Move docker systemd unit creation to docker role

Creating the unit using default settings early on
and then changing it during network_plugin section
leads to too many docker restarts and duplicated code.

Reversed Wants= dependence on docker.service so it does not
restart docker when reloading systemd

Consolidated all docker restart handlers.
This commit is contained in:
Matthew Mosesohn 2016-08-02 13:42:27 +03:00
parent 0062b35f97
commit 6027290bc4
18 changed files with 38 additions and 128 deletions

View file

@ -4,6 +4,8 @@
notify: notify:
- Docker | reload systemd - Docker | reload systemd
- Docker | reload docker - Docker | reload docker
- Docker | pause while Docker restarts
- Docker | wait for docker
- name : Docker | reload systemd - name : Docker | reload systemd
shell: systemctl daemon-reload shell: systemctl daemon-reload
@ -13,3 +15,13 @@
service: service:
name: docker name: docker
state: restarted state: restarted
- name: Docker | pause while Docker restarts
pause: seconds=10 prompt="Waiting for docker restart"
- name: Docker | wait for docker
command: /usr/bin/docker images
register: docker_ready
retries: 10
delay: 5
until: docker_ready.rc == 0

View file

@ -59,6 +59,14 @@
when: ansible_service_mgr == "systemd" and when: ansible_service_mgr == "systemd" and
(http_proxy is defined or https_proxy is defined or no_proxy is defined) (http_proxy is defined or https_proxy is defined or no_proxy is defined)
- name: Write docker.service systemd file
template:
src: systemd-docker.service.j2
dest: /etc/systemd/system/docker.service
register: docker_service_file
notify: restart docker
when: ansible_service_mgr == "systemd" and ansible_os_family != "CoreOS"
- meta: flush_handlers - meta: flush_handlers
- name: ensure docker service is started and enabled - name: ensure docker service is started and enabled

View file

@ -29,11 +29,12 @@ ExecStart=/usr/bin/docker daemon \
$DOCKER_NETWORK_OPTIONS \ $DOCKER_NETWORK_OPTIONS \
$INSECURE_REGISTRY \ $INSECURE_REGISTRY \
$DOCKER_OPTS $DOCKER_OPTS
TasksMax=infinity
LimitNOFILE=1048576 LimitNOFILE=1048576
LimitNPROC=1048576 LimitNPROC=1048576
LimitCORE=infinity LimitCORE=infinity
MountFlags=slave
TimeoutStartSec=1min TimeoutStartSec=1min
Restart=on-abnormal
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

View file

@ -1,7 +1,7 @@
[Unit] [Unit]
Description=etcd docker wrapper Description=etcd docker wrapper
Wants=docker.service docker.socket Wants=docker.socket
After=docker.service docker.socket After=docker.service
[Service] [Service]
User=root User=root
@ -18,7 +18,7 @@ ExecStart={{ docker_bin_dir | default("/usr/bin") }}/docker run --restart=always
{% if etcd_after_v3 %} {% if etcd_after_v3 %}
{{ etcd_container_bin_dir }}etcd {{ etcd_container_bin_dir }}etcd
{% endif %} {% endif %}
ExecStopPost=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_member_name | default("etcd-proxy") }} ExecStartPre=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_member_name | default("etcd-proxy") }}
ExecReload={{ docker_bin_dir | default("/usr/bin") }}/docker restart {{ etcd_member_name | default("etcd-proxy") }} ExecReload={{ docker_bin_dir | default("/usr/bin") }}/docker restart {{ etcd_member_name | default("etcd-proxy") }}
ExecStop={{ docker_bin_dir | default("/usr/bin") }}/docker stop {{ etcd_member_name | default("etcd-proxy") }} ExecStop={{ docker_bin_dir | default("/usr/bin") }}/docker stop {{ etcd_member_name | default("etcd-proxy") }}
Restart=always Restart=always

