From 006f333828db373435daa15483d2ab753048f62a Mon Sep 17 00:00:00 2001 From: "Suren A. Chilingaryan" Date: Tue, 13 Mar 2018 05:01:30 +0100 Subject: Production --- roles/docker/tasks/configure.yml | 63 ++++++++++++++++++++++++++++++++++++++++ roles/docker/tasks/install.yml | 13 +++++++++ roles/docker/tasks/main.yml | 58 ++---------------------------------- roles/docker/tasks/storage.yml | 34 +++++++++++++++++++--- 4 files changed, 108 insertions(+), 60 deletions(-) create mode 100644 roles/docker/tasks/configure.yml create mode 100644 roles/docker/tasks/install.yml (limited to 'roles/docker/tasks') diff --git a/roles/docker/tasks/configure.yml b/roles/docker/tasks/configure.yml new file mode 100644 index 0000000..5d29291 --- /dev/null +++ b/roles/docker/tasks/configure.yml @@ -0,0 +1,63 @@ +--- +#- name: Remove docker +# yum: name="{{ item }}" state="absent" +# with_items: [ docker, docker-client, docker-common ] + +- name: install docker + include_tasks: install.yml + +- name: start docker + service: name="docker" state="started" + +- name: Configure bridge-nf-call-iptables with sysctl + sysctl: name="net.bridge.bridge-nf-call-iptables" value=1 state=present sysctl_set=yes + +- name: Configure bridge-nf-call-ip6tables with sysctl + sysctl: name="net.bridge.bridge-nf-call-ip6tables" value=1 state=present sysctl_set=yes + +- name: Determine if loopback + shell: docker info | grep 'Data file:.*loop' + register: loop_device_check + failed_when: false + changed_when: loop_device_check.rc == 0 + +- set_fact: docker_reinit="{{ (loop_device_check.rc == 0) or (vg == '') or (docker_setup_root and ((root_vg == '') or (vg != root_vg))) or (docker_storage_vg is defined and (docker_storage_vg != vg)) }}" + vars: + lv: "{{ ansible_lvm['lvs'][docker_lv] | default({}) }}" + vg: "{{ lv['vg'] | default('') }}" + root_lv: "{{ ansible_lvm['lvs'][docker_root_lv] | default({}) }}" + root_vg: "{{ root_lv['vg'] | default('') }}" + +- debug: msg="Re-initializing - {{ docker_reinit }}, Loopback check - {{ loop_device_check.stderr }}" + when: loop_device_check.stderr + +- import_tasks: storage.yml + when: docker_reinit + +- name: extend vg + lvol: vg="{{ ansible_lvm['lvs'][docker_lv]['vg'] }}" lv="{{ docker_lv }}" size="{{ docker_volume_size }}" + when: + - not docker_reinit + - docker_volume_size is defined + +- name: extend root vg + lvol: vg="{{ ansible_lvm['lvs'][docker_root_lv]['vg'] }}" lv="{{ docker_root_lv }}" size="{{ docker_root_volume_size }}" + when: + - not docker_reinit + - docker_setup_root + - docker_root_volume_size is defined + +# By default there is systemd driver installed. It is removed during OpenShift installation, but is still there during prepare stage +# The parameters to docker can be set trough OpenShift and currently are moved there. +#- name: Limit size of container log files +# ghetto_json: +# path: "/etc/docker/daemon.json" +# log-driver: "json-file" +# log-opts.max-size: "{{ docker_max_log_size }}" +# log-opts.max-file: "{{ docker_max_log_files }}" +# notify: +# - restart docker + +- name: start docker + service: name="docker" enabled=yes state=started + \ No newline at end of file diff --git a/roles/docker/tasks/install.yml b/roles/docker/tasks/install.yml new file mode 100644 index 0000000..41ae5a3 --- /dev/null +++ b/roles/docker/tasks/install.yml @@ -0,0 +1,13 @@ +- name: Remove versionlock from yum + command: yum versionlock delete docker docker-common docker-client + register: result + when: update | default(false) + failed_when: false + changed_when: result | failed + +- name: Ensure docker is installed + yum: name="docker{{ docker_version | default('') }}" state="{{ ((docker_version is defined) and (update | default(false))) | ternary('latest', 'present') }}" + +- name: Add versionlock to yum + command: yum versionlock add docker docker-common docker-client + when: docker_version is defined diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index c03d897..c9d0251 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -1,57 +1,3 @@ --- -#- name: Remove docker -# yum: name="{{ item }}" state="absent" -# with_items: [ docker, docker-client, docker-common ] - -- name: Remove versionlock from yum - command: yum versionlock delete docker docker-common docker-client - register: result - failed_when: false - changed_when: result | failed - -- name: Ensure docker is installed - yum: name="docker{{ docker_version | default('') }}" state="{{ docker_version is defined | ternary('latest', 'present') }}" - -- name: Add versionlock to yum - command: yum versionlock add docker docker-common docker-client - when: docker_version is defined - -- name: start docker - service: name="docker" state="started" - -- name: Configure bridge-nf-call-iptables with sysctl - sysctl: name="net.bridge.bridge-nf-call-iptables" value=1 state=present sysctl_set=yes - -- name: Configure bridge-nf-call-ip6tables with sysctl - sysctl: name="net.bridge.bridge-nf-call-ip6tables" value=1 state=present sysctl_set=yes - -- name: Determine if loopback - shell: docker info | grep 'Data file:.