Add multi-distro support to install-docker
This change adds the ability for the zuul provided role for docker installation to support multiple distros automatically. With this change the role will dynamically load variables based on the target operating system. While the default to install from upstream reamains unchanged, the role will now fall back to installing using the distro packages in the event there's is a fault with the upstream tasks or if an upstream task file has not been implemented. > stubbs for upstream implementation task files have been created. With this change the role will now support, debian (and family), opensuse, and red hat (and family). The upstream installation process is using the documented steps from upstream docker, as found here [0]. The default "ubuntu_gpg_key" as renamed to "docker_gpg_key" as its now used for more than one distro. The daemon.json.j2 template has been removed. This template was stored here but unused by this role. [0] https://docs.docker.com/install/linux/docker-ce/fedora/ Change-Id: Ie52444f8c62d6e2f86ce9ba1c17795dd9a6471d2 Signed-off-by: Kevin Carter <kecarter@redhat.com>
This commit is contained in:
parent
6d13ee475d
commit
f1f609e09c
@ -25,17 +25,40 @@ An ansible role to install docker and configure it to use mirrors if available.
|
||||
``stable``, which is the default and updates quarterly, and ``edge``
|
||||
which updates monthly.
|
||||
|
||||
.. zuul:rolevar:: docker_version
|
||||
:default: undefined
|
||||
|
||||
Declare this with the version of the docker package to install.
|
||||
Undefined will install the latest. This will look something like
|
||||
``18.06.1~ce~3-0~ubuntu``. Only supported when using upstream
|
||||
docker repos.
|
||||
|
||||
.. zuul:rolevar:: docker_insecure_registries
|
||||
:default: undefined
|
||||
|
||||
Declare this with a list of insecure registries to define the
|
||||
registries which are allowed to communicate with HTTP only or
|
||||
HTTPS with no valid certificate.
|
||||
|
||||
.. zuul:rolevar:: docker_gpg_key
|
||||
:default: string
|
||||
|
||||
The raw content of the upstream docker gpg key, as found here
|
||||
https://download.docker.com/linux/fedora/gpg
|
||||
|
||||
.. zuul:rolevar:: docker_distro_packages
|
||||
:default: list
|
||||
|
||||
List of packages to be installed when `use_upstream_docker` is set to
|
||||
**false**. The package set is defined by default using distro specific
|
||||
variables. If the package set needs to be changed this option can be
|
||||
overridden as needed.
|
||||
|
||||
.. zuul:rolevar:: docker_upstream_distro_required_packages
|
||||
:default: list
|
||||
|
||||
List of packages to be installed when `use_upstream_docker` is set to
|
||||
**true**. The package set is defined by default using distro specific
|
||||
variables and contains a list of supporting packages required to be
|
||||
installed prior to installing docker-ce. If the package set needs to
|
||||
be changed this option can be overridden as needed.
|
||||
|
||||
.. zuul:rolevar:: docker_upstream_distro_packages
|
||||
:default: list
|
||||
|
||||
List of packages to be installed when `use_upstream_docker` is set to
|
||||
**true**. The package set is defined by default using distro specific
|
||||
variables. If the package set needs to be changed this option can be
|
||||
overridden as needed.
