From 2af71f31b45b8568c18a8833a20529ba3c835768 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Tue, 2 Aug 2016 10:55:42 +0200 Subject: [PATCH 1/3] Rework systemd service units * Add for docker system units: ExecReload=/bin/kill -s HUP $MAINPID Delegate=yes KillMode=process. * Add missed DOCKER_OPTIONS for calico/weave docker systemd unit. * Change Requires= to a less strict and non-faily Wants=, add missing Wants= for After=. * Align wants/after in a wat if Wants=foo, After= has foo as well. * Make wants/after docker.service to ask for the docker.socket as well. * Move "docker rm -f" commands from ExecStartPre= to ExecStopPost=. hooks to ensure non-destructive start attempts issued by Wants=. Signed-off-by: Bogdan Dobrelya --- roles/etcd/templates/etcd-docker.service.j2 | 6 +++--- roles/etcd/templates/etcd-proxy-docker.service.j2 | 6 +++--- roles/kubernetes/node/templates/kubelet.service.j2 | 8 +++++--- .../calico/templates/calico-node.service.j2 | 4 ++-- .../calico/templates/systemd-docker.service | 7 +++++-- .../flannel/templates/systemd-docker.service | 10 +++++++--- .../weave/templates/systemd-docker.service | 8 ++++++-- roles/network_plugin/weave/templates/weave.service.j2 | 4 ++-- .../weave/templates/weaveexpose.service.j2 | 6 ++---- .../weave/templates/weaveproxy.service.j2 | 4 ++-- 10 files changed, 37 insertions(+), 26 deletions(-) diff --git a/roles/etcd/templates/etcd-docker.service.j2 b/roles/etcd/templates/etcd-docker.service.j2 index a37759fec..4b6cec5c9 100644 --- a/roles/etcd/templates/etcd-docker.service.j2 +++ b/roles/etcd/templates/etcd-docker.service.j2 @@ -1,7 +1,7 @@ [Unit] Description=etcd docker wrapper -Wants=docker.socket -After=docker.service +Wants=docker.service docker.socket +After=docker.service docker.socket [Service] User=root @@ -18,7 +18,7 @@ ExecStart={{ docker_bin_dir | default("/usr/bin") }}/docker run --restart=always {% if etcd_after_v3 %} {{ etcd_container_bin_dir }}etcd {% endif %} -ExecStartPre=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_member_name | default("etcd-proxy") }} +ExecStopPost=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_member_name | default("etcd-proxy") }} ExecReload={{ docker_bin_dir | default("/usr/bin") }}/docker restart {{ etcd_member_name | default("etcd-proxy") }} ExecStop={{ docker_bin_dir | default("/usr/bin") }}/docker stop {{ etcd_member_name | default("etcd-proxy") }} Restart=always diff --git a/roles/etcd/templates/etcd-proxy-docker.service.j2 b/roles/etcd/templates/etcd-proxy-docker.service.j2 index bf70f0e7f..939e6fd35 100644 --- a/roles/etcd/templates/etcd-proxy-docker.service.j2 +++ b/roles/etcd/templates/etcd-proxy-docker.service.j2 @@ -1,7 +1,7 @@ [Unit] Description=etcd-proxy docker wrapper -Wants=docker.socket -After=docker.service +Wants=docker.service docker.socket +After=docker.service docker.socket [Service] User=root @@ -18,7 +18,7 @@ ExecStart={{ docker_bin_dir | default("/usr/bin") }}/docker run --restart=always {% if etcd_after_v3 %} {{ etcd_container_bin_dir }}etcd {% endif %} -ExecStartPre=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_proxy_member_name | default("etcd-proxy") }} +ExecStopPost=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_proxy_member_name | default("etcd-proxy") }} ExecReload={{ docker_bin_dir | default("/usr/bin") }}/docker restart {{ etcd_proxy_member_name | default("etcd-proxy") }} ExecStop={{ docker_bin_dir | default("/usr/bin") }}/docker stop {{ etcd_proxy_member_name | default("etcd-proxy") }} Restart=always diff --git a/roles/kubernetes/node/templates/kubelet.service.j2 b/roles/kubernetes/node/templates/kubelet.service.j2 index acad42e1f..e92f71d51 100644 --- a/roles/kubernetes/node/templates/kubelet.service.j2 +++ b/roles/kubernetes/node/templates/kubelet.service.j2 @@ -2,9 +2,11 @@ Description=Kubernetes Kubelet Server Documentation=https://github.com/GoogleCloudPlatform/kubernetes {% if kube_network_plugin is defined and kube_network_plugin == "calico" %} -After=docker.service calico-node.service +After=docker.service docker.socket calico-node.service +Wants=docker.service docker.socket calico-node.service {% else %} -After=docker.service +After=docker.service docker.socket +Wants=docker.service docker.socket {% endif %} [Service] @@ -22,7 +24,7 @@ ExecStart={{ bin_dir }}/kubelet \ $KUBELET_REGISTER_NODE \ $KUBELET_NETWORK_PLUGIN \ $KUBELET_CLOUDPROVIDER -ExecStartPre=-/usr/bin/docker rm -f kubelet +ExecStopPost=-/usr/bin/docker rm -f kubelet ExecReload=/usr/bin/docker restart kubelet Restart=always RestartSec=10s diff --git a/roles/network_plugin/calico/templates/calico-node.service.j2 b/roles/network_plugin/calico/templates/calico-node.service.j2 index 115da35ae..152ecce64 100644 --- a/roles/network_plugin/calico/templates/calico-node.service.j2 +++ b/roles/network_plugin/calico/templates/calico-node.service.j2 @@ -1,8 +1,8 @@ [Unit] Description=Calico per-node agent Documentation=https://github.com/projectcalico/calico-docker -After=docker.service etcd-proxy.service -Wants=docker.socket +After=docker.service docker.socket etcd-proxy.service +Wants=docker.service docker.socket etcd-proxy.service [Service] User=root diff --git a/roles/network_plugin/calico/templates/systemd-docker.service b/roles/network_plugin/calico/templates/systemd-docker.service index 01383d772..d20a2fbe0 100644 --- a/roles/network_plugin/calico/templates/systemd-docker.service +++ b/roles/network_plugin/calico/templates/systemd-docker.service @@ -2,11 +2,11 @@ Description=Docker Application Container Engine Documentation=http://docs.docker.com {% if ansible_os_family == "RedHat" %} -After=network.target +After=network.target docker-storage-setup.service Wants=docker-storage-setup.service {% elif ansible_os_family == "Debian" %} After=network.target docker.socket -Requires=docker.socket +Wants=docker.socket {% endif %} [Service] @@ -20,6 +20,9 @@ EnvironmentFile=-/etc/sysconfig/docker-storage EnvironmentFile=-/etc/default/docker {% endif %} Environment=GOTRACEBACK=crash +ExecReload=/bin/kill -s HUP $MAINPID +Delegate=yes +KillMode=process ExecStart=/usr/bin/docker daemon \ $OPTIONS \ $DOCKER_STORAGE_OPTIONS \ diff --git a/roles/network_plugin/flannel/templates/systemd-docker.service b/roles/network_plugin/flannel/templates/systemd-docker.service index 3275c6e24..21790dd6f 100644 --- a/roles/network_plugin/flannel/templates/systemd-docker.service +++ b/roles/network_plugin/flannel/templates/systemd-docker.service @@ -2,22 +2,26 @@ Description=Docker Application Container Engine Documentation=http://docs.docker.com {% if ansible_os_family == "RedHat" %} -After=network.target +After=network.target docker-storage-setup.service Wants=docker-storage-setup.service {% elif ansible_os_family == "Debian" %} After=network.target docker.socket -Requires=docker.socket +Wants=docker.socket {% endif %} [Service] Type=notify EnvironmentFile=-/etc/default/docker Environment=GOTRACEBACK=crash +ExecReload=/bin/kill -s HUP $MAINPID +Delegate=yes +KillMode=process ExecStart=/usr/bin/docker daemon \ $OPTIONS \ $DOCKER_STORAGE_OPTIONS \ $DOCKER_NETWORK_OPTIONS \ - $INSECURE_REGISTRY + $INSECURE_REGISTRY \ + $DOCKER_OPTS LimitNOFILE=1048576 LimitNPROC=1048576 LimitCORE=infinity diff --git a/roles/network_plugin/weave/templates/systemd-docker.service b/roles/network_plugin/weave/templates/systemd-docker.service index 3275c6e24..96dd6cd05 100644 --- a/roles/network_plugin/weave/templates/systemd-docker.service +++ b/roles/network_plugin/weave/templates/systemd-docker.service @@ -6,18 +6,22 @@ After=network.target Wants=docker-storage-setup.service {% elif ansible_os_family == "Debian" %} After=network.target docker.socket -Requires=docker.socket +Wants=docker.socket {% endif %} [Service] Type=notify EnvironmentFile=-/etc/default/docker Environment=GOTRACEBACK=crash +ExecReload=/bin/kill -s HUP $MAINPID +Delegate=yes +KillMode=process ExecStart=/usr/bin/docker daemon \ $OPTIONS \ $DOCKER_STORAGE_OPTIONS \ $DOCKER_NETWORK_OPTIONS \ - $INSECURE_REGISTRY + $INSECURE_REGISTRY \ + $DOCKER_OPTS LimitNOFILE=1048576 LimitNPROC=1048576 LimitCORE=infinity diff --git a/roles/network_plugin/weave/templates/weave.service.j2 b/roles/network_plugin/weave/templates/weave.service.j2 index a4e9e8d8e..46d9434fe 100644 --- a/roles/network_plugin/weave/templates/weave.service.j2 +++ b/roles/network_plugin/weave/templates/weave.service.j2 @@ -1,8 +1,8 @@ [Unit] Description=Weave Network Documentation=http://docs.weave.works/weave/latest_release/ -Requires=docker.service -After=docker.service +Wants=docker.service docker.socket +After=docker.service docker.socket [Service] EnvironmentFile=-/etc/weave.env diff --git a/roles/network_plugin/weave/templates/weaveexpose.service.j2 b/roles/network_plugin/weave/templates/weaveexpose.service.j2 index 03446ee0f..912ed1fee 100644 --- a/roles/network_plugin/weave/templates/weaveexpose.service.j2 +++ b/roles/network_plugin/weave/templates/weaveexpose.service.j2 @@ -1,9 +1,7 @@ [Unit] Documentation=http://docs.weave.works/ -Requires=docker.service -Requires=weave.service -After=weave.service -After=docker.service +Wants=docker.service docker.socket weave.service +After=docker.service docker.socket weave.service [Service] Type=oneshot diff --git a/roles/network_plugin/weave/templates/weaveproxy.service.j2 b/roles/network_plugin/weave/templates/weaveproxy.service.j2 index fe5032893..f37120f1c 100644 --- a/roles/network_plugin/weave/templates/weaveproxy.service.j2 +++ b/roles/network_plugin/weave/templates/weaveproxy.service.j2 @@ -1,8 +1,8 @@ [Unit] Description=Weave proxy for Docker API Documentation=http://docs.weave.works/ -Requires=docker.service -After=docker.service +Wants=docker.service docker.socket +After=docker.service docker.socket [Service] EnvironmentFile=-/etc/weave.