From c8dad3f6c6112648d5aeeb44f93bcaac3c270150 Mon Sep 17 00:00:00 2001 From: Florent Monbillard Date: Tue, 17 Mar 2020 10:38:22 -0400 Subject: [PATCH] Backport remove dockerproject (#5682) (#5780) * Remove dockerproject org (#5548) * Change dockerproject.org to download.docker.com dockerproject.org was deprecated in 2017 and has gone down. * Restore yum repo for containerd Change-Id: I883bb512a2164a85865b1bd4fb569af0358c8c2b Co-authored-by: Craig Rodrigues * remove legacy docker repo in kubernetes/preinstall before any packages installed (#5640) * Remove dockerproject_.+_repo_.+ variables (#5662) This 38688a44866d5ee612f80c16ef81e135d1347653 change replaces the value for dockerproject_.+_repo_.+ docker variables but their new value was previously defined in other variables. This change removes the dockerproject_.+_repo_.+ docker variables in favor of the older ones. * Remove stale legacy yum docker repo /etc/yum.repos.d/docker.repo (#5569) * Remove stale legacy yum docker repo /etc/yum.repos.d/docker.repo * move task 'Remove legacy docker repo file' to pre-upgrade.yml * fix upgrade procedure when in playbook (#5695) exists role kubernetes/preinstall and not exists role container-engine error 'yum_repo_dir' is undefined Co-authored-by: Matthew Mosesohn Co-authored-by: Craig Rodrigues Co-authored-by: Victor Morales Co-authored-by: Kubernetes Prow Robot Co-authored-by: Matthew Mosesohn Co-authored-by: Craig Rodrigues Co-authored-by: Victor Morales --- .../containerd/templates/rh_containerd.repo.j2 | 10 +--------- .../containerd/templates/rh_docker.repo.j2 | 9 +++++++++ roles/container-engine/docker/defaults/main.yml | 7 +------ roles/container-engine/docker/tasks/main.yml | 14 ++++++++------ .../docker/tasks/pre-upgrade.yml | 8 ++++++++ .../docker/templates/rh_docker.repo.j2 | 17 ----------------- roles/container-engine/docker/vars/debian.yml | 5 ++--- roles/container-engine/docker/vars/redhat.yml | 1 - .../docker/vars/ubuntu-amd64.yml | 4 ++-- .../docker/vars/ubuntu-arm64.yml | 4 ++-- roles/kubernetes/preinstall/defaults/main.yml | 2 ++ .../preinstall/tasks/0070-system-packages.yml | 8 ++++++++ 12 files changed, 43 insertions(+), 46 deletions(-) create mode 100644 roles/container-engine/containerd/templates/rh_docker.repo.j2 delete mode 100644 roles/container-engine/docker/templates/rh_docker.repo.j2 diff --git a/roles/container-engine/containerd/templates/rh_containerd.repo.j2 b/roles/container-engine/containerd/templates/rh_containerd.repo.j2 index 98936a66a..9161f921e 100644 --- a/roles/container-engine/containerd/templates/rh_containerd.repo.j2 +++ b/roles/container-engine/containerd/templates/rh_containerd.repo.j2 @@ -6,12 +6,4 @@ gpgcheck=1 keepcache={{ docker_rpm_keepcache | default('1') }} gpgkey={{ docker_rh_repo_gpgkey }} {% if http_proxy is defined %}proxy={{ http_proxy }}{% endif %} - -[docker-engine] -name=Docker-Engine Repository -baseurl={{ dockerproject_rh_repo_base_url }} -enabled=1 -gpgcheck=1 -keepcache={{ docker_rpm_keepcache | default('1') }} -gpgkey={{ dockerproject_rh_repo_gpgkey }} -{% if http_proxy is defined %}proxy={{ http_proxy }}{% endif %} +{% if ansible_os_family == "RedHat" and ansible_distribution_major_version|int == 8 %}module_hotfixes=True{% endif %} diff --git a/roles/container-engine/containerd/templates/rh_docker.repo.j2 b/roles/container-engine/containerd/templates/rh_docker.repo.j2 new file mode 100644 index 000000000..9161f921e --- /dev/null +++ b/roles/container-engine/containerd/templates/rh_docker.repo.j2 @@ -0,0 +1,9 @@ +[docker-ce] +name=Docker-CE Repository +baseurl={{ docker_rh_repo_base_url }} +enabled=1 +gpgcheck=1 +keepcache={{ docker_rpm_keepcache | default('1') }} +gpgkey={{ docker_rh_repo_gpgkey }} +{% if http_proxy is defined %}proxy={{ http_proxy }}{% endif %} +{% if ansible_os_family == "RedHat" and ansible_distribution_major_version|int == 8 %}module_hotfixes=True{% endif %} diff --git