Fedora CoreOS support (#5657)

* fedora coreos support - bootstrap and new fact for * fedora coreos support - fix bootstrap condition * fedora coreos support - allow customize packages for fedora coreos bootstrap * fedora coreos support - prevent install ptyhon3 and epel via dnf for fedora coreos * fedora coreos support - handle all ostree like os in same way * fedora coreos support - handle all ostree like os in same way for crio * fedora coreos support - add fcos documentations
2026-02-04 19:18:17 -03:30 · 2020-03-17 11:12:21 +01:00
parent 974902af31
commit 876d4de6be
17 changed files with 222 additions and 48 deletions
--- a/roles/container-engine/docker/handlers/main.yml
+++ b/roles/container-engine/docker/handlers/main.yml
@@ -15,7 +15,7 @@
  service:
    name: docker.socket
    state: restarted
-  when: ansible_os_family in ['Coreos', 'CoreOS', 'Container Linux by CoreOS', 'Flatcar', 'Flatcar Container Linux by Kinvolk']
+  when: ansible_os_family in ['Coreos', 'CoreOS', 'Container Linux by CoreOS', 'Flatcar', 'Flatcar Container Linux by Kinvolk'] or is_fedora_coreos

 - name: Docker | reload docker
  service:
--- a/roles/container-engine/docker/tasks/main.yml
+++ b/roles/container-engine/docker/tasks/main.yml
@@ -1,12 +1,12 @@
 ---
- name: check if atomic host
+- name: check if atomic host or fedora coreos
  stat:
    path: /run/ostree-booted
  register: ostree

- name: set is_atomic
+- name: set is_ostree
  set_fact:
-    is_atomic: "{{ ostree.stat.exists }}"
+    is_ostree: "{{ ostree.stat.exists }}"

 - name: gather os specific variables
  include_vars: "{{ item }}"
@@ -60,7 +60,7 @@
  retries: 4
  delay: "{{ retry_stagger | d(3) }}"
  with_items: "{{ docker_repo_key_info.repo_keys }}"
-  when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "RedHat", "Suse", "ClearLinux"] or is_atomic)
+  when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "RedHat", "Suse", "ClearLinux"] or is_ostree)

 - name: ensure docker-ce repository is enabled
  action: "{{ docker_repo_info.pkg_repo }}"
@@ -68,7 +68,7 @@
    repo: "{{ item }}"
    state: present
  with_items: "{{ docker_repo_info.repos }}"
-  when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "RedHat", "Suse", "ClearLinux"] or is_atomic) and (docker_repo_info.repos|length > 0)
+  when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "RedHat", "Suse", "ClearLinux"] or is_ostree) and (docker_repo_info.repos|length > 0)

 - name: ensure docker-engine repository public key is installed
  action: "{{ dockerproject_repo_key_info.pkg_key }}"
@@ -82,7 +82,7 @@
  delay: "{{ retry_stagger | d(3) }}"
  with_items: "{{ dockerproject_repo_key_info.repo_keys }}"
  when:
-    - not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "RedHat", "Suse", "ClearLinux"] or is_atomic)
+    - not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "RedHat", "Suse", "ClearLinux"] or is_ostree)
    - use_docker_engine is defined and use_docker_engine

 - name: ensure docker-engine repository is enabled
@@ -93,13 +93,13 @@
  with_items: "{{ dockerproject_repo_info.repos }}"
  when:
    - use_docker_engine is defined and use_docker_engine
-    - not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "RedHat", "Suse", "ClearLinux"] or is_atomic) and (dockerproject_repo_info.repos|length > 0)
+    - not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "RedHat", "Suse", "ClearLinux"] or is_ostree) and (dockerproject_repo_info.repos|length > 0)

 - name: Configure docker repository on Fedora
  template:
    src: "fedora_docker.repo.j2"
    dest: "{{ yum_repo_dir }}/docker.repo"
-  when: ansible_distribution == "Fedora" and not is_atomic
+  when: ansible_distribution == "Fedora" and not is_ostree

 - name: Configure docker repository on RedHat/CentOS/Oracle Linux
  yum_repository:
@@ -110,13 +110,13 @@
    gpgkey: "{{ docker_rh_repo_gpgkey }}"
    keepcache: "{{ docker_rpm_keepcache | default('1') }}"
    proxy: " {{ http_proxy | default('_none_') }}"
-  when: ansible_distribution in ["CentOS","RedHat","OracleLinux"] and not is_atomic
+  when: ansible_distribution in ["CentOS","RedHat","OracleLinux"] and not is_ostree

