2015-10-03 20:19:50 +00:00
---
2018-10-10 02:14:33 +00:00
- name : check if atomic host
stat :
path : /run/ostree-booted
register : ostree
2019-05-16 07:27:43 +00:00
- name : set is_atomic
set_fact :
2018-10-10 02:14:33 +00:00
is_atomic : "{{ ostree.stat.exists }}"
2015-12-30 16:11:33 +00:00
- name : gather os specific variables
include_vars : "{{ item }}"
with_first_found :
- files :
2017-08-24 09:09:52 +00:00
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_version|lower|replace('/', '_') }}.yml"
2018-08-23 15:11:07 +00:00
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}-{{ host_architecture }}.yml"
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}.yml"
2017-08-24 09:09:52 +00:00
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_major_version|lower|replace('/', '_') }}.yml"
2018-08-21 15:53:23 +00:00
- "{{ ansible_distribution|lower }}-{{ host_architecture }}.yml"
2017-08-24 09:09:52 +00:00
- "{{ ansible_distribution|lower }}.yml"
2018-08-21 15:53:23 +00:00
- "{{ ansible_os_family|lower }}-{{ host_architecture }}.yml"
2017-08-24 09:09:52 +00:00
- "{{ ansible_os_family|lower }}.yml"
- defaults.yml
2015-12-30 16:11:33 +00:00
paths :
2017-08-24 09:09:52 +00:00
- ../vars
2016-02-19 17:48:53 +00:00
skip : true
2017-10-05 07:43:04 +00:00
tags :
- facts
2015-12-30 16:11:33 +00:00
2018-04-26 09:52:06 +00:00
- name : Warn about Docker version on SUSE
debug :
msg : "SUSE distributions always install Docker from the distro repos"
when : ansible_pkg_mgr == 'zypper'
2018-01-29 11:37:48 +00:00
- include_tasks : set_facts_dns.yml
2016-12-21 16:18:11 +00:00
when : dns_mode != 'none' and resolvconf_mode == 'docker_dns'
2017-10-05 07:43:04 +00:00
tags :
- facts
2016-12-21 16:18:11 +00:00
2015-12-30 16:11:33 +00:00
- name : check for minimum kernel version
fail :
msg : >
docker requires a minimum kernel version of
{{ docker_kernel_min_version }} on
{{ ansible_distribution }}-{{ ansible_distribution_version }}
2019-12-05 15:24:32 +00:00
when : (not ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "ClearLinux"]) and (ansible_kernel is version(docker_kernel_min_version, "<"))
2017-10-05 07:43:04 +00:00
tags :
- facts
2015-12-30 16:11:33 +00:00
2018-03-28 20:10:39 +00:00
- import_tasks : pre-upgrade.yml
2018-03-12 03:05:12 +00:00
- name : ensure docker-ce repository public key is installed
2015-12-30 16:11:33 +00:00
action : "{{ docker_repo_key_info.pkg_key }}"
2016-01-12 16:56:29 +00:00
args :
2019-05-02 21:24:21 +00:00
id : "{{ item }}"
url : "{{ docker_repo_key_info.url }}"
2016-01-12 16:56:29 +00:00
state : present
2016-09-13 13:29:22 +00:00
register : keyserver_task_result
2018-10-16 22:33:30 +00:00
until : keyserver_task_result is succeeded
2016-09-13 13:29:22 +00:00
retries : 4
2018-10-10 02:14:33 +00:00
delay : "{{ retry_stagger | d(3) }}"
2016-03-30 08:23:43 +00:00
with_items : "{{ docker_repo_key_info.repo_keys }}"
2019-12-05 15:24:32 +00:00
when : not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "RedHat", "Suse", "ClearLinux"] or is_atomic)
2015-12-30 16:11:33 +00:00
2018-03-12 03:05:12 +00:00
- name : ensure docker-ce repository is enabled
2015-12-30 16:11:33 +00:00
action : "{{ docker_repo_info.pkg_repo }}"
2016-01-12 16:56:29 +00:00
args :
2019-05-02 21:24:21 +00:00
repo : "{{ item }}"
2016-01-12 16:56:29 +00:00
state : present
2016-03-30 08:23:43 +00:00
with_items : "{{ docker_repo_info.repos }}"
2019-12-05 15:24:32 +00:00
when : not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "RedHat", "Suse", "ClearLinux"] or is_atomic) and (docker_repo_info.repos|length > 0)
2018-03-12 03:05:12 +00:00
- name : ensure docker-engine repository public key is installed
action : "{{ dockerproject_repo_key_info.pkg_key }}"
args :
2019-05-02 21:24:21 +00:00
id : "{{ item }}"
url : "{{ dockerproject_repo_key_info.url }}"
2018-03-12 03:05:12 +00:00
state : present
register : keyserver_task_result