|
||||
|
@ -1,7 +1,13 @@
|
||||
use_upstream_docker: True
|
||||
docker_group: docker
|
||||
# NOTE(cloudnull): Packages are loaded through distro specific variables.
|
||||
# The default option will return an empty list which
|
||||
# allows folks to override these lists as they see fit.
|
||||
docker_distro_packages: "{{ _docker_distro_packages | default([]) }}"
|
||||
docker_upstream_distro_packages: "{{ _docker_upstream_distro_packages | default([]) }}"
|
||||
docker_upstream_distro_required_packages: "{{ _docker_upstream_distro_required_packages | default([]) }}"
|
||||
docker_update_channel: stable
|
||||
ubuntu_gpg_key: |
|
||||
docker_gpg_key: |
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQINBFit2ioBEADhWpZ8/wvZ6hUTiXOwQHXMAlaFHcPH9hAtr4F1y2+OYdbtMuth
|
||||
|
83
roles/install-docker/files/docker-ce-centos.repo
Normal file
83
roles/install-docker/files/docker-ce-centos.repo
Normal file
@ -0,0 +1,83 @@
|
||||
[docker-ce-stable]
|
||||
name=Docker CE Stable - $basearch
|
||||
baseurl=https://download.docker.com/linux/centos/7/$basearch/stable
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/centos/gpg
|
||||
|
||||
[docker-ce-stable-debuginfo]
|
||||
name=Docker CE Stable - Debuginfo $basearch
|
||||
baseurl=https://download.docker.com/linux/centos/7/debug-$basearch/stable
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/centos/gpg
|
||||
|
||||
[docker-ce-stable-source]
|
||||
name=Docker CE Stable - Sources
|
||||
baseurl=https://download.docker.com/linux/centos/7/source/stable
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/centos/gpg
|
||||
|
||||
[docker-ce-edge]
|
||||
name=Docker CE Edge - $basearch
|
||||
baseurl=https://download.docker.com/linux/centos/7/$basearch/edge
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/centos/gpg
|
||||
|
||||
[docker-ce-edge-debuginfo]
|
||||
name=Docker CE Edge - Debuginfo $basearch
|
||||
baseurl=https://download.docker.com/linux/centos/7/debug-$basearch/edge
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/centos/gpg
|
||||
|
||||
[docker-ce-edge-source]
|
||||
name=Docker CE Edge - Sources
|
||||
baseurl=https://download.docker.com/linux/centos/7/source/edge
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/centos/gpg
|
||||
|
||||
[docker-ce-test]
|
||||
name=Docker CE Test - $basearch
|
||||
baseurl=https://download.docker.com/linux/centos/7/$basearch/test
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/centos/gpg
|
||||
|
||||
[docker-ce-test-debuginfo]
|
||||
name=Docker CE Test - Debuginfo $basearch
|
||||
baseurl=https://download.docker.com/linux/centos/7/debug-$basearch/test
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/centos/gpg
|
||||
|
||||
[docker-ce-test-source]
|
||||
name=Docker CE Test - Sources
|
||||
baseurl=https://download.docker.com/linux/centos/7/source/test
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/centos/gpg
|
||||
|
||||
[docker-ce-nightly]
|
||||
name=Docker CE Nightly - $basearch
|
||||
baseurl=https://download.docker.com/linux/centos/7/$basearch/nightly
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/centos/gpg
|
||||
|
||||
[docker-ce-nightly-debuginfo]
|
||||
name=Docker CE Nightly - Debuginfo $basearch
|
||||
baseurl=https://download.docker.com/linux/centos/7/debug-$basearch/nightly
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/centos/gpg
|
||||
|
||||
[docker-ce-nightly-source]
|
||||
name=Docker CE Nightly - Sources
|
||||
baseurl=https://download.docker.com/linux/centos/7/source/nightly
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/centos/gpg
|
83
roles/install-docker/files/docker-ce-fedora.repo
Normal file
83
roles/install-docker/files/docker-ce-fedora.repo
Normal file
@ -0,0 +1,83 @@
|
||||
[docker-ce-stable]
|
||||
name=Docker CE Stable - $basearch
|
||||
baseurl=https://download.docker.com/linux/fedora/$releasever/$basearch/stable
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/fedora/gpg
|
||||
|
||||
[docker-ce-stable-debuginfo]
|
||||
name=Docker CE Stable - Debuginfo $basearch
|
||||
baseurl=https://download.docker.com/linux/fedora/$releasever/debug-$basearch/stable
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/fedora/gpg
|
||||
|
||||
[docker-ce-stable-source]
|
||||
name=Docker CE Stable - Sources
|
||||
baseurl=https://download.docker.com/linux/fedora/$releasever/source/stable
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/fedora/gpg
|
||||
|
||||
[docker-ce-edge]
|
||||
name=Docker CE Edge - $basearch
|
||||
baseurl=https://download.docker.com/linux/fedora/$releasever/$basearch/edge
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/fedora/gpg
|
||||
|
||||
[docker-ce-edge-debuginfo]
|
||||
name=Docker CE Edge - Debuginfo $basearch
|
||||
baseurl=https://download.docker.com/linux/fedora/$releasever/debug-$basearch/edge
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/fedora/gpg
|
||||
|
||||
[docker-ce-edge-source]
|
||||
name=Docker CE Edge - Sources
|
||||
baseurl=https://download.docker.com/linux/fedora/$releasever/source/edge
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/fedora/gpg
|
||||
|
||||
[docker-ce-test]
|
||||
name=Docker CE Test - $basearch
|
||||
baseurl=https://download.docker.com/linux/fedora/$releasever/$basearch/test
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/fedora/gpg
|
||||
|
||||
[docker-ce-test-debuginfo]
|
||||
name=Docker CE Test - Debuginfo $basearch
|
||||
baseurl=https://download.docker.com/linux/fedora/$releasever/debug-$basearch/test
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/fedora/gpg
|
||||
|
||||
[docker-ce-test-source]
|
||||
name=Docker CE Test - Sources
|
||||
baseurl=https://download.docker.com/linux/fedora/$releasever/source/test
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/fedora/gpg
|
||||
|
||||
[docker-ce-nightly]
|
||||
name=Docker CE Nightly - $basearch
|
||||
baseurl=https://download.docker.com/linux/fedora/$releasever/$basearch/nightly
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/fedora/gpg
|
||||
|
||||
[docker-ce-nightly-debuginfo]
|
||||
name=Docker CE Nightly - Debuginfo $basearch
|
||||
baseurl=https://download.docker.com/linux/fedora/$releasever/debug-$basearch/nightly
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/fedora/gpg
|
||||
|
||||
[docker-ce-nightly-source]
|
||||
name=Docker CE Nightly - Sources
|
||||
baseurl=https://download.docker.com/linux/fedora/$releasever/source/nightly
|
||||
enabled=0
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.docker.com/linux/fedora/gpg
|
16
roles/install-docker/handlers/main.yml
Normal file
16
roles/install-docker/handlers/main.yml
Normal file
@ -0,0 +1,16 @@
|
||||
---
|
||||
|
||||
- name: Assure docker service is running
|
||||
become: yes
|
||||
service:
|
||||
name: docker
|
||||
enabled: yes
|
||||
state: started
|
||||
listen: Restart docker
|
||||
|
||||
- name: Correct group ownership on docker sock
|
||||
become: yes
|
||||
file:
|
||||
path: /var/run/docker.sock
|
||||
group: "{{ docker_group }}"
|
||||
listen: Restart docker
|
@ -1,5 +0,0 @@
|
||||
- name: Install docker
|
||||
become: yes
|
||||
package:
|
||||
name: docker.io
|
||||
state: present
|
@ -1,5 +0,0 @@
|
||||
- name: Install docker
|
||||
become: yes
|
||||
package:
|
||||
name: docker
|
||||
state: present
|
@ -1,23 +1,82 @@
|
||||
- name: Set up docker mirrors
|
||||
include_role:
|
||||
name: use-docker-mirror
|
||||
---
|
||||
|
||||
- name: Install docker-ce from upstream
|
||||
include: upstream.yaml
|
||||
when: use_upstream_docker
|
||||
|
||||
- name: Install docker from distro
|
||||
include_tasks: "{{ lookup('first_found', params) }}"
|
||||
vars:
|
||||
params:
|
||||
- name: Gather variables for each operating system
|
||||
include_vars: "{{ item }}"
|
||||
with_first_found:
|
||||
- skip: true
|
||||
files:
|
||||
- "{{ ansible_distribution }}.{{ ansible_architecture }}.yaml"
|
||||
- "{{ ansible_distribution }}.yaml"
|
||||
- "{{ ansible_os_family }}.yaml"
|
||||
- "default.yaml"
|
||||
paths:
|
||||
- distros
|
||||
when: not use_upstream_docker
|
||||
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yaml"
|
||||
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yaml"
|
||||
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yaml"
|
||||
- "{{ ansible_distribution | lower }}.yaml"
|
||||
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_version.split('.')[0] }}.yaml"
|
||||
- "{{ ansible_os_family | lower }}.yaml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- name: Sanity check for distro selection
|
||||
fail:
|
||||
msg: >-
|
||||
This role is not known to be compatible with this distro. Check the inventory and deployment
|
||||
target settings. Make sure facts are being gathered prior to executing this role.
|
||||
when:
|
||||
- not (docker_distro_vars_loaded | bool)
|
||||
|
||||
- name: Sanity check for distro install
|
||||
fail:
|
||||
msg: >-
|
||||
The docker distro package list contains no packages and the variable `use_upstream_docker`
|
||||
has been set to "{{ use_upstream_docker }}". To install docker at least one package will be
|
||||
required. Please check your settings.
