
path: /etc/systemd/system/docker.service.d/
state: directory
mode: '0755'
- name: Configure proxy for docker service if enabled
template:
src: http-proxy-conf.j2
dest: /etc/systemd/system/docker.service.d/http-proxy.conf
when: proxy.enabled|bool == true
become: yes
- name: Create docker config directory
file:
path: "{{ docker_config_path }}"
state: directory
mode: '0755'
become: yes
- name: Debug zuul site mirror var
debug:
msg:
- "zuul_site_mirror_fqdn: {{ zuul_site_mirror_fqdn | default('NONE') }}"
ignore_errors: yes
- name: Set docker_config variable
set_fact:
docker_config_file: "{{ docker_config_path }}/daemon.json"
- name: Check if docker config file exists
stat:
path: "{{ docker_config_file }}"
register: res
# Avoid long if/then/else blocks here below, pretend that config exists
- name: Create empty docker config if it doesn't exist
copy:
content: "{}"
dest: "{{ docker_config_file }}"
when: not res.stat.exists
become: yes
- name: Get current docker configuration
command: "cat {{ docker_config_file }}"
register: res
- name: Get current docker configuration as json
set_fact:
default_docker_conf: "{{ res.stdout | from_json }}"
- name: Debug current docker configuration
debug:
var: default_docker_conf
- name: Merge default and custom configuration
set_fact:
merged_docker_config: "{{ default_docker_conf | combine(docker_config) }}"
- name: Debug merged docker configuration
debug:
var: merged_docker_config
- name: Add container images mirror configuration
set_fact:
merged_docker_config: "{{ merged_docker_config | combine({ 'registry-mirrors': [ 'http://' + zuul_site_mirror_fqdn + ':8082' ] })}}"
when: zuul_site_mirror_fqdn is defined
- name: Debug merged docker configuration
debug:
var: merged_docker_config
- name: Save merged docker daemon configuration
copy:
content: "{{ merged_docker_config | to_nice_json }}"
dest: "{{ docker_config_file }}"
become: yes
- name: Start docker
become: yes
systemd:
name: docker
state: restarted
daemon_reload: yes
enabled: true
- name: Change group ownership on docker socket
become: yes
file:
path: /var/run/docker.sock
group: docker

View File

@ -1,4 +0,0 @@
[Service]
Environment="HTTP_PROXY={{ proxy.http }}"
Environment="HTTPS_PROXY={{ proxy.https }}"
Environment="NO_PROXY={{ proxy.noproxy }}"

View File

@ -1,25 +0,0 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: install docker
include_role:
name: docker-install
- name: check if docker is installed
shell: "docker version"
register: docker_version
- name: verify docker is installed
assert:
that:
- docker_version.rc == 0

View File

@ -44,5 +44,8 @@ else
sudo pip3 --proxy "${http_proxy}" install $PACKAGES
fi
# zuul-jobs provides ensure-docker role available by default in zuul
ansible-galaxy install git+https://opendev.org/zuul/zuul-jobs.git -p "${AIRSHIPCTL_WS}/../zuul-jobs"
echo "primary ansible_host=localhost ansible_connection=local ansible_python_interpreter=/usr/bin/python3" > "$ANSIBLE_HOSTS"
printf "[defaults]\nroles_path = %s/roles\n" "$AIRSHIPCTL_WS" > "$ANSIBLE_CFG"
printf "[defaults]\nroles_path = %s/roles:zuul-jobs/roles\n" "$AIRSHIPCTL_WS" > "$ANSIBLE_CFG"