-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: desmax74 <[email protected]>
- Loading branch information
Showing
5 changed files
with
91 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,5 @@ | ||
| --- | ||
| # defaults file for tas_single_node | ||
| # defaults file for tpa_single_node | ||
| tpa_single_node_system_packages: | ||
| - podman | ||
| - podman-plugins |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| --- | ||
| # NOTE: determining when the service will restart with `when: ...` is not ideal, however | ||
| # we would need a dynamic handler otherwise and these are a bit fragile. | ||
|
|
||
| - name: Set location of Podman Play Manifest | ||
| ansible.builtin.set_fact: | ||
| kube_play_file: >- | ||
| {{ tpa_single_node_kube_manifest_dir + '/' + podman_spec.kube_file_content.metadata.namespace + '_' | ||
| + podman_spec.kube_file_content.metadata.name + '.yml' }} | ||
| - name: Copy Manifest to Server | ||
| ansible.builtin.copy: | ||
| content: "{{ podman_spec.kube_file_content | to_nice_yaml(indent=2) }}" | ||
| dest: "{{ kube_play_file }}" | ||
| mode: "0600" | ||
| register: copy_manifest | ||
|
|
||
| - name: Create Secret | ||
| # We can't use podman_secret because we support Podman 4.4.1 and the podman_secret module only | ||
| # supports idempotency with >= 4.7.0: https://github.com/containers/ansible-podman-collections/issues/692 | ||
| # Unfortunately podman_play doesn't properly understand idempotency with secrets either | ||
| # The next best thing is to identify whether the secret file changed - this is determined from the secret_changed | ||
| # variable passed by the caller to this file | ||
| containers.podman.podman_play: | ||
| kube_file: "{{ podman_spec.secret }}" | ||
| state: "{{ podman_spec.state | default('started') }}" | ||
| when: podman_spec.secret is defined | ||
| changed_when: podman_spec.secret is defined and podman_spec.secret_changed | ||
|
|
||
| - name: Copy Systemd file to Server | ||
| ansible.builtin.template: | ||
| src: systemd/systemd-cm.j2 | ||
| dest: "{{ tpa_single_node_systemd_directory + '/' + podman_spec.systemd_file }}.service" | ||
| mode: "0600" | ||
| when: podman_spec.configmap is defined | ||
| register: copy_systemd_file | ||
|
|
||
| - name: Copy Systemd file to Server | ||
| ansible.builtin.template: | ||
| src: systemd/systemd-nocm.j2 | ||
| dest: "{{ tpa_single_node_systemd_directory + '/' + podman_spec.systemd_file }}.service" | ||
| mode: "0600" | ||
| when: podman_spec.configmap is not defined | ||
| register: copy_systemd_file | ||
|
|
||
| - name: Restart Podman Service | ||
| ansible.builtin.systemd: | ||
| state: restarted | ||
| enabled: true | ||
| daemon_reload: true | ||
| name: "{{ podman_spec.systemd_file }}" | ||
| when: copy_manifest.changed or copy_systemd_file.changed or (podman_spec.secret is defined and podman_spec.secret_changed) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| [Unit] | ||
| Description="{{ podman_spec.systemd_file}}" systemd container | ||
| Documentation=man:podman-kube-play(1) | ||
| Wants=network-online.target | ||
| After=network-online.target | ||
| RequiresMountsFor=%t/containers | ||
|
|
||
| [Service] | ||
| Environment=PODMAN_SYSTEMD_UNIT=%n | ||
| TimeoutStopSec=70 | ||
| ExecStart=/usr/bin/podman kube play --replace --service-container=true "{{ kube_play_file }}" --network "{{ podman_spec.network | default('podman') }}" --configmap "{{ podman_spec.configmap | default(omit) }}" | ||
| ExecStop=/usr/bin/podman kube down "{{ kube_play_file }}" | ||
| Type=notify | ||
| NotifyAccess=all | ||
|
|
||
| [Install] | ||
| WantedBy=default.target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| [Unit] | ||
| Description="{{ podman_spec.systemd_file}}" systemd container | ||
| Documentation=man:podman-kube-play(1) | ||
| Wants=network-online.target | ||
| After=network-online.target | ||
| RequiresMountsFor=%t/containers | ||
|
|
||
| [Service] | ||
| Environment=PODMAN_SYSTEMD_UNIT=%n | ||
| TimeoutStopSec=70 | ||
| ExecStart=/usr/bin/podman kube play --replace --service-container=true "{{ kube_play_file }}" --network "{{ podman_spec.network | default('podman') }}" | ||
| ExecStop=/usr/bin/podman kube down "{{ kube_play_file }}" | ||
| Type=notify | ||
| NotifyAccess=all | ||
|
|
||
| [Install] | ||
| WantedBy=default.target |