Commit 90f3f615 authored by Guillaume Abrioux's avatar Guillaume Abrioux Committed by Dimitri Savineau
Browse files

infra: introduce docker to podman playbook

This isn't backported from master because there are too many changes
between stable-3.2 and other newer branches.

NOTE:
This playbook  *doesn't* add podman support in stable-3.2 at all.
This is a tripleO dedicated playbook which is intended to be run
early during FFU workflow in order to prepare the OS upgrade.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1853457

Signed-off-by: default avatarGuillaume Abrioux <gabrioux@redhat.com>
parent 6daa2c9d
......@@ -40,16 +40,8 @@
image: "{{ ceph_docker_image }}:{{ ceph_docker_image_tag }}"
when: containerized_deployment_with_kv
- name: generate systemd unit file
become: true
template:
src: "{{ role_path }}/templates/ceph-mon.service.j2"
dest: /etc/systemd/system/ceph-mon@.service
owner: "root"
group: "root"
mode: "0644"
notify:
- restart ceph mons
- name: include systemd.yml
include_tasks: systemd.yml
- name: systemd start mon container
systemd:
......
---
- name: generate systemd unit file
become: true
template:
src: "{{ role_path }}/templates/ceph-mon.service.j2"
dest: /etc/systemd/system/ceph-mon@.service
owner: "root"
group: "root"
mode: "0644"
notify:
- restart ceph mons
\ No newline at end of file
docker/systemd.yml
\ No newline at end of file
[Unit]
Description=Ceph Monitor
{% if container_binary == 'docker' %}
After=docker.service
Requires=docker.service
{% else %}
After=network.target
{% endif %}
[Service]
EnvironmentFile=-/etc/environment
ExecStartPre=-/usr/bin/docker rm ceph-mon-%i
ExecStartPre=-/usr/bin/{{ container_binary }} rm ceph-mon-%i
ExecStartPre=/bin/sh -c '"$(command -v mkdir)" -p /etc/ceph /var/lib/ceph/mon'
ExecStart=/usr/bin/docker run --rm --name ceph-mon-%i \
ExecStart=/usr/bin/{{ container_binary }} run --rm --name ceph-mon-%i \
--memory={{ ceph_mon_docker_memory_limit }} \
{% if ceph_docker_version.split('.')[0] is version_compare('13', '>=') -%}
{% if (container_binary == 'docker' and ceph_docker_version.split('.')[0] is version_compare('13', '>=')) or container_binary == 'podman' -%}
--cpus={{ ceph_mon_docker_cpu_limit }} \
{% else -%}
--cpu-quota={{ ceph_mon_docker_cpu_limit * 100000 }} \
......@@ -64,7 +68,7 @@ ExecStart=/usr/bin/docker run --rm --name ceph-mon-%i \
-e CEPH_DAEMON=MON \
{{ ceph_mon_docker_extra_env }} \
{{ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }}
ExecStop=-/usr/bin/docker stop ceph-mon-%i
ExecStop=-/usr/bin/{{ container_binary }} stop ceph-mon-%i
ExecStopPost=-/bin/rm -f /var/run/ceph/{{ cluster }}-mon.{{ monitor_name }}.asok
Restart=always
RestartSec=10s
......
......@@ -62,18 +62,8 @@
when:
- ceph_nfs_dynamic_exports
- name: generate systemd unit file
become: true
template:
src: "{{ role_path }}/templates/ceph-nfs.service.j2"
dest: /etc/systemd/system/ceph-nfs@.service
owner: "root"
group: "root"
mode: "0644"
when:
- containerized_deployment
notify:
- restart ceph nfss
- name: include systemd.yml
include_tasks: systemd.yml
- name: systemd start nfs container
systemd:
......
---
- name: generate systemd unit file
become: true
template:
src: "{{ role_path }}/templates/ceph-nfs.service.j2"
dest: /etc/systemd/system/ceph-nfs@.service
owner: "root"
group: "root"
mode: "0644"
when:
- containerized_deployment
notify:
- restart ceph nfss
\ No newline at end of file
[Unit]
Description=NFS-Ganesha file server
Documentation=http://github.com/nfs-ganesha/nfs-ganesha/wiki
{% if container_binary == 'docker' %}
After=docker.service
Requires=docker.service
{% else %}
After=network.target
{% endif %}
[Service]
EnvironmentFile=-/etc/environment
ExecStartPre=-/usr/bin/docker rm ceph-nfs-%i
ExecStartPre=-/usr/bin/{{ container_binary }} rm ceph-nfs-%i
ExecStartPre=/usr/bin/mkdir -p /etc/ceph /etc/ganesha /var/lib/nfs/ganesha
ExecStart=/usr/bin/docker run --rm --net=host \
ExecStart=/usr/bin/{{ container_binary }} run --rm --net=host \
{% if not containerized_deployment_with_kv -%}
-v /var/lib/ceph:/var/lib/ceph:z \
-v /etc/ceph:/etc/ceph:z \
......@@ -30,7 +34,7 @@ ExecStart=/usr/bin/docker run --rm --net=host \
{{ ceph_nfs_docker_extra_env }} \
--name=ceph-nfs-{{ ceph_nfs_service_suffix | default(ansible_hostname) }} \
{{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }}
ExecStopPost=-/usr/bin/docker stop ceph-nfs-%i
ExecStopPost=-/usr/bin/{{ container_binary }} stop ceph-nfs-%i
Restart=always
RestartSec=10s
TimeoutStartSec=120
......
