From 032cc44c2b49ceb25f5ba5862d2d3bead15de6e7 Mon Sep 17 00:00:00 2001 From: Cory Hawkless Date: Mon, 10 Oct 2022 14:39:36 +1030 Subject: [PATCH 1/6] Upd --- dockerContainer.yml | 96 ++++++++++++++++++++++----------------------- dockerVolume.yml | 4 +- 2 files changed, 48 insertions(+), 52 deletions(-) diff --git a/dockerContainer.yml b/dockerContainer.yml index 125170b..2502422 100644 --- a/dockerContainer.yml +++ b/dockerContainer.yml @@ -79,11 +79,11 @@ loop_control: loop_var: outer_item when: templates_Defined ==1 and outer_item.value.generic is not defined - register: fileChanged + register: file_changed tags: always - name: Set the flag to restart the container if file was changed - set_fact: containerRestart='yes' - when: fileChanged is defined and fileChanged.changed + set_fact: container_restart='yes' + when: file_changed is defined and file_changed.changed tags: always #Copy templates form a generic dir, allow ansible to search @@ -95,11 +95,11 @@ loop_control: loop_var: outer_item when: templates_Defined ==1 and outer_item.value.generic is defined - register: fileChanged + register: file_changed tags: always - name: Set the flag to restart the container if file was changed - set_fact: containerRestart='yes' - when: fileChanged is defined and fileChanged.changed + set_fact: container_restart='yes' + when: file_changed is defined and file_changed.changed tags: always - name: Append templated files to the mapping list @@ -141,11 +141,11 @@ loop_control: loop_var: outer_item when: files_Defined == 1 and outer_item.value.generic is not defined and outer_item.value.src_text is not defined - register: fileChanged + register: file_changed tags: always - name: Set the flag to restart the container if file was changed - set_fact: containerRestart='yes' - when: fileChanged is defined and fileChanged.changed + set_fact: container_restart='yes' + when: file_changed is defined and file_changed.changed tags: always #Copy files from a generic dir, allow ansible to search - name: "Generic File mappings for {{ container_Name }}" @@ -156,48 +156,45 @@ loop_control: loop_var: outer_item when: files_Defined == 1 and outer_item.value.generic is defined and outer_item.value.src_text is not defined - register: fileChanged + register: file_changed tags: always - name: Set the flag to restart the container if file was changed - set_fact: containerRestart='yes' - when: fileChanged is defined and fileChanged.changed + set_fact: container_restart='yes' + when: file_changed is defined and file_changed.changed tags: always -#Create files based on the suplied src_text param +# Create files based on the suplied src_text param - name: "Text based file creation for {{ container_Name }}" - #Files will be copied to the 'config' dir as defined by container_configDir, they will be stored using their file name - #Need to ensure you dont have duplicate files names here + # Files will be copied to the 'config' dir as defined by container_configDir, they will be stored using their file name + # Need to ensure you dont have duplicate files names here copy: content="{{ outer_item.value.src_text }}" dest="{{ container_configDir }}/{{ outer_item.key }}" mode=0644 with_dict: "{{ item.value.mappings.files }}" loop_control: loop_var: outer_item when: files_Defined == 1 and outer_item.value.src_text is defined - register: fileChanged + register: file_changed tags: always - name: Set the flag to restart the container if file was changed - set_fact: containerRestart='yes' - when: fileChanged is defined and fileChanged.changed + set_fact: container_restart='yes' + when: file_changed is defined and file_changed.changed tags: always - name: Append static remote files to the mapping list set_fact: - #build a list to pass to docker containing the source of the file(As on disk on the host) and the destination mount within the container - #Also allows the passing of 'params' which is rw or ro, defaults to rw + # build a list to pass to docker containing the source of the file(As on disk on the host) and the destination mount within the container + # Also allows the passing of 'params' which is rw or ro, defaults to rw mappings: "{{ mappings + [ container_configDir + outer_item.key + ':' + outer_item.value.dest + ':' + outer_item.value.params | default('rw') ] }}" with_dict: "{{ item.value.mappings.files }}" loop_control: loop_var: outer_item when: files_Defined == 1 tags: always -#----------------------------------/FILES---------------------------------- +# ----------------------------------/FILES---------------------------------- - - - -#----------------------------------LOCAL---------------------------------- -#Local files alreeady exist on the host, commonly local time and or netns for namespace, could also be locl disk drives? -#Nothing gets copied for local mappings, just defintiions added to the mapping list -#Only