Enable ClearLinux as a distro in kubespray (#3855)

Signed-off-by: Ganesh Maharaj Mahalingam <ganesh.mahalingam@intel.com>

roles/container-engine/cri-o/tasks/main.yaml

@@ -24,6 +24,14 @@
     gpgcheck: no
   when: ansible_distribution in ["CentOS","RedHat"] and not is_atomic
 
+- name: Make sure needed folders exist in the system
+  with_items:
+    - /etc/crio
+    - /etc/containers
+  file:
+    path: "{{ item }}"
+    state: directory
+
 - name: Install cri-o packages
   package:
     name: "{{ item }}"

roles/container-engine/cri-o/templates/crio.conf.j2

@@ -107,7 +107,11 @@ selinux = {{ (preinstall_selinux_state == 'enforcing')|lower }}
 
 # seccomp_profile is the seccomp json profile path which is used as the
 # default for the runtime.
+{% if ansible_os_family == "ClearLinux" %}
+seccomp_profile = "/usr/share/defaults/crio/seccomp.json"
+{% else %}
 seccomp_profile = "/etc/crio/seccomp.json"
+{% endif %}
 
 # apparmor_profile is the apparmor profile name which is used as the
 # default for the runtime.
@@ -199,7 +203,11 @@ pause_command = "/pause"
 # use when deciding whether or not to trust an image that we've pulled.
 # Outside of testing situations, it is strongly advised that this be left
 # unspecified so that the default system-wide policy will be used.
+{% if ansible_os_family == "ClearLinux" %}
+signature_policy = "/usr/share/defaults/crio/policy.json"
+{% else %}
 signature_policy = ""
+{% endif %}
 
 # image_volumes controls how image volumes are handled.
 # The valid values are mkdir and ignore.

roles/container-engine/cri-o/vars/clearlinux.yml

@@ -0,0 +1,5 @@
+---
+crio_packages:
+  - containers-basic
+
+crio_service: crio

roles/container-engine/docker/tasks/main.yml

@@ -45,7 +45,7 @@
           docker requires a minimum kernel version of
           {{ docker_kernel_min_version }} on
           {{ ansible_distribution }}-{{ ansible_distribution_version }}
-  when: (not ansible_os_family in ["CoreOS", "Container Linux by CoreOS"]) and (ansible_kernel is version(docker_kernel_min_version, "<"))
+  when: (not ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "ClearLinux"]) and (ansible_kernel is version(docker_kernel_min_version, "<"))
   tags:
     - facts
 
@@ -62,7 +62,7 @@
   retries: 4
   delay: "{{ retry_stagger | d(3) }}"
   with_items: "{{ docker_repo_key_info.repo_keys }}"
-  when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse"] or is_atomic)
+  when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse", "ClearLinux"] or is_atomic)
 
 - name: ensure docker-ce repository is enabled
   action: "{{ docker_repo_info.pkg_repo }}"
@@ -70,7 +70,7 @@
     repo: "{{item}}"
     state: present
   with_items: "{{ docker_repo_info.repos }}"
-  when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse"] or is_atomic) and (docker_repo_info.repos|length > 0)
+  when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse", "ClearLinux"] or is_atomic) and (docker_repo_info.repos|length > 0)
 
 - name: ensure docker-engine repository public key is installed
   action: "{{ dockerproject_repo_key_info.pkg_key }}"
@@ -84,7 +84,7 @@
   delay: "{{ retry_stagger | d(3) }}"
   with_items: "{{ dockerproject_repo_key_info.repo_keys }}"
   when:
-    - not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse"] or is_atomic)
+    - not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse", "ClearLinux"] or is_atomic)
     - use_docker_engine is defined and use_docker_engine
 
 - name: ensure docker-engine repository is enabled
@@ -95,7 +95,7 @@
   with_items: "{{ dockerproject_repo_info.repos }}"
   when:
     - use_docker_engine is defined and use_docker_engine
-    - not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse"] or is_atomic) and (dockerproject_repo_info.repos|length > 0)
+    - not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse", "ClearLinux"] or is_atomic) and (dockerproject_repo_info.repos|length > 0)
 
 - name: Configure docker repository on Fedora
   template:
@@ -138,9 +138,23 @@
   delay: "{{ retry_stagger | d(3) }}"
   with_items: "{{ docker_package_info.pkgs }}"
   notify: restart docker
-  when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] or is_atomic) and (docker_package_info.pkgs|length > 0)
+  when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "ClearLinux"] or is_atomic) and (docker_package_info.pkgs|length > 0)
   ignore_errors: true
 
+- name: Ensure docker packages are installed
+  action: "{{ docker_package_info.pkg_mgr }}"
+  args:
+    name: "{{ item.name }}"
+    state: present
+  with_items: "{{ docker_package_info.pkgs }}"
+  register: docker_task_result
+  until: docker_task_result is succeeded
+  retries: 4
+  delay: "{{ retry_stagger | d(3) }}"
+  notify: restart docker
+  ignore_errors: true
+  when: ansible_os_family in ["ClearLinux"]
+
 - name: get available packages on Ubuntu
   command: apt-cache policy docker-ce
   when:
@@ -162,7 +176,7 @@
     dest: "/etc/apt/preferences.d/docker"
     owner: "root"
     mode: 0644
-  when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse"] or is_atomic)
+  when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "ClearLinux", "RedHat", "Suse"] or is_atomic)
 
 - name: ensure service is started if docker packages are already present
   service:

roles/container-engine/docker/vars/clearlinux.yml

@@ -0,0 +1,5 @@
+---
+docker_package_info:
+  pkg_mgr: swupd
+  pkgs:
+    - name: "containers-basic"