2018-10-16 22:33:30 +00:00
until : keyserver_task_result is succeeded
2018-03-12 03:05:12 +00:00
retries : 4
2018-10-10 02:14:33 +00:00
delay : "{{ retry_stagger | d(3) }}"
2018-03-12 03:05:12 +00:00
with_items : "{{ dockerproject_repo_key_info.repo_keys }}"
2018-08-22 14:15:38 +00:00
when :
2019-12-05 15:24:32 +00:00
- not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "RedHat", "Suse", "ClearLinux"] or is_atomic)
2018-08-22 14:15:38 +00:00
- use_docker_engine is defined and use_docker_engine
2018-03-12 03:05:12 +00:00
- name : ensure docker-engine repository is enabled
action : "{{ dockerproject_repo_info.pkg_repo }}"
args :
2019-05-02 21:24:21 +00:00
repo : "{{ item }}"
2018-03-12 03:05:12 +00:00
state : present
with_items : "{{ dockerproject_repo_info.repos }}"
2018-08-22 14:15:38 +00:00
when :
- use_docker_engine is defined and use_docker_engine
2019-12-05 15:24:32 +00:00
- not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "RedHat", "Suse", "ClearLinux"] or is_atomic) and (dockerproject_repo_info.repos|length > 0)
2015-12-30 16:11:33 +00:00
2018-09-19 17:57:20 +00:00
- name : Configure docker repository on Fedora
template :
src : "fedora_docker.repo.j2"
dest : "{{ yum_repo_dir }}/docker.repo"
when : ansible_distribution == "Fedora" and not is_atomic
2019-07-12 06:17:06 +00:00
- name : Configure docker repository on RedHat/CentOS/Oracle Linux
2020-03-05 10:34:38 +00:00
yum_repository :
name : docker-ce
baseurl : "{{ docker_rh_repo_base_url }}"
description : "Docker CE Stable - $basearch"
gpgcheck : yes
gpgkey : "{{ docker_rh_repo_gpgkey }}"
keepcache : "{{ docker_rpm_keepcache | default('1') }}"
proxy : " {{ http_proxy | default('_none_') }}"
2019-07-12 06:17:06 +00:00
when : ansible_distribution in ["CentOS","RedHat","OracleLinux"] and not is_atomic
2016-04-10 20:08:13 +00:00
2019-02-01 00:19:48 +00:00
- name : check if container-selinux is available
yum :
list : "container-selinux"
register : yum_result
when : ansible_distribution in ["CentOS","RedHat"] and not is_atomic
2019-02-19 14:06:29 +00:00
- name : Configure extras repository on RedHat/CentOS if container-selinux is not available in current repos
2019-02-01 00:19:48 +00:00
yum_repository :
name : extras
description : "CentOS-7 - Extras"
state : present
baseurl : "{{ extras_rh_repo_base_url }}"
file : "extras"
gpgcheck : yes
2019-05-02 21:24:21 +00:00
gpgkey : "{{ extras_rh_repo_gpgkey }}"
2019-02-01 00:19:48 +00:00
keepcache : "{{ docker_rpm_keepcache | default('1') }}"
2019-02-13 00:46:32 +00:00
proxy : " {{ http_proxy | default('_none_') }}"
2019-02-01 00:19:48 +00:00
when :
- ansible_distribution in ["CentOS","RedHat"] and not is_atomic
- yum_result.results | length == 0
2018-03-28 20:10:39 +00:00
- name : Copy yum.conf for editing
copy :
src : "{{ yum_conf }}"
dest : "{{ docker_yum_conf }}"
remote_src : yes
2019-07-12 06:17:06 +00:00
when : ansible_distribution in ["CentOS","RedHat","OracleLinux"] and not is_atomic
2018-03-28 20:10:39 +00:00
- name : Edit copy of yum.conf to set obsoletes=0
lineinfile :
path : "{{ docker_yum_conf }}"
state : present
regexp : '^obsoletes='
line : 'obsoletes=0'
2019-07-12 06:17:06 +00:00
when : ansible_distribution in ["CentOS","RedHat","OracleLinux"] and not is_atomic
2018-03-28 20:10:39 +00:00
2015-12-30 16:11:33 +00:00
- name : ensure docker packages are installed
action : "{{ docker_package_info.pkg_mgr }}"
2016-01-12 16:56:29 +00:00
args :
2019-05-02 21:24:21 +00:00
pkg : "{{ item.name }}"
force : "{{ item.force|default(omit) }}"
conf_file : "{{ item.yum_conf|default(omit) }}"
state : "{{ item.state | default('present') }}"
2018-09-19 17:57:20 +00:00
update_cache : "{{ omit if ansible_distribution == 'Fedora' else True }}"
2016-09-13 13:29:22 +00:00
register : docker_task_result
2018-10-16 22:33:30 +00:00
until : docker_task_result is succeeded
2016-09-13 13:29:22 +00:00
retries : 4
2018-10-10 02:14:33 +00:00
