Rename the files tasks.

According to the documentation[1] rename the tasks files to respect the
new structure. To respect the pattern do the same for the specific
podman files.

We still keep some symbolic links with the old names, but we should
remove these once we update the usage in tripleo-heat-templates.

[1] https://docs.openstack.org/tripleo-ansible/latest/standalone-roles-playbooks.html

Change-Id: I31bb5c2902f5061d6fda74c17cd3df4de4f06c82
This commit is contained in:
Daniel Bengtsson 2022-11-18 18:08:28 +01:00 committed by Takashi Kajinami
parent 285391fb4d
commit 0692c49525
18 changed files with 215 additions and 212 deletions

View File

@ -22,4 +22,4 @@
- name: Configure podman and include insecure registries
include_role:
name: tripleo_podman
tasks_from: tripleo_podman_install.yml
tasks_from: install.yml

View File

@ -25,7 +25,7 @@
- name: Configure tripleo_podman
import_role:
name: tripleo_podman
tasks_from: tripleo_podman_configure.yml
tasks_from: configure.yml
tags:
- tripleo_podman
- name: Manage tripleo container services

View File

@ -70,7 +70,7 @@
- name: Install tripleo_podman
import_role:
name: tripleo_podman
tasks_from: tripleo_podman_install.yml
tasks_from: install.yml
tags:
- tripleo_podman
- name: Install tripleo_sshd

View File

@ -21,7 +21,7 @@
- name: Run install
include_role:
name: tripleo_podman
tasks_from: tripleo_podman_install.yml
tasks_from: install.yml
vars_from: "redhat.yml"
# https://bugs.launchpad.net/bugs/1889510
- name: Test podman network ls

View File

@ -26,7 +26,7 @@
tasks:
- include_role:
name: tripleo_podman
tasks_from: tripleo_podman_login.yml
tasks_from: login.yml
- include_role:
name: tripleo_podman
tasks_from: tripleo_podman_buildah_login.yml
tasks_from: buildah_login.yml

View File

@ -87,5 +87,5 @@
- name: Run install
include_role:
name: tripleo_podman
tasks_from: tripleo_podman_install.yml
tasks_from: install.yml
vars_from: "redhat.yml"

View File

@ -14,8 +14,8 @@
# License for the specific language governing permissions and limitations
# under the License.
- name: Import tripleo_podman_login.yml tasks
import_tasks: tripleo_podman_login.yml
- name: Import login.yml tasks
import_tasks: login.yml
- name: Configure tripleo_container_manage to generate systemd drop-in dependencies
copy:
dest: /etc/sysconfig/podman_drop_in

View File

@ -0,0 +1,137 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Load vars id needed
when: tripleo_podman_packages is undefined or tripleo_podman_packages|length == 0
import_tasks: load_vars.yaml
- name: Install block
become: true
block:
- name: ensure podman and deps are installed
package:
name: "{{ tripleo_podman_packages }}"
state: present
- name: Ensure we get the ansible interfaces facts
when:
- ansible_facts['interfaces'] is undefined
setup:
gather_subset:
- '!all'
- '!min'
- 'network'
filter: 'ansible_interfaces'
- name: Delete legacy cni0 interface (podman < 1.6)
command: ip link delete cni0
when:
- '"cni0" in ansible_facts["interfaces"]'
# don't update the network config if the network is already running
# meaning cni-podman0 is running somewhere
- name: Update default network configuration if possible
block:
- name: Make sure /etc/cni/net.d folder exists
file:
path: /etc/cni/net.d
state: directory
recurse: true
mode: 0755
owner: root
group: root
- name: Update default network configuration if possible
copy:
dest: /etc/cni/net.d/87-podman-bridge.conflist
content: "{{ tripleo_podman_default_network_config | to_json }}"
mode: '0644'
owner: root
group: root
when:
- '"cni-podman0" not in ansible_facts["interfaces"]'
- tripleo_container_default_network_backend == 'cni'
- name: Update netavark container network configuration
block:
- name: Make sure /etc/containers/networks exists
file:
path: /etc/containers/networks
state: directory
recurse: true
mode: 0755
owner: root
group: root
- name: Get current podman network
shell: |
podman network inspect podman
register: podman_network_inspect
- name: Update the default network configuration
template:
src: podman_network_config.j2
dest: /etc/containers/networks/podman.json
mode: '0644'
owner: root
group: root
when:
- podman_network_inspect is not skipped
when:
- tripleo_container_default_network_backend == 'netavark'
- name: Write containers registries.conf
template:
src: registries.conf.j2
dest: /etc/containers/registries.conf
owner: root
group: root
setype: etc_t
mode: '0644'
- name: Write containers.conf
ini_file:
path: /etc/containers/containers.conf
owner: root
group: root
setype: etc_t
mode: '0644'
create: true
section: "{{ item.section }}"
option: "{{ item.option }}"
value: "{{ item.value }}"
loop:
- section: containers
option: pids_limit
value: "{{ tripleo_container_default_pids_limit }}"
- section: engine
option: events_logger
value: "\"{{ tripleo_container_events_logger_mechanism }}\""
- section: engine
option: runtime
value: "\"{{ tripleo_container_default_runtime }}\""
- section: engine
option: infra_image
value: "\"{{ tripleo_container_default_infra_image }}\""
- section: network
option: network_backend
value: "\"{{ tripleo_container_default_network_backend }}\""
- name: Enable podman.socket service
when:
- tripleo_podman_enable_socket | bool
systemd:
name: podman.socket
state: started
enabled: true

