ensure-docker: < 1500 MTU workaround

As described inline, we should lower the MTU in the docker
configuration when we see the interface has a MTU lower than 1500 so
things "just work".  This particularly affects the Linaro ARM64 cloud
in OpenDev, but it is a generic issue.

Change-Id: I338616c41a65b007d56648fdab6da2a6a6b909f4
Story: https://storyboard.openstack.org/#!/story/2008230
This commit is contained in:
Ian Wienand 2020-08-20 10:02:04 +10:00 committed by zbr
parent a1742afb60
commit 664d068ef7
2 changed files with 31 additions and 22 deletions

View File

@ -12,17 +12,37 @@
- "{{ docker_group }}"
append: yes
- name: Update docker daemon configuration
- name: Update docker daemon proxy configuration
when: docker_userland_proxy is defined
block:
- name: Add proxy config
include_role:
name: update-json-file
vars:
update_json_file_name: /etc/docker/daemon.json
update_json_file_combine:
userland-proxy: "{{ docker_userland_proxy }}"
update_json_file_become: true
include_role:
name: update-json-file
vars:
update_json_file_name: /etc/docker/daemon.json
update_json_file_combine:
userland-proxy: "{{ docker_userland_proxy }}"
update_json_file_become: true
# Docker defaults to a MTU of 1500, which causes problems when the
# main interface has a MTU less than that. Cloud environments often
# have this, one good example is OpenDev's Linaro ARM64 cloud.
# https://storyboard.openstack.org/#!/story/2008230
- name: Lower default MTU
when: ansible_default_ipv4.mtu < 1500
include_role:
name: update-json-file
vars:
update_json_file_name: /etc/docker/daemon.json
update_json_file_combine:
mtu: 1400
update_json_file_become: true
- name: Restart docker
when: >-
(docker_userland_proxy is defined) or
(ansible_default_ipv4.mtu < 1500)
service:
name: docker
state: restarted
- name: Reset ssh connection to pick up docker group
meta: reset_connection

View File

@ -13,18 +13,7 @@
command: |
docker run --rm --network=host curlimages/curl:latest --no-progress-meter https://httpbin.org/get
# Two task approach that ignores known partial failures on specific plaforms:
# https://storyboard.openstack.org/#!/story/2008215
- name: Validate docker default network containers have internet access
- name: Validate docker default bridge networking containers have internet access
command: |
docker run --rm curlimages/curl:latest --no-progress-meter https://httpbin.org/get
register: result
ignore_errors: true
- name: Fail if bug found on unknown platform
when:
- result.rc != 0
- ansible_distribution_release not in ['bionic', 'focal']
- ansible_architecture != 'aarch64'
fail:
msg: Bug 2008215 regression detected