Commit graph

106 commits

Author SHA1 Message Date
Florian Ruynat
ba731ed145
Update docker packages to 19.03.15 and 20.10.3 (#7243) 2021-02-04 13:20:53 -08:00
Etienne Champetier
8f2b0772f9
containerd,docker: stop installing extras repo on CentOS/RHEL (#7203)
This was introduced in 143e2272ff
Extra repo is enabled by default in CentOS, and is not the right repo for EL8
Instead of adding a CentOS repo to RHEL, enable the needed RHEL repos with rhsm_repository

For RHEL 7, we need the "extras" repo for container-selinux
For RHEL 8, we need the "appstream" repo for container-selinux, ipvsadm and socat

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-25 03:12:54 -08:00
Etienne Champetier
a8e51e686e containerd,docker: use apt_repository instead of action
yum_repository expect really different params, so nothing to factor here
Ubuntu is not an ansible_os_family, the OS family for Ubuntu is Debian
Check for ansible_pkg_mgr == apt

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier
a2429ef64d containerd,docker: use apt_key instead of action
we don't need rpm_key, so nothing to factor here
Ubuntu is not an ansible_os_family, the OS family for Ubuntu is Debian
Check for ansible_pkg_mgr == apt

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier
0e96852159 docker: use package instead of action, cleanup
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier
f3885aa589 docker: stop using apt force
Here the desciption from Ansible docs
Corresponds to the --force-yes to apt-get and implies allow_unauthenticated: yes
This option will disable checking both the packages' signatures and the certificates of the web servers they are downloaded from.
This option *is not* the equivalent of passing the -f flag to apt-get on the command line
**This is a destructive operation with the potential to destroy your system, and it should almost never be used.** Please also see man apt-get for more information.

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-19 05:55:45 -08:00
Etienne Champetier
82af8e455e docker: remove old versions
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
7433b70d95 docker: remove kernel check
Only CentOS 7 uses Linux 3.10, all other OSs have more recent kernels

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
de6c71a426 docker: remove dockerproject repo reference
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
16a34548ea docker: remove checks for docker 1.12
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
b2f3ab77cd docker: remove some old debug code
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
b2f6ed7dee docker: remove obsoletes=0 in yum.conf
This was introduced in ef7f5edbb3
obsoletes=0 is not present in the official repo config
https://download.docker.com/linux/centos/docker-ce.repo
so it might not be needed for some time

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
55b03a41b2 containerd-common,containerd,docker: remove ubuntu arch specific vars
By removing ancient version we don't need arch specific vars

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-14 09:39:05 -08:00
Etienne Champetier
a790935d02
Only setup *_PROXY env variables where needed (#7095)
no_proxy is a pain to get right, and having proxy variables present causes issues
(k8s components get proxy configuration after upgrade, see #7100)

It's better to only configure what require proxy:
- the runtime (containerd/docker/crio)
- the package manager + apt_key
- the download tasks

Tested with the following clusters
- 4 CentOS 8 nodes
- 1 Ubuntu 20.04 node

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-11 07:21:08 -08:00
Florian Ruynat
837fca1368
Add docker 20.10 to available packages (#7106) 2021-01-06 09:23:51 -08:00
Etienne Champetier
e9f93a1de9
Remove libseccomp install tasks (#7074)
All packages have proper dependencies in latest versions

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-04 09:17:57 -08:00
Etienne Champetier
1945499e2f
Disable docker-ce yum repo by default / cleanups (#7080)
Upgrading docker / containerd without adapting the configuration might break the node,
so disable docker-ce repo by default.
We are already using dpkg hold for Debian.

All containerd.io packages provide /usr/bin/runc, so no need to check

yum_conf was never used for containerd

module_hotfixes should not be needed with the EL8 repo

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2020-12-23 13:12:26 -08:00
Sander Klein
8331c1f858
Hold the docker-ce-cli (#6995)
This will make sure an upgrade doesn't upgrade the docker cli.
2020-12-04 18:21:25 -08:00
Florian Ruynat
f4a69d2827
Update docker to 19.03.14 and containerd to 1.3.9 (#6980) 2020-12-03 16:33:25 -08:00
OwenTuz
d315f73080
Ensure libseccomp is installed before starting containerd on CentOS 8 (#6922)
* Ensure libseccomp is installed before starting containerd on CentOS 8

* Simplify libseccomp install on CentOS 8

- Uses `package` module
- Replaces complex version check with 'state: latest'. The version must
  be > 2.3 when using with cri-o.
- Removes unnecessary `not is_ostree` condition as CentOS 8 does not use
  ostree
2020-12-03 13:43:26 -08:00
Danilo Riecken P. de Morais
cc5303e1c8
Add test for Fedora CoreOS before creating Docker service file (#6940) 2020-11-30 09:20:49 -08:00
Barry Melbourne
eb16986f32
Add RHEL support subscription registration (#6572) 2020-11-24 08:33:00 -08:00
Etienne Champetier
03f316e7a2
Fix proxy and module_hotfixes (#6837)
This fixes the Containerd + EL8 case that was missed in 7d1ab3374e

On CentOS 8 with proxy ansible render inline `proxy` and `module_hotfixes` options.