View File

@ -0,0 +1,30 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Perform container registry login(s) with podman
become: true
shell: |-
podman login --username=$REGISTRY_USERNAME \
--password=$REGISTRY_PASSWORD \
$REGISTRY
environment:
REGISTRY_USERNAME: "{{ lookup('dict', item.value).key }}"
REGISTRY_PASSWORD: "{{ lookup('dict', item.value).value }}"
REGISTRY: "{{ item.key }}"
no_log: "{{ tripleo_podman_hide_sensitive_logs | bool }}"
loop: "{{ query('dict', tripleo_container_registry_logins) }}"
register: registry_login_podman

View File

@ -18,22 +18,22 @@
import_tasks: load_vars.yaml
- name: Podman install
import_tasks: tripleo_podman_install.yml
import_tasks: install.yml
- name: Rsyslog configuration
import_tasks: tripleo_podman_rsyslog.yml
import_tasks: rsyslog.yml
- name: Podman purge
import_tasks: tripleo_podman_purge.yml
import_tasks: purge.yml
- name: Podman install
import_tasks: tripleo_podman_login.yml
import_tasks: login.yml
when:
- tripleo_container_registry_login | bool
- tripleo_container_registry_logins
- name: Buildah setup
import_tasks: tripleo_podman_buildah_login.yml
import_tasks: buildah_login.yml
when:
- tripleo_podman_buildah_login | bool
- tripleo_container_registry_login | bool

View File

@ -0,0 +1,31 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Podman image prune
become: true
block:
- name: Clean podman images
command: podman image prune -a -f
rescue:
# In case -f isn't available yet, we fallback to old way.
# https://bugs.launchpad.net/tripleo/+bug/1889418
- name: Clean podman images
command: podman image prune -a
- name: Clean podman volumes
become: true
command: podman volume prune -f

View File

@ -1,137 +0,0 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Load vars id needed
when: tripleo_podman_packages is undefined or tripleo_podman_packages|length == 0
import_tasks: load_vars.yaml
- name: Install block
become: true
block:
- name: ensure podman and deps are installed
package:
name: "{{ tripleo_podman_packages }}"
state: present
- name: Ensure we get the ansible interfaces facts
when:
- ansible_facts['interfaces'] is undefined
setup:
gather_subset:
- '!all'
- '!min'
- 'network'
filter: 'ansible_interfaces'
- name: Delete legacy cni0 interface (podman < 1.6)
command: ip link delete cni0
when:
- '"cni0" in ansible_facts["interfaces"]'
# don't update the network config if the network is already running
# meaning cni-podman0 is running somewhere
- name: Update default network configuration if possible
block:
- name: Make sure /etc/cni/net.d folder exists
file:
path: /etc/cni/net.d
state: directory
recurse: true
mode: 0755
owner: root
group: root
- name: Update default network configuration if possible
copy:
dest: /etc/cni/net.d/87-podman-bridge.conflist
content: "{{ tripleo_podman_default_network_config | to_json }}"
mode: '0644'
owner: root
group: root
when:
- '"cni-podman0" not in ansible_facts["interfaces"]'
- tripleo_container_default_network_backend == 'cni'
- name: Update netavark container network configuration
block:
- name: Make sure /etc/containers/networks exists
file:
path: /etc/containers/networks
state: directory
recurse: true
mode: 0755
owner: root
group: root
- name: Get current podman network
shell: |
podman network inspect podman
register: podman_network_inspect
- name: Update the default network configuration
template:
src: podman_network_config.j2
dest: /etc/containers/networks/podman.json
mode: '0644'
owner: root
group: root
when:
- podman_network_inspect is not skipped
when:
- tripleo_container_default_network_backend == 'netavark'
- name: Write containers registries.conf
template:
src: registries.conf.j2
dest: /etc/containers/registries.conf
owner: root
group: root
setype: etc_t
mode: '0644'
- name: Write containers.conf
ini_file:
path: /etc/containers/containers.conf
owner: root
group: root
setype: etc_t
mode: '0644'
create: true
section: "{{ item.section }}"
option: "{{ item.option }}"
value: "{{ item.value }}"
loop:
- section: containers
option: pids_limit
value: "{{ tripleo_container_default_pids_limit }}"
- section: engine
option: events_logger
value: "\"{{ tripleo_container_events_logger_mechanism }}\""
- section: engine
option: runtime
value: "\"{{ tripleo_container_default_runtime }}\""
- section: engine
option: infra_image
value: "\"{{ tripleo_container_default_infra_image }}\""
- section: network
option: network_backend
value: "\"{{ tripleo_container_default_network_backend }}\""
- name: Enable podman.socket service
when:
- tripleo_podman_enable_socket | bool
systemd:
name: podman.socket
state: started
enabled: true

View File

@ -0,0 +1 @@
install.yml

View File

@ -1,30 +0,0 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Perform container registry login(s) with podman
become: true
shell: |-
podman login --username=$REGISTRY_USERNAME \
--password=$REGISTRY_PASSWORD \
$REGISTRY
environment:
REGISTRY_USERNAME: "{{ lookup('dict', item.value).key }}"
REGISTRY_PASSWORD: "{{ lookup('dict', item.value).value }}"
REGISTRY: "{{ item.key }}"
no_log: "{{ tripleo_podman_hide_sensitive_logs | bool }}"
loop: "{{ query('dict', tripleo_container_registry_logins) }}"
register: registry_login_podman

View File

@ -0,0 +1 @@
login.yml

View File

@ -1,31 +0,0 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Podman image prune
become: true
block:
- name: Clean podman images
command: podman image prune -a -f
rescue:
# In case -f isn't available yet, we fallback to old way.
# https://bugs.launchpad.net/tripleo/+bug/1889418
- name: Clean podman images
command: podman image prune -a
- name: Clean podman volumes
become: true
command: podman volume prune -f

View File

@ -0,0 +1 @@
purge.yml