7cbe3c2171
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version remove empty when line ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version force kubeadm upgrade due to failure without --force flag ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version added nodeSelector to have compatibility with hybrid cluster with win nodes, also fix for download with missing container type fixes in syntax and LF for newline in files fix on yamllint check ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version some cleanup for innecesary lines remove conditions for nodeselector
179 lines
6.1 KiB
YAML
179 lines
6.1 KiB
YAML
---
|
|
- name: gather os specific variables
|
|
include_vars: "{{ item }}"
|
|
with_first_found:
|
|
- files:
|
|
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_version|lower|replace('/', '_') }}.yml"
|
|
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_release }}.yml"
|
|
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_major_version|lower|replace('/', '_') }}.yml"
|
|
- "{{ ansible_distribution|lower }}.yml"
|
|
- "{{ ansible_os_family|lower }}-{{ ansible_architecture }}.yml"
|
|
- "{{ ansible_os_family|lower }}.yml"
|
|
- defaults.yml
|
|
paths:
|
|
- ../vars
|
|
skip: true
|
|
tags:
|
|
- facts
|
|
|
|
# https://yum.dockerproject.org/repo/main/opensuse/ contains packages for an EOL
|
|
# openSUSE version so we can't use it. The only alternative is to use the docker
|
|
# packages from the distribution repositories.
|
|
- name: Warn about Docker version on SUSE
|
|
debug:
|
|
msg: "SUSE distributions always install Docker from the distro repos"
|
|
when: ansible_pkg_mgr == 'zypper'
|
|
|
|
- include_tasks: set_facts_dns.yml
|
|
when: dns_mode != 'none' and resolvconf_mode == 'docker_dns'
|
|
tags:
|
|
- facts
|
|
|
|
- name: check for minimum kernel version
|
|
fail:
|
|
msg: >
|
|
docker requires a minimum kernel version of
|
|
{{ docker_kernel_min_version }} on
|
|
{{ ansible_distribution }}-{{ ansible_distribution_version }}
|
|
when: (not ansible_os_family in ["CoreOS", "Container Linux by CoreOS"]) and (ansible_kernel|version_compare(docker_kernel_min_version, "<"))
|
|
tags:
|
|
- facts
|
|
|
|
- import_tasks: pre-upgrade.yml
|
|
|
|
- name: ensure docker-ce repository public key is installed
|
|
action: "{{ docker_repo_key_info.pkg_key }}"
|
|
args:
|
|
id: "{{item}}"
|
|
url: "{{docker_repo_key_info.url}}"
|
|
state: present
|
|
register: keyserver_task_result
|
|
until: keyserver_task_result|succeeded
|
|
retries: 4
|
|
delay: "{{ retry_stagger | random + 3 }}"
|
|
with_items: "{{ docker_repo_key_info.repo_keys }}"
|
|
when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse"] or is_atomic)
|
|
|
|
- name: ensure docker-ce repository is enabled
|
|
action: "{{ docker_repo_info.pkg_repo }}"
|
|
args:
|
|
repo: "{{item}}"
|
|
state: present
|
|
with_items: "{{ docker_repo_info.repos }}"
|
|
when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse"] or is_atomic) and (docker_repo_info.repos|length > 0)
|
|
|
|
- name: ensure docker-engine repository public key is installed
|
|
action: "{{ dockerproject_repo_key_info.pkg_key }}"
|
|
args:
|
|
id: "{{item}}"
|
|
url: "{{dockerproject_repo_key_info.url}}"
|
|
state: present
|
|
register: keyserver_task_result
|
|
until: keyserver_task_result|succeeded
|
|
retries: 4
|
|
delay: "{{ retry_stagger | random + 3 }}"
|
|
with_items: "{{ dockerproject_repo_key_info.repo_keys }}"
|
|
when:
|
|
- not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse"] or is_atomic)
