From 08f1caed84d46d0263f0c1aaaf2da891946b1a96 Mon Sep 17 00:00:00 2001
From: Devan Goodwin <dgoodwin@redhat.com>
Date: Mon, 27 Jun 2016 11:15:40 -0300
Subject: Only nuke images when crossing the Docker 1.10 boundary in upgrade.

---
 .../openshift-cluster/upgrades/docker/upgrade.yml  | 27 ++++++++--------------
 .../upgrades/docker/upgrade_check.yml              | 17 +++++++++-----
 .../upgrades/v3_1_to_v3_2/pre.yml                  |  4 ++++
 .../upgrades/v3_1_to_v3_2/upgrade.yml              |  2 +-
 roles/docker/defaults/main.yml                     |  1 +
 roles/docker/tasks/main.yml                        |  2 +-
 6 files changed, 28 insertions(+), 25 deletions(-)

diff --git a/playbooks/common/openshift-cluster/upgrades/docker/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/docker/upgrade.yml
index 78b123881..81db9ef20 100644
--- a/playbooks/common/openshift-cluster/upgrades/docker/upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/docker/upgrade.yml
@@ -1,7 +1,7 @@
 ---
 # We need docker service up to remove all the images, but these services will keep
 # trying to re-start and thus re-pull the images we're trying to delete.
-- name: stop containerized services
+- name: Stop containerized services
   service: name={{ item }} state=stopped
   with_items:
     - "{{ openshift.common.service_type }}-master"
@@ -11,25 +11,18 @@
     - etcd_container
     - openvswitch
   failed_when: false
-  when: docker_upgrade is defined and docker_upgrade | bool and openshift.common.is_containerized | bool
+  when: docker_upgrade | bool and openshift.common.is_containerized | bool
 
-- name: remove all containers and images
+- name: Remove all containers and images
   script: nuke_images.sh docker
   register: nuke_images_result
-  when: docker_upgrade is defined and docker_upgrade | bool
+  when: docker_upgrade | bool and docker_upgrade_nuke_images is defined and docker_upgrade_nuke_images | bool
 
-# todo: should we use the docker role to actually do the upgrade?
-- name: upgrade to specified docker version
+- name: Upgrade Docker
   action: "{{ ansible_pkg_mgr }} name=docker{{ '-' + docker_version }} state=present"
-  register: docker_upgrade_result
-  when: docker_upgrade is defined and docker_upgrade | bool and docker_version is defined
+  when: docker_upgrade | bool
 
-- name: upgrade to latest docker version
-  action: "{{ ansible_pkg_mgr }} name=docker state=latest"
-  register: docker_upgrade_result
-  when: docker_upgrade is defined and docker_upgrade | bool and docker_version is not defined
-
-- name: restart containerized services
+- name: Restart containerized services
   service: name={{ item }} state=started
   with_items:
     - etcd_container
@@ -39,9 +32,9 @@
     - "{{ openshift.common.service_type }}-master-controllers"
     - "{{ openshift.common.service_type }}-node"
   failed_when: false
-  when: docker_upgrade is defined and docker_upgrade | bool and openshift.common.is_containerized | bool
+  when: docker_upgrade | bool and openshift.common.is_containerized | bool
 
-- name: wait for master api to come back online
+- name: Wait for master API to come back online
   become: no
   local_action:
     module: wait_for
@@ -49,4 +42,4 @@
       state=started
       delay=10
       port="{{ openshift.master.api_port }}"
-  when: docker_upgrade is defined and docker_upgrade | bool and inventory_hostname in groups.oo_masters_to_config
+  when: docker_upgrade | bool and inventory_hostname in groups.oo_masters_to_config
diff --git a/playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml b/playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml
index caf8d1de5..7fd4657d5 100644
--- a/playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml
+++ b/playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml
@@ -39,12 +39,17 @@
     docker_upgrade: False
   when: docker_upgrade is not defined or docker_upgrade | bool
 
-- name: Flag for upgrade if Docker version does not equal latest
-  set_fact:
-    docker_upgrade: true
-  when: docker_version is not defined and pkg_check.rc == 0 and curr_docker_version.stdout | version_compare(avail_docker_version.stdout,'<')
+# Make sure a docker_verison is set if none was requested:
+- set_fact:
+    docker_version: avail_docker_version.stdout
+  when: docker_version is not defined
 
-- name: Flag for upgrade if Docker version does not equal requested version
+- name: Flag for Docker upgrade if necessary
   set_fact:
-    docker_upgrade: true
+    docker_upgrade: True
   when: docker_version is defined and pkg_check.rc == 0 and curr_docker_version.stdout | version_compare(docker_version,'<')
+
+- name: Flag to delete all images prior to upgrade if crossing Docker 1.10 boundary
+  set_fact:
+      docker_upgrade_nuke_images: True
+  when: docker_upgrade_nuke_images is not defined and docker_upgrade | bool and curr_docker_version.stdout | version_compare('1.10','<') and docker_version | version_compare('1.10','>=')
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml
index 55ede13f0..e78418c6c 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml
@@ -89,6 +89,10 @@
     # defined, and overriding the normal behavior of protecting the installed version
     openshift_release: "3.2"
     openshift_protect_installed_version: False
+    # Docker role (a dependency) should be told not to do anything to installed version
+    # of docker, we handle this separately during upgrade. (the inventory may have a
+    # docker_version defined, we don't want to actually do it until later)
+    docker_protect_installed_version: True
 
 - name: Verify master processes
   hosts: oo_masters_to_config
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml
index f2e408ad4..bea1eb4e1 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml
@@ -86,7 +86,7 @@
     when: docker_upgrade is not defined or docker_upgrade | bool
 
   - include: ../docker/upgrade.yml
-    when: docker_upgrade is defined and docker_upgrade | bool
+    when: docker_upgrade | bool
 
   - include: rpm_upgrade.yml
     vars:
diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml
index ed97d539c..da11ed0af 100644
--- a/roles/docker/defaults/main.yml
+++ b/roles/docker/defaults/main.yml
@@ -1 +1,2 @@
 ---
+docker_protect_installed_version: False
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index 34be0a666..a52a28375 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -37,7 +37,7 @@
 # Make sure Docker is installed, but does not update a running version.
 # Docker upgrades are handled by a separate playbook.
 - name: Install Docker
-  action: "{{ ansible_pkg_mgr }} name=docker{{ '-' + docker_version if docker_version is defined else '' }} state=present"
+  action: "{{ ansible_pkg_mgr }} name=docker{{ '-' + docker_version if docker_version is defined and not docker_protect_installed_version | bool else '' }} state=present"
   when: not openshift.common.is_atomic | bool
 
 - name: Start the Docker service
-- 
cgit v1.2.3