View file

@ -1,7 +1,7 @@
[Unit] [Unit]
Description=etcd-proxy docker wrapper Description=etcd-proxy docker wrapper
Wants=docker.service docker.socket Wants=docker.socket
After=docker.service docker.socket After=docker.service
[Service] [Service]
User=root User=root
@ -18,7 +18,7 @@ ExecStart={{ docker_bin_dir | default("/usr/bin") }}/docker run --restart=always
{% if etcd_after_v3 %} {% if etcd_after_v3 %}
{{ etcd_container_bin_dir }}etcd {{ etcd_container_bin_dir }}etcd
{% endif %} {% endif %}
ExecStopPost=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_proxy_member_name | default("etcd-proxy") }} ExecStartPre=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_proxy_member_name | default("etcd-proxy") }}
ExecReload={{ docker_bin_dir | default("/usr/bin") }}/docker restart {{ etcd_proxy_member_name | default("etcd-proxy") }} ExecReload={{ docker_bin_dir | default("/usr/bin") }}/docker restart {{ etcd_proxy_member_name | default("etcd-proxy") }}
ExecStop={{ docker_bin_dir | default("/usr/bin") }}/docker stop {{ etcd_proxy_member_name | default("etcd-proxy") }} ExecStop={{ docker_bin_dir | default("/usr/bin") }}/docker stop {{ etcd_proxy_member_name | default("etcd-proxy") }}
Restart=always Restart=always

View file

@ -3,10 +3,10 @@ Description=Kubernetes Kubelet Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes Documentation=https://github.com/GoogleCloudPlatform/kubernetes
{% if kube_network_plugin is defined and kube_network_plugin == "calico" %} {% if kube_network_plugin is defined and kube_network_plugin == "calico" %}
After=docker.service docker.socket calico-node.service After=docker.service docker.socket calico-node.service
Wants=docker.service docker.socket calico-node.service Wants=docker.socket calico-node.service
{% else %} {% else %}
After=docker.service docker.socket After=docker.service
Wants=docker.service docker.socket Wants=docker.socket
{% endif %} {% endif %}
[Service] [Service]
@ -24,7 +24,7 @@ ExecStart={{ bin_dir }}/kubelet \
$KUBELET_REGISTER_NODE \ $KUBELET_REGISTER_NODE \
$KUBELET_NETWORK_PLUGIN \ $KUBELET_NETWORK_PLUGIN \
$KUBELET_CLOUDPROVIDER $KUBELET_CLOUDPROVIDER
ExecStopPost=-/usr/bin/docker rm -f kubelet ExecStartPre=-/usr/bin/docker rm -f kubelet
ExecReload=/usr/bin/docker restart kubelet ExecReload=/usr/bin/docker restart kubelet
Restart=always Restart=always
RestartSec=10s RestartSec=10s

View file

@ -10,13 +10,6 @@
- restart docker - restart docker
when: ansible_os_family != "CoreOS" when: ansible_os_family != "CoreOS"
- name: Calico | Write docker.service systemd file
template:
src: systemd-docker.service
dest: /lib/systemd/system/docker.service
notify: restart docker
when: ansible_service_mgr == "systemd" and ansible_os_family != "CoreOS"
- meta: flush_handlers - meta: flush_handlers
- name: Calico | Install calicoctl container script - name: Calico | Install calicoctl container script

View file

@ -2,7 +2,7 @@
Description=Calico per-node agent Description=Calico per-node agent
Documentation=https://github.com/projectcalico/calico-docker Documentation=https://github.com/projectcalico/calico-docker
After=docker.service docker.socket etcd-proxy.service After=docker.service docker.socket etcd-proxy.service
Wants=docker.service docker.socket etcd-proxy.service Wants=docker.socket etcd-proxy.service
[Service] [Service]
User=root User=root

View file

@ -4,22 +4,6 @@
ignore_errors: yes ignore_errors: yes
notify: restart docker notify: restart docker
- name: restart docker
command: /bin/true
notify:
- Flannel | reload systemd
- Flannel | reload docker
- Flannel | reload kubelet
- name : Flannel | reload systemd
shell: systemctl daemon-reload
when: ansible_service_mgr == "systemd"
- name: Flannel | reload docker
service:
name: docker
state: restarted
- name: Flannel | reload kubelet - name: Flannel | reload kubelet
service: service:
name: kubelet name: kubelet

View file

@ -50,11 +50,4 @@
state: link state: link
when: ansible_os_family == "CoreOS" when: ansible_os_family == "CoreOS"
- name: Flannel | Write docker.service systemd file
template:
src: systemd-docker.service
dest: /lib/systemd/system/docker.service
notify: restart docker
when: ansible_service_mgr == "systemd" and ansible_os_family != "CoreOS"
- meta: flush_handlers - meta: flush_handlers

