Browse Source

Merge "Support Docker CE in bootstrap-servers"

tags/8.0.0.0b1
Zuul 4 months ago
parent
commit
69666b6665

+ 2
- 1
ansible/kolla-host.yml View File

@@ -3,7 +3,8 @@
3 3
 
4 4
 - name: Apply role baremetal
5 5
   hosts: baremetal
6
-  gather_facts: no
6
+  serial: '{{ kolla_serial|default("0") }}'
7
+  gather_facts: false
7 8
   roles:
8 9
     - { role: baremetal,
9 10
         tags: baremetal }

+ 50
- 8
ansible/roles/baremetal/defaults/main.yml View File

@@ -1,10 +1,52 @@
1 1
 ---
2
-docker_apt_url: "{{ 'http://obs.linaro.org/ERP:/17.12/Debian_9' if ansible_architecture == 'aarch64' else 'https://apt.dockerproject.org' }}"
3
-docker_apt_key_file: "{{ 'Release.key' if ansible_architecture == 'aarch64' else 'gpg' }}"
4
-docker_apt_key_id: "{{ 'C32DA102AD89C2BE' if ansible_architecture == 'aarch64' else 'F76221572C52609D' }}"
5
-
6
-docker_yum_url: "https://yum.dockerproject.org"
7
-docker_gpg_fingerprint: "58118E89F3A912897C070ADBF76221572C52609D"
2
+# Whether to enable a package repository for Docker.
3
+enable_docker_repo: true
4
+
5
+# Whether to use the legacy Docker packages at dockerproject.org instead of the
6
+# newer packages at docker.com.
7
+docker_legacy_packages: false
8
+
9
+# Docker APT repository configuration.
10
+docker_apt_url: "{% if docker_legacy_packages | bool %}{{ docker_legacy_apt_url }}{% else %}{{ docker_new_apt_url }}{% endif %}"
11
+docker_apt_repo: "{% if docker_legacy_packages | bool %}{{ docker_legacy_apt_repo }}{% else %}{{ docker_new_apt_repo }}{% endif %}"
12
+docker_apt_key_file: "{% if docker_legacy_packages | bool %}{{ docker_legacy_apt_key_file }}{% else %}{{ docker_new_apt_key_file }}{% endif %}"
13
+docker_apt_key_id: "{% if docker_legacy_packages | bool %}{{ docker_legacy_apt_key_id }}{% else %}{{ docker_new_apt_key_id }}{% endif %}"
14
+docker_apt_package: "{% if docker_legacy_packages | bool %}{{ docker_legacy_apt_package }}{% else %}{{ docker_new_apt_package }}{% endif %}"
15
+
16
+# Docker APT repository configuration when docker_legacy_packages is false.
17
+docker_new_apt_url: "https://download.docker.com/linux/{{ ansible_distribution | lower }}"
18
+docker_new_apt_repo: "deb {{ docker_new_apt_url }} {{ ansible_lsb.codename }} stable"
19
+docker_new_apt_key_file: "gpg"
20
+docker_new_apt_key_id: "0EBFCD88"
21
+docker_new_apt_package: "docker-ce"
22
+
23
+# Docker APT repository configuration when docker_legacy_packages is true.
24
+docker_legacy_apt_url: "{{ 'http://obs.linaro.org/ERP:/17.12/Debian_9' if ansible_architecture == 'aarch64' else 'https://apt.dockerproject.org' }}"
25
+docker_legacy_apt_repo: "{{ docker_legacy_apt_repo_aarch64 if ansible_architecture == 'aarch64' else docker_legacy_apt_repo_x86_64 }}"
26
+docker_legacy_apt_repo_x86_64: "deb {{ docker_apt_url }}/repo {{ ansible_distribution | lower }}-{{ ansible_distribution_release | lower }} main"
27
+docker_legacy_apt_repo_aarch64: "deb {{ docker_apt_url }} ./"
28
+docker_legacy_apt_key_file: "{{ 'Release.key' if ansible_architecture == 'aarch64' else 'gpg' }}"
29
+docker_legacy_apt_key_id: "{{ 'C32DA102AD89C2BE' if ansible_architecture == 'aarch64' else 'F76221572C52609D' }}"
30
+docker_legacy_apt_package: "{{ 'docker-ce' if ansible_architecture == 'aarch64' else 'docker-engine=1.12.*' }}"
31
+
32
+# Docker Yum repository configuration.
33
+docker_yum_url: "{% if docker_legacy_packages | bool %}{{ docker_legacy_yum_url }}{% else %}{{ docker_new_yum_url }}{% endif %}"
34
+docker_yum_baseurl: "{% if docker_legacy_packages | bool %}{{ docker_legacy_yum_baseurl }}{% else %}{{ docker_new_yum_baseurl }}{% endif %}"
35
+docker_yum_gpgkey: "{% if docker_legacy_packages | bool %}{{ docker_legacy_yum_gpgkey }}{% else %}{{ docker_new_yum_gpgkey }}{% endif %}"
36
+docker_yum_gpgcheck: true
37
+docker_yum_package: "{% if docker_legacy_packages | bool %}{{ docker_legacy_yum_package }}{% else %}{{ docker_new_yum_package }}{% endif %}"
38
+
39
+# Docker Yum repository configuration when docker_legacy_packages is false.
40
+docker_new_yum_url: "https://download.docker.com/linux/{{ ansible_distribution | lower }}"
41
+docker_new_yum_baseurl: "{{ docker_yum_url }}/{{ ansible_distribution_major_version | lower }}/$basearch/stable"
42
+docker_new_yum_gpgkey: "{{ docker_yum_url }}/gpg"
43
+docker_new_yum_package: "docker-ce"
44
+
45
+# Docker Yum repository configuration when docker_legacy_packages is true.
46
+docker_legacy_yum_url: "https://yum.dockerproject.org"
47
+docker_legacy_yum_baseurl: "{{ docker_legacy_yum_url }}/repo/main/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version | lower }}"
48
+docker_legacy_yum_gpgkey: "{{ docker_legacy_yum_url }}/gpg"
49
+docker_legacy_yum_package: "docker-engine-1.12.0"
8 50
 
