| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134 |
- ---
- # TODO: Much of this file is shared with container engine tasks
- - set_fact:
- l_insecure_crio_registries: "{{ '\"{}\"'.format('\", \"'.join(openshift.docker.insecure_registries)) }}"
- when: openshift.docker.insecure_registries
- - name: Ensure container-selinux is installed
- package:
- name: container-selinux
- state: present
- when: not openshift.common.is_atomic | bool
- # Used to pull and install the system container
- - name: Ensure atomic is installed
- package:
- name: atomic
- state: present
- when: not openshift.common.is_atomic | bool
- # At the time of writing the atomic command requires runc for it's own use. This
- # task is here in the even that the atomic package ever removes the dependency.
- - name: Ensure runc is installed
- package:
- name: runc
- state: present
- when: not openshift.common.is_atomic | bool
- - name: Check that overlay is in the kernel
- shell: lsmod | grep overlay
- register: l_has_overlay_in_kernel
- ignore_errors: yes
- - when: l_has_overlay_in_kernel.rc != 0
- block:
- - name: Add overlay to modprobe.d
- template:
- dest: /etc/modules-load.d/overlay.conf
- src: overlay.conf.j2
- backup: yes
- - name: Manually modprobe overlay into the kernel
- command: modprobe overlay
- - block:
- - name: Add http_proxy to /etc/atomic.conf
- lineinfile:
- dest: /etc/atomic.conf
- regexp: "^#?http_proxy[:=]{1}"
- line: "http_proxy: {{ openshift.common.http_proxy | default('') }}"
- when:
- - openshift.common.http_proxy is defined
- - openshift.common.http_proxy != ''
- - name: Add https_proxy to /etc/atomic.conf
- lineinfile:
- dest: /etc/atomic.conf
- regexp: "^#?https_proxy[:=]{1}"
- line: "https_proxy: {{ openshift.common.https_proxy | default('') }}"
- when:
- - openshift.common.https_proxy is defined
- - openshift.common.https_proxy != ''
- - name: Add no_proxy to /etc/atomic.conf
- lineinfile:
- dest: /etc/atomic.conf
- regexp: "^#?no_proxy[:=]{1}"
- line: "no_proxy: {{ openshift.common.no_proxy | default('') }}"
- when:
- - openshift.common.no_proxy is defined
- - openshift.common.no_proxy != ''
- - block:
- - name: Set to default prepend
- set_fact:
- l_crio_image_prepend: "gscrivano"
- - name: Use Red Hat Registry for image when distribution is Red Hat
- set_fact:
- l_crio_image_prepend: "registry.access.redhat.com/openshift3"
- when: ansible_distribution == 'RedHat'
- - name: Use Fedora Registry for image when distribution is Fedora
- set_fact:
- l_crio_image_prepend: "registry.fedoraproject.org/f25"
- when: ansible_distribution == 'Fedora'
- # For https://github.com/openshift/openshift-ansible/pull/4049#discussion_r114478504
- - name: Use a testing registry if requested
- set_fact:
- l_crio_image_prepend: "{{ openshift_docker_systemcontainer_image_registry_override }}"
- when:
- - openshift_docker_systemcontainer_image_registry_override is defined
- - openshift_docker_systemcontainer_image_registry_override != ""
- - name: Set the full image name
- set_fact:
- l_crio_image: "{{ l_crio_image_prepend }}/cri-o:latest"
- # NOTE: no_proxy added as a workaround until https://github.com/projectatomic/atomic/pull/999 is released
- - name: Pre-pull CRI-O System Container image
- command: "atomic pull --storage ostree {{ l_crio_image }}"
- changed_when: false
- environment:
- NO_PROXY: "{{ openshift.common.no_proxy | default('') }}"
- - name: Install CRI-O System Container
- oc_atomic_container:
- name: "cri-o"
- image: "{{ l_crio_image }}"
- state: latest
- - name: Create the CRI-O configuration
- template:
- dest: /etc/crio/crio.conf
- src: crio.conf.j2
- backup: yes
- - name: Start the CRI-O service
- systemd:
- name: "cri-o"
- enabled: yes
- state: started
- daemon_reload: yes
- register: start_result
- - meta: flush_handlers
|
