External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-16 02:30:03 -03:30
Code Issues Packages Projects Releases Wiki Activity

Split deploy steps in separate playbooks: part1 (#3451)

Browse Source 
* Fix bootstrap_os/ubuntu idempotency

* Update bastion role

* move container_engine in sub-roles

* requires ansible 2.5

* ubuntu18 as first CI job
This commit is contained in:
Antoine Legrand
2018-10-10 04:14:33 +02:00
committed by k8s-ci-robot
parent 2ab2f3a0a3
commit c27a91f7f0
55 changed files with 109 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
roles/container-engine/docker/defaults/main.yml Normal file
View File

@@ -0,0 +1,46 @@
---
docker_version: '18.06'
docker_selinux_version: '17.03'
docker_package_info:
pkgs:
docker_repo_key_info:
repo_keys:
docker_repo_info:
repos:
dockerproject_repo_key_info:
repo_keys:
dockerproject_repo_info:
repos:
docker_dns_servers_strict: true
docker_container_storage_setup: false
# Used to override obsoletes=0
yum_conf: /etc/yum.conf
yum_repo_dir: /etc/yum.repos.d
docker_yum_conf: /etc/yum_docker.conf
# Fedora docker-ce repo
docker_fedora_repo_base_url: 'https://download.docker.com/linux/fedora/$releasever/$basearch/stable'
docker_fedora_repo_gpgkey: 'https://download.docker.com/linux/fedora/gpg'
# CentOS/RedHat docker-ce repo
docker_rh_repo_base_url: 'https://download.docker.com/linux/centos/7/$basearch/stable'
docker_rh_repo_gpgkey: 'https://download.docker.com/linux/centos/gpg'
# Ubuntu docker-ce repo
docker_ubuntu_repo_base_url: "https://download.docker.com/linux/ubuntu"
docker_ubuntu_repo_gpgkey: 'https://download.docker.com/linux/ubuntu/gpg'
# Debian docker-ce repo
docker_debian_repo_base_url: "https://download.docker.com/linux/debian"
docker_debian_repo_gpgkey: 'https://download.docker.com/linux/debian/gpg'
# dockerproject repo
dockerproject_rh_repo_base_url: 'https://yum.dockerproject.org/repo/main/centos/7'
dockerproject_rh_repo_gpgkey: 'https://yum.dockerproject.org/gpg'
dockerproject_apt_repo_base_url: 'https://apt.dockerproject.org/repo'
dockerproject_apt_repo_gpgkey: 'https://apt.dockerproject.org/gpg'
docker_bin_dir: "/usr/bin"

18
roles/container-engine/docker/docker-storage/defaults/main.yml Normal file
View File

@@ -0,0 +1,18 @@
---
docker_container_storage_setup_version: v0.6.0
docker_container_storage_setup_profile_name: kubespray
docker_container_storage_setup_storage_driver: devicemapper
docker_container_storage_setup_container_thinpool: docker-pool
# It must be define a disk path for docker_container_storage_setup_devs.
# Otherwise docker-storage-setup will be executed incorrectly.
# docker_container_storage_setup_devs: /dev/vdb
docker_container_storage_setup_data_size: 40%FREE
docker_container_storage_setup_min_data_size: 2G
docker_container_storage_setup_chunk_size: 512K
docker_container_storage_setup_growpart: "false"
docker_container_storage_setup_auto_extend_pool: "yes"
docker_container_storage_setup_pool_autoextend_threshold: 60
docker_container_storage_setup_pool_autoextend_percent: 20
docker_container_storage_setup_device_wait_timeout: 60
docker_container_storage_setup_wipe_signatures: "false"
docker_container_storage_setup_container_root_lv_size: 40%FREE

22
roles/container-engine/docker/docker-storage/files/install_container_storage_setup.sh Normal file
View File

@@ -0,0 +1,22 @@
#!/bin/sh
set -e
version=${1:-master}
profile_name=${2:-kubespray}
dir=`mktemp -d`
export GIT_DIR=$dir/.git
export GIT_WORK_TREE=$dir
git init
git fetch --depth 1 https://github.com/projectatomic/container-storage-setup.git $version
git merge FETCH_HEAD
make -C $dir install
rm -rf /var/lib/container-storage-setup/$profile_name $dir
set +e
/usr/bin/container-storage-setup create $profile_name /etc/sysconfig/docker-storage-setup && /usr/bin/container-storage-setup activate $profile_name
# FIXME: exit status can be 1 for both fatal and non fatal errors in current release,
# could be improved by matching error strings
exit 0

43
roles/container-engine/docker/docker-storage/tasks/main.yml Normal file
View File