9 51
 customize_etc_hosts: True
10 52
 
@@ -27,14 +69,14 @@ docker_custom_option: ""
27 69
 docker_runtime_directory: ""
28 70
 
29 71
 debian_pkg_install:
30
- - "{{ 'docker-ce' if ansible_architecture == 'aarch64' else 'docker-engine=1.12.*' }}"
72
+ - "{{ docker_apt_package }}"
31 73
  - git
32 74
  - python-setuptools
33 75
  - ntp
34 76
 
35 77
 redhat_pkg_install:
36 78
  - epel-release
37
- - docker-engine-1.12.0
79
+ - "{{ docker_yum_package }}"
38 80
  - git
39 81
  - python-setuptools
40 82
  - ntp

+ 48
- 2
ansible/roles/baremetal/tasks/install.yml View File

@@ -5,6 +5,12 @@
5 5
   become: True
6 6
   when: ansible_os_family == 'Debian'
7 7
 
8
+- name: Update yum cache
9
+  yum:
10
+    update_cache: yes
11
+  become: True
12
+  when: ansible_os_family == 'RedHat'
13
+
8 14
 # TODO(inc0): Gates don't seem to have ufw executable, check for it instead of ignore errors
9 15
 - name: Set firewall default policy
10 16
   become: True
@@ -32,6 +38,17 @@
32 38
     - ansible_os_family == 'RedHat'
33 39
     - firewalld_check.rc == 0
34 40
 
41
+# Upgrading docker engine may cause containers to stop. Take a snapshot of the
42
+# running containers prior to a potential upgrade of Docker.
43
+
44
+- name: Check which containers are running
45
+  command: docker ps -f 'status=running' -q
46
+  become: true
47
+  # If Docker is not installed this command may exit non-zero.
48
+  failed_when: false
49
+  changed_when: false
50
+  register: running_containers
51
+
35 52
 - name: Install apt packages
36 53
   package:
37 54
     name: "{{ item }}"
@@ -39,6 +56,7 @@
39 56
   become: True
40 57
   with_items: "{{ debian_pkg_install }}"
41 58
   when: ansible_os_family == 'Debian'
59
+  register: apt_install_result
42 60
 