copy files if there are local files defined in the incoming defintion dict +# ----------------------------------LOCAL---------------------------------- +# Local files alreeady exist on the host, commonly local time and or netns for namespace, could also be locl disk drives? +# Nothing gets copied for local mappings, just defintiions added to the mapping list +# Only copy files if there are local files defined in the incoming defintion dict - set_fact: local_Defined=0 tags: always - name: Check if Local files have been defined or not @@ -205,32 +202,32 @@ local_Defined: 1 when: item.value.mappings.local is defined tags: always -#- debug: msg="local not defined" +# - debug: msg="local not defined" # when: local_Defined is not defined - name: Append static local files to the mapping list set_fact: - #build a list to pass to docker containing the source of the file(As on disk on the host) and the destination mount within the container - #Also allows the passing of 'params' which is rw or ro, defaults to rw - #mappings: "{{ mappings + ['type=\"bind\", source=\"' + item.value.src + '\",target=\"' + item.value.dest + '\",readonly=\"' + item.value.readonly | default('false') +'\"'] }}" + # build a list to pass to docker containing the source of the file(As on disk on the host) and the destination mount within the container + # Also allows the passing of 'params' which is rw or ro, defaults to rw + # mappings: "{{ mappings + ['type=\"bind\", source=\"' + item.value.src + '\",target=\"' + item.value.dest + '\",readonly=\"' + item.value.readonly | default('false') +'\"'] }}" mappings: "{{ mappings + [ outer_item.value.src + ':' + outer_item.value.dest + ':' + outer_item.value.params | default('rw') ] }}" with_dict: "{{ item.value.mappings.local }}" loop_control: loop_var: outer_item when: local_Defined == 1 - register: fileChanged + register: file_changed tags: always - name: Set the flag to restart the container if file was changed - set_fact: containerRestart='yes' - when: fileChanged is defined and fileChanged.changed + set_fact: container_restart='yes' + when: file_changed is defined and file_changed.changed tags: always -#----------------------------------/LOCAL---------------------------------- +# ----------------------------------/LOCAL---------------------------------- -#----------------------------------Check ENV---------------------------------- -#If the env varibale isnt defined then dont error out, set the network variable to an empty list +# ----------------------------------Check ENV---------------------------------- +# If the env varibale isnt defined then dont error out, set the network variable to an empty list - name: Setup a blank env variable set_fact: env_checked={} when: item.value.env is not defined @@ -239,16 +236,14 @@ set_fact: env_checked="{{ item.value.env }}" when: item.value.env is defined tags: always -#----------------------------------/Check ENV---------------------------------- - -- name: Restart the container if fileChanged is defined - set_fact: containerRestart1='yes' - when: (containerRestart is defined and containerRestart=='yes') or (item.value.restart is defined and item.value.restart =='yes') - +# ----------------------------------/Check ENV---------------------------------- +- name: Restart the container if file_changed is defined + set_fact: container_restart1='yes' + when: (container_restart is defined and container_restart=='yes') or (item.value.restart is defined and item.value.restart =='yes') - name: "Container {{ container_Name }}" - become: yes + become: true docker_container: name: "{{ container_Name }}" hostname: "{{ item.value.hostname | default(container_Name) }}" @@ -257,7 +252,7 @@ recreate: "{{ item.value.recreate | default('false') }}" image: "{{ item.value.image }}" state: "{{ item.value.start | default ('started') }}" - restart: "{{ containerRestart1 | default ('no') }}" + restart: "{{ container_restart1 | default ('no') }}" restart_policy: "{{ item.value.restart_policy | default ('always') }}" purge_networks: "{{ item.value.purge_networks | default ('yes') }}" networks: "{{ net_checked }}" @@ -267,9 +262,10 @@ network_mode: "{{ item.value.network_mode | default ('default') }}" shm_size: "{{ item.value.shm_size | default ('64M') }}" ports: "{{ item.value.ports | default ([]) }}" - #log_driver: fluentd - #"{{item.value.ports | default ([json-file])}}" - #log_options: + ulimits: "{{ item.value.ulimits | default ('') }}" + # log_driver: fluentd + # "{{item.value.ports | default ([json-file])}}" + # log_options: # fluentd-sub-second-precision: true # tag: myservice - tags: always + tags: always \ No newline at end of file diff --git a/dockerVolume.yml b/dockerVolume.yml index 7e53fec..61f3378 100644 --- a/dockerVolume.yml +++ b/dockerVolume.yml @@ -1,7 +1,7 @@ -#- name: "Checking docker volume {{working_volume_name}}" +# - name: "Checking docker volume {{working_volume_name}}" # debug: msg="Checking docker volume {{working_volume_name}}" -#----------------------------------Local Volume---------------------------------- +# ----------------------------------Local Volume---------------------------------- - set_fact: base_volume_name="local_" tags: always From 7016ab24642fbadfc4323761116d5a72a66635a5 Mon Sep 17 00:00:00 2001 From: Cory Hawkless Date: Mon, 10 Oct 2022 14:40:59 +1030 Subject: [PATCH 2/6] Upd --- dockerContainer.