|
||||
docker_distro_packages = {{ docker_distro_packages }}
|
||||
when:
|
||||
- (docker_distro_packages | length) < 1
|
||||
- not (use_upstream_docker | bool)
|
||||
|
||||
- name: Sanity check for upstream install
|
||||
fail:
|
||||
msg: >-
|
||||
The docker upstream package list contains no packages and the variable `use_upstream_docker`
|
||||
has been set to "{{ use_upstream_docker }}". To install docker at least one package will be
|
||||
required. Please check your settings.
|
||||
docker_upstream_distro_packages = {{ docker_upstream_distro_packages }}
|
||||
when:
|
||||
- (docker_upstream_distro_packages | length) < 1
|
||||
- use_upstream_docker | bool
|
||||
|
||||
- name: Upstream block
|
||||
when:
|
||||
- use_upstream_docker | bool
|
||||
block:
|
||||
- name: Set up docker mirrors
|
||||
include_role:
|
||||
name: use-docker-mirror
|
||||
|
||||
- name: Install docker-ce from upstream
|
||||
include_tasks: "upstream-{{ ansible_pkg_mgr }}.yaml"
|
||||
rescue:
|
||||
- name: Notice
|
||||
debug:
|
||||
msg: >-
|
||||
The upstream installation of docker has failed, falling back to the distro packages.
|
||||
|
||||
- name: Re-Set the use upstream flag
|
||||
set_fact:
|
||||
use_upstream_docker: false
|
||||
|
||||
- name: Install docker
|
||||
become: yes
|
||||
package:
|
||||
name: "{{ docker_distro_packages }}"
|
||||
state: present
|
||||
when:
|
||||
- not (use_upstream_docker | bool)
|
||||
notify: Assure docker service is running
|
||||
|
||||
- name: Ensure "docker" group exists
|
||||
group:
|
||||
name: "{{ docker_group }}"
|
||||
state: present
|
||||
|
||||
- name: Add user to docker group
|
||||
become: yes
|
||||
@ -27,23 +86,14 @@
|
||||
- "{{ docker_group }}"
|
||||
append: yes
|
||||
|
||||
- name: Assure docker service is running
|
||||
become: yes
|
||||
service:
|
||||
name: docker
|
||||
enabled: yes
|
||||
state: started
|
||||
|
||||
- name: Correct group ownership on docker sock
|
||||
become: yes
|
||||
file:
|
||||
path: /var/run/docker.sock
|
||||
group: "{{ docker_group }}"
|
||||
- name: Flush handlers before role exit
|
||||
meta: flush_handlers
|
||||
|
||||
- name: Reset ssh connection to pick up docker group
|
||||
meta: reset_connection
|
||||
|
||||
- name: Validate ability to talk with docker
|
||||
command: docker ps
|
||||
changed_when: false
|
||||
args:
|
||||
warn: no
|
||||
|
@ -1,18 +1,13 @@
|
||||
- name: Install pre-reqs
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
name: "{{ _docker_upstream_distro_required_packages }}"
|
||||
state: present
|
||||
with_items:
|
||||
- apt-transport-https
|
||||
- ca-certificates
|
||||
- curl
|
||||
- software-properties-common
|
||||
become: yes
|
||||
|
||||
- name: Add docker GPG key
|
||||
become: yes
|
||||
apt_key:
|
||||
data: "{{ ubuntu_gpg_key }}"
|
||||
data: "{{ docker_gpg_key }}"
|
||||
|
||||
# TODO(mordred) We should add a proxy cache mirror for this
|
||||
- name: Add docker apt repo
|
||||
@ -27,6 +22,7 @@
|
||||
- name: Install docker
|
||||
become: yes
|
||||
apt:
|
||||
name: "docker-ce{% if docker_version is defined %}={{ docker_version }}{% endif %}"
|
||||
name: "{{ docker_upstream_distro_packages }}"
|
||||
state: present
|
||||
update_cache: yes
|
||||
notify: Restart docker
|
1
roles/install-docker/tasks/upstream-dnf.yaml
Symbolic link
1
roles/install-docker/tasks/upstream-dnf.yaml
Symbolic link
@ -0,0 +1 @@
|
||||
upstream-yum.yaml
|
34
roles/install-docker/tasks/upstream-yum.yaml
Normal file
34
roles/install-docker/tasks/upstream-yum.yaml
Normal file
@ -0,0 +1,34 @@
|
||||
---
|
||||
|
||||
- name: Install pre-reqs
|
||||
package:
|
||||
name: "{{ _docker_upstream_distro_required_packages }}"
|
||||
state: present
|
||||
become: yes
|
||||
|
||||
- name: Create tmp gpg key file
|
||||
copy:
|
||||
content: "{{ docker_gpg_key }}"
|
||||
dest: /tmp/key.gpg
|
||||
|
||||
- name: Import gpg key
|
||||
rpm_key:
|
||||
state: present
|
||||
key: /tmp/key.gpg
|
||||
|
||||
# TODO(mordred) We should add a proxy cache mirror for this
|
||||
- name: Add docker repo
|
||||
become: yes
|
||||
copy:
|
||||
dest: /etc/yum.repos.d/docker-ce.repo
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: root
|
||||
src: "{{ docker_repo_template }}"
|
||||
|
||||
- name: Install docker
|
||||
become: yes
|
||||
package:
|
||||
name: "{{ docker_upstream_distro_packages }}"
|
||||
state: present
|
||||
notify: Restart docker
|
6
roles/install-docker/tasks/upstream-zypper.yaml
Normal file
6
roles/install-docker/tasks/upstream-zypper.yaml
Normal file
@ -0,0 +1,6 @@
|
||||
---
|
||||
|
||||
- name: Not Implemented
|
||||
fail:
|
||||
msg: >-
|
||||
This set of tasks has not been implemented.