delay : "{{ retry_stagger | d(3) }}"
2016-03-30 08:23:43 +00:00
with_items : "{{ docker_package_info.pkgs }}"
2017-01-16 14:52:28 +00:00
notify : restart docker
2019-12-05 15:24:32 +00:00
when : not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "ClearLinux"] or is_atomic) and (docker_package_info.pkgs|length > 0)
2018-08-22 14:15:38 +00:00
ignore_errors : true
2018-12-18 09:39:25 +00:00
- name : Ensure docker packages are installed
action : "{{ docker_package_info.pkg_mgr }}"
args :
name : "{{ item.name }}"
2019-05-02 21:24:21 +00:00
state : "{{ item.state | default('present') }}"
2018-12-18 09:39:25 +00:00
with_items : "{{ docker_package_info.pkgs }}"
register : docker_task_result
until : docker_task_result is succeeded
retries : 4
delay : "{{ retry_stagger | d(3) }}"
notify : restart docker
ignore_errors : true
when : ansible_os_family in ["ClearLinux"]
2018-08-22 14:15:38 +00:00
- name : get available packages on Ubuntu
command : apt-cache policy docker-ce
2018-09-19 17:57:20 +00:00
when :
2018-10-16 22:33:30 +00:00
- docker_task_result is failed
2018-09-19 17:57:20 +00:00
- ansible_distribution == 'Ubuntu'
2018-08-22 14:15:38 +00:00
register : available_packages
- name : show available packages on ubuntu
fail :
2019-05-02 21:24:21 +00:00
msg : "{{ available_packages }}"
2018-09-19 17:57:20 +00:00
when :
2018-10-16 22:33:30 +00:00
- docker_task_result is failed
2018-09-19 17:57:20 +00:00
- ansible_distribution == 'Ubuntu'
2015-12-30 16:11:33 +00:00
2018-06-05 11:15:20 +00:00
# This is required to ensure any apt upgrade will not break kubernetes
2019-06-06 08:16:13 +00:00
- name : Tell Debian hosts not to change the docker version with apt upgrade
dpkg_selections :
name : docker-ce
selection : hold
when : ansible_os_family in ["Debian"]
2018-06-05 11:15:20 +00:00
2019-04-03 08:37:44 +00:00
- name : ensure docker started, remove our config if docker start failed and try again
block :
- name : ensure service is started if docker packages are already present
service :
name : docker
state : started
when : docker_task_result is not changed
rescue :
- debug :
msg : "Docker start failed. Try to remove our config"
- name : remove kubespray generated config
file :
path : "{{ item }}"
state : absent
with_items :
- /etc/systemd/system/docker.service.d/http-proxy.conf
- /etc/systemd/system/docker.service.d/docker-options.conf
- /etc/systemd/system/docker.service.d/docker-dns.conf
- /etc/systemd/system/docker.service.d/docker-orphan-cleanup.conf
notify : restart docker
2018-04-26 09:52:06 +00:00
2017-12-11 21:57:26 +00:00
- name : flush handlers so we can wait for docker to come up
meta : flush_handlers
- name : set fact for docker_version
2017-01-26 15:28:48 +00:00
command : "docker version -f '{{ '{{' }}.Client.Version{{ '}}' }}'"
2017-12-19 14:47:54 +00:00
register : installed_docker_version
2016-12-21 16:18:11 +00:00
changed_when : false
2017-12-11 21:57:26 +00:00
- name : check minimum docker version for docker_dns mode. You need at least docker version >= 1.12 for resolvconf_mode=docker_dns
fail :
msg : "You need at least docker version >= 1.12 for resolvconf_mode=docker_dns"
when : >
dns_mode != 'none' and
resolvconf_mode == 'docker_dns' and
2018-10-16 22:33:30 +00:00
installed_docker_version.stdout is version('1.12', '<')
2016-12-21 16:18:11 +00:00
2019-07-08 13:44:35 +00:00
# Install each plugin using a looped include to make error handling in the included task simpler.
- include_tasks : docker_plugin.yml
loop : "{{ docker_plugins }}"
loop_control :
loop_var : docker_plugin
2016-11-04 21:40:14 +00:00
- name : Set docker systemd config
2018-01-29 11:37:48 +00:00
import_tasks : systemd.yml
2016-01-25 01:01:25 +00:00
2015-12-30 16:11:33 +00:00
- name : ensure docker service is started and enabled
service :
name : "{{ item }}"
enabled : yes
state : started
with_items :
2016-12-08 13:36:00 +00:00
- docker