%H.env From e8a1c7a53f9e81b425f5bf12b549ddb199562d1b Mon Sep 17 00:00:00 2001 From: Matthew Mosesohn Date: Tue, 2 Aug 2016 13:42:27 +0300 Subject: [PATCH 2/3] Move docker systemd unit creation to docker role Creating the unit using default settings early on and then changing it during network_plugin section leads to too many docker restarts and duplicated code. Reversed Wants= dependence on docker.service so it does not restart docker when reloading systemd Consolidated all docker restart handlers. --- roles/docker/handlers/main.yml | 12 +++++++ roles/docker/tasks/main.yml | 8 +++++ .../templates/systemd-docker.service.j2} | 3 +- roles/etcd/templates/etcd-docker.service.j2 | 6 ++-- .../templates/etcd-proxy-docker.service.j2 | 6 ++-- .../node/templates/kubelet.service.j2 | 8 ++--- roles/network_plugin/calico/tasks/main.yml | 7 ---- .../calico/templates/calico-node.service.j2 | 2 +- .../network_plugin/flannel/handlers/main.yml | 16 ---------- roles/network_plugin/flannel/tasks/main.yml | 7 ---- .../flannel/templates/systemd-docker.service | 32 ------------------- roles/network_plugin/meta/main.yml | 1 + roles/network_plugin/weave/handlers/main.yml | 11 ------- roles/network_plugin/weave/tasks/main.yml | 9 +----- .../weave/templates/systemd-docker.service | 32 ------------------- .../weave/templates/weave.service.j2 | 2 +- .../weave/templates/weaveexpose.service.j2 | 2 +- .../weave/templates/weaveproxy.service.j2 | 2 +- 18 files changed, 38 insertions(+), 128 deletions(-) rename roles/{network_plugin/calico/templates/systemd-docker.service => docker/templates/systemd-docker.service.j2} (96%) delete mode 100644 roles/network_plugin/flannel/templates/systemd-docker.service delete mode 100644 roles/network_plugin/weave/templates/systemd-docker.service diff --git a/roles/docker/handlers/main.yml b/roles/docker/handlers/main.yml index 79db42f92..6f54f33d5 100644 --- a/roles/docker/handlers/main.yml +++ b/roles/docker/handlers/main.yml @@ -4,6 +4,8 @@ notify: - Docker | reload systemd - Docker | reload docker + - Docker | pause while Docker restarts + - Docker | wait for docker - name : Docker | reload systemd shell: systemctl daemon-reload @@ -13,3 +15,13 @@ service: name: docker state: restarted + +- name: Docker | pause while Docker restarts + pause: seconds=10 prompt="Waiting for docker restart" + +- name: Docker | wait for docker + command: /usr/bin/docker images + register: docker_ready + retries: 10 + delay: 5 + until: docker_ready.rc == 0 diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 03db20c75..6d71c4980 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -59,6 +59,14 @@ when: ansible_service_mgr == "systemd" and (http_proxy is defined or https_proxy is defined or no_proxy is defined) +- name: Write docker.service systemd file + template: + src: systemd-docker.service.j2 + dest: /etc/systemd/system/docker.service + register: docker_service_file + notify: restart docker + when: ansible_service_mgr == "systemd" and ansible_os_family != "CoreOS" + - meta: flush_handlers - name: ensure docker service is started and enabled diff --git a/roles/network_plugin/calico/templates/systemd-docker.service b/roles/docker/templates/systemd-docker.service.j2 similarity index 96% rename from roles/network_plugin/calico/templates/systemd-docker.service rename to roles/docker/templates/systemd-docker.service.j2 index d20a2fbe0..b19b1caaf 100644 --- a/roles/network_plugin/calico/templates/systemd-docker.service +++ b/roles/docker/templates/systemd-docker.service.j2 @@ -29,11 +29,12 @@ ExecStart=/usr/bin/docker daemon \ $DOCKER_NETWORK_OPTIONS \ $INSECURE_REGISTRY \ $DOCKER_OPTS +TasksMax=infinity LimitNOFILE=1048576 LimitNPROC=1048576 LimitCORE=infinity -MountFlags=slave TimeoutStartSec=1min +Restart=on-abnormal [Install] WantedBy=multi-user.target diff --git a/roles/etcd/templates/etcd-docker.service.j2 b/roles/etcd/templates/etcd-docker.service.j2 index 4b6cec5c9..a37759fec 100644 --- a/roles/etcd/templates/etcd-docker.service.j2 +++ b/roles/etcd/templates/etcd-docker.service.j2 @@ -1,7 +1,7 @@ [Unit] Description=etcd docker wrapper -Wants=docker.service docker.socket -After=docker.service docker.socket +Wants=docker.socket +After=docker.service [Service] User=root @@ -18,7 +18,7 @@ ExecStart={{ docker_bin_dir | default("/usr/bin") }}/docker run --restart=always {% if etcd_after_v3 %} {{ etcd_container_bin_dir }}etcd {% endif %} -ExecStopPost=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_member_name | default("etcd-proxy") }} +ExecStartPre=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_member_name | default("etcd-proxy") }} ExecReload={{ docker_bin_dir | default("/usr/bin") }}/docker restart {{ etcd_member_name | default("etcd-proxy") }} ExecStop={{ docker_bin_dir | default("/usr/bin") }}/docker stop {{ etcd_member_name | default("etcd-proxy") }} Restart=always diff --git a/roles/etcd/templates/etcd-proxy-docker.service.j2 b/roles/etcd/templates/etcd-proxy-docker.service.j2 index 939e6fd35..bf70f0e7f 100644 --- a/roles/etcd/templates/etcd-proxy-docker.service.j2 +++ b/roles/etcd/templates/etcd-proxy-docker.service.j2 @@ -1,7 +1,7 @@ [Unit] Description=etcd-proxy docker wrapper -Wants=docker.service docker.socket -After=docker.service docker.socket +Wants=docker.socket +After=docker.service [Service] User=root @@ -18,7 +18,7 @@ ExecStart={{ docker_bin_dir | default("/usr/bin") }}/docker run --restart=always {% if etcd_after_v3 %} {{ etcd_container_bin_dir }}etcd {% endif %} -ExecStopPost=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_proxy_member_name | default("etcd-proxy") }} +ExecStartPre=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_proxy_member_name | default("etcd-proxy") }} ExecReload={{ docker_bin_dir | default("/usr/bin") }}/docker restart {{ etcd_proxy_member_name | default("etcd-proxy") }} ExecStop={{ docker_bin_dir | default("/usr/bin") }}/docker stop {{ etcd_proxy_member_name | default("etcd-proxy") }} Restart=always diff --git a/roles/kubernetes/node/templates/kubelet.service.j2 b/roles/kubernetes/node/templates/kubelet.service.j2 index e92f71d51..ad62d8562 100644 --- a/roles/kubernetes/node/templates/kubelet.service.j2 +++ b/roles/kubernetes/node/templates/kubelet.service.j2 @@ -3,10 +3,10 @@ Description=Kubernetes Kubelet Server Documentation=https://github.com/GoogleCloudPlatform/kubernetes {% if kube_network_plugin is defined and kube_network_plugin == "calico" %} After=docker.service docker.socket calico-node.service -Wants=docker.service docker.socket calico-node.service +Wants=docker.socket calico-node.service {% else %} -After=docker.service docker.socket -Wants=docker.service docker.socket +After=docker.service +Wants=docker.socket {% endif %} [Service] @@ -24,7 +24,7 @@ ExecStart={{ bin_dir }}/kubelet \ $KUBELET_REGISTER_NODE \ $KUBELET_NETWORK_PLUGIN \ $KUBELET_CLOUDPROVIDER -ExecStopPost=-/usr/bin/docker rm -f kubelet +ExecStartPre=-/usr/bin/docker rm -f kubelet ExecReload=/usr/bin/docker restart kubelet Restart=always RestartSec=10s diff --git a/roles/network_plugin/calico/tasks/main.yml