@@ -0,0 +1,43 @@
---
- name: docker-storage-setup | install git and make
with_items: [git, make]
package:
pkg: "{{ item }}"
state: present
- name: docker-storage-setup | docker-storage-setup sysconfig template
template:
src: docker-storage-setup.j2
dest: /etc/sysconfig/docker-storage-setup
- name: docker-storage-override-directory | docker service storage-setup override dir
file:
dest: /etc/systemd/system/docker.service.d
mode: 0755
owner: root
group: root
state: directory
- name: docker-storage-override | docker service storage-setup override file
copy:
dest: /etc/systemd/system/docker.service.d/override.conf
content: |-
### This file is managed by Ansible
[Service]
EnvironmentFile=-/etc/sysconfig/docker-storage
owner: root
group: root
mode: 0644
# https://docs.docker.com/engine/installation/linux/docker-ce/centos/#install-using-the-repository
- name: docker-storage-setup | install lvm2
yum:
name: lvm2
state: present
- name: docker-storage-setup | install and run container-storage-setup
become: yes
script: install_container_storage_setup.sh {{ docker_container_storage_setup_version }} {{ docker_container_storage_setup_profile_name }}
notify: Docker | reload systemd

35
roles/container-engine/docker/docker-storage/templates/docker-storage-setup.j2 Normal file
View File

@@ -0,0 +1,35 @@
{%if docker_container_storage_setup_storage_driver is defined%}STORAGE_DRIVER={{docker_container_storage_setup_storage_driver}}{%endif%}
{%if docker_container_storage_setup_extra_storage_options is defined%}EXTRA_STORAGE_OPTIONS={{docker_container_storage_setup_extra_storage_options}}{%endif%}
{%if docker_container_storage_setup_devs is defined%}DEVS={{docker_container_storage_setup_devs}}{%endif%}
{%if docker_container_storage_setup_container_thinpool is defined%}CONTAINER_THINPOOL={{docker_container_storage_setup_container_thinpool}}{%endif%}
{%if docker_container_storage_setup_vg is defined%}VG={{docker_container_storage_setup_vg}}{%endif%}
{%if docker_container_storage_setup_root_size is defined%}ROOT_SIZE={{docker_container_storage_setup_root_size}}{%endif%}
{%if docker_container_storage_setup_data_size is defined%}DATA_SIZE={{docker_container_storage_setup_data_size}}{%endif%}
{%if docker_container_storage_setup_min_data_size is defined%}MIN_DATA_SIZE={{docker_container_storage_setup_min_data_size}}{%endif%}
{%if docker_container_storage_setup_chunk_size is defined%}CHUNK_SIZE={{docker_container_storage_setup_chunk_size}}{%endif%}
{%if docker_container_storage_setup_growpart is defined%}GROWPART={{docker_container_storage_setup_growpart}}{%endif%}
{%if docker_container_storage_setup_auto_extend_pool is defined%}AUTO_EXTEND_POOL={{docker_container_storage_setup_auto_extend_pool}}{%endif%}
{%if docker_container_storage_setup_pool_autoextend_threshold is defined%}POOL_AUTOEXTEND_THRESHOLD={{docker_container_storage_setup_pool_autoextend_threshold}}{%endif%}
{%if docker_container_storage_setup_pool_autoextend_percent is defined%}POOL_AUTOEXTEND_PERCENT={{docker_container_storage_setup_pool_autoextend_percent}}{%endif%}
{%if docker_container_storage_setup_device_wait_timeout is defined%}DEVICE_WAIT_TIMEOUT={{docker_container_storage_setup_device_wait_timeout}}{%endif%}
{%if docker_container_storage_setup_wipe_signatures is defined%}WIPE_SIGNATURES={{docker_container_storage_setup_wipe_signatures}}{%endif%}
{%if docker_container_storage_setup_container_root_lv_name is defined%}CONTAINER_ROOT_LV_NAME={{docker_container_storage_setup_container_root_lv_name}}{%endif%}
{%if docker_container_storage_setup_container_root_lv_size is defined%}CONTAINER_ROOT_LV_SIZE={{docker_container_storage_setup_container_root_lv_size}}{%endif%}
{%if docker_container_storage_setup_container_root_lv_mount_path is defined%}CONTAINER_ROOT_LV_MOUNT_PATH={{docker_container_storage_setup_container_root_lv_mount_path}}{%endif%}

