openstack/tripleo-heat-templates
Code Issues Proposed changes
d20f609334
tripleo-heat-templates/deployment/podman/podman-baremetal-ansible.yaml
Jose Luis Franco Arza a8ec699416 Clean up leftover mount point after docker stop. 
Some mountpoints are left on the host after docker shut down.  This
seems to be an issue with docker, but couldn't trace it back to a
specific docker bug.

In the meantime to unblock the upgrade CI we make sure that every
mount point under /var/lib/docker are umounted before deleting that
directory.

Note that we need to keep the order right, so that we do a depth first
list so that umount can do leaves before root.

Closes-Bug: #1826375
Co-Authored-By: Sofer Athlan-Guyot <sathlang@redhat.com>

Change-Id: I03a065556caca4385bb8b28be0dfbe21addbf003
2019-05-07 10:15:52 +02:00

134 lines
4.7 KiB
YAML
Raw Blame History

heat_template_version: rocky
description: >
Configures podman on the host
parameters:
DockerInsecureRegistryAddress:
description: Optional. The IP Address and Port of an insecure docker
namespace that will be configured in /etc/sysconfig/docker.
The value can be multiple addresses separated by commas.
type: comma_delimited_list
default: []
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
conditions:
insecure_registry_is_empty: {equals : [{get_param: DockerInsecureRegistryAddress}, []]}
outputs:
role_data:
description: Role data for the podman service
value:
service_name: podman
config_settings: {}
step_config: ''
host_prep_tasks:
- name: Install and configure Podman
block:
- set_fact:
container_registry_insecure_registries:
if:
- insecure_registry_is_empty
- []
- {get_param: DockerInsecureRegistryAddress}
- name: ensure podman and deps are installed
package:
name: podman
state: latest
- name: Remove default cni config for cni0
copy:
dest: /etc/cni/net.d/87-podman-bridge.conflist
content: ''
force: yes
- name: Delete cni0 interface if exists
command: ip link delete cni0
ignore_errors: True
- name: configure insecure registries /etc/containers/registries.conf
ini_file:
path: /etc/containers/registries.conf
section: 'registries.insecure'
option: registries
value: "{{ container_registry_insecure_registries }}"
when: container_registry_insecure_registries | length > 0
service_config_settings: {}
upgrade_tasks:
- name: Install podman packages on upgrade if missing
when: step|int == 3
package: name=podman state=latest
- name: Remove default cni config for cni0
copy:
dest: /etc/cni/net.d/87-podman-bridge.conflist
content: ''
force: yes
- name: Delete cni0 interface if exists
command: ip link delete cni0
ignore_errors: True
post_upgrade_tasks:
- name: Purge everything about Docker on the host
when: step|int == 3
block:
- name: Check if docker has some data
stat:
path: /var/lib/docker
register: docker_path_stat
- name: Purge Docker
when: docker_path_stat.stat.exists
block:
- name: Ensure docker service is running
systemd:
name: docker
register: docker_service_state
- name: Run docker system prune
shell: docker system prune -a -f
when: docker_service_state.status['SubState'] == 'running'
- name: Stop and disable Docker service
when: docker_service_state.status['SubState'] == 'running'
systemd:
name: docker
state: stopped
enabled: no
- name: Uninstall Docker rpm
package:
name: docker
state: absent
- name: Get the list of directory mounted under /var/lib/docker/ orderer.
shell: |
mount | awk '/\/var\/lib\/docker\/[^/]+\// {print $3}';
mount | awk '/\/var\/lib\/docker\/[^/]+$/ {print $3}';
register: unmounted_dirs
- name: Unmount those directories
mount:
path: "{{ item }}"
state: unmounted
loop: "{{ unmounted_dirs.stdout_lines }}"
- name: Purge /var/lib/docker
file:
path: /var/lib/docker
state: absent
View Git Blame Copy Permalink