View file

@ -1,32 +0,0 @@
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
{% if ansible_os_family == "RedHat" %}
After=network.target docker-storage-setup.service
Wants=docker-storage-setup.service
{% elif ansible_os_family == "Debian" %}
After=network.target docker.socket
Wants=docker.socket
{% endif %}
[Service]
Type=notify
EnvironmentFile=-/etc/default/docker
Environment=GOTRACEBACK=crash
ExecReload=/bin/kill -s HUP $MAINPID
Delegate=yes
KillMode=process
ExecStart=/usr/bin/docker daemon \
$OPTIONS \
$DOCKER_STORAGE_OPTIONS \
$DOCKER_NETWORK_OPTIONS \
$INSECURE_REGISTRY \
$DOCKER_OPTS
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
MountFlags=slave
TimeoutStartSec=1min
[Install]
WantedBy=multi-user.target

View file

@ -6,3 +6,4 @@ dependencies:
when: kube_network_plugin == 'flannel' when: kube_network_plugin == 'flannel'
- role: network_plugin/weave - role: network_plugin/weave
when: kube_network_plugin == 'weave' when: kube_network_plugin == 'weave'
- role: docker

View file

@ -1,10 +1,4 @@
--- ---
- name: Weave | restart docker
command: /bin/true
notify:
- Weave | reload systemd
- Weave | reload docker
- name: restart weave - name: restart weave
command: /bin/true command: /bin/true
notify: notify:
@ -27,11 +21,6 @@
- Weave | reload systemd - Weave | reload systemd
- reload weaveexpose - reload weaveexpose
- name: Weave | reload docker
service:
name: docker
state: restarted
- name: reload weave - name: reload weave
service: service:
name: weave name: weave

View file

@ -7,14 +7,7 @@
group: root group: root
mode: 0644 mode: 0644
notify: notify:
- Weave | restart docker - restart docker
- name: Write docker.service systemd file
template:
src: systemd-docker.service
dest: /lib/systemd/system/docker.service
notify: Weave | restart docker
when: ansible_service_mgr == "systemd" and ansible_os_family != "CoreOS"
- name: Weave | Install weave - name: Weave | Install weave
command: rsync -piu "{{ local_release_dir }}/weave/bin/weave" "{{ bin_dir }}/weave" command: rsync -piu "{{ local_release_dir }}/weave/bin/weave" "{{ bin_dir }}/weave"

View file

@ -1,32 +0,0 @@
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
{% if ansible_os_family == "RedHat" %}
After=network.target
Wants=docker-storage-setup.service
{% elif ansible_os_family == "Debian" %}
After=network.target docker.socket
Wants=docker.socket
{% endif %}
[Service]
Type=notify
EnvironmentFile=-/etc/default/docker
Environment=GOTRACEBACK=crash
ExecReload=/bin/kill -s HUP $MAINPID
Delegate=yes
KillMode=process
ExecStart=/usr/bin/docker daemon \
$OPTIONS \
$DOCKER_STORAGE_OPTIONS \
$DOCKER_NETWORK_OPTIONS \
$INSECURE_REGISTRY \
$DOCKER_OPTS
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
MountFlags=slave
TimeoutStartSec=1min
[Install]
WantedBy=multi-user.target

View file

@ -1,7 +1,7 @@
[Unit] [Unit]
Description=Weave Network Description=Weave Network
Documentation=http://docs.weave.works/weave/latest_release/ Documentation=http://docs.weave.works/weave/latest_release/
Wants=docker.service docker.socket Wants=docker.socket
After=docker.service docker.socket After=docker.service docker.socket
[Service] [Service]

View file

@ -1,6 +1,6 @@
[Unit] [Unit]
Documentation=http://docs.weave.works/ Documentation=http://docs.weave.works/
Wants=docker.service docker.socket weave.service Wants=docker.socket weave.service
After=docker.service docker.socket weave.service After=docker.service docker.socket weave.service
[Service] [Service]

View file

@ -1,7 +1,7 @@
[Unit] [Unit]
Description=Weave proxy for Docker API Description=Weave proxy for Docker API
Documentation=http://docs.weave.works/ Documentation=http://docs.weave.works/
Wants=docker.service docker.socket Wants=docker.socket
After=docker.service docker.socket After=docker.service docker.socket
[Service] [Service]