35
roles/container-engine/docker/handlers/main.yml Normal file
View File

@@ -0,0 +1,35 @@
---
- name: restart docker
command: /bin/true
notify:
- Docker | reload systemd
- Docker | reload docker.socket
- Docker | reload docker
- Docker | pause while Docker restarts
- Docker | wait for docker
- name: Docker | reload systemd
shell: systemctl daemon-reload
- name: Docker | reload docker.socket
service:
name: docker.socket
state: restarted
when: ansible_os_family in ['CoreOS', 'Container Linux by CoreOS']
- name: Docker | reload docker
service:
name: docker
state: restarted
- name: Docker | pause while Docker restarts
pause:
seconds: 10
prompt: "Waiting for docker restart"
- name: Docker | wait for docker
command: "{{ docker_bin_dir }}/docker images"
register: docker_ready
retries: 10
delay: 5
until: docker_ready.rc == 0

4
roles/container-engine/docker/meta/main.yml Normal file
View File

@@ -0,0 +1,4 @@
---
dependencies:
- role: container-engine/docker/docker-storage
when: docker_container_storage_setup and ansible_os_family == "RedHat"

199
roles/container-engine/docker/tasks/main.yml Normal file
View File

@@ -0,0 +1,199 @@
---
- name: check if atomic host
stat:
path: /run/ostree-booted
register: ostree
- set_fact:
is_atomic: "{{ ostree.stat.exists }}"
- name: gather os specific variables
include_vars: "{{ item }}"
with_first_found:
- files:
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_version|lower|replace('/', '_') }}.yml"
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}-{{ host_architecture }}.yml"
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}.yml"
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_major_version|lower|replace('/', '_') }}.yml"
- "{{ ansible_distribution|lower }}-{{ host_architecture }}.yml"
- "{{ ansible_distribution|lower }}.yml"
- "{{ ansible_os_family|lower }}-{{ host_architecture }}.yml"
- "{{ ansible_os_family|lower }}.yml"
- defaults.yml
paths:
- ../vars
skip: true
tags:
- facts
# https://yum.dockerproject.org/repo/main/opensuse/ contains packages for an EOL
# openSUSE version so we can't use it. The only alternative is to use the docker
# packages from the distribution repositories.
- name: Warn about Docker version on SUSE
debug:
msg: "SUSE distributions always install Docker from the distro repos"
when: ansible_pkg_mgr == 'zypper'
- include_tasks: set_facts_dns.yml
when: dns_mode != 'none' and resolvconf_mode == 'docker_dns'
tags:
- facts
- name: check for minimum kernel version
fail:
msg: >
docker requires a minimum kernel version of
{{ docker_kernel_min_version }} on
{{ ansible_distribution }}-{{ ansible_distribution_version }}
when: (not ansible_os_family in ["CoreOS", "Container Linux by CoreOS"]) and (ansible_kernel|version_compare(docker_kernel_min_version, "<"))
tags:
- facts
- import_tasks: pre-upgrade.yml
- name: ensure docker-ce repository public key is installed
action: "{{ docker_repo_key_info.pkg_key }}"
args:
id: "{{item}}"
url: "{{docker_repo_key_info.url}}"
state: present
register: keyserver_task_result
until: keyserver_task_result|succeeded
retries: 4
delay: "{{ retry_stagger | d(3) }}"
with_items: "{{ docker_repo_key_info.repo_keys }}"
when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse"] or is_atomic)
- name: ensure docker-ce repository is enabled
action: "{{ docker_repo_info.pkg_repo }}"
args:
repo: "{{item}}"
state: present
with_items: "{{ docker_repo_info.repos }}"
when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse"] or is_atomic) and (docker_repo_info.repos|length > 0)
- name: ensure docker-engine repository public key is installed
action: "{{ dockerproject_repo_key_info.pkg_key }}"
args:
id: "{{item}}"