......@@ -58,16 +58,8 @@
- devices is defined
- devices | length > activated_osds.stdout_lines | length
- name: generate ceph osd docker run script
become: true
template:
src: "{{ role_path }}/templates/ceph-osd-run.sh.j2"
dest: "{{ ceph_osd_docker_run_script_path }}/ceph-osd-run.sh"
owner: "root"
group: "root"
mode: "0744"
notify:
- restart ceph osds
- name: include systemd.yml
include_tasks: systemd.yml
when:
- containerized_deployment
......
---
- name: generate ceph osd docker run script
become: true
template:
src: "{{ role_path }}/templates/ceph-osd-run.sh.j2"
dest: "{{ ceph_osd_docker_run_script_path }}/ceph-osd-run.sh"
owner: "root"
group: "root"
mode: "0744"
notify:
- restart ceph osds
\ No newline at end of file
......@@ -14,7 +14,7 @@ DOCKER_ENV=""
#############
function id_to_device () {
{% if dmcrypt | bool %}
docker run --rm --net=host --ulimit nofile=1024:4096 --ipc=host --pid=host --privileged=true -v /etc/ceph:/etc/ceph:z -v /var/lib/ceph/:/var/lib/ceph/:z -v /dev:/dev -v /etc/localtime:/etc/localtime:ro -e DEBUG=verbose -e CLUSTER={{ cluster }} {{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }} osd_ceph_disk_dmcrypt_data_map
{{ container_binary }} run --rm --net=host --ulimit nofile=1024:4096 --ipc=host --pid=host --privileged=true -v /etc/ceph:/etc/ceph:z -v /var/lib/ceph/:/var/lib/ceph/:z -v /dev:/dev -v /etc/localtime:/etc/localtime:ro -e DEBUG=verbose -e CLUSTER={{ cluster }} {{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }} osd_ceph_disk_dmcrypt_data_map
{% endif %}
DATA_PART=$(docker run --rm --ulimit nofile=1024:4096 --privileged=true -v /dev/:/dev/ -v /etc/ceph:/etc/ceph:z --entrypoint ceph-disk {{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }} list | grep ", osd\.${1}," | awk '{ print $1 }')
if [[ "${DATA_PART}" =~ ^/dev/(cciss|nvme|loop) ]]; then
......@@ -32,14 +32,14 @@ function expose_partitions () {
# Jewel images prior to https://github.com/ceph/ceph-docker/pull/797
REGEX="[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"
function expose_partitions {
if docker ps -a | grep -sq ceph-osd-prepare-{{ ansible_hostname }}-devdev${1}; then
if {{ container_binary }} ps -a | grep -sq ceph-osd-prepare-{{ ansible_hostname }}-devdev${1}; then
if [[ ! -f {{ ceph_osd_docker_run_script_path }}/ceph-osd-prepare-{{ ansible_hostname }}-devdev${1}.log ]]; then
docker logs ceph-osd-prepare-{{ ansible_hostname }}-devdev${1} &> {{ ceph_osd_docker_run_script_path }}/ceph-osd-prepare-{{ ansible_hostname }}-devdev${1}.log
{{ container_binary }} logs ceph-osd-prepare-{{ ansible_hostname }}-devdev${1} &> {{ ceph_osd_docker_run_script_path }}/ceph-osd-prepare-{{ ansible_hostname }}-devdev${1}.log
fi
fi
if docker ps -a | grep -sq ceph-osd-prepare-{{ ansible_hostname }}-${1}; then
if {{ container_binary }} ps -a | grep -sq ceph-osd-prepare-{{ ansible_hostname }}-${1}; then
if [[ ! -f {{ ceph_osd_docker_run_script_path }}/ceph-osd-prepare-{{ ansible_hostname }}-${1}.log ]]; then
docker logs ceph-osd-prepare-{{ ansible_hostname }}-${1} &> {{ ceph_osd_docker_run_script_path }}/ceph-osd-prepare-{{ ansible_hostname }}-${1}.log
{{ container_binary }} logs ceph-osd-prepare-{{ ansible_hostname }}-${1} &> {{ ceph_osd_docker_run_script_path }}/ceph-osd-prepare-{{ ansible_hostname }}-${1}.log
fi
fi
if [[ -f {{ ceph_osd_docker_run_script_path }}/ceph-osd-prepare-{{ ansible_hostname }}-devdev${1}.log ]]; then
......@@ -88,7 +88,7 @@ fi
numactl \
{{ ceph_osd_numactl_opts }} \
{% endif %}
/usr/bin/docker run \
/usr/bin/{{ container_binary }} run \
--rm \
--net=host \
--privileged=true \
......@@ -97,7 +97,7 @@ numactl \
{% if osd_objectstore == 'filestore' -%}
--memory={{ ceph_osd_docker_memory_limit }} \
{% endif -%}
{% if ceph_docker_version.split('.')[0] is version_compare('13', '>=') -%}
{% if (container_binary == 'docker' and ceph_docker_version.split('.')[0] is version_compare('13', '>=')) or container_binary == 'podman' -%}
--cpus={{ cpu_limit }} \
{% else -%}
--cpu-quota={{ cpu_limit * 100000 }} \
......
