dashboard: Support podman

This adds support for podman in dashboard-related roles. It also drops
the creation of custom network for the dashboard-related roles as this
functionality works in a different way with podman.

Signed-off-by: Boris Ranto <branto@redhat.com>
(cherry picked from commit b4d1c3693b)

group_vars/all.yml.sample

@@ -692,7 +692,6 @@ dummy:
 # DASHBOARD #
 #############
 #dashboard_enabled: False
-#dashboard_network_name: ceph-dashboard
 # Choose http or https
 # For https, you should set dashboard.crt/key and grafana.crt/key
 #dashboard_protocol: http

group_vars/rhcs.yml.sample

@@ -692,7 +692,6 @@ ceph_docker_registry: "registry.access.redhat.com"
 # DASHBOARD #
 #############
 #dashboard_enabled: False
-#dashboard_network_name: ceph-dashboard
 # Choose http or https
 # For https, you should set dashboard.crt/key and grafana.crt/key
 #dashboard_protocol: http

roles/ceph-defaults/defaults/main.yml

@@ -684,7 +684,6 @@ openstack_keys:
 # DASHBOARD #
 #############
 dashboard_enabled: False
-dashboard_network_name: ceph-dashboard
 # Choose http or https
 # For https, you should set dashboard.crt/key and grafana.crt/key
 dashboard_protocol: http

roles/ceph-grafana/tasks/setup_container.yml

@@ -27,35 +27,27 @@
     state: stopped
   failed_when: false
 
-- name: create docker container
+# Make sure we re-create the container
-  docker_container:
+- name: remove old grafana-server container
-    name: grafana-server
+  command: "{{ container_binary }} rm -f grafana-server"
-    image: "{{ grafana_container_image }}"
+  changed_when: false
-    state: present
+  failed_when: false
-    # restart to allow updates
+
-    restart: true
+- name: create grafana-server container
-    restart_policy: no
+  shell: |
-    force_kill: yes
+    {{ container_binary }} create --name grafana-server \
-    published_ports: '3000:3000'
+      -v "/etc/grafana:/etc/grafana:Z" \
-    detach: true
+      -v "/var/lib/grafana:/var/lib/grafana:Z" \
-    volumes:
+      "--net=host" \
-      - "/etc/grafana:/etc/grafana:Z"
+      "--cpu-period={{ grafana_container_cpu_period }}" \
-      - "/var/lib/grafana:/var/lib/grafana:Z"
+      "--cpu-quota={{ grafana_container_cpu_period * grafana_container_cpu_cores }}" \
-    networks:
+      "--memory={{ grafana_container_memory }}GB" \
-      - name: "{{ dashboard_network_name }}"
+      "--memory-swap={{ grafana_container_memory * 2 }}GB" \
-    keep_volumes: true
+      -e "GF_INSTALL_PLUGINS={{ grafana_plugins|join(',') }}" \
-    pull: true
+      "{{ grafana_container_image }}"
-    cpu_period: "{{ grafana_container_cpu_period }}"
-    # As of ansible-2.5.2, this module doesn't support the equivalent of the
-    # --cpus flag, so we must use period/quota for now
-    cpu_quota: "{{ grafana_container_cpu_period * grafana_container_cpu_cores }}"
-    memory: "{{ grafana_container_memory }}GB"
-    memory_swap: "{{ grafana_container_memory * 2 }}GB"
-    env:
-      GF_INSTALL_PLUGINS: "{{ grafana_plugins|join(',') }}"
 
 - name: ship systemd service
-  copy:
+  template:
     src: grafana-server.service
     dest: "/etc/systemd/system/"
     owner: root

roles/ceph-grafana/templates/datasources-ceph-dashboard.yml

@@ -17,7 +17,7 @@ datasources:
   # <int> org id. will default to orgId 1 if not specified
   orgId: 1
   # <string> url
-  url: 'http://prometheus:9090'
+  url: 'http://{{ groups["grafana-server"][0] }}:9090'
   # <bool> enable/disable basic auth
   basicAuth: false
   # <bool> mark as default datasource. Max one per org

roles/ceph-grafana/templates/grafana-server.service

@@ -2,12 +2,14 @@
 # overwritten.
 [Unit]
 Description=grafana-server
+{% if container_binary == 'docker' %}
 After=docker.service
+{% endif %}
 