url: "{{dockerproject_repo_key_info.url}}"
state: present
register: keyserver_task_result
until: keyserver_task_result|succeeded
retries: 4
delay: "{{ retry_stagger | d(3) }}"
with_items: "{{ dockerproject_repo_key_info.repo_keys }}"
when:
- not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse"] or is_atomic)
- use_docker_engine is defined and use_docker_engine
- name: ensure docker-engine repository is enabled
action: "{{ dockerproject_repo_info.pkg_repo }}"
args:
repo: "{{item}}"
state: present
with_items: "{{ dockerproject_repo_info.repos }}"
when:
- use_docker_engine is defined and use_docker_engine
- not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse"] or is_atomic) and (dockerproject_repo_info.repos|length > 0)
- name: Configure docker repository on Fedora
template:
src: "fedora_docker.repo.j2"
dest: "{{ yum_repo_dir }}/docker.repo"
when: ansible_distribution == "Fedora" and not is_atomic
- name: Configure docker repository on RedHat/CentOS
template:
src: "rh_docker.repo.j2"
dest: "{{ yum_repo_dir }}/docker.repo"
when: ansible_distribution in ["CentOS","RedHat"] and not is_atomic
- name: Copy yum.conf for editing
copy:
src: "{{ yum_conf }}"
dest: "{{ docker_yum_conf }}"
remote_src: yes
when: ansible_distribution in ["CentOS","RedHat"] and not is_atomic
- name: Edit copy of yum.conf to set obsoletes=0
lineinfile:
path: "{{ docker_yum_conf }}"
state: present
regexp: '^obsoletes='
line: 'obsoletes=0'
when: ansible_distribution in ["CentOS","RedHat"] and not is_atomic
- name: ensure docker packages are installed
action: "{{ docker_package_info.pkg_mgr }}"
args:
pkg: "{{item.name}}"
force: "{{item.force|default(omit)}}"
conf_file: "{{item.yum_conf|default(omit)}}"
state: present
update_cache: "{{ omit if ansible_distribution == 'Fedora' else True }}"
register: docker_task_result
until: docker_task_result|succeeded
retries: 4
delay: "{{ retry_stagger | d(3) }}"
with_items: "{{ docker_package_info.pkgs }}"
notify: restart docker
when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] or is_atomic) and (docker_package_info.pkgs|length > 0)
ignore_errors: true
- name: get available packages on Ubuntu
command: apt-cache policy docker-ce
when:
- docker_task_result|failed
- ansible_distribution == 'Ubuntu'
register: available_packages
- name: show available packages on ubuntu
fail:
msg: "{{available_packages}}"
when:
- docker_task_result|failed
- ansible_distribution == 'Ubuntu'
# This is required to ensure any apt upgrade will not break kubernetes
- name: Set docker pin priority to apt_preferences on Debian family
template:
src: "apt_preferences.d/debian_docker.j2"
dest: "/etc/apt/preferences.d/docker"
owner: "root"
mode: 0644
when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS", "RedHat", "Suse"] or is_atomic)
- name: ensure service is started if docker packages are already present
service:
name: docker
state: started
when: docker_task_result is not changed
- name: flush handlers so we can wait for docker to come up
meta: flush_handlers
- name: set fact for docker_version
command: "docker version -f '{{ '{{' }}.Client.Version{{ '}}' }}'"
register: installed_docker_version
changed_when: false
- name: check minimum docker version for docker_dns mode. You need at least docker version >= 1.12 for resolvconf_mode=docker_dns
fail:
msg: "You need at least docker version >= 1.12 for resolvconf_mode=docker_dns"
when: >
dns_mode != 'none' and
resolvconf_mode == 'docker_dns' and
installed_docker_version.stdout|version_compare('1.12', '<')
- name: Set docker systemd config
import_tasks: systemd.yml
- name: ensure docker service is started and enabled
service:
name: "{{ item }}"
enabled: yes
state: started
with_items:
- docker