# {{ ansible_managed }}
[Unit]
Description=Ceph OSD
{% if container_binary == 'docker' %}
After=docker.service
Requires=docker.service
{% else %}
After=network.target
{% endif %}
[Service]
EnvironmentFile=-/etc/environment
ExecStartPre=-/usr/bin/docker stop ceph-osd-%i
ExecStartPre=-/usr/bin/docker rm -f ceph-osd-%i
ExecStartPre=-/usr/bin/{{ container_binary }} stop ceph-osd-%i
ExecStartPre=-/usr/bin/{{ container_binary }} rm -f ceph-osd-%i
ExecStart={{ ceph_osd_docker_run_script_path }}/ceph-osd-run.sh %i
ExecStop=-/usr/bin/docker stop ceph-osd-%i
ExecStop=-/usr/bin/{{ container_binary }} stop ceph-osd-%i
Restart=always
RestartSec=10s
TimeoutStartSec=120
......
---
# Use systemd to manage container on Atomic host
- name: generate systemd unit file
become: true
template:
src: "{{ role_path }}/templates/ceph-rbd-mirror.service.j2"
dest: /etc/systemd/system/ceph-rbd-mirror@.service
owner: "root"
group: "root"
mode: "0644"
notify:
- restart ceph rbdmirrors
- name: include systemd.yml
include_tasks: systemd.yml
- name: systemd start rbd mirror container
systemd:
......
---
# Use systemd to manage container on Atomic host
- name: generate systemd unit file
become: true
template:
src: "{{ role_path }}/templates/ceph-rbd-mirror.service.j2"
dest: /etc/systemd/system/ceph-rbd-mirror@.service
owner: "root"
group: "root"
mode: "0644"
notify:
- restart ceph rbdmirrors
docker/systemd.yml
\ No newline at end of file
[Unit]
Description=Ceph RBD mirror
{% if container_binary == 'docker' %}
After=docker.service
Requires=docker.service
{% else %}
After=network.target
{% endif %}
[Service]
EnvironmentFile=-/etc/environment
ExecStartPre=-/usr/bin/docker stop ceph-rbd-mirror-{{ ansible_hostname }}
ExecStartPre=-/usr/bin/docker rm ceph-rbd-mirror-{{ ansible_hostname }}
ExecStart=/usr/bin/docker run --rm --net=host \
ExecStartPre=-/usr/bin/{{ container_binary }} stop ceph-rbd-mirror-{{ ansible_hostname }}
ExecStartPre=-/usr/bin/{{ container_binary }} rm ceph-rbd-mirror-{{ ansible_hostname }}
ExecStart=/usr/bin/{{ container_binary }} run --rm --net=host \
--memory={{ ceph_rbd_mirror_docker_memory_limit }} \
{% if ceph_docker_version.split('.')[0] is version_compare('13', '>=') -%}
{% if (container_binary == 'docker' and ceph_docker_version.split('.')[0] is version_compare('13', '>=')) or container_binary == 'podman' -%}
--cpus={{ ceph_rbd_mirror_docker_cpu_limit }} \
{% else -%}
--cpu-quota={{ ceph_rbd_mirror_docker_cpu_limit * 100000 }} \
......@@ -29,7 +33,7 @@ ExecStart=/usr/bin/docker run --rm --net=host \
--name=ceph-rbd-mirror-{{ ansible_hostname }} \
{{ ceph_rbd_mirror_docker_extra_env }} \
{{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }}
ExecStopPost=-/usr/bin/docker stop ceph-rbd-mirror-{{ ansible_hostname }}
ExecStopPost=-/usr/bin/{{ container_binary }} stop ceph-rbd-mirror-{{ ansible_hostname }}
Restart=always
RestartSec=10s
TimeoutStartSec=120
......