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/dockerContainer.yml b/dockerContainer.yml index 2502422..ad29374 100644 --- a/dockerContainer.yml +++ b/dockerContainer.yml @@ -263,9 +263,4 @@ shm_size: "{{ item.value.shm_size | default ('64M') }}" ports: "{{ item.value.ports | default ([]) }}" ulimits: "{{ item.value.ulimits | default ('') }}" - # log_driver: fluentd - # "{{item.value.ports | default ([json-file])}}" - # log_options: - # fluentd-sub-second-precision: true - # tag: myservice tags: always \ No newline at end of file From 56beaa82083a8da281b5075e5de38f2c6dc4d8e1 Mon Sep 17 00:00:00 2001 From: Cory Hawkvelt Date: Tue, 11 Oct 2022 00:18:19 +1030 Subject: [PATCH 3/6] Rollback ulimits --- dockerContainer.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dockerContainer.yml b/dockerContainer.yml index ad29374..161fad4 100644 --- a/dockerContainer.yml +++ b/dockerContainer.yml @@ -262,5 +262,5 @@ network_mode: "{{ item.value.network_mode | default ('default') }}" shm_size: "{{ item.value.shm_size | default ('64M') }}" ports: "{{ item.value.ports | default ([]) }}" - ulimits: "{{ item.value.ulimits | default ('') }}" + # ulimits: "{{ item.value.ulimits | default ('') }}" tags: always \ No newline at end of file From 3c2d85f4800056daa673026b08fc9fdbaaa472fb Mon Sep 17 00:00:00 2001 From: Cory Hawkvelt Date: Sat, 22 Oct 2022 01:03:01 +1030 Subject: [PATCH 4/6] Add devices --- dockerContainer.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/dockerContainer.yml b/dockerContainer.yml index 161fad4..159eddf 100644 --- a/dockerContainer.yml +++ b/dockerContainer.yml @@ -263,4 +263,5 @@ shm_size: "{{ item.value.shm_size | default ('64M') }}" ports: "{{ item.value.ports | default ([]) }}" # ulimits: "{{ item.value.ulimits | default ('') }}" + devices: "{{ item.value.devices | default ('') }}" tags: always \ No newline at end of file From f0a6a7d51a70862f17091b17a8606a46aaf2bafd Mon Sep 17 00:00:00 2001 From: Cory Hawkvelt Date: Sat, 22 Oct 2022 01:18:28 +1030 Subject: [PATCH 5/6] changed defaultto None --- dockerContainer.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dockerContainer.yml b/dockerContainer.yml index 159eddf..378b629 100644 --- a/dockerContainer.yml +++ b/dockerContainer.yml @@ -263,5 +263,5 @@ shm_size: "{{ item.value.shm_size | default ('64M') }}" ports: "{{ item.value.ports | default ([]) }}" # ulimits: "{{ item.value.ulimits | default ('') }}" - devices: "{{ item.value.devices | default ('') }}" + devices: "{{ item.value.devices | default (None) }}" tags: always \ No newline at end of file From a99dbaee0723324f7f67bb6930f70d41d7f87aa7 Mon Sep 17 00:00:00 2001 From: Cory Hawkvelt Date: Thu, 17 Nov 2022 00:37:48 +1030 Subject: [PATCH 6/6] Includes conditional setting for ulimts and devices --- dockerContainer.yml | 175 +++++++++++++++++++++++++------------------- 1 file changed, 98 insertions(+), 77 deletions(-) diff --git a/dockerContainer.yml b/dockerContainer.yml index 378b629..2f2fd5d 100644 --- a/dockerContainer.yml +++ b/dockerContainer.yml @@ -56,6 +56,7 @@ + #----------------------------------TEMPLATES---------------------------------- #Only copy template files if there are templates defined in the incoming defintion dict - set_fact: templates_Defined=0 @@ -79,13 +80,9 @@ loop_control: loop_var: outer_item when: templates_Defined ==1 and outer_item.value.generic is not defined - register: file_changed tags: always -- name: Set the flag to restart the container if file was changed - set_fact: container_restart='yes' - when: file_changed is defined and file_changed.changed - tags: always - + register: regular_template + notify: Restart container #Copy templates form a generic dir, allow ansible to search - name: "Generic template mappings for {{ container_Name }}" #Files will be copied to the 'config' dir as defined by container_configDir, they will be stored using their template file name but with the '.j2' stripped @@ -95,13 +92,9 @@ loop_control: loop_var: outer_item when: templates_Defined ==1 and outer_item.value.generic is defined - register: file_changed tags: always -- name: Set the flag to restart the container if file was changed - set_fact: container_restart='yes' - when: file_changed is defined and file_changed.changed - tags: always - + register: generic_template + notify: Restart container - name: Append templated