32
roles/container-engine/docker/tasks/pre-upgrade.yml Normal file
View File

@@ -0,0 +1,32 @@
---
- name: Ensure old versions of Docker are not installed. | Debian
package:
name: '{{ item }}'
state: absent
with_items:
- docker
- docker-engine
- docker.io
when:
- ansible_os_family == 'Debian'
- (docker_versioned_pkg[docker_version | string] | search('docker-ce'))
- name: Ensure old versions of Docker are not installed. | RedHat
package:
name: '{{ item }}'
state: absent
with_items:
- docker
- docker-common
- docker-engine
- docker-selinux
- docker-client
- docker-client-latest
- docker-latest
- docker-latest-logrotate
- docker-logrotate
- docker-engine-selinux
when:
- ansible_os_family == 'RedHat'
- (docker_versioned_pkg[docker_version | string] | search('docker-ce'))
- not is_atomic

71
roles/container-engine/docker/tasks/set_facts_dns.yml Normal file
View File

@@ -0,0 +1,71 @@
---
- name: set dns server for docker
set_fact:
docker_dns_servers: "{{dns_servers}}"
- name: show docker_dns_servers
debug:
msg: "{{docker_dns_servers}}"
- name: set base docker dns facts
set_fact:
docker_dns_search_domains:
- 'default.svc.{{ dns_domain }}'
- 'svc.{{ dns_domain }}'
docker_dns_options:
- ndots:{{ ndots }}
- timeout:2
- attempts:2
- name: add upstream dns servers (only when dnsmasq is not used)
set_fact:
docker_dns_servers: "{{ docker_dns_servers + upstream_dns_servers|default([]) }}"
when: dns_mode in ['kubedns', 'coredns', 'coredns_dual']
- name: add global searchdomains
set_fact:
docker_dns_search_domains: "{{ docker_dns_search_domains + searchdomains|default([]) }}"
- name: check system nameservers
shell: grep "^nameserver" /etc/resolv.conf | sed 's/^nameserver\s*//'
changed_when: False
register: system_nameservers
check_mode: no
- name: check system search domains
shell: grep "^search" /etc/resolv.conf | sed 's/^search\s*//'
changed_when: False
register: system_search_domains
check_mode: no
- name: add system nameservers to docker options
set_fact:
docker_dns_servers: "{{ docker_dns_servers | union(system_nameservers.stdout_lines) | unique }}"
when: system_nameservers.stdout != ""
- name: add system search domains to docker options
set_fact:
docker_dns_search_domains: "{{ docker_dns_search_domains | union(system_search_domains.stdout.split()|default([])) | unique }}"
when: system_search_domains.stdout != ""
- name: check number of nameservers
fail:
msg: "Too many nameservers. You can relax this check by set docker_dns_servers_strict=false in all.yml and we will only use the first 3."
when: docker_dns_servers|length > 3 and docker_dns_servers_strict|bool
- name: rtrim number of nameservers to 3
set_fact:
docker_dns_servers: "{{ docker_dns_servers[0:3] }}"
when: docker_dns_servers|length > 3 and not docker_dns_servers_strict|bool
- name: check number of search domains
fail:
msg: "Too many search domains"
when: docker_dns_search_domains|length > 6
- name: check length of search domains
fail:
msg: "Search domains exceeded limit of 256 characters"
when: docker_dns_search_domains|join(' ')|length > 256

41
roles/container-engine/docker/tasks/systemd.yml Normal file
View File

@@ -0,0 +1,41 @@
---
- name: Create docker service systemd directory if it doesn't exist
file:
path: /etc/systemd/system/docker.service.d
state: directory
- name: Write docker proxy drop-in
template:
src: http-proxy.conf.j2
dest: /etc/systemd/system/docker.service.d/http-proxy.conf
notify: restart docker
when: http_proxy is defined or https_proxy is defined
- name: get systemd version
shell: systemctl --version | head -n 1 | cut -d " " -f 2
register: systemd_version
when: not is_atomic
changed_when: false
- name: Write docker.service systemd file
template:
src: docker.service.j2
dest: /etc/systemd/system/docker.service
register: docker_service_file
notify: restart docker
when: not (ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] or is_atomic)
- name: Write docker options systemd drop-in
template:
src: docker-options.conf.j2
dest: "/etc/systemd/system/docker.service.d/docker-options.conf"
notify: restart docker
- name: Write docker dns systemd drop-in
template:
src: docker-dns.conf.j2
dest: "/etc/systemd/system/docker.service.d/docker-dns.conf"
notify: restart docker
when: dns_mode != 'none' and resolvconf_mode == 'docker_dns'
- meta: flush_handlers

3
roles/container-engine/docker/templates/apt_preferences.d/debian_docker.j2 Normal file
View File

@@ -0,0 +1,3 @@
Package: docker-ce
Pin: version {{ docker_version }}.*
Pin-Priority: 1001

6
roles/container-engine/docker/templates/docker-dns.conf.j2 Normal file
View File

@@ -0,0 +1,6 @@
[Service]
Environment="DOCKER_DNS_OPTIONS=\
{% for d in docker_dns_servers %}--dns {{ d }} {% endfor %} \
{% for d in docker_dns_search_domains %}--dns-search {{ d }} {% endfor %} \
{% for o in docker_dns_options %}--dns-opt {{ o }} {% endfor %} \
"

5
roles/container-engine/docker/templates/docker-options.conf.j2 Normal file
View File

@@ -0,0 +1,5 @@
[Service]
Environment="DOCKER_OPTS={{ docker_options|default('') }} --iptables={{ docker_iptables_enabled | default('false') }}"
{% if docker_mount_flags is defined and docker_mount_flags != "" %}
MountFlags={{ docker_mount_flags }}
{% endif %}

46
roles/container-engine/docker/templates/docker.service.j2 Normal file
View File

@@ -0,0 +1,46 @@
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
{% if ansible_os_family == "RedHat" %}
After=network.target docker-storage-setup.service
Wants=docker-storage-setup.service
{% elif ansible_os_family == "Debian" %}
After=network.target docker.socket
Wants=docker.socket
{% elif ansible_os_family == "Suse" %}
After=network.target containerd.socket containerd.service
Requires=containerd.socket containerd.service
{% endif %}
[Service]
Type=notify
{% if docker_storage_options is defined %}
Environment="DOCKER_STORAGE_OPTIONS={{ docker_storage_options }}"
{% endif %}
Environment=GOTRACEBACK=crash
ExecReload=/bin/kill -s HUP $MAINPID
Delegate=yes
KillMode=process
ExecStart={{ docker_bin_dir }}/docker{% if installed_docker_version.stdout|version_compare('17.03', '<') %} daemon{% else %}d{% endif %} \
{% if ansible_os_family == "Suse" %}
--containerd /run/containerd/containerd.sock --add-runtime oci=/usr/bin/docker-runc \
{% endif %}
$DOCKER_OPTS \
$DOCKER_STORAGE_OPTIONS \
$DOCKER_NETWORK_OPTIONS \
$DOCKER_DNS_OPTIONS \
$INSECURE_REGISTRY
{% if not is_atomic and systemd_version.stdout|int >= 226 %}
TasksMax=infinity
{% endif %}
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
TimeoutStartSec=1min
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target

7
roles/container-engine/docker/templates/fedora_docker.repo.j2 Normal file
View File

@@ -0,0 +1,7 @@
[docker-ce]
name=Docker-CE Repository
baseurl={{ docker_fedora_repo_base_url }}
enabled=1
gpgcheck=1
gpgkey={{ docker_fedora_repo_gpgkey }}
{% if http_proxy is defined %}proxy={{ http_proxy }}{% endif %}

2
roles/container-engine/docker/templates/http-proxy.conf.j2 Normal file
View File

@@ -0,0 +1,2 @@
[Service]
Environment={% if http_proxy is defined %}"HTTP_PROXY={{ http_proxy }}"{% endif %} {% if https_proxy is defined %}"HTTPS_PROXY={{ https_proxy }}"{% endif %} {% if no_proxy is defined %}"NO_PROXY={{ no_proxy }}"{% endif %}

15
roles/container-engine/docker/templates/rh_docker.repo.j2 Normal file
View File

@@ -0,0 +1,15 @@
[docker-ce]
name=Docker-CE Repository
baseurl={{ docker_rh_repo_base_url }}
enabled=1
gpgcheck=1
gpgkey={{ docker_rh_repo_gpgkey }}
{% if http_proxy is defined %}proxy={{ http_proxy }}{% endif %}
[docker-engine]
name=Docker-Engine Repository
baseurl={{ dockerproject_rh_repo_base_url }}
enabled=1
gpgcheck=1
gpgkey={{ dockerproject_rh_repo_gpgkey }}
{% if http_proxy is defined %}proxy={{ http_proxy }}{% endif %}

52
roles/container-engine/docker/vars/debian.yml Normal file
View File

@@ -0,0 +1,52 @@
---
docker_kernel_min_version: '3.10'
# https://download.docker.com/linux/debian/
# https://apt.dockerproject.org/repo/dists/debian-wheezy/main/filelist
docker_versioned_pkg:
'latest': docker-ce
'1.11': docker-engine=1.11.2-0~{{ ansible_distribution_release|lower }}
'1.12': docker-engine=1.12.6-0~debian-{{ ansible_distribution_release|lower }}
'1.13': docker-engine=1.13.1-0~debian-{{ ansible_distribution_release|lower }}
'17.03': docker-ce=17.03.2~ce-0~debian-{{ ansible_distribution_release|lower }}
'17.06': docker-ce=17.06.2~ce-0~debian
'17.09': docker-ce=17.09.0~ce-0~debian
'17.12': docker-ce=17.12.1~ce-0~debian
'18.03': docker-ce=18.03.1~ce-0~debian
'18.06': docker-ce=18.06.1~ce~3-0~debian
'stable': docker-ce=18.06.1~ce~3-0~debian
'edge': docker-ce=17.12.1~ce-0~debian
docker_package_info:
pkg_mgr: apt
pkgs:
- name: "{{ docker_versioned_pkg[docker_version | string] }}"
force: yes
docker_repo_key_info:
pkg_key: apt_key
url: '{{ docker_debian_repo_gpgkey }}'
repo_keys:
- 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
docker_repo_info:
pkg_repo: apt_repository
repos:
- >
deb {{ docker_debian_repo_base_url }}
{{ ansible_distribution_release|lower }}
stable
dockerproject_repo_key_info:
pkg_key: apt_key
url: '{{ dockerproject_apt_repo_gpgkey }}'
repo_keys:
- 58118E89F3A912897C070ADBF76221572C52609D
dockerproject_repo_info:
pkg_repo: apt_repository
repos:
- >
deb {{ dockerproject_apt_repo_base_url }}
{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
main