b/roles/network_plugin/calico/tasks/main.yml index a4c32c1c0..510b8af82 100644 --- a/roles/network_plugin/calico/tasks/main.yml +++ b/roles/network_plugin/calico/tasks/main.yml @@ -10,13 +10,6 @@ - restart docker when: ansible_os_family != "CoreOS" -- name: Calico | Write docker.service systemd file - template: - src: systemd-docker.service - dest: /lib/systemd/system/docker.service - notify: restart docker - when: ansible_service_mgr == "systemd" and ansible_os_family != "CoreOS" - - meta: flush_handlers - name: Calico | Install calicoctl container script diff --git a/roles/network_plugin/calico/templates/calico-node.service.j2 b/roles/network_plugin/calico/templates/calico-node.service.j2 index 152ecce64..4c709705d 100644 --- a/roles/network_plugin/calico/templates/calico-node.service.j2 +++ b/roles/network_plugin/calico/templates/calico-node.service.j2 @@ -2,7 +2,7 @@ Description=Calico per-node agent Documentation=https://github.com/projectcalico/calico-docker After=docker.service docker.socket etcd-proxy.service -Wants=docker.service docker.socket etcd-proxy.service +Wants=docker.socket etcd-proxy.service [Service] User=root diff --git a/roles/network_plugin/flannel/handlers/main.yml b/roles/network_plugin/flannel/handlers/main.yml index 1982765d4..a503569f6 100644 --- a/roles/network_plugin/flannel/handlers/main.yml +++ b/roles/network_plugin/flannel/handlers/main.yml @@ -4,22 +4,6 @@ ignore_errors: yes notify: restart docker -- name: restart docker - command: /bin/true - notify: - - Flannel | reload systemd - - Flannel | reload docker - - Flannel | reload kubelet - -- name : Flannel | reload systemd - shell: systemctl daemon-reload - when: ansible_service_mgr == "systemd" - -- name: Flannel | reload docker - service: - name: docker - state: restarted - - name: Flannel | reload kubelet service: name: kubelet diff --git a/roles/network_plugin/flannel/tasks/main.yml b/roles/network_plugin/flannel/tasks/main.yml index 55c47d211..9588559f6 100644 --- a/roles/network_plugin/flannel/tasks/main.yml +++ b/roles/network_plugin/flannel/tasks/main.yml @@ -50,11 +50,4 @@ state: link when: ansible_os_family == "CoreOS" -- name: Flannel | Write docker.service systemd file - template: - src: systemd-docker.service - dest: /lib/systemd/system/docker.service - notify: restart docker - when: ansible_service_mgr == "systemd" and ansible_os_family != "CoreOS" - - meta: flush_handlers diff --git a/roles/network_plugin/flannel/templates/systemd-docker.service b/roles/network_plugin/flannel/templates/systemd-docker.service deleted file mode 100644 index 21790dd6f..000000000 --- a/roles/network_plugin/flannel/templates/systemd-docker.service +++ /dev/null @@ -1,32 +0,0 @@ -[Unit] -Description=Docker Application Container Engine -Documentation=http://docs.docker.com -{% if ansible_os_family == "RedHat" %} -After=network.target docker-storage-setup.service -Wants=docker-storage-setup.service -{% elif ansible_os_family == "Debian" %} -After=network.target docker.socket -Wants=docker.socket -{% endif %} - -[Service] -Type=notify -EnvironmentFile=-/etc/default/docker -Environment=GOTRACEBACK=crash -ExecReload=/bin/kill -s HUP $MAINPID -Delegate=yes -KillMode=process -ExecStart=/usr/bin/docker daemon \ - $OPTIONS \ - $DOCKER_STORAGE_OPTIONS \ - $DOCKER_NETWORK_OPTIONS \ - $INSECURE_REGISTRY \ - $DOCKER_OPTS -LimitNOFILE=1048576 -LimitNPROC=1048576 -LimitCORE=infinity -MountFlags=slave -TimeoutStartSec=1min - -[Install] -WantedBy=multi-user.target diff --git a/roles/network_plugin/meta/main.yml b/roles/network_plugin/meta/main.yml index 736262ab0..0dd36511b 100644 --- a/roles/network_plugin/meta/main.yml +++ b/roles/network_plugin/meta/main.yml @@ -6,3 +6,4 @@ dependencies: when: kube_network_plugin == 'flannel' - role: network_plugin/weave when: kube_network_plugin == 'weave' + - role: docker diff --git a/roles/network_plugin/weave/handlers/main.yml b/roles/network_plugin/weave/handlers/main.yml index f983ee579..e821e989b 100644 --- a/roles/network_plugin/weave/handlers/main.yml +++ b/roles/network_plugin/weave/handlers/main.yml @@ -1,10 +1,4 @@ --- -- name: Weave | restart docker - command: /bin/true - notify: - - Weave | reload systemd - - Weave | reload docker - - name: restart weave command: /bin/true notify: @@ -27,11 +21,6 @@ - Weave | reload systemd - reload weaveexpose -- name: Weave | reload docker - service: - name: docker - state: restarted - - name: reload weave service: name: weave diff --git a/roles/network_plugin/weave/tasks/main.yml b/roles/network_plugin/weave/tasks/main.yml index 5703dde97..eb56d8c9b 100644 --- a/roles/network_plugin/weave/tasks/main.yml +++ b/roles/network_plugin/weave/tasks/main.yml @@ -7,14 +7,7 @@ group: root mode: 0644 notify: - - Weave | restart docker - -- name: Write docker.service systemd file - template: - src: systemd-docker.service - dest: /lib/systemd/system/docker.service - notify: Weave | restart docker - when: ansible_service_mgr == "systemd" and ansible_os_family != "CoreOS" + - restart docker - name: Weave | Install weave command: rsync -piu "{{ local_release_dir }}/weave/bin/weave" "{{ bin_dir }}/weave" diff --git a/roles/network_plugin/weave/templates/systemd-docker.service b/roles/network_plugin/weave/templates/systemd-docker.service deleted file mode 100644 index 96dd6cd05..000000000 --- a/roles/network_plugin/weave/templates/systemd-docker.service +++ /dev/null @@ -1,32 +0,0 @@ -[Unit] -Description=Docker Application Container Engine -Documentation=http://docs.docker.com -{% if ansible_os_family == "RedHat" %} -After=network.target -Wants=docker-storage-setup.service -{% elif ansible_os_family == "Debian" %} -After=network.target docker.socket -Wants=docker.socket -{% endif %} - -[Service] -Type=notify -EnvironmentFile=-/etc/default/docker -Environment=GOTRACEBACK=crash -ExecReload=/bin/kill -s HUP $MAINPID -Delegate=yes -KillMode=process -ExecStart=/usr/bin/docker daemon \ - $OPTIONS \ - $DOCKER_STORAGE_OPTIONS \ - $DOCKER_NETWORK_OPTIONS \ - $INSECURE_REGISTRY \ - $DOCKER_OPTS -LimitNOFILE=1048576 -LimitNPROC=1048576 -LimitCORE=infinity -MountFlags=slave -TimeoutStartSec=1min - -[Install] -WantedBy=multi-user.target diff --git a/roles/network_plugin/weave/templates/weave.service.j2 b/roles/network_plugin/weave/templates/weave.service.j2 index 46d9434fe..e901c34e7 100644 --- a/roles/network_plugin/weave/templates/weave.service.j2 +++ b/roles/network_plugin/weave/templates/weave.service.j2 @@ -1,7 +1,7 @@ [Unit] Description=Weave Network Documentation=http://docs.weave.works/weave/latest_release/ -Wants=docker.service docker.socket +Wants=docker.socket After=docker.service docker.socket [Service] diff --git a/roles/network_plugin/weave/templates/weaveexpose.service.j2 b/roles/network_plugin/weave/templates/weaveexpose.service.j2 