*loop' - register: loop_device_check - failed_when: false - changed_when: loop_device_check.rc == 0 - -- debug: msg="{{ loop_device_check.stderr }}" - when: loop_device_check.stderr - -- import_tasks: storage.yml - when: loop_device_check.rc == 0 - -- name: extend the vg - lvol: vg="{{ ansible_lvm['lvs'][docker_lv]['vg'] }}" lv="docker_lv" size="{{ docker_volume_size }}" - when: docker_volume_size is defined - -# By default there is systemd driver installed. It is removed during OpenShift installation, but is still there during prepare stage -# The parameters to docker can be set trough OpenShift and currently are moved there. -#- name: Limit size of container log files -# ghetto_json: -# path: "/etc/docker/daemon.json" -# log-driver: "json-file" -# log-opts.max-size: "{{ docker_max_log_size }}" -# log-opts.max-file: "{{ docker_max_log_files }}" -# notify: -# - restart docker - -- name: start docker - service: name="docker" enabled=yes state=started - \ No newline at end of file +- name: "Configuring network" + include_tasks: "{{ action | default('configure') }}.yml" diff --git a/roles/docker/tasks/storage.yml b/roles/docker/tasks/storage.yml index 5a5c858..e431030 100644 --- a/roles/docker/tasks/storage.yml +++ b/roles/docker/tasks/storage.yml @@ -1,11 +1,13 @@ --- +# We need to adjust docker_min_size if docker_volume_size set (min_size is just given in GB, but volume size +# support suffixes and we need to handle this). - name: list volume groups set_fact: available_vg="{{ item.key }}" with_dict: "{{ ansible_lvm.vgs }}" when: - not available_vg is defined - not item.key in ( docker_exclude_vgs | default([]) ) - - (item.value.free_g | int) > (docker_volume_size | default(docker_min_size)) + - (item.value.free_g | int) > docker_min_size - set_fact: docker_storage_vg="{{ available_vg }}" when: (not docker_storage_vg is defined) and (available_vg is defined) @@ -13,11 +15,13 @@ - fail: msg="Can't detect Docker VG" when: not docker_storage_vg is defined -- name: check to see if {{ docker_storage_device }} exists +- name: "check to see if {{ docker_storage_device }} exists" command: "test -e {{ docker_storage_device }}" when: docker_storage_device is defined -- set_fact: docker_storage_config="VG={{ docker_storage_vg }} AUTO_EXTEND_POOL=true" +- set_fact: docker_storage_config="VG={{ docker_storage_vg }} DATA_SIZE={{ docker_volume_size | default(docker_min_size ~ 'G') }} AUTO_EXTEND_POOL=true" +- set_fact: docker_storage_config="{{ docker_storage_config }} DOCKER_ROOT_VOLUME=yes DOCKER_ROOT_VOLUME_SIZE={{ docker_root_volume_size | default(docker_min_size ~ 'G') }}" + when: docker_setup_root - set_fact: docker_storage_config="{{ docker_storage_config }} DEVS={{ docker_storage_device }}" when: ( docker_storage_device is defined ) and ( ansible_lvm.vgs[docker_storage_vg] is not defined ) @@ -28,6 +32,29 @@ - name: delete /var/lib/docker file: path="/var/lib/docker" state=absent +- name: "delete {{ docker_lv }} lv" + lvol: vg="{{ ansible_lvm['lvs'][docker_lv]['vg'] }}" lv="{{ docker_lv }}" state="absent" force="yes" + when: ansible_lvm['lvs'][docker_lv] is defined + +- name: delete docker-pool lv + lvol: vg="{{ ansible_lvm['lvs']['docker-pool']['vg'] }}" lv="docker-pool" state="absent" force="yes" + when: ansible_lvm['lvs']['docker-pool'] is defined + +- name: unmount docker partition + mount: path="/var/lib/docker" state="unmounted" + +- name: "delete {{ docker_root_lv }} lv" + lvol: vg="{{ ansible_lvm['lvs'][docker_root_lv]['vg'] }}" lv="{{ docker_root_lv }}" state="absent" force="yes" + when: ansible_lvm['lvs'][docker_root_lv] is defined + +- name: delete docker-pool lv + lvol: vg="{{ ansible_lvm['lvs']['docker-root-lv']['vg'] }}" lv="docker-root-lv" state="absent" force="yes" + when: ansible_lvm['lvs']['docker-root-lv'] is defined + + +- name: remove old configuration + file: path="/etc/sysconfig/docker-storage" state="absent" + - name: generate docker-storage-setup config file copy: content: "{{ docker_storage_config }}" @@ -38,4 +65,3 @@ - name: docker storage setup command: docker-storage-setup - -- cgit v1.2.3