43 61
 - name: Install deltarpm packages
44 62
   package:
@@ -56,6 +74,30 @@
56 74
   become: True
57 75
   with_items: "{{ redhat_pkg_install }}"
58 76
   when: ansible_os_family == 'RedHat'
77
+  register: yum_install_result
78
+
79
+# If any packages were updated, and any containers were running, wait for the
80
+# daemon to come up and start all previously running containers.
81
+
82
+- block:
83
+    - name: Wait for Docker to start
84
+      command: docker info
85
+      become: true
86
+      changed_when: false
87
+      register: result
88
+      until: result is success
89
+      retries: 6
90
+      delay: 10
91
+
92
+    - name: Ensure containers are running after Docker upgrade
93
+      command: "docker start {{ running_containers.stdout }}"
94
+      become: true
95
+  when:
96
+    - install_result is changed
97
+    - running_containers.rc == 0
98
+    - running_containers.stdout != ''
99
+  vars:
100
+    install_result: "{{ yum_install_result if ansible_os_family == 'RedHat' else apt_install_result }}"
59 101
 
60 102
 - name: Install virtualenv packages
61 103
   package:
@@ -94,7 +136,9 @@
94 136
     state: absent
95 137
   with_items: "{{ ubuntu_pkg_removals }}"
96 138
   become: True
97
-  when: ansible_distribution|lower == "ubuntu"
139
+  when:
140
+    - ansible_distribution|lower == "ubuntu"
141
+    - item != ""
98 142
 
99 143
 - name: Remove packages
100 144
   package:
@@ -102,4 +146,6 @@
102 146
     state: absent
103 147
   with_items: "{{ redhat_pkg_removals }}"
104 148
   become: True
105
-  when: ansible_os_family == 'RedHat'
149
+  when:
150
+    - ansible_os_family == 'RedHat'
151
+    - item != ""

+ 55
- 54
ansible/roles/baremetal/tasks/pre-install.yml View File

@@ -47,64 +47,65 @@
47 47
   become: True
48 48
   when: create_kolla_user | bool
49 49
 
50
-- name: Install apt packages
51
-  apt:
52
-    update_cache: yes
53
-  become: True
54
-  when: ansible_os_family == 'Debian'
50
+- block:
51
+    - block:
52
+        - name: Install apt packages
53
+          apt:
54
+            update_cache: yes
55
+          become: True
55 56
 
56
-- name: Install ca certs
57
-  package:
58
-    name: "{{ item }}"
59
-    state: latest
60
-  become: True
61
-  with_items:
62
-    - ca-certificates
63
-    - apt-transport-https
64
-  when:
65
-    - ansible_os_family == 'Debian'
57
+        - name: Install ca certs
58
+          package:
59
+            name: "{{ item }}"
60
+            state: latest
61
+          become: True
62
+          with_items:
63
+            - ca-certificates
64
+            - apt-transport-https
66 65
 
67
-- name: Ensure apt sources list directory exists
68
-  file:
69
-    path: /etc/apt/sources.list.d
70
-    state: directory
71
-    recurse: yes
72
-  become: True
73
-  when: ansible_os_family == 'Debian'
66
+        - name: Ensure apt sources list directory exists
67
+          file:
68
+            path: /etc/apt/sources.list.d
69
+            state: directory
70
+            recurse: yes
71
+          become: True
74 72
 
75
-- name: Enable docker repo apt
76
-  template:
77
-    src: docker_apt_repo.j2
78
-    dest: /etc/apt/sources.list.d/docker.list
79
-  become: True
80
-  when: ansible_os_family == 'Debian'
73
+        - name: Install docker apt gpg key
74
+          apt_key:
75
+            url: "{{ docker_apt_url }}/{{ docker_apt_key_file }}"
76
+            id: "{{ docker_apt_key_id }}"
77
+            state: present
78
+          become: True
81 79
 
82
-- name: Install docker apt gpg key
83
-  apt_key:
84
-    url: "{{ docker_apt_url }}/{{ docker_apt_key_file }}"
85
-    id: "{{ docker_apt_key_id }}"
86
-    state: present
87
-  become: True
88
-  when: ansible_os_family == 'Debian'
80
+        - name: Enable docker apt repository
81
+          apt_repository:
82
+            repo: "{{ docker_apt_repo }}"
83
+            filename: docker
84
+          become: True
85
+      when: ansible_os_family == 'Debian'
89 86
 
90
-- name: Ensure yum repos directory exists
91
-  file:
92
-    path: /etc/yum.repos.d/
93
-    state: directory
94
-    recurse: yes
95
-  become: True
96
-  when: ansible_os_family == 'RedHat'
87
+    - block:
88
+        - name: Ensure yum repos directory exists
89
+          file:
90
+            path: /etc/yum.repos.d/
91
+            state: directory
92
+            recurse: yes
93
+          become: True
97 94
 
