2019-06-30 05:09:20 +08:00
---
- name : Fail containerd setup if distribution is not supported
fail :
msg : "{{ ansible_distribution }} is not supported by containerd."
when :
2023-03-06 09:50:57 +08:00
- not (allow_unsupported_distribution_setup | default(false)) and (ansible_distribution not in ["CentOS", "OracleLinux", "RedHat", "Ubuntu", "Debian", "Fedora", "AlmaLinux", "Rocky", "Amazon", "Flatcar", "Flatcar Container Linux by Kinvolk", "Suse", "openSUSE Leap", "openSUSE Tumbleweed", "Kylin Linux Advanced Server", "UnionTech", "openEuler"])
2019-06-30 05:09:20 +08:00
2021-10-20 23:47:58 +08:00
- name : containerd | Remove any package manager controlled containerd package
package :
name : "{{ containerd_package }}"
state : absent
when :
- not (is_ostree or (ansible_distribution == "Flatcar Container Linux by Kinvolk") or (ansible_distribution == "Flatcar"))
2019-07-11 14:46:54 +08:00
2021-10-20 23:47:58 +08:00
- name : containerd | Remove containerd repository
2020-01-29 17:24:14 +08:00
file :
2021-10-20 23:47:58 +08:00
path : "{{ yum_repo_dir }}/containerd.repo"
state : absent
when :
- ansible_os_family in ['RedHat']
- name : containerd | Remove containerd repository
apt_repository :
repo : "{{ item }}"
state : absent
with_items : "{{ containerd_repo_info.repos }}"
when : ansible_pkg_mgr == 'apt'
- name : containerd | Download containerd
include_tasks : "../../../download/tasks/download_file.yml"
vars :
download : "{{ download_defaults | combine(downloads.containerd) }}"
- name : containerd | Unpack containerd archive
unarchive :
src : "{{ downloads.containerd.dest }}"
dest : "{{ containerd_bin_dir }}"
2021-07-12 15:00:47 +08:00
mode : 0755
2021-10-20 23:47:58 +08:00
remote_src : yes
extra_opts :
- --strip-components=1
notify : restart containerd
2020-01-29 17:24:14 +08:00
2021-11-05 22:53:53 +08:00
- name : containerd | Remove orphaned binary
file :
path : "/usr/bin/{{ item }}"
state : absent
2022-03-16 04:47:48 +08:00
when :
- containerd_bin_dir != "/usr/bin"
- not (is_ostree or (ansible_distribution == "Flatcar Container Linux by Kinvolk") or (ansible_distribution == "Flatcar"))
2021-11-05 22:53:53 +08:00
ignore_errors : true # noqa ignore-errors
with_items :
- containerd
- containerd-shim
- containerd-shim-runc-v1
- containerd-shim-runc-v2
- ctr
2021-10-20 23:47:58 +08:00
- name : containerd | Generate systemd service for containerd
2020-01-29 17:24:14 +08:00
template :
2021-10-20 23:47:58 +08:00
src : containerd.service.j2
dest : /etc/systemd/system/containerd.service
2021-07-12 15:00:47 +08:00
mode : 0644
2020-01-29 17:24:14 +08:00
notify : restart containerd
2021-10-20 23:47:58 +08:00
- name : containerd | Ensure containerd directories exist
2019-07-11 14:46:54 +08:00
file :
2021-10-20 23:47:58 +08:00
dest : "{{ item }}"
2019-07-11 14:46:54 +08:00
state : directory
mode : 0755
owner : root
group : root
2021-10-20 23:47:58 +08:00
with_items :
- "{{ containerd_systemd_dir }}"
- "{{ containerd_cfg_dir }}"
- "{{ containerd_storage_dir }}"
- "{{ containerd_state_dir }}"
2019-07-11 14:46:54 +08:00
2021-10-20 23:47:58 +08:00
- name : containerd | Write containerd proxy drop-in
template :
src : http-proxy.conf.j2
dest : "{{ containerd_systemd_dir }}/http-proxy.conf"
mode : 0644
notify : restart containerd
when : http_proxy is defined or https_proxy is defined
2022-11-08 22:44:32 +08:00
- name : containerd | Generate default base_runtime_spec
register : ctr_oci_spec
command : "{{ containerd_bin_dir }}/ctr oci spec"
check_mode : false
changed_when : false
- name : containerd | Store generated default base_runtime_spec
set_fact :
containerd_default_base_runtime_spec : "{{ ctr_oci_spec.stdout | from_json }}"
2022-09-24 01:38:27 +08:00
- name : containerd | Write base_runtime_specs
copy :
content : "{{ item.value }}"
dest : "{{ containerd_cfg_dir }}/{{ item.key }}"
owner : "root"
mode : 0644
with_dict : "{{ containerd_base_runtime_specs | default({}) }}"
notify : restart containerd
2021-10-20 23:47:58 +08:00
- name : containerd | Copy containerd config file
2019-06-30 05:09:20 +08:00
template :
src : config.toml.j2
2019-07-11 14:46:54 +08:00
dest : "{{ containerd_cfg_dir }}/config.toml"
owner : "root"
2021-04-12 16:02:00 +08:00
mode : 0640
2019-07-11 14:46:54 +08:00
notify : restart containerd
2019-06-30 05:09:20 +08:00
2023-02-17 12:57:39 +08:00
- block :
- name : containerd |
file :
path : "{{ containerd_cfg_dir }}/certs.d/{{ item.key }}"
state : directory
mode : 0755
recurse : true
with_dict : "{{ containerd_insecure_registries }}"
- name : containerd |
blockinfile :
path : "{{ containerd_cfg_dir }}/certs.d/{{ item.key }}/hosts.toml"
mode : 0640
create : true
block : |
server = "{{ item.value }}"
[ host."{{ item.value }}"]
capabilities = ["pull", "resolve", "push"]
skip_verify = true
with_dict : "{{ containerd_insecure_registries }}"
when : containerd_use_config_path is defined and containerd_use_config_path|bool and containerd_insecure_registries is defined
2023-01-17 15:42:32 +08:00
2021-01-10 06:21:10 +08:00
# you can sometimes end up in a state where everything is installed
# but containerd was not started / enabled
2021-10-20 23:47:58 +08:00
- name : containerd | Flush handlers
2021-01-10 06:21:10 +08:00
meta : flush_handlers
2021-10-20 23:47:58 +08:00
- name : containerd | Ensure containerd is started and enabled
2022-04-29 23:39:14 +08:00
systemd :
2021-01-10 06:21:10 +08:00
name : containerd
2022-04-29 23:39:14 +08:00
daemon_reload : yes
2021-01-10 06:21:10 +08:00
enabled : yes
state : started
