From a99dbaee0723324f7f67bb6930f70d41d7f87aa7 Mon Sep 17 00:00:00 2001 From: Cory Hawkvelt Date: Thu, 17 Nov 2022 00:37:48 +1030 Subject: [PATCH] Includes conditional setting for ulimts and devices --- dockerContainer.yml | 175 +++++++++++++++++++++++++------------------- 1 file changed, 98 insertions(+), 77 deletions(-) diff --git a/dockerContainer.yml b/dockerContainer.yml index 378b629..2f2fd5d 100644 --- a/dockerContainer.yml +++ b/dockerContainer.yml @@ -56,6 +56,7 @@ + #----------------------------------TEMPLATES---------------------------------- #Only copy template files if there are templates defined in the incoming defintion dict - set_fact: templates_Defined=0 @@ -79,13 +80,9 @@ loop_control: loop_var: outer_item when: templates_Defined ==1 and outer_item.value.generic is not defined - register: file_changed tags: always -- name: Set the flag to restart the container if file was changed - set_fact: container_restart='yes' - when: file_changed is defined and file_changed.changed - tags: always - + register: regular_template + notify: Restart container #Copy templates form a generic dir, allow ansible to search - name: "Generic template mappings for {{ container_Name }}" #Files will be copied to the 'config' dir as defined by container_configDir, they will be stored using their template file name but with the '.j2' stripped @@ -95,13 +92,9 @@ loop_control: loop_var: outer_item when: templates_Defined ==1 and outer_item.value.generic is defined - register: file_changed tags: always -- name: Set the flