Deploy Docker via Ansible and not Puppet

Deploy Docker with Ansible instead of Puppet so later we will be able to prepare the registry before deploying any containerized service and do tasks in the middle like updating containers. Remove the Puppet run from update_tasks, we'll move these tasks later in ansible-role-container-registry. Change-Id: Iee0e08cd48f173a39a6f3a1ea54b29e370d4f334
2018-04-13 18:48:05 -07:00 · 2018-04-13 18:48:05 -07:00 · 00f5019ef2
parent 4815c8bd17
commit 00f5019ef2
2 changed files with 75 additions and 83 deletions
--- a/puppet/services/docker-registry.yaml
+++ b/puppet/services/docker-registry.yaml
@ -30,6 +30,13 @@ parameters:
    default: {}
    description: Parameters specific to the role
    type: json
+  LocalContainerRegistry:
+    default: ''
+    description: The IP address used to bind the local container registry
+    type: string
+
+conditions:
+  local_container_registry_is_empty: {equals : [{get_param: LocalContainerRegistry}, '']}

 outputs:
  role_data:
@ -37,21 +44,27 @@ outputs:
    value:
      service_name: docker_registry
      config_settings:
-        tripleo::profile::base::docker_registry::registry_host:
-          str_replace:
-             template:
-               "%{hiera('$NETWORK')}"
-             params:
-               $NETWORK: {get_param: [ServiceNetMap, DockerRegistryNetwork]}
-        tripleo::profile::base::docker_registry::registry_port:
-          {get_param: [EndpointMap, DockerRegistryInternal, port]}
        tripleo.docker_registry.firewall_rules:
          '155 docker-registry':
            dport:
              - 8787
              - 13787
-      step_config: |
-        include ::tripleo::profile::base::docker_registry
+      step_config: ''
+      host_prep_tasks: []
+      deploy_steps_tasks:
+        - name: Install, Configure and Run Docker Distribution
+          when: step|int == 1
+          vars:
+            container_registry_host:
+              if:
+              - local_container_registry_is_empty
+              - {get_param: [EndpointMap, DockerRegistryInternal, host]}
+              - {get_param: LocalContainerRegistry}
+            container_registry_port: {get_param: [EndpointMap, DockerRegistryInternal, port]}
+          block:
+          - include_role:
+              name: container-registry
+              tasks_from: docker-distribution
      upgrade_tasks:
        - name: Install docker packages on upgrade if missing
          when: step|int == 3
--- a/puppet/services/docker.yaml
+++ b/puppet/services/docker.yaml
@ -66,92 +66,71 @@ parameters:

 conditions:
  insecure_registry_is_empty: {equals : [{get_param: DockerInsecureRegistryAddress}, []]}
-  insecure_registry_mirror_is_empty: {equals : [{get_param: DockerRegistryMirror}, '']}
  service_debug_unset: {equals : [{get_param: DockerDebug}, '']}
-  deployment_user_is_empty: {equals : [{get_param: DeploymentUser}, '']}
-  additional_sockets_is_empty: {equals : [{get_param: DockerAdditionalSockets}, []]}

 outputs:
  role_data:
    description: Role data for the docker service
    value:
      service_name: docker
-      config_settings:
-        map_merge:
-          - tripleo::profile::base::docker::configure_network: true
-            tripleo::profile::base::docker::network_options: "--bip=172.31.0.1/24"
-            tripleo::profile::base::docker::docker_options: {get_param: DockerOptions}
-            tripleo::profile::base::docker::debug:
+      config_settings: {}
+      step_config: ''
+      host_prep_tasks: []
+      deploy_steps_tasks:
+        - name: Install, Configure and Run Docker
+          when: step|int == 1
+          vars:
+            container_registry_debug:
              if:
                - service_debug_unset
                - {get_param: Debug }
                - {get_param: DockerDebug}
-          -
-            if:
-            - insecure_registry_is_empty
-            - {}
-            - tripleo::profile::base::docker::insecure_registries: {get_param: DockerInsecureRegistryAddress}
-          -
-            if:
-            - insecure_registry_mirror_is_empty
-            - {}
-            - tripleo::profile::base::docker::registry_mirror: {get_param: DockerRegistryMirror}
-          -
-            if:
-            - deployment_user_is_empty
-            - {}
-            - tripleo::profile::base::docker::deployment_user: {get_param: DeploymentUser}
-          -
-            if:
-            - additional_sockets_is_empty
-            - {}
-            - tripleo::profile::base::docker::additional_sockets: {get_param: DockerAdditionalSockets}
-      step_config: |
-        include ::tripleo::profile::base::docker
+            container_registry_deployment_user: {get_param: DeploymentUser}
+            container_registry_docker_options: {get_param: DockerOptions}
+            container_registry_additional_sockets: {get_param: DockerAdditionalSockets}
+            container_registry_insecure_registries:
+              if:
+                - insecure_registry_is_empty
+                - []
+                - {get_param: DockerInsecureRegistryAddress}
+            container_registry_mirror: {get_param: DockerRegistryMirror}
+            container_registry_network_options: '--bip=172.31.0.1/24'
+          block:
+          - include_role:
+              name: container-registry
+              tasks_from: docker
+      service_config_settings:
+        neutron_l3:
+          docker_additional_sockets: {get_param: DockerAdditionalSockets}
+        neutron_dhcp:
+          docker_additional_sockets: {get_param: DockerAdditionalSockets}
      upgrade_tasks:
        - name: Install docker packages on upgrade if missing
          when: step|int == 3
          yum: name=docker state=latest
      update_tasks:
-        block:
-          - name: Detect if puppet on the docker profile would restart the service
-            # Note that due to https://tickets.puppetlabs.com/browse/PUP-686 --noop
-            # always exits 0, so we cannot rely on that to detect if puppet is going to change stuff
-            shell: |
-              puppet apply --noop --summarize --detailed-exitcodes --verbose \
-                --modulepath /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules \
-                --color=false -e "class { 'tripleo::profile::base::docker': step => 1, }" 2>&1 | \
-              awk -F ":" '/Out of sync:/ { print $2}'
-            register: puppet_docker_noop_output
-            failed_when: false
-          - name: Is docker going to be updated
-            shell: yum check-update docker
-            register: docker_check_update
-            failed_when: docker_check_update.rc not in [0, 100]
-            changed_when: docker_check_update.rc == 100
-          - name: Set docker_rpm_needs_update fact
-            set_fact: docker_rpm_needs_update={{ docker_check_update.rc == 100 }}
-          - name: Set puppet_docker_is_outofsync fact
-            set_fact: puppet_docker_is_outofsync={{ puppet_docker_noop_output.stdout|trim|int >= 1 }}
-          - name: Stop all containers
-            # xargs is preferable to docker stop $(docker ps -q) as that might generate a
-            # a too long command line
-            shell: docker ps -q | xargs --no-run-if-empty -n1 docker stop
-            when: puppet_docker_is_outofsync or docker_rpm_needs_update
-          - name: Stop docker
-            service:
-              name: docker
-              state: stopped
-            when: puppet_docker_is_outofsync or docker_rpm_needs_update
-          - name: Update the docker package
-            yum: name=docker state=latest update_cache=yes # cache for tripleo/+bug/1703830
-            when: docker_rpm_needs_update
-          - name: Apply puppet which will start the service again
-            shell: |
-              puppet apply --detailed-exitcodes --verbose \
-                --modulepath  /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules \
-                -e "class { 'tripleo::profile::base::docker': step => 1, }"
-            register: puppet_docker_apply
-            failed_when: puppet_docker_apply.rc not in [0, 2]
-            changed_when: puppet_docker_apply.rc == 2
-        when: step|int == 2
+        - name: Restart Docker when needed
+          when: step|int == 2
+          block:
+            # TODO(emilien)
+            # This block will move to ansible-role-container-registry
+            - name: Is docker going to be updated
+              shell: yum check-update docker
+              register: docker_check_update
+              failed_when: docker_check_update.rc not in [0, 100]
+              changed_when: docker_check_update.rc == 100
+            - name: Set docker_rpm_needs_update fact
+              set_fact: docker_rpm_needs_update={{ docker_check_update.rc == 100 }}
+            - name: Stop all containers
+              # xargs is preferable to docker stop $(docker ps -q) as that might generate a
+              # a too long command line
+              shell: docker ps -q | xargs --no-run-if-empty -n1 docker stop
+              when: docker_rpm_needs_update
+            - name: Stop docker
+              service:
+                name: docker
+                state: stopped
+              when: docker_rpm_needs_update
+            - name: Update the docker package
+              yum: name=docker state=latest update_cache=yes # cache for tripleo/+bug/1703830
+              when: docker_rpm_needs_update