files to the mapping list set_fact: #build a list to pass to docker containing the source of the file(As on disk on the host) and the destination mount within the container @@ -141,12 +134,9 @@ loop_control: loop_var: outer_item when: files_Defined == 1 and outer_item.value.generic is not defined and outer_item.value.src_text is not defined - register: file_changed - tags: always -- name: Set the flag to restart the container if file was changed - set_fact: container_restart='yes' - when: file_changed is defined and file_changed.changed tags: always + register: file_copy + notify: Restart container #Copy files from a generic dir, allow ansible to search - name: "Generic File mappings for {{ container_Name }}" #Files will be copied to the 'config' dir as defined by container_configDir, they will be stored using their file name @@ -156,45 +146,41 @@ loop_control: loop_var: outer_item when: files_Defined == 1 and outer_item.value.generic is defined and outer_item.value.src_text is not defined - register: file_changed tags: always -- name: Set the flag to restart the container if file was changed - set_fact: container_restart='yes' - when: file_changed is defined and file_changed.changed - tags: always - -# Create files based on the suplied src_text param + register: generic_copy + notify: Restart container +#Create files based on the suplied src_text param - name: "Text based file creation for {{ container_Name }}" - # Files will be copied to the 'config' dir as defined by container_configDir, they will be stored using their file name - # Need to ensure you dont have duplicate files names here + #Files will be copied to the 'config' dir as defined by container_configDir, they will be stored using their file name + #Need to ensure you dont have duplicate files names here copy: content="{{ outer_item.value.src_text }}" dest="{{ container_configDir }}/{{ outer_item.key }}" mode=0644 with_dict: "{{ item.value.mappings.files }}" loop_control: loop_var: outer_item when: files_Defined == 1 and outer_item.value.src_text is defined - register: file_changed - tags: always -- name: Set the flag to restart the container if file was changed - set_fact: container_restart='yes' - when: file_changed is defined and file_changed.changed tags: always + register: text_copy + notify: Restart container - name: Append static remote files to the mapping list set_fact: - # build a list to pass to docker containing the source of the file(As on disk on the host) and the destination mount within the container - # Also allows the passing of 'params' which is rw or ro, defaults to rw + #build a list to pass to docker containing the source of the file(As on disk on the host) and the destination mount within the container + #Also allows the passing of 'params' which is rw or ro, defaults to rw mappings: "{{ mappings + [ container_configDir + outer_item.key + ':' + outer_item.value.dest + ':' + outer_item.value.params | default('rw') ] }}" with_dict: "{{ item.value.mappings.files }}" loop_control: loop_var: outer_item when: files_Defined == 1 tags: always -# ----------------------------------/FILES---------------------------------- +#----------------------------------/FILES---------------------------------- -# ----------------------------------LOCAL---------------------------------- -# Local files alreeady exist on the host, commonly local time and or netns for namespace, could also be locl disk drives? -# Nothing gets copied for local mappings, just defintiions added to the mapping list -# Only copy files if there are local files defined in the incoming defintion dict + + + +#----------------------------------LOCAL---------------------------------- +#Local files alreeady exist on the host, commonly local time and or netns for namespace, could also be locl disk drives? +#Nothing gets copied for local mappings, just defintiions added to the mapping list +#Only copy files if there are local files defined in the incoming defintion dict - set_fact: local_Defined=0 tags: always - name: Check if Local files have been defined or not @@ -202,32 +188,25 @@ local_Defined: 1 when: item.value.mappings.local is defined tags: always -# - debug: msg="local not defined" +#- debug: msg="local not defined" # when: local_Defined is not defined - name: Append static local files to the mapping list set_fact: - # build a list to pass to docker containing the source of the file(As on disk on the host) and the destination mount within the container - # Also allows the passing of 'params' which is rw or ro, defaults to rw - # mappings: "{{ mappings + ['type=\"bind\", source=\"' + item.value.src + '\",target=\"' + item.value.dest + '\",readonly=\"' + item.value.readonly | default('false') +'\"'] }}" + #build a list to pass to docker containing the source of the file(As on disk on the host) and the destination mount within the container + #Also allows the passing of 'params' which is rw or ro, defaults to rw + #mappings: "{{ mappings + ['type=\"bind\", source=\"' + item.value.src + '\",target=\"' + item.value.dest + '\",readonly=\"' + item.value.readonly | default('false') +'\"'] }}" mappings: "{{ mappings + [ outer_item.value.src + ':' + outer_item.value.dest + ':' + outer_item.value.params | default('rw') ] }}" with_dict: "{{ item.value.mappings.local }}" loop_control: loop_var: outer_item when: local_Defined == 1 - register: file_changed tags: always - -- name: Set the flag to restart the container if file was changed - set_fact: container_restart='yes' - when: file_changed is defined and file_changed.changed - tags: always - -# ----------------------------------/LOCAL---------------------------------- +#----------------------------------/LOCAL---------------------------------- -# ----------------------------------Check ENV---------------------------------- -# If the env varibale isnt defined then dont error out, set the network variable to an empty list +#----------------------------------Check ENV---------------------------------- +#If the env varibale isnt defined then dont error out, set the network variable to an empty list - name: Setup a blank env variable set_fact: env_checked={} when: item.value.env is not defined @@ -236,32 +215,74 @@ set_fact: env_checked="{{ item.value.env }}" when: item.value.env is defined tags: always -# ----------------------------------/Check ENV---------------------------------- +#----------------------------------/Check ENV---------------------------------- -- name: Restart the container if file_changed is defined - set_fact: container_restart1='yes' - when: (container_restart is defined and container_restart=='yes') or (item.value.restart is defined and item.value.restart =='yes') +- name: Setup default values for this container + set_fact: + default: + name: "{{ container_Name }}" + hostname: "{{ item.value.hostname | default(container_Name) }}" + command: "{{ item.value.command | default('') }}" + pull: "{{ item.value.pull | default('false') }}" + recreate: "{{ item.value.recreate | default('false') }}" + image: "{{ item.value.image }}" + state: "{{ item.value.start | default ('started') }}" + restart: "{{ item.value.restart | default ('no') }}" + restart_policy: "{{ item.value.restart_policy | default ('always') }}" + purge_networks: "{{ item.value.purge_networks | default ('yes') }}" + networks: "{{ net_checked }}" + volumes: "{{ mappings }}" + env: "{{ env_checked }}" + privileged: "{{ item.value.privileged | default ('no') }}" + network_mode: "{{ item.value.network_mode | default ('default') }}" + shm_size: "{{ item.value.shm_size | default ('64M') }}" + ports: "{{ item.value.ports | default ([]) }}" + + tags: always + +- name: Setup devices_override blank + set_fact: + devices_override: + tags: always + +- name: Setup ulimit_override blank + set_fact: + ulimit_override: + tags: always + +#----------Merge ulimits-------------- +- name: Apply conditional override + set_fact: + ulimit_override: + ulimits: "{{ item.value.ulimits }}" + when: item.value.ulimits is defined + tags: always + +- name: Merge the two lists + set_fact: + ulimits_merged: "{{ default | combine(ulimit_override, recursive=true) }}" + tags: always + +#----------Merge devices-------------- +- name: Apply conditional override + set_fact: + devices_override: + devices: "{{ item.value.devices }}" + when: item.value.devices is defined + tags: always + +- name: Merge the two lists + set_fact: + final_merged: "{{ ulimits_merged | combine(devices_override, recursive=true) }}" + tags: always + +- name: debug value + debug: + msg: "{{final_merged}}" + tags: always - name: "Container {{ container_Name }}" become: true - docker_container: - name: "{{ container_Name }}" - hostname: "{{ item.value.hostname | default(container_Name) }}" - command: "{{ item.value.command | default('') }}" - pull: "{{ item.value.pull | default('false') }}" - recreate: "{{ item.value.recreate | default('false') }}" - image: "{{ item.value.image }}" - state: "{{ item.value.start | default ('started') }}" - restart: "{{ container_restart1 | default ('no') }}" - restart_policy: "{{ item.value.restart_policy | default ('always') }}" - purge_networks: "{{ item.value.purge_networks | default ('yes') }}" - networks: "{{ net_checked }}" - volumes: "{{ mappings }}" - env: "{{ env_checked }}" - privileged: "{{ item.value.privileged | default ('no') }}" - network_mode: "{{ item.value.network_mode | default ('default') }}" - shm_size: "{{ item.value.shm_size | default ('64M') }}" - ports: "{{ item.value.ports | default ([]) }}" - # ulimits: "{{ item.value.ulimits | default ('') }}" - devices: "{{ item.value.devices | default (None) }}" - tags: always \ No newline at end of file + docker_container: "{{ final_merged }}" + tags: always +