20
roles/container-engine/docker/vars/fedora.yml Normal file
View File

@@ -0,0 +1,20 @@
---
docker_kernel_min_version: '0'
# https://docs.docker.com/install/linux/docker-ce/fedora/
docker_versioned_pkg:
'latest': docker-ce
'18.03': docker-ce-18.03.1.ce-3.fc28
'18.06': docker-ce-18.06.1.ce-3.fc28
#
# This is due to the fact that the docker
# packages available on Fedora are too recent
#
docker_version: "latest"
docker_package_info:
pkg_mgr: dnf
pkgs:
- name: "{{ docker_versioned_pkg[docker_version | string] }}"

28
roles/container-engine/docker/vars/redhat-aarch64.yml Normal file
View File

@@ -0,0 +1,28 @@
---
docker_kernel_min_version: '0'
# overide defaults, missing 17.03 for aarch64
docker_version: '1.13'
# http://mirror.centos.org/altarch/7/extras/aarch64/Packages/
# or do 'yum --showduplicates list docker'
docker_versioned_pkg:
'latest': docker
'1.12': docker-1.12.6-48.git0fdc778.el7
'1.13': docker-1.13.1-63.git94f4240.el7
# https://docs.docker.com/engine/installation/linux/centos/#install-from-a-package
# http://mirror.centos.org/altarch/7/extras/aarch64/Packages/
docker_package_info:
pkg_mgr: yum
pkgs:
- name: "{{ docker_versioned_pkg[docker_version | string] }}"
docker_repo_key_info:
pkg_key: ''
repo_keys: []
docker_repo_info:
pkg_repo: ''
repos: []

56
roles/container-engine/docker/vars/redhat.yml Normal file
View File

@@ -0,0 +1,56 @@
---
docker_kernel_min_version: '0'
# https://docs.docker.com/engine/installation/linux/centos/#install-from-a-package
# https://download.docker.com/linux/centos/7/x86_64/stable/Packages/
# https://yum.dockerproject.org/repo/main/centos/7
# or do 'yum --showduplicates list docker-engine'
docker_versioned_pkg:
'latest': docker-ce
'1.11': docker-engine-1.11.2-1.el7.centos
'1.12': docker-engine-1.12.6-1.el7.centos
'1.13': docker-engine-1.13.1-1.el7.centos
'17.03': docker-ce-17.03.2.ce-1.el7.centos
'17.09': docker-ce-17.09.0.ce-1.el7.centos
'17.12': docker-ce-17.12.1.ce-1.el7.centos
'18.03': docker-ce-18.03.1.ce-1.el7.centos
'18.06': docker-ce-18.06.1.ce-3.el7
'stable': docker-ce-18.06.1.ce-3.el7
'edge': docker-ce-17.12.1.ce-1.el7.centos
docker_selinux_versioned_pkg:
'latest': docker-ce-selinux
'1.11': docker-engine-selinux-1.11.2-1.el7.centos
'1.12': docker-engine-selinux-1.12.6-1.el7.centos
'1.13': docker-engine-selinux-1.13.1-1.el7.centos
'17.03': docker-ce-selinux-17.03.2.ce-1.el7.centos
'stable': docker-ce-selinux-17.03.2.ce-1.el7.centos
'edge': docker-ce-selinux-17.03.2.ce-1.el7.centos
docker_pkgs_use_docker_ce:
- name: "{{ docker_selinux_versioned_pkg[docker_selinux_version | string] }}"
yum_conf: "{{ docker_yum_conf }}"
- name: "{{ docker_versioned_pkg[docker_version | string] }}"
yum_conf: "{{ docker_yum_conf }}"
docker_pkgs:
- name: "{{ docker_versioned_pkg[docker_version | string] }}"
yum_conf: "{{ docker_yum_conf }}"
docker_package_info:
pkg_mgr: yum
pkgs: |-
{%- if docker_version | version_compare('17.04', '<') -%}
{{ docker_pkgs_use_docker_ce }}
{%- else -%}
{{ docker_pkgs }}
{%- endif %}
docker_repo_key_info:
pkg_key: ''
repo_keys: []
docker_repo_info:
pkg_repo: ''
repos: []

15
roles/container-engine/docker/vars/suse.yml Normal file
View File

@@ -0,0 +1,15 @@
---
docker_kernel_min_version: '0'
docker_package_info:
pkg_mgr: zypper
pkgs:
- name: docker
docker_repo_key_info:
pkg_key: ''
repo_keys: []
docker_repo_info:
pkg_repo: ''
repos: []

