From 5c7e3e9d3a36062a6bf0d79da0c95e1f2e17b9a0 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Wed, 22 Jun 2016 11:28:19 -0300 Subject: Update docker upgrade playbook to be more flexible. Now more of a generic upgrade playbook to go to the latest Docker version. Added support for docker_version inventory variable, in which case we disable the check for >= 1.10 and make sure you're running at least the specified version. (we will not downgrade you to the requested version however, this is much too complicated) --- .../upgrades/docker/docker_upgrade.yml | 59 +++++++++++++++------- 1 file changed, 41 insertions(+), 18 deletions(-) (limited to 'playbooks/byo') diff --git a/playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml index 8b1b2fb1b..9434d8e15 100644 --- a/playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml +++ b/playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml @@ -1,51 +1,68 @@ -- name: Check for appropriate Docker versions for 1.9.x to 1.10.x upgrade +- name: Check for appropriate Docker versions hosts: oo_masters_to_config:oo_nodes_to_config:oo_etcd_to_config roles: - openshift_facts tasks: + - set_fact: + repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery' }}" + + - fail: + msg: Cannot upgrade Docker on Atomic hosts + when: openshift.common.is_atomic | bool + - name: Determine available Docker version script: ../../../../common/openshift-cluster/upgrades/files/rpm_versions.sh docker register: g_docker_version_result - when: not openshift.common.is_atomic | bool - name: Check if Docker is installed command: rpm -q docker register: pkg_check failed_when: pkg_check.rc > 1 changed_when: no - when: not openshift.common.is_atomic | bool - - set_fact: - g_docker_version: "{{ g_docker_version_result.stdout | from_yaml }}" - when: not openshift.common.is_atomic | bool + - name: Get current version of Docker + command: "{{ repoquery_cmd }} --installed --qf '%{version}' docker" + register: curr_docker_version + changed_when: false - - name: Set fact if docker requires an upgrade - set_fact: - docker_upgrade: true - when: not openshift.common.is_atomic | bool and pkg_check.rc == 0 and g_docker_version.curr_version | version_compare('1.10','<') + - name: Get latest available version of Docker + command: > + {{ repoquery_cmd }} --qf '%{version}' "docker" + register: avail_docker_version + failed_when: false + changed_when: false - fail: msg: This playbook requires access to Docker 1.10 or later - when: g_docker_version.avail_version | default(g_docker_version.curr_version, true) | version_compare('1.10','<') + # Disable the 1.10 requirement if the user set a specific Docker version + when: avail_docker_version.stdout | version_compare('1.10','<') and docker_version is not defined + + - name: Flag for upgrade if Docker version does not equal latest + set_fact: + docker_upgrade: true + when: docker_version is not defined and pkg_check.rc == 0 and curr_docker_version.stdout | version_compare(avail_docker_version.stdout,'<') + + - name: Flag for upgrade if Docker version does not equal requested version + set_fact: + docker_upgrade: true + when: docker_version is defined and pkg_check.rc == 0 and curr_docker_version.stdout | version_compare(docker_version,'<') + # If a node fails, halt everything, the admin will need to clean up and we # don't want to carry on, potentially taking out every node. The playbook can safely be re-run -# and will not take any action on a node already running 1.10+. +# and will not take any action on a node already running the requested docker version. - name: Evacuate and upgrade nodes hosts: oo_masters_to_config:oo_nodes_to_config:oo_etcd_to_config serial: 1 any_errors_fatal: true tasks: - - debug: var=docker_upgrade - - name: Prepare for Node evacuation command: > {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --schedulable=false delegate_to: "{{ groups.oo_first_master.0 }}" when: docker_upgrade is defined and docker_upgrade | bool and inventory_hostname in groups.oo_nodes_to_config -# TODO: skip all node evac stuff for non-nodes (i.e. separate containerized etcd hosts) - name: Evacuate Node for Kubelet upgrade command: > {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --evacuate --force @@ -69,10 +86,16 @@ register: nuke_images_result when: docker_upgrade is defined and docker_upgrade | bool - - name: Upgrade Docker - command: "{{ ansible_pkg_mgr}} update -y docker" + # TODO: should we use the docker role to actually do the upgrade? + - name: Upgrade to specified Docker version + action: "{{ ansible_pkg_mgr }} name=docker{{ '-' + docker_version }} state=present" register: docker_upgrade_result - when: docker_upgrade is defined and docker_upgrade | bool + when: docker_upgrade is defined and docker_upgrade | bool and docker_version is defined + + - name: Upgrade to latest Docker version + action: "{{ ansible_pkg_mgr }} name=docker state=latest" + register: docker_upgrade_result + when: docker_upgrade is defined and docker_upgrade | bool and docker_version is not defined - name: Restart containerized services service: name={{ item }} state=started -- cgit v1.2.3