heat_template_version: rocky description: > Configures podman on the host parameters: DockerInsecureRegistryAddress: description: Optional. The IP Address and Port of an insecure docker namespace that will be configured in /etc/sysconfig/docker. The value can be multiple addresses separated by commas. type: comma_delimited_list default: [] EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json conditions: insecure_registry_is_empty: {equals : [{get_param: DockerInsecureRegistryAddress}, []]} outputs: role_data: description: Role data for the podman service value: service_name: podman config_settings: {} step_config: '' host_prep_tasks: - name: Install and configure Podman block: - set_fact: container_registry_insecure_registries: if: - insecure_registry_is_empty - [] - {get_param: DockerInsecureRegistryAddress} - name: ensure podman and deps are installed package: name: podman state: latest - name: Remove default cni config for cni0 copy: dest: /etc/cni/net.d/87-podman-bridge.conflist content: '' force: yes - name: Delete cni0 interface if exists command: ip link delete cni0 ignore_errors: True - name: configure insecure registries /etc/containers/registries.conf ini_file: path: /etc/containers/registries.conf section: 'registries.insecure' option: registries value: "{{ container_registry_insecure_registries }}" when: container_registry_insecure_registries | length > 0 service_config_settings: {} upgrade_tasks: - name: Install podman packages on upgrade if missing when: step|int == 3 package: name=podman state=latest - name: Remove default cni config for cni0 copy: dest: /etc/cni/net.d/87-podman-bridge.conflist content: '' force: yes - name: Delete cni0 interface if exists command: ip link delete cni0 ignore_errors: True post_upgrade_tasks: - name: Purge everything about Docker on the host when: step|int == 3 block: - name: Check if docker has some data stat: path: /var/lib/docker register: docker_path_stat - name: Purge Docker when: docker_path_stat.stat.exists block: - name: Ensure docker service is running systemd: name: docker register: docker_service_state - name: Run docker system prune shell: docker system prune -a -f when: docker_service_state.status['SubState'] == 'running' - name: Stop and disable Docker service when: docker_service_state.status['SubState'] == 'running' systemd: name: docker state: stopped enabled: no - name: Uninstall Docker rpm package: name: docker state: absent - name: Get the list of directory mounted under /var/lib/docker/ orderer. shell: | mount | awk '/\/var\/lib\/docker\/[^/]+\// {print $3}'; mount | awk '/\/var\/lib\/docker\/[^/]+$/ {print $3}'; register: unmounted_dirs - name: Unmount those directories mount: path: "{{ item }}" state: unmounted loop: "{{ unmounted_dirs.stdout_lines }}" - name: Purge /var/lib/docker file: path: /var/lib/docker state: absent