 - name: check if container-selinux is available
  yum:
    list: "container-selinux"
  register: yum_result
-  when: ansible_distribution in ["CentOS","RedHat"] and not is_atomic
+  when: ansible_distribution in ["CentOS","RedHat"] and not is_ostree

 - name: Configure extras repository on RedHat/CentOS if container-selinux is not available in current repos
  yum_repository:
@@ -130,7 +130,7 @@
    keepcache: "{{ docker_rpm_keepcache | default('1') }}"
    proxy: " {{ http_proxy | default('_none_') }}"
  when:
-    - ansible_distribution in ["CentOS","RedHat"] and not is_atomic
+    - ansible_distribution in ["CentOS","RedHat"] and not is_ostree
    - yum_result.results | length == 0

 - name: Copy yum.conf for editing
@@ -138,7 +138,7 @@
    src: "{{ yum_conf }}"
    dest: "{{ docker_yum_conf }}"
    remote_src: yes
-  when: ansible_distribution in ["CentOS","RedHat","OracleLinux"] and not is_atomic
+  when: ansible_distribution in ["CentOS","RedHat","OracleLinux"] and not is_ostree

 - name: Edit copy of yum.conf to set obsoletes=0
  lineinfile:
@@ -146,7 +146,7 @@
    state: present
    regexp: '^obsoletes='
    line: 'obsoletes=0'
-  when: ansible_distribution in ["CentOS","RedHat","OracleLinux"] and not is_atomic
+  when: ansible_distribution in ["CentOS","RedHat","OracleLinux"] and not is_ostree

 - name: ensure docker packages are installed
  action: "{{ docker_package_info.pkg_mgr }}"
@@ -162,7 +162,7 @@
  delay: "{{ retry_stagger | d(3) }}"
  with_items: "{{ docker_package_info.pkgs }}"
  notify: restart docker
-  when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "ClearLinux"] or is_atomic) and (docker_package_info.pkgs|length > 0)
+  when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk", "ClearLinux"] or is_ostree) and (docker_package_info.pkgs|length > 0)
  ignore_errors: true

 - name: Ensure docker packages are installed
--- a/roles/container-engine/docker/tasks/pre-upgrade.yml
+++ b/roles/container-engine/docker/tasks/pre-upgrade.yml
@@ -5,7 +5,7 @@
    state: absent
  when:
    - ansible_distribution in ["CentOS","RedHat","OracleLinux"]
-    - not is_atomic
+    - not is_ostree

 - name: Ensure old versions of Docker are not installed. | Debian
  apt:
@@ -22,4 +22,4 @@
  when:
    - ansible_os_family == 'RedHat'
    - (docker_versioned_pkg[docker_version | string] is search('docker-ce'))
-    - not is_atomic
+    - not is_ostree
--- a/roles/container-engine/docker/tasks/systemd.yml
+++ b/roles/container-engine/docker/tasks/systemd.yml
@@ -15,7 +15,7 @@
  # noqa 303 - systemctl is called intentionally here
  shell: systemctl --version | head -n 1 | cut -d " " -f 2
  register: systemd_version
-  when: not is_atomic
+  when: not is_ostree
  changed_when: false

 - name: Write docker.service systemd file
@@ -24,7 +24,7 @@
    dest: /etc/systemd/system/docker.service
  register: docker_service_file
  notify: restart docker
-  when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_atomic)
+  when: not (ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_ostree)

 - name: Write docker options systemd drop-in
  template:
--- a/roles/container-engine/docker/templates/docker.service.j2
+++ b/roles/container-engine/docker/templates/docker.service.j2
@@ -32,7 +32,7 @@ ExecStart={{ docker_bin_dir }}/docker{% if installed_docker_version.stdout is ve
          $DOCKER_NETWORK_OPTIONS \
          $DOCKER_DNS_OPTIONS \
          $INSECURE_REGISTRY
-{% if not is_atomic and systemd_version.stdout|int >= 226 %}
+{% if not is_ostree and systemd_version.stdout|int >= 226 %}
 TasksMax=infinity
 {% endif %}
 LimitNOFILE=1048576