--- - hosts: all vars_files: - ../vars/zuul.yml roles: - configure-ephemeral tasks: - name: Create dir for kolla logs file: path: "{{ kolla_logs_dir }}" state: directory - name: Dump host info to logs command: "{{ ansible_user_dir }}/{{ zuul.project.src_dir }}/tools/dump_info.sh" args: chdir: "{{ kolla_logs_dir }}" - name: Create dir for kolla build logs file: path: "{{ kolla_build_logs_dir }}" state: directory - name: Install Python3 pip and setuptools package: name: - python3-pip - python3-setuptools become: true # NOTE(hrw): On RedHat systems venv is part of python3-libs - name: Install Python3 venv on Debian systems package: name: - python3-venv become: true when: ansible_os_family == "Debian" - name: Create virtualenv command: python3 -m venv {{ virtualenv_path }} - name: Install kolla command: "{{ virtualenv_path }}/bin/python -m pip install {{ zuul.project.src_dir }}" - name: Install docker python library command: "{{ virtualenv_path }}/bin/python -m pip install 'docker<7'" when: container_engine == "docker" - name: Install podman python library command: "{{ virtualenv_path }}/bin/python -m pip install podman rich" when: container_engine == "podman" - name: Configure Docker repo for Debian/Ubuntu block: - name: Add key for Docker APT repository apt_key: url: "{{ nodepool_docker_proxy }}/{{ ansible_distribution | lower }}/gpg" state: present - name: Add Docker APT repository apt_repository: repo: "deb {{ nodepool_docker_proxy }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable" state: present - name: Ensure AppArmor is installed package: name: apparmor state: present when: - ansible_os_family == "Debian" - container_engine == "docker" become: true - name: Configure Docker repo for CentOS block: - name: Add Docker repository yum_repository: name: docker description: Docker baseurl: "{{ nodepool_docker_proxy }}/centos/9/$basearch/stable" enabled: yes gpgcheck: yes gpgkey: "{{ nodepool_docker_proxy }}/centos/gpg" # module_hotfixes: True # enabled below (dnf, not yum, feature) - name: Enable module_hotfixes in Docker YUM repository lineinfile: path: /etc/yum.repos.d/docker.repo line: 'module_hotfixes=True' when: - ansible_os_family == "RedHat" - container_engine == "docker" become: true - name: Configure docker block: - name: Ensure /etc/docker exists become: true file: path: /etc/docker state: directory mode: 0755 - name: Configure registry-mirror in daemon.json become: true copy: dest: /etc/docker/daemon.json content: | { "registry-mirrors": [ "http://{{ zuul_site_mirror_fqdn }}:8082/" ] } # NOTE(yoctozepto): We configure Docker before installing it because Debuntu starts services # during installation. - name: Install Docker package: name: docker-ce become: true - name: Ensure Docker service is started service: name: docker state: started become: true - name: Ensure Docker socket is world-writable file: path: /run/docker.sock mode: 0666 become: true when: - container_engine == "docker" - name: Configure podman block: - name: Ensure /etc/containers exists become: true file: path: /etc/containers state: directory mode: 0755 - name: Configure registries.conf become: true copy: dest: /etc/containers/registries.conf content: | unqualified-search-registries = ['docker.io'] [[registry]] prefix = "docker.io" location = "docker.io" [[registry.mirror]] prefix = "docker.io" location = "{{ zuul_site_mirror_fqdn }}:8082" - name: Add libcontainers repo for newer buildah on Ubuntu 22.04 ansible.builtin.apt_repository: repo: deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04/ / filename: kubic-libcontainers state: present become: true when: ansible_distribution == "Ubuntu" and ansible_distribution_release == "jammy" - name: Install Podman package: name: podman become: true # NOTE(jangutter): It appears that the default mount option # in the shipped `/etc/containers/storage.conf` for EL9 based distros # (Rocky, CentOS Stream, ...) has severe performance implications for # Kolla builds. This is because enabling `metacopy=on` disables `Native # Overlay Diff` This can be removed if the config is dropped from those # distros, or the underlying incompatibility can somehow be addressed. # Debian based distros do not ship `storage.conf` and seem # to be unaffected. - name: Remove metacopy, enable native overlay diff ini_file: path: /etc/containers/storage.conf section: storage.options.overlay option: mountopt value: '"nodev"' become: true when: ansible_os_family == "RedHat" - name: Ensure Podman service is started service: name: podman state: started become: true - name: Ensure Podman socket is world-writable file: path: /run/podman/podman.sock mode: 0666 become: true when: - container_engine == "podman"