Update docker upgrade playbook to be more flexible.

Now more of a generic upgrade playbook to go to the latest Docker
version.

Added support for docker_version inventory variable, in which case we
disable the check for >= 1.10 and make sure you're running at least the
specified version. (we will not downgrade you to the requested version
however, this is much too complicated)

playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml

@@ -1,51 +1,68 @@
 
-- name: Check for appropriate Docker versions for 1.9.x to 1.10.x upgrade
+- name: Check for appropriate Docker versions
   hosts: oo_masters_to_config:oo_nodes_to_config:oo_etcd_to_config
   roles:
   - openshift_facts
   tasks:
+  - set_fact:
+      repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery' }}"
+
+  - fail:
+      msg: Cannot upgrade Docker on Atomic hosts
+    when: openshift.common.is_atomic | bool
+
   - name: Determine available Docker version
     script: ../../../../common/openshift-cluster/upgrades/files/rpm_versions.sh docker
     register: g_docker_version_result
-    when: not openshift.common.is_atomic | bool
 
   - name: Check if Docker is installed
     command: rpm -q docker
     register: pkg_check
     failed_when: pkg_check.rc > 1
     changed_when: no
-    when: not openshift.common.is_atomic | bool
 
-  - set_fact:
-      g_docker_version: "{{ g_docker_version_result.stdout | from_yaml }}"
-    when: not openshift.common.is_atomic | bool
+  - name: Get current version of Docker
+    command: "{{ repoquery_cmd }} --installed --qf '%{version}' docker"
+    register: curr_docker_version
+    changed_when: false
 
-  - name: Set fact if docker requires an upgrade
-    set_fact:
-      docker_upgrade: true
-    when: not openshift.common.is_atomic | bool and pkg_check.rc == 0 and g_docker_version.curr_version | version_compare('1.10','<')
+  - name: Get latest available version of Docker
+    command: >
+      {{ repoquery_cmd }} --qf '%{version}' "docker"
+    register: avail_docker_version
+    failed_when: false
+    changed_when: false
 
   - fail:
       msg: This playbook requires access to Docker 1.10 or later
-    when: g_docker_version.avail_version | default(g_docker_version.curr_version, true) | version_compare('1.10','<')
+    # Disable the 1.10 requirement if the user set a specific Docker version
+    when: avail_docker_version.stdout | version_compare('1.10','<') and docker_version is not defined
+
+  - name: Flag for upgrade if Docker version does not equal latest
+    set_fact:
+      docker_upgrade: true
+    when: docker_version is not defined and pkg_check.rc == 0 and curr_docker_version.stdout | version_compare(avail_docker_version.stdout,'<')
+
+  - name: Flag for upgrade if Docker version does not equal requested version
+    set_fact:
+      docker_upgrade: true
+    when: docker_version is defined and pkg_check.rc == 0 and curr_docker_version.stdout | version_compare(docker_version,'<')
+
 
 # If a node fails, halt everything, the admin will need to clean up and we
 # don't want to carry on, potentially taking out every node. The playbook can safely be re-run
-# and will not take any action on a node already running 1.10+.
+# and will not take any action on a node already running the requested docker version.
 - name: Evacuate and upgrade nodes
   hosts: oo_masters_to_config:oo_nodes_to_config:oo_etcd_to_config
   serial: 1
   any_errors_fatal: true
   tasks:
-  - debug: var=docker_upgrade
-
   - name: Prepare for Node evacuation
     command: >
       {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --schedulable=false
     delegate_to: "{{ groups.oo_first_master.0 }}"
     when: docker_upgrade is defined and docker_upgrade | bool and inventory_hostname in groups.oo_nodes_to_config
 
-# TODO: skip all node evac stuff for non-nodes (i.e. separate containerized etcd hosts)
   - name: Evacuate Node for Kubelet upgrade
     command: >
       {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --evacuate --force
@@ -69,10 +86,16 @@
     register: nuke_images_result
     when: docker_upgrade is defined and docker_upgrade | bool
 
-  - name: Upgrade Docker
-    command: "{{ ansible_pkg_mgr}} update -y docker"
+  # TODO: should we use the docker role to actually do the upgrade?
+  - name: Upgrade to specified Docker version
+    action: "{{ ansible_pkg_mgr }} name=docker{{ '-' + docker_version }} state=present"
     register: docker_upgrade_result
-    when: docker_upgrade is defined and docker_upgrade | bool
+    when: docker_upgrade is defined and docker_upgrade | bool and docker_version is defined
+
+  - name: Upgrade to latest Docker version
+    action: "{{ ansible_pkg_mgr }} name=docker state=latest"
+    register: docker_upgrade_result
+    when: docker_upgrade is defined and docker_upgrade | bool and docker_version is not defined
 
   - name: Restart containerized services
     service: name={{ item }} state=started

playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml

@@ -163,7 +163,6 @@
 
   - set_fact:
       repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery' }}"
-    when: not openshift.common.is_containerized | bool
 
   - name: Check latest available OpenShift RPM version
     command: >