---
- name: generate systemd unit file
become: true
template:
src: "{{ role_path }}/templates/ceph-radosgw.service.j2"
dest: /etc/systemd/system/ceph-radosgw@.service
owner: "root"
group: "root"
mode: "0644"
notify:
- restart ceph rgws
# For backward compatibility
- name: disable old systemd unit ('ceph-rgw@'|'ceph-radosgw@radosgw.'|'ceph-radosgw@') if present
systemd:
name: "{{ item }}"
state: stopped
enabled: no
daemon_reload: yes
with_items:
- "ceph-rgw@{{ ansible_hostname }}"
- "ceph-radosgw@{{ ansible_hostname }}.service"
- "ceph-radosgw@radosgw.{{ ansible_hostname }}.service"
- ceph-radosgw@radosgw.gateway.service
ignore_errors: true
- name: include systemd.yml
include_tasks: systemd.yml
- name: systemd start rgw container
systemd:
......
---
- name: generate systemd unit file
become: true
template:
src: "{{ role_path }}/templates/ceph-radosgw.service.j2"
dest: /etc/systemd/system/ceph-radosgw@.service
owner: "root"
group: "root"
mode: "0644"
notify:
- restart ceph rgws
# For backward compatibility
- name: disable old systemd unit ('ceph-rgw@'|'ceph-radosgw@radosgw.'|'ceph-radosgw@') if present
systemd:
name: "{{ item }}"
state: stopped
enabled: no
daemon_reload: yes
with_items:
- "ceph-rgw@{{ ansible_hostname }}"
- "ceph-radosgw@{{ ansible_hostname }}.service"
- "ceph-radosgw@radosgw.{{ ansible_hostname }}.service"
- ceph-radosgw@radosgw.gateway.service
ignore_errors: true
\ No newline at end of file
docker/systemd.yml
\ No newline at end of file
[Unit]
Description=Ceph RGW
{% if container_binary == 'docker' %}
After=docker.service
Requires=docker.service
{% else %}
After=network.target
{% endif %}
{% set cpu_limit = ansible_processor_vcpus|int if ceph_rgw_docker_cpu_limit|int > ansible_processor_vcpus|int else ceph_rgw_docker_cpu_limit|int %}
[Service]
EnvironmentFile=-/etc/environment
ExecStartPre=-/usr/bin/docker stop ceph-rgw-{{ ansible_hostname }}
ExecStartPre=-/usr/bin/docker rm ceph-rgw-{{ ansible_hostname }}
ExecStart=/usr/bin/docker run --rm --net=host \
ExecStartPre=-/usr/bin/{{ container_binary }} stop ceph-rgw-{{ ansible_hostname }}
ExecStartPre=-/usr/bin/{{ container_binary }} rm ceph-rgw-{{ ansible_hostname }}
ExecStart=/usr/bin/{{ container_binary }} run --rm --net=host \
--memory={{ ceph_rgw_docker_memory_limit }} \
{% if ceph_docker_version.split('.')[0] is version_compare('13', '>=') -%}
{% if (container_binary == 'docker' and ceph_docker_version.split('.')[0] is version_compare('13', '>=')) or container_binary == 'podman' -%}
--cpus={{ cpu_limit }} \
{% else -%}
--cpu-quota={{ cpu_limit * 100000 }} \
......@@ -33,7 +37,7 @@ ExecStart=/usr/bin/docker run --rm --net=host \
--name=ceph-rgw-{{ ansible_hostname }} \
{{ ceph_rgw_docker_extra_env }} \
{{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }}
ExecStopPost=-/usr/bin/docker stop ceph-rgw-{{ ansible_hostname }}
ExecStopPost=-/usr/bin/{{ container_binary }} stop ceph-rgw-{{ ansible_hostname }}
Restart=always
RestartSec=10s
TimeoutStartSec=120
......
......@@ -38,6 +38,7 @@ def node(host, request):
osd_scenario = ansible_vars.get("osd_scenario")
lvm_scenario = osd_scenario in ['lvm', 'lvm-batch']
devices = ansible_vars.get("devices", [])
container_binary = ''
ceph_release_num = {
'jewel': 10,
'kraken': 11,
......@@ -98,6 +99,11 @@ def node(host, request):
cluster_name = ansible_vars.get("cluster", "ceph")
conf_path = "/etc/ceph/{}.conf".format(cluster_name)
if docker:
container_binary = "docker"
if docker and str_to_bool(os.environ.get('IS_PODMAN', False)): # noqa E501
container_binary = "podman"
data = dict(
address=address,
subnet=subnet,
......@@ -112,6 +118,7 @@ def node(host, request):
ceph_stable_release=ceph_stable_release,
ceph_release_num=ceph_release_num,
rolling_update=rolling_update,
container_binary=container_binary
)
return data
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment