83e0d00404
If you do the following: * Install legacy Docker (1.12.0) using kolla-ansible bootstrap-servers with the Rocky release or earlier. * Update to Docker CE, using kolla-ansible bootstrap-servers with the Stein release or later The package is upgraded, but docker is stopped. This prevents the 'Wait for Docker to start' task from completing, since Docker will not start. Seen on CentOS 7.6, Docker CE 19.03.4. This was tested and working previously, perhaps something changed with the Docker package. This change fixes the issue by starting and enabling Docker after the upgrade. Change-Id: If6e9c91f3e8d0ec366eea7ca506c6d10dbf11c3a Closes-Bug: #1852066 (cherry picked from commit 82e58a7a5a66a2b4094f7f0bccf316f846f3243b)
165 lines
4.0 KiB
YAML
165 lines
4.0 KiB
YAML
---
|
|
- name: Update apt cache
|
|
apt:
|
|
update_cache: yes
|
|
become: True
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
# TODO(inc0): Gates don't seem to have ufw executable, check for it instead of ignore errors
|
|
- name: Set firewall default policy
|
|
become: True
|
|
ufw:
|
|
state: disabled
|
|
policy: allow
|
|
when: ansible_os_family == 'Debian'
|
|
ignore_errors: yes
|
|
|
|
- name: Check if firewalld is installed
|
|
command: rpm -q firewalld
|
|
register: firewalld_check
|
|
changed_when: false
|
|
failed_when: firewalld_check.rc > 1
|
|
args:
|
|
warn: false
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
- name: Disable firewalld
|
|
become: True
|
|
service:
|
|
name: "{{ item }}"
|
|
enabled: false
|
|
state: stopped
|
|
with_items:
|
|
- firewalld
|
|
when:
|
|
- ansible_os_family == 'RedHat'
|
|
- firewalld_check.rc == 0
|
|
|
|
# Upgrading docker engine may cause containers to stop. Take a snapshot of the
|
|
# running containers prior to a potential upgrade of Docker.
|
|
|
|
- name: Check which containers are running
|
|
command: docker ps -f 'status=running' -q
|
|
become: true
|
|
# If Docker is not installed this command may exit non-zero.
|
|
failed_when: false
|
|
changed_when: false
|
|
register: running_containers
|
|
|
|
- name: Install apt packages
|
|
package:
|
|
name: "{{ item }}"
|
|
state: present
|
|
become: True
|
|
with_items: "{{ debian_pkg_install }}"
|
|
when:
|
|
- ansible_os_family == 'Debian'
|
|
- item != ""
|
|
register: apt_install_result
|
|
|
|
- name: Install deltarpm packages
|
|
package:
|
|
name: "{{ item }}"
|
|
state: present
|
|
update_cache: yes
|
|
become: True
|
|
with_items:
|
|
- deltarpm
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
- name: Install yum packages
|
|
package:
|
|
name: "{{ item }}"
|
|
state: present
|
|
update_cache: yes
|
|
become: True
|
|
with_items: "{{ redhat_pkg_install }}"
|
|
when:
|
|
- ansible_os_family == 'RedHat'
|
|
- item != ""
|
|
register: yum_install_result
|
|
|
|
# If any packages were updated, and any containers were running, wait for the
|
|
# daemon to come up and start all previously running containers.
|
|
|
|
- block:
|
|
# At some point (at least on CentOS 7) Docker CE stopped starting
|
|
# automatically after an upgrade from legacy docker . Start it manually.
|
|
- name: Start docker
|
|
service:
|
|
name: docker
|
|
state: started
|
|
enabled: yes
|
|
become: True
|
|
|
|
- name: Wait for Docker to start
|
|
command: docker info
|
|
become: true
|
|
changed_when: false
|
|
register: result
|
|
until: result is success
|
|
retries: 6
|
|
delay: 10
|
|
|
|
- name: Ensure containers are running after Docker upgrade
|
|
command: "docker start {{ running_containers.stdout }}"
|
|
become: true
|
|
when:
|
|
- install_result is changed
|
|
- running_containers.rc == 0
|
|
- running_containers.stdout != ''
|
|
vars:
|
|
install_result: "{{ yum_install_result if ansible_os_family == 'RedHat' else apt_install_result }}"
|
|
|
|
- name: Install virtualenv packages
|
|
package:
|
|
name: python-virtualenv
|
|
state: present
|
|
become: True
|
|
when: virtualenv is not none
|
|
|
|
- name: Install pip
|
|
easy_install:
|
|
name: pip
|
|
virtualenv: "{{ virtualenv is none | ternary(omit, virtualenv) }}"
|
|
virtualenv_site_packages: "{{ virtualenv is none | ternary(omit, virtualenv_site_packages) }}"
|
|
become: True
|
|
when: easy_install_available
|
|
|
|
- name: Install latest pip in the virtualenv
|
|
pip:
|
|
name: pip
|
|
state: latest
|
|
virtualenv: "{{ virtualenv }}"
|
|
virtualenv_site_packages: "{{ virtualenv_site_packages }}"
|
|
become: True
|
|
when: virtualenv is not none
|
|
|
|
- name: Install docker SDK for python
|
|
pip:
|
|
name: docker
|
|
state: latest
|
|
virtualenv: "{{ virtualenv is none | ternary(omit, virtualenv) }}"
|
|
virtualenv_site_packages: "{{ virtualenv is none | ternary(omit, virtualenv_site_packages) }}"
|
|
become: True
|
|
|
|
- name: Remove packages
|
|
package:
|
|
name: "{{ item }}"
|
|
state: absent
|
|
with_items: "{{ ubuntu_pkg_removals }}"
|
|
become: True
|
|
when:
|
|
- ansible_distribution|lower == "ubuntu"
|
|
- item != ""
|
|
|
|
- name: Remove packages
|
|
package:
|
|
name: "{{ item }}"
|
|
state: absent
|
|
with_items: "{{ redhat_pkg_removals }}"
|
|
become: True
|
|
when:
|
|
- ansible_os_family == 'RedHat'
|
|
- item != ""
|