 [Service]
 EnvironmentFile=-/etc/environment
-ExecStart=/usr/bin/docker start --attach grafana-server
+ExecStart=/usr/bin/{{ container_binary }} start --attach grafana-server
-ExecStop=-/usr/bin/docker stop grafana-server
+ExecStop=-/usr/bin/{{ container_binary }} stop grafana-server
 Restart=always
 RestartSec=10s
 TimeoutStartSec=120

roles/ceph-node-exporter/tasks/setup_container.yml

@@ -10,30 +10,25 @@
     state: stopped
   failed_when: false
 
-- name: start docker container
+# Make sure we re-create the container
-  docker_container:
+- name: remove old node-exporter container
-    name: node-exporter
+  command: "{{ container_binary }} rm -f node-exporter"
-    image: "{{ node_exporter_container_image }}"
+  changed_when: false
-    state: started
+  failed_when: false
-    command:
+
-      - '--path.procfs=/host/proc'
+- name: start node-exporter container
-      - '--path.sysfs=/host/sys'
+  shell: |
-      - '--no-collector.timex'
+    {{ container_binary }} run --detach  --name node-exporter \
-    # restart to allow updates
+      -v /proc:/host/proc:ro -v /sys:/host/sys:ro \
-    restart: true
+      --net=host \
-    restart_policy: no
+      {{ node_exporter_container_image }} \
-    force_kill: yes
+      '--path.procfs=/host/proc' \
-    detach: true
+      '--path.sysfs=/host/sys' \
-    volumes:
+      '--no-collector.timex'
-      - '/proc:/host/proc:ro'
-      - '/sys:/host/sys:ro'
-    network_mode: host
-    keep_volumes: true
-    pull: true
   notify: restart node-exporter service
 
 - name: ship systemd service
-  copy:
+  template:
     src: node_exporter.service
     dest: "/etc/systemd/system/"
     owner: root

roles/ceph-node-exporter/templates/node_exporter.service

@@ -2,15 +2,17 @@
 # overwritten.
 [Unit]
 Description=Node Exporter
+{% if container_binary == 'docker' %}
 After=docker.service
+{% endif %}
 
 [Service]
 EnvironmentFile=-/etc/environment
-ExecStart=/usr/bin/docker start --attach node-exporter
+ExecStart=/usr/bin/{{ container_binary }} start --attach node-exporter
 # Make sure the cfg80211 is loaded before running the container, the node
 # exporter needs this module loaded to test for presence of wi-fi devices
 ExecStartPre=/usr/sbin/modprobe cfg80211
-ExecStop=-/usr/bin/docker stop node-exporter
+ExecStop=-/usr/bin/{{ container_binary }} stop node-exporter
 Restart=always
 RestartSec=10s
 TimeoutStartSec=120

roles/ceph-prometheus/defaults/main.yml

@@ -6,7 +6,7 @@ prometheus_container_cpu_cores: 2
 prometheus_container_memory: 4
 prometheus_data_dir: /var/lib/prometheus
 prometheus_conf_dir: /etc/prometheus
-prometheus_user_id: '65534'  # This is the UID used by the prom/prometheus docker image
+prometheus_user_id: '65534'  # This is the UID used by the prom/prometheus container image
 
 alertmanager_container_image: prom/alertmanager:latest
 alertmanager_container_cpu_period: 100000

roles/ceph-prometheus/tasks/setup_container.yml

@@ -10,35 +10,25 @@
     state: stopped
   failed_when: false
 
+# Make sure we re-create the container
+- name: remove old alertmanager container
+  command: "{{ container_binary }} rm -f alertmanager"
+  changed_when: false
+  failed_when: false
+
 - name: start alertmanager container
-  docker_container:
+  shell: |
-    name: alertmanager
+    {{ container_binary }} run --detach  --name alertmanager \
-    image: "{{ alertmanager_container_image }}"
+      -v "{{ alertmanager_conf_dir }}:/etc/alertmanager:Z" \
-    state: started
+      -v "{{ alertmanager_data_dir }}:/alertmanager:Z" \
-    command:
+      "--net=host" \
-      - '--config.file=/etc/alertmanager/alertmanager.yml'
+      "--cpu-period={{ alertmanager_container_cpu_period }}" \
-      - '--storage.path=/alertmanager'
+      "--cpu-quota={{ alertmanager_container_cpu_period * alertmanager_container_cpu_cores }}" \
-    # restart to allow updates
+      "--memory={{ alertmanager_container_memory }}GB" \
-    restart: true
+      "--memory-swap={{ alertmanager_container_memory * 2 }}GB" \
-    restart_policy: no
+      "{{ alertmanager_container_image }}" \
-    force_kill: yes
+      "--config.file=/etc/alertmanager/alertmanager.yml" \
-    published_ports: '9093:9093'
+      "--storage.path=/alertmanager"
-    detach: true
-    volumes:
-      - "{{ alertmanager_conf_dir }}:/etc/alertmanager:Z"
-      - "{{ alertmanager_data_dir }}:/alertmanager:Z"
-    networks:
-      - name: "{{ dashboard_network_name }}"
-    keep_volumes: true
-    pull: true
-    cpu_period: "{{ alertmanager_container_cpu_period }}"
-    # As of ansible-2.5.2, this module doesn't support the equivalent of the
-    # --cpus flag, so we must use period/quota for now
-    cpu_quota: "{{ alertmanager_container_cpu_period * alertmanager_container_cpu_cores }}"
-    #memory: 0
-    #memory_swap: 0
-    memory: "{{ alertmanager_container_memory }}GB"
-    memory_swap: "{{ alertmanager_container_memory * 2 }}GB"
   notify: service handler
 