index 912ed1fee..f9931696e 100644 --- a/roles/network_plugin/weave/templates/weaveexpose.service.j2 +++ b/roles/network_plugin/weave/templates/weaveexpose.service.j2 @@ -1,6 +1,6 @@ [Unit] Documentation=http://docs.weave.works/ -Wants=docker.service docker.socket weave.service +Wants=docker.socket weave.service After=docker.service docker.socket weave.service [Service] diff --git a/roles/network_plugin/weave/templates/weaveproxy.service.j2 b/roles/network_plugin/weave/templates/weaveproxy.service.j2 index f37120f1c..29197296f 100644 --- a/roles/network_plugin/weave/templates/weaveproxy.service.j2 +++ b/roles/network_plugin/weave/templates/weaveproxy.service.j2 @@ -1,7 +1,7 @@ [Unit] Description=Weave proxy for Docker API Documentation=http://docs.weave.works/ -Wants=docker.service docker.socket +Wants=docker.socket After=docker.service docker.socket [Service] From e38258381fd0d111cd339ce3e334920d5898dbe9 Mon Sep 17 00:00:00 2001 From: Matthew Mosesohn Date: Mon, 1 Aug 2016 16:12:23 +0300 Subject: [PATCH 3/3] Wait for static pods when setting up Fixes #390 --- roles/kubernetes/master/handlers/main.yml | 37 +++++++++++++++++++++-- roles/kubernetes/master/tasks/main.yml | 9 ++---- 2 files changed, 37 insertions(+), 9 deletions(-) diff --git a/roles/kubernetes/master/handlers/main.yml b/roles/kubernetes/master/handlers/main.yml index a4082887b..87e3adc69 100644 --- a/roles/kubernetes/master/handlers/main.yml +++ b/roles/kubernetes/master/handlers/main.yml @@ -1,4 +1,35 @@ --- -- name: restart kube-apiserver - set_fact: - restart_apimaster: True +- name: Master | restart kubelet + command: /bin/true + notify: + - Kubelet | reload systemd + - Kubelet | reload kubelet + +- name: wait for master static pods + command: /bin/true + notify: + - wait for kube-scheduler + - wait for kube-controller-manager + +- name: Master | reload systemd + command: systemctl daemon-reload + when: ansible_service_mgr == "systemd" + +- name: Master | reload kubelet + service: + name: kubelet + state: restarted + +- name: wait for kube-scheduler + uri: url=http://localhost:10251/healthz + register: scheduler_result + until: scheduler_result.status == 200 + retries: 15 + delay: 5 + +- name: wait for kube-controller-manager + uri: url=http://localhost:10252/healthz + register: controller_manager_result + until: controller_manager_result.status == 200 + retries: 15 + delay: 5 diff --git a/roles/kubernetes/master/tasks/main.yml b/roles/kubernetes/master/tasks/main.yml index fe984ce17..9140ef36c 100644 --- a/roles/kubernetes/master/tasks/main.yml +++ b/roles/kubernetes/master/tasks/main.yml @@ -19,12 +19,7 @@ src: manifests/kube-apiserver.manifest.j2 dest: "{{ kube_manifest_dir }}/kube-apiserver.manifest" register: apiserver_manifest - -- name: restart kubelet - service: - name: kubelet - state: restarted - when: apiserver_manifest.changed + notify: Master | restart kubelet - name: wait for the apiserver to be running uri: url=http://localhost:8080/healthz @@ -58,8 +53,10 @@ template: src: manifests/kube-controller-manager.manifest.j2 dest: "{{ kube_manifest_dir }}/kube-controller-manager.manifest" + notify: wait for kube-controller-manager - name: Write kube-scheduler manifest template: src: manifests/kube-scheduler.manifest.j2 dest: "{{ kube_manifest_dir }}/kube-scheduler.manifest" + notify: wait for kube-scheduler