a/roles/container-engine/docker/defaults/main.yml b/roles/container-engine/docker/defaults/main.yml index ab9a4fb74..b0cb6bb1e 100644 --- a/roles/container-engine/docker/defaults/main.yml +++ b/roles/container-engine/docker/defaults/main.yml @@ -38,11 +38,6 @@ docker_ubuntu_repo_gpgkey: 'https://download.docker.com/linux/ubuntu/gpg' # Debian docker-ce repo docker_debian_repo_base_url: "https://download.docker.com/linux/debian" docker_debian_repo_gpgkey: 'https://download.docker.com/linux/debian/gpg' -# dockerproject repo -dockerproject_rh_repo_base_url: 'https://yum.dockerproject.org/repo/main/centos/7' -dockerproject_rh_repo_gpgkey: 'https://yum.dockerproject.org/gpg' -dockerproject_apt_repo_base_url: 'https://apt.dockerproject.org/repo' -dockerproject_apt_repo_gpgkey: 'https://apt.dockerproject.org/gpg' docker_bin_dir: "/usr/bin" # CentOS/RedHat Extras repo extras_rh_repo_base_url: "http://mirror.centos.org/centos/$releasever/extras/$basearch/" @@ -67,4 +62,4 @@ docker_remove_packages_yum: docker_remove_packages_apt: - docker - docker-engine - - docker.io \ No newline at end of file + - docker.io diff --git a/roles/container-engine/docker/tasks/main.yml b/roles/container-engine/docker/tasks/main.yml index cb1f82ce9..201fef262 100644 --- a/roles/container-engine/docker/tasks/main.yml +++ b/roles/container-engine/docker/tasks/main.yml @@ -27,9 +27,6 @@ tags: - facts -# https://yum.dockerproject.org/repo/main/opensuse/ contains packages for an EOL -# openSUSE version so we can't use it. The only alternative is to use the docker -# packages from the distribution repositories. - name: Warn about Docker version on SUSE debug: msg: "SUSE distributions always install Docker from the distro repos" @@ -105,9 +102,14 @@ when: ansible_distribution == "Fedora" and not is_atomic - name: Configure docker repository on RedHat/CentOS/Oracle Linux - template: - src: "rh_docker.repo.j2" - dest: "{{ yum_repo_dir }}/docker.repo" + yum_repository: + name: docker-ce + baseurl: "{{ docker_rh_repo_base_url }}" + description: "Docker CE Stable - $basearch" + gpgcheck: yes + gpgkey: "{{ docker_rh_repo_gpgkey }}" + keepcache: "{{ docker_rpm_keepcache | default('1') }}" + proxy: " {{ http_proxy | default('_none_') }}" when: ansible_distribution in ["CentOS","RedHat","OracleLinux"] and not is_atomic - name: check if container-selinux is available diff --git a/roles/container-engine/docker/tasks/pre-upgrade.yml b/roles/container-engine/docker/tasks/pre-upgrade.yml index 289211ed0..f00229101 100644 --- a/roles/container-engine/docker/tasks/pre-upgrade.yml +++ b/roles/container-engine/docker/tasks/pre-upgrade.yml @@ -1,4 +1,12 @@ --- +- name: Remove legacy docker repo file + file: + path: "{{ yum_repo_dir }}/docker.repo" + state: absent + when: + - ansible_distribution in ["CentOS","RedHat","OracleLinux"] + - not is_atomic + - name: Ensure old versions of Docker are not installed. | Debian apt: name: '{{ docker_remove_packages_apt }}' diff --git a/roles/container-engine/docker/templates/rh_docker.repo.j2 b/roles/container-engine/docker/templates/rh_docker.repo.j2 deleted file mode 100644 index 98936a66a..000000000 --- a/roles/container-engine/docker/templates/rh_docker.repo.j2 +++ /dev/null @@ -1,17 +0,0 @@ -[docker-ce] -name=Docker-CE Repository -baseurl={{ docker_rh_repo_base_url }} -enabled=1 -gpgcheck=1 -keepcache={{ docker_rpm_keepcache | default('1') }} -gpgkey={{ docker_rh_repo_gpgkey }} -{% if http_proxy is defined %}proxy={{ http_proxy }}{% endif %} - -[docker-engine] -name=Docker-Engine Repository -baseurl={{ dockerproject_rh_repo_base_url }} -enabled=1 -gpgcheck=1 -keepcache={{ docker_rpm_keepcache | default('1') }} -gpgkey={{ dockerproject_rh_repo_gpgkey }} -{% if http_proxy is defined %}proxy={{ http_proxy }}{% endif %} diff --git a/roles/container-engine/docker/vars/debian.yml b/roles/container-engine/docker/vars/debian.yml index c1945bf8c..9154ae9ea 100644 --- a/roles/container-engine/docker/vars/debian.yml +++ b/roles/container-engine/docker/vars/debian.yml @@ -2,7 +2,6 @@ docker_kernel_min_version: '3.10' # https://download.docker.com/linux/debian/ -# https://apt.dockerproject.org/repo/dists/debian-wheezy/main/filelist docker_versioned_pkg: 'latest': docker-ce '1.13': docker-engine=1.13.1-0~debian-{{ ansible_distribution_release|lower }} @@ -38,7 +37,7 @@ docker_repo_info: dockerproject_repo_key_info: pkg_key: apt_key - url: '{{ dockerproject_apt_repo_gpgkey }}' + url: '{{ docker_debian_repo_gpgkey }}' repo_keys: - 58118E89F3A912897C070ADBF76221572C52609D @@ -46,6 +45,6 @@ dockerproject_repo_info: pkg_repo: apt_repository repos: - > - deb {{ dockerproject_apt_repo_base_url }} + deb {{ docker_debian_repo_base_url }} {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }} main diff --git a/roles/container-engine/docker/vars/redhat.yml b/roles/container-engine/docker/vars/redhat.yml index 047077ee1..48bb55018 100644 --- a/roles/container-engine/docker/vars/redhat.yml +++ b/roles/container-engine/docker/vars/redhat.yml @@ -3,7 +3,6 @@ docker_kernel_min_version: '0' # https://docs.docker.com/engine/installation/linux/centos/#install-from-a-package # https://download.docker.com/linux/centos/7/x86_64/stable/Packages/ -# https://yum.dockerproject.org/repo/main/centos/7 # or do 'yum --showduplicates list docker-engine' docker_versioned_pkg: 'latest': docker-ce diff --git a/roles/container-engine/docker/vars/ubuntu-amd64.yml b/roles/container-engine/docker/vars/ubuntu-amd64.yml index 70774d0d3..f59f2130d 100644 --- a/roles/container-engine/docker/vars/ubuntu-amd64.yml +++ b/roles/container-engine/docker/vars/ubuntu-amd64.yml @@ -37,7 +37,7 @@ docker_repo_info: dockerproject_repo_key_info: pkg_key: apt_key - url: '{{ dockerproject_apt_repo_gpgkey }}' + url: '{{ docker_debian_repo_gpgkey }}' repo_keys: - 58118E89F3A912897C070ADBF76221572C52609D @@ -45,6 +45,6 @@ dockerproject_repo_info: pkg_repo: apt_repository repos: - > - deb {{ dockerproject_apt_repo_base_url }} + deb {{ docker_debian_repo_base_url }} {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }} main diff --git a/roles/container-engine/docker/vars/ubuntu-arm64.yml b/roles/container-engine/docker/vars/ubuntu-arm64.yml index 5842ff372..7551a60ab 100644 --- a/roles/container-engine/docker/vars/ubuntu-arm64.yml +++ b/roles/container-engine/docker/vars/ubuntu-arm64.yml @@ -33,7 +33,7 @@ docker_repo_info: dockerproject_repo_key_info: pkg_key: apt_key - url: '{{ dockerproject_apt_repo_gpgkey }}' + url: '{{ docker_debian_repo_gpgkey }}' repo_keys: - 58118E89F3A912897C070ADBF76221572C52609D @@ -41,6 +41,6 @@ dockerproject_repo_info: pkg_repo: apt_repository repos: - > - deb {{ dockerproject_apt_repo_base_url }} + deb {{ docker_debian_repo_base_url }} {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }} main diff --git a/roles/kubernetes/preinstall/defaults/main.yml b/roles/kubernetes/preinstall/defaults/main.yml index 1ffcfb346..26f93e317 100644 --- a/roles/kubernetes/preinstall/defaults/main.yml +++ b/roles/kubernetes/preinstall/defaults/main.yml @@ -54,3 +54,5 @@ etc_hosts_localhost_entries: # Minimal memory requirement in MB for safety checks minimal_node_memory_mb: 1024 minimal_master_memory_mb: 1500 + +yum_repo_dir: /etc/yum.repos.d diff --git a/roles/kubernetes/preinstall/tasks/0070-system-packages.yml b/roles/kubernetes/preinstall/tasks/0070-system-packages.yml index b3b34b5e6..67c0d8e36 100644 --- a/roles/kubernetes/preinstall/tasks/0070-system-packages.yml +++ b/roles/kubernetes/preinstall/tasks/0070-system-packages.yml @@ -17,6 +17,14 @@ tags: - bootstrap-os +- name: Remove legacy docker repo file + file: + path: "{{ yum_repo_dir }}/docker.repo" + state: absent + when: + - ansible_distribution in ["CentOS","RedHat","OracleLinux"] + - not is_atomic + - name: Install python-dnf for latest RedHat versions command: dnf install -y python-dnf yum register: dnf_task_result