49
roles/container-engine/docker/vars/ubuntu-amd64.yml Normal file
View File

@@ -0,0 +1,49 @@
---
docker_kernel_min_version: '3.10'
# https://download.docker.com/linux/ubuntu/
docker_versioned_pkg:
'latest': docker-ce
'1.11': docker-engine=1.11.2-0~{{ ansible_distribution_release|lower }}
'1.12': docker-engine=1.12.6-0~ubuntu-{{ ansible_distribution_release|lower }}
'1.13': docker-engine=1.13.1-0~ubuntu-{{ ansible_distribution_release|lower }}
'17.03': docker-ce=17.03.2~ce-0~ubuntu-{{ ansible_distribution_release|lower }}
'17.09': docker-ce=17.09.0~ce-0~ubuntu-{{ ansible_distribution_release|lower }}
'17.12': docker-ce=17.12.1~ce-0~ubuntu-{{ ansible_distribution_release|lower }}
'18.06': docker-ce=18.06.1~ce~3-0~ubuntu
'stable': docker-ce=18.06.1~ce~3-0~ubuntu
'edge': docker-ce=18.06.1~ce~3-0~ubuntu
docker_package_info:
pkg_mgr: apt
pkgs:
- name: "{{ docker_versioned_pkg[docker_version | string] }}"
force: yes
docker_repo_key_info:
pkg_key: apt_key
url: '{{ docker_ubuntu_repo_gpgkey }}'
repo_keys:
- 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
docker_repo_info:
pkg_repo: apt_repository
repos:
- >
deb {{ docker_ubuntu_repo_base_url }}
{{ ansible_distribution_release|lower }}
stable
dockerproject_repo_key_info:
pkg_key: apt_key
url: '{{ dockerproject_apt_repo_gpgkey }}'
repo_keys:
- 58118E89F3A912897C070ADBF76221572C52609D
dockerproject_repo_info:
pkg_repo: apt_repository
repos:
- >
deb {{ dockerproject_apt_repo_base_url }}
{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
main

45
roles/container-engine/docker/vars/ubuntu-arm64.yml Normal file
View File

@@ -0,0 +1,45 @@
---
docker_kernel_min_version: '3.10'
docker_version: 18.06
# https://download.docker.com/linux/ubuntu/
docker_versioned_pkg:
'latest': docker-ce
'17.09': docker-ce=17.09.1~ce-0~ubuntu
'17.12': docker-ce=17.12.1~ce-0~ubuntu-{{ ansible_distribution_release|lower }}
'18.06': docker-ce=18.06.1~ce~3-0~ubuntu
'stable': docker-ce=18.06.1~ce~3-0~ubuntu
'edge': docker-ce=18.06.1~ce~3-0~ubuntu
docker_package_info:
pkg_mgr: apt
pkgs:
- name: "{{ docker_versioned_pkg[docker_version | string] }}"
force: yes
docker_repo_key_info:
pkg_key: apt_key
url: '{{ docker_ubuntu_repo_gpgkey }}'
repo_keys:
- 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
docker_repo_info:
pkg_repo: apt_repository
repos:
- >
deb {{ docker_ubuntu_repo_base_url }}
{{ ansible_distribution_release|lower }}
stable
dockerproject_repo_key_info:
pkg_key: apt_key
url: '{{ dockerproject_apt_repo_gpgkey }}'
repo_keys:
- 58118E89F3A912897C070ADBF76221572C52609D
dockerproject_repo_info:
pkg_repo: apt_repository
repos:
- >
deb {{ dockerproject_apt_repo_base_url }}
{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
main

31
roles/container-engine/docker/vars/ubuntu-bionic.yml Normal file
View File

@@ -0,0 +1,31 @@
---
docker_kernel_min_version: '3.10'
use_docker_engine: false
docker_versioned_pkg:
'latest': docker-ce
'18.03': docker-ce=18.03.1~ce-3-0~ubuntu
'18.06': docker-ce=18.06.1~ce~3-0~ubuntu
'stable': docker-ce=18.06.1~ce~3-0~ubuntu
'edge': docker-ce=18.06.1~ce~3-0~ubuntu
docker_package_info:
pkg_mgr: apt
pkgs:
- name: "{{ docker_versioned_pkg[docker_version | string] }}"
force: yes
docker_repo_key_info:
pkg_key: apt_key
url: '{{ docker_ubuntu_repo_gpgkey }}'
repo_keys:
- 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
docker_repo_info:
pkg_repo: apt_repository
repos:
- >
deb [arch=amd64] {{ docker_ubuntu_repo_base_url }}
bionic
stable