|
@ -1,4 +0,0 @@
|
||||
{
|
||||
{% if docker_insecure_registries is defined -%}"insecure-registries": {{ docker_insecure_registries | to_json }},{% endif %}
|
||||
"registry-mirrors": ["{{ docker_mirror }}"]
|
||||
}
|
17
roles/install-docker/vars/debian.yaml
Normal file
17
roles/install-docker/vars/debian.yaml
Normal file
@ -0,0 +1,17 @@
|
||||
---
|
||||
|
||||
_docker_distro_packages:
|
||||
- docker.io
|
||||
|
||||
_docker_upstream_distro_required_packages:
|
||||
- apt-transport-https
|
||||
- ca-certificates
|
||||
- curl
|
||||
- software-properties-common
|
||||
|
||||
_docker_upstream_distro_packages:
|
||||
- docker-ce
|
||||
- docker-ce-cli
|
||||
- containerd.io
|
||||
|
||||
docker_distro_vars_loaded: true
|
16
roles/install-docker/vars/fedora.yaml
Normal file
16
roles/install-docker/vars/fedora.yaml
Normal file
@ -0,0 +1,16 @@
|
||||
---
|
||||
|
||||
_docker_distro_packages:
|
||||
- docker
|
||||
|
||||
_docker_upstream_distro_required_packages:
|
||||
- dnf-plugins-core
|
||||
|
||||
_docker_upstream_distro_packages:
|
||||
- docker-ce
|
||||
- docker-ce-cli
|
||||
- containerd.io
|
||||
|
||||
docker_repo_template: docker-ce-centos.repo
|
||||
|
||||
docker_distro_vars_loaded: true
|
3
roles/install-docker/vars/main.yaml
Normal file
3
roles/install-docker/vars/main.yaml
Normal file
@ -0,0 +1,3 @@
|
||||
---
|
||||
|
||||
docker_distro_vars_loaded: false
|
10
roles/install-docker/vars/opensuse.yaml
Normal file
10
roles/install-docker/vars/opensuse.yaml
Normal file
@ -0,0 +1,10 @@
|
||||
---
|
||||
|
||||
_docker_distro_packages:
|
||||
- docker
|
||||
|
||||
_docker_upstream_distro_required_packages: []
|
||||
|
||||
_docker_upstream_distro_packages: []
|
||||
|
||||
docker_distro_vars_loaded: true
|
18
roles/install-docker/vars/redhat.yaml
Normal file
18
roles/install-docker/vars/redhat.yaml
Normal file
@ -0,0 +1,18 @@
|
||||
---
|
||||
|
||||
_docker_distro_packages:
|
||||
- docker
|
||||
|
||||
_docker_upstream_distro_required_packages:
|
||||
- yum-utils
|
||||
- device-mapper-persistent-data
|
||||
- lvm2
|
||||
|
||||
_docker_upstream_distro_packages:
|
||||
- docker-ce
|
||||
- docker-ce-cli
|
||||
- containerd.io
|
||||
|
||||
docker_repo_template: docker-ce-centos.repo
|
||||
|
||||
docker_distro_vars_loaded: true
|
Loading…
Reference in New Issue
Block a user