 - name: make sure the prometheus service is down
@@ -47,41 +37,31 @@
     state: stopped
   failed_when: false
 
-- name: start prometheus docker container
+# Make sure we re-create the container
-  docker_container:
+- name: remove old prometheus container
-    name: prometheus
+  command: "{{ container_binary }} rm -f prometheus"
-    image: "{{ prometheus_container_image }}"
+  changed_when: false
-    state: started
+  failed_when: false
-    command:
+
-      - '--config.file=/etc/prometheus/prometheus.yml'
+- name: start prometheus container
-      - '--storage.tsdb.path=/prometheus'
+  shell: |
-      - '--web.external-url=http://{{ inventory_hostname }}:9090/'
+    {{ container_binary }} run --detach  --name prometheus \
-    # restart to allow updates
+      -v "{{ prometheus_conf_dir }}:/etc/prometheus:Z" \
-    restart: true
+      -v "{{ prometheus_data_dir }}:/prometheus:Z" \
-    restart_policy: no
+      "--net=host" \
-    force_kill: yes
+      "--user={{ prometheus_user_id }}" \
-    published_ports: '9090:9090'
+      "--cpu-period={{ prometheus_container_cpu_period }}" \
-    detach: true
+      "--cpu-quota={{ prometheus_container_cpu_period * prometheus_container_cpu_cores }}" \
-    volumes:
+      "--memory={{ prometheus_container_memory }}GB" \
-      - "{{ prometheus_conf_dir }}:/etc/prometheus:Z"
+      "--memory-swap={{ prometheus_container_memory * 2 }}GB" \
-      - "{{ prometheus_data_dir }}:/prometheus:Z"
+      "{{ prometheus_container_image }}" \
-    networks:
+      "--config.file=/etc/prometheus/prometheus.yml" \
-      - name: "{{ dashboard_network_name }}"
+      "--storage.tsdb.path=/prometheus" \
-    user: "{{ prometheus_user_id }}"
+      "--web.external-url=http://{{ inventory_hostname }}:9090/"
-    keep_volumes: true
-    pull: true
-    cpu_period: "{{ prometheus_container_cpu_period }}"
-    # As of ansible-2.5.2, this module doesn't support the equivalent of the
-    # --cpus flag, so we must use period/quota for now
-    cpu_quota: "{{ prometheus_container_cpu_period * prometheus_container_cpu_cores }}"
-    #memory: 0
-    #memory_swap: 0
-    memory: "{{ prometheus_container_memory }}GB"
-    memory_swap: "{{ prometheus_container_memory * 2 }}GB"
   notify: service handler
 
 - name: ship systemd services
-  copy:
+  template:
     src: "{{ item }}"
     dest: "/etc/systemd/system/"
     owner: root

roles/ceph-prometheus/templates/alertmanager.service

@@ -2,12 +2,14 @@
 # overwritten.
 [Unit]
 Description=alertmanager
+{% if container_binary == 'docker' %}
 After=docker.service
+{% endif %}
 
 [Service]
 EnvironmentFile=-/etc/environment
-ExecStart=/usr/bin/docker start --attach alertmanager
+ExecStart=/usr/bin/{{ container_binary }} start --attach alertmanager
-ExecStop=/usr/bin/docker stop alertmanager
+ExecStop=/usr/bin/{{ container_binary }} stop alertmanager
 Restart=always
 RestartSec=10s
 TimeoutStartSec=120

roles/ceph-prometheus/templates/prometheus.service

@@ -2,12 +2,14 @@
 # overwritten.
 [Unit]
 Description=prometheus
+{% if container_binary == 'docker' %}
 After=docker.service
+{% endif %}
 
 [Service]
 EnvironmentFile=-/etc/environment
-ExecStart=/usr/bin/docker start --attach prometheus
+ExecStart=/usr/bin/{{ container_binary }} start --attach prometheus
-ExecStop=/usr/bin/docker stop prometheus
+ExecStop=/usr/bin/{{ container_binary }} stop prometheus
 Restart=always
 RestartSec=10s
 TimeoutStartSec=120

roles/ceph-prometheus/templates/prometheus.yml

@@ -44,4 +44,4 @@ alerting:
   alertmanagers:
   - scheme: http
     static_configs:
-    - targets: ['alertmanager:9093']
+    - targets: ['{{ groups["grafana-server"][0] }}:9093']