98
-- name: Enable docker repo yum
99
-  become: True
100
-  template:
101
-    src: docker_yum_repo.j2
102
-    dest: /etc/yum.repos.d/docker.repo
103
-  when: ansible_os_family == 'RedHat'
95
+        - name: Enable docker yum repository
96
+          yum_repository:
97
+            name: docker
98
+            description: Docker main Repository
99
+            baseurl: "{{ docker_yum_baseurl }}"
100
+            gpgcheck: "{{ docker_yum_gpgcheck | bool }}"
101
+            gpgkey: "{{ docker_yum_gpgkey }}"
102
+          become: True
104 103
 
105
-- name: Install docker rpm gpg key
106
-  rpm_key:
107
-    state: present
108
-    key: "{{ docker_yum_url }}/gpg"
109
-  become: True
110
-  when: ansible_os_family == 'RedHat'
104
+        - name: Install docker rpm gpg key
105
+          rpm_key:
106
+            state: present
107
+            key: "{{ docker_yum_url }}/gpg"
108
+          become: True
109
+          when: docker_yum_gpgcheck | bool
110
+      when: ansible_os_family == 'RedHat'
111
+  when: enable_docker_repo | bool

+ 0
- 6
ansible/roles/baremetal/templates/docker_apt_repo.j2 View File

@@ -1,6 +0,0 @@
1
-{% if ansible_architecture == 'aarch64' %}
2
-deb {{ docker_apt_url }} ./
3
-{% else %}
4
-# main docker repo
5
-deb {{ docker_apt_url }}/repo {{ ansible_distribution | lower }}-{{ ansible_distribution_release | lower }} main
6
-{% endif %}

+ 0
- 6
ansible/roles/baremetal/templates/docker_yum_repo.j2 View File

@@ -1,6 +0,0 @@
1
-[docker-repo]
2
-name=Docker main Repository
3
-baseurl={{ docker_yum_url }}/repo/main/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version | lower }}
4
-enabled=1
5
-gpgcheck=1
6
-gpgkey={{ docker_yum_url }}/gpg

+ 23
- 0
releasenotes/notes/docker-ce-722582da41cf6cd3.yaml View File

@@ -0,0 +1,23 @@
1
+---
2
+features:
3
+  - |
4
+    Adds support for installing Docker Community Edition (CE) using the
5
+    ``kolla-ansible bootstrap-servers`` command.  Existing support uses the
6
+    legacy packages from https://dockerproject.org.  New packages are
7
+    distributed via https://download.docker.com, and that location is now
8
+    supported and used by default.  Use of the legacy packages is enabled by
9
+    setting the variable ``docker_legacy_packages`` to ``true``.
10
+
11
+    It is also now possible to skip configuration of the Docker repository, by
12
+    setting the variable ``enable_docker_repo`` to ``false``.
13
+upgrade:
14
+  - |
15
+    The default value for ``docker_legacy_packages`` is ``false``, which means
16
+    that the Docker Community Edition (CE) should be installed. If the
17
+    ``kolla-ansible bootstrap-servers`` command is used on a previously
18
+    deployed host that is running a legacy Docker engine, it would result in
19
+    the Docker engine being upgraded to use the Docker Community Edition
20
+    packages, which will result in a restart of the Docker engine and the
21
+    containers running on that host.  Use the ``kolla-ansible`` ``--serial`` or
22
+    ``--limit`` arguments to avoid losing quorum in clustered services such as
23
+    MariaDB by restarting all containers at once.

+ 1
- 1
tests/run.yml View File

@@ -98,7 +98,7 @@
98 98
 
99 99
     - name: create deamon.json for nodepool cache
100 100
       vars:
101
-        infra_dockerhub_mirror: "http://{{ zuul_site_mirror_fqdn }}:8081/registry-1.docker/"
101
+        infra_dockerhub_mirror: "http://{{ zuul_site_mirror_fqdn }}:8082/"
102 102
       template:
103 103
         src: "{{ kolla_ansible_full_src_dir }}/tests/templates/docker_daemon.json.j2"
104 104
         dest: "/etc/docker/daemon.json"

Loading…
Cancel
Save