|
|
- use_docker_engine is defined and use_docker_engine
|
|
|
|
- name: ensure docker-engine repository is enabled
|
|
action: "{{ dockerproject_repo_info.pkg_repo }}"
|
|
args:
|
|
repo: "{{item}}"
|
|
state: present
|
|
with_items: "{{ dockerproject_repo_info.repos }}"
|
|
when:
|
|
- use_docker_engine is defined and use_docker_engine
|
|
- not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse"] or is_atomic) and (dockerproject_repo_info.repos|length > 0)
|
|
|
|
- name: Configure docker repository on RedHat/CentOS
|
|
template:
|
|
src: "rh_docker.repo.j2"
|
|
dest: "{{ yum_repo_dir }}/docker.repo"
|
|
when: ansible_distribution in ["CentOS","RedHat"] and not is_atomic
|
|
|
|
- name: Copy yum.conf for editing
|
|
copy:
|
|
src: "{{ yum_conf }}"
|
|
dest: "{{ docker_yum_conf }}"
|
|
remote_src: yes
|
|
when: ansible_distribution in ["CentOS","RedHat"] and not is_atomic
|
|
|
|
- name: Edit copy of yum.conf to set obsoletes=0
|
|
lineinfile:
|
|
path: "{{ docker_yum_conf }}"
|
|
state: present
|
|
regexp: '^obsoletes='
|
|
line: 'obsoletes=0'
|
|
when: ansible_distribution in ["CentOS","RedHat"] and not is_atomic
|
|
|
|
|
|
- name: ensure docker packages are installed
|
|
action: "{{ docker_package_info.pkg_mgr }}"
|
|
args:
|
|
pkg: "{{item.name}}"
|
|
force: "{{item.force|default(omit)}}"
|
|
conf_file: "{{item.yum_conf|default(omit)}}"
|
|
state: present
|
|
update_cache: yes
|
|
register: docker_task_result
|
|
until: docker_task_result|succeeded
|
|
retries: 4
|
|
delay: "{{ retry_stagger | random + 3 }}"
|
|
with_items: "{{ docker_package_info.pkgs }}"
|
|
notify: restart docker
|
|
when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] or is_atomic) and (docker_package_info.pkgs|length > 0)
|
|
ignore_errors: true
|
|
|
|
- name: get available packages on Ubuntu
|
|
command: apt-cache policy docker-ce
|
|
when: docker_task_result|failed
|
|
register: available_packages
|
|
|
|
- name: show available packages on ubuntu
|
|
fail:
|
|
msg: "{{available_packages}}"
|
|
when: docker_task_result|failed
|
|
|
|
# This is required to ensure any apt upgrade will not break kubernetes
|
|
- name: Set docker pin priority to apt_preferences on Debian family
|
|
template:
|
|
src: "apt_preferences.d/debian_docker.j2"
|
|
dest: "/etc/apt/preferences.d/docker"
|
|
owner: "root"
|
|
mode: 0644
|
|
when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse"] or is_atomic)
|
|
|
|
- name: ensure service is started if docker packages are already present
|
|
service:
|
|
name: docker
|
|
state: started
|
|
when: docker_task_result is not changed
|
|
|
|
- name: flush handlers so we can wait for docker to come up
|
|
meta: flush_handlers
|
|
|
|
- name: set fact for docker_version
|
|
command: "docker version -f '{{ '{{' }}.Client.Version{{ '}}' }}'"
|
|
register: installed_docker_version
|
|
changed_when: false
|
|
|
|
- name: check minimum docker version for docker_dns mode. You need at least docker version >= 1.12 for resolvconf_mode=docker_dns
|
|
fail:
|
|
msg: "You need at least docker version >= 1.12 for resolvconf_mode=docker_dns"
|
|
when: >
|
|
dns_mode != 'none' and
|
|
resolvconf_mode == 'docker_dns' and
|
|
installed_docker_version.stdout|version_compare('1.12', '<')
|
|
|
|
- name: Set docker systemd config
|
|
import_tasks: systemd.yml
|
|
|
|
- name: ensure docker service is started and enabled
|
|
service:
|
|
name: "{{ item }}"
|
|
enabled: yes
|
|
state: started
|
|
with_items:
|
|
- docker
|