--- - name: Update apt cache apt: update_cache: yes become: True when: ansible_os_family == 'Debian' # TODO(inc0): Gates don't seem to have ufw executable, check for it instead of ignore errors - name: Set firewall default policy become: True ufw: state: disabled policy: allow when: ansible_os_family == 'Debian' ignore_errors: yes - name: Check if firewalld is installed command: rpm -q firewalld register: firewalld_check changed_when: false failed_when: firewalld_check.rc > 1 args: warn: false when: ansible_os_family == 'RedHat' - name: Disable firewalld become: True service: name: "{{ item }}" enabled: false state: stopped with_items: - firewalld when: - ansible_os_family == 'RedHat' - firewalld_check.rc == 0 # Upgrading docker engine may cause containers to stop. Take a snapshot of the # running containers prior to a potential upgrade of Docker. - name: Check which containers are running command: docker ps -f 'status=running' -q become: true # If Docker is not installed this command may exit non-zero. failed_when: false changed_when: false register: running_containers - name: Install apt packages package: name: "{{ (debian_pkg_install | join(' ')).split() }}" state: present become: True when: ansible_os_family == 'Debian' register: apt_install_result - name: Install deltarpm packages package: name: drpm state: present update_cache: yes become: True when: ansible_os_family == 'RedHat' - name: Install RPM packages package: name: "{{ (redhat_pkg_install | join(' ')).split() }}" state: present update_cache: yes become: True when: ansible_os_family == 'RedHat' register: rpm_install_result # If any packages were updated, and any containers were running, wait for the # daemon to come up and start all previously running containers. - block: # At some point (at least on CentOS 7) Docker CE stopped starting # automatically after an upgrade from legacy docker . Start it manually. - name: Start docker service: name: docker state: started enabled: yes become: True - name: Wait for Docker to start command: docker info become: true changed_when: false register: result until: result is success retries: 6 delay: 10 - name: Ensure containers are running after Docker upgrade command: "docker start {{ running_containers.stdout }}" become: true when: - install_result is changed - running_containers.rc == 0 - running_containers.stdout != '' vars: install_result: "{{ rpm_install_result if ansible_os_family == 'RedHat' else apt_install_result }}" - name: Install latest pip in the virtualenv pip: # NOTE(hrw) pip 19.3 is first version complaining about being run with Python 2 name: pip>19.3 virtualenv: "{{ virtualenv }}" virtualenv_site_packages: "{{ virtualenv_site_packages }}" virtualenv_python: "python{{ host_python_version }}" become: True when: virtualenv is not none - name: Install docker SDK for python pip: # NOTE(hrw) docker 2.4.2 is in kolla-ansible requirements name: docker>=2.4.2 executable: "{{ virtualenv is none | ternary('pip3', omit) }}" virtualenv: "{{ virtualenv is none | ternary(omit, virtualenv) }}" virtualenv_site_packages: "{{ virtualenv is none | ternary(omit, virtualenv_site_packages) }}" virtualenv_python: "{{ virtualenv is none | ternary(omit, 'python' ~ host_python_version) }}" become: True - name: Remove packages package: name: "{{ (ubuntu_pkg_removals | join(' ')).split() }}" state: absent become: True when: ansible_distribution|lower == "ubuntu" - name: Remove packages package: name: "{{ (redhat_pkg_removals | join(' ')).split() }}" state: absent become: True when: ansible_os_family == 'RedHat'