For example:
```
proxy=http://127.0.0.1:3128module_hotfixes=True
```

But expected result:
```
proxy=http://127.0.0.1:3128
module_hotfixes=True
```

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2020-10-19 23:06:07 -07:00
Florian Ruynat
55d8ed093a
Add centos8 docker repo (#6747) 2020-09-25 06:11:11 -07:00
Florian Ruynat
2eae207435
Update docker packages to 19.03.13 + add docker f32 (#6712) 2020-09-23 08:32:19 -07:00
Barry Melbourne
03c9c091f2
Docker: Set Cgroup driver by default to systemd (#6563)
* Set Docker Cgroup driver to systemd

* Add docker_cgroup_driver in Docker defaults
2020-08-31 04:56:20 -07:00
Barry Melbourne
058438a25d
Remove support for CoreOS Container Linux (#6576) 2020-08-28 02:28:53 -07:00
Maxime Guyot
6e938a3106
Fix E306 in other roles (#6517) 2020-08-28 01:20:53 -07:00
*=0=1=4=*
a8e2110b2d
#6552 Update extras_rh_repo_base_url (#6556) 2020-08-21 00:09:55 -07:00
Bernard Landon
b0210567aa
Fixed Kubespray container-engine/docker role to populate docker.service (#6518) 2020-08-18 00:39:30 -07:00
Victor Morales
bdf0238328
Upgrade molecule to v3 (#6468)
Signed-off-by: Victor Morales <v.morales@samsung.com>
2020-08-04 05:24:19 -07:00
Cristian Chiru
94df580674
Moved docker_dns_options to defaults so it can be overridden (#6394)
* Moved docker_dns_options to defaults so it can be overridden

* Fixed yaml indentation and markdown

* Moved docker_dns_search_domains to defaults
2020-08-01 00:29:41 -07:00
Florian Ruynat
bf6168fca8
Move fedora30 jobs to fedora32 (#6426) 2020-07-30 23:31:07 -07:00
Maxime Guyot
214e08f8c9
Fix ansible-lint E305 (#6459) 2020-07-28 01:39:08 -07:00
Maxime Guyot
e70f27dd79
Add noqa and disable .ansible-lint global exclusions (#6410) 2020-07-27 06:24:17 -07:00
Florian Ruynat
aa21edeb53
Update docker package to 19.03.12 (#6439) 2020-07-22 09:26:06 -07:00
Joel Seguillon
4c1e0b188d
Add .editorconfig file (#6307) 2020-06-29 12:39:59 -07:00
Florian Ruynat
953bc8dee2
Update docker & docker-cli to 19.03.11 (#6225) 2020-06-07 23:55:46 -07:00
Lovro Seder
5dd85197af
Manage containerd.io package with docker CRI. (#6218)
* Manage containerd.io package with docker CRI.

* Refactor common containerd stuff to separate role

* Fix check mode and unnecessary shell.
2020-06-05 05:55:44 -07:00
Florian Ruynat
6179405e84
Update docker default to 19.03 - cleanup docker docs & refs (#6153) 2020-05-28 00:52:02 -07:00
Florian Ruynat
e9ce7243b8
Match docker-cli version with docker-engine version (when available) (#6163) 2020-05-25 05:37:11 -07:00
tasekida
81292f9cf3
Fix apt update don't access Docker’s official repository for Ubuntu (#6106) 2020-05-13 07:06:26 -07:00
Hector S
a3131e271a
Removed env vars DOCKER_NETWORK_OPTIONS and INSECURE_REGISTRY from docker.service.j2 (#6126) 2020-05-12 13:46:21 -07:00
Florian Ruynat
0bd23f720d
Fix docker fedora packages (#6097) 2020-05-08 15:39:51 -07:00
Maxime Guyot
3134dd4c0d
Drop support for Fedora 28 and add Fedora 30 and 31 (#5969) 2020-04-18 06:35:36 -07:00
aharrisson
b6341287bb
Add Molecule to Docker role (#5129)
* Add Molecule for container-engine/docker

* Add bootstrap-os to Molecule prepare stage
2020-04-15 23:28:45 -07:00
Christopher Randles
d316b02d28
else condition required otherwise AnsibleUndefinedVariable is triggered (#5722) 2020-04-14 07:06:12 -07:00
Denis Kadyshev
7d1ab3374e
Proxy fixes (#5869)
* Fix proxy and module_hotfixes

On CentOS 8 with proxy ansible render inline `proxy` and `module_hotfixes` options.

For example:

`proxy=http://127.0.0.1:3128module_hotfixes=True`

But expected result:

```
proxy=http://127.0.0.1:3128
module_hotfixes=True
```

* Use ini_file module for work with ini files

* Prevent duplicates proxy= option in /etc/yum.conf

Module `lineinfile` is weak, use most powerful module `ini_file` and add or remove `proxy=` when `http_proxy` is defined or not.
2020-04-09 01:25:44 -07:00
Alexander Kross
c33a049292
Update docker RHEL/CentOS versions to the latest patch versions available. (#5872) 2020-04-08 10:09:45 -07:00
Maxime Guyot
7eaa7c957a
Fix conntrack for opensuse and docker support (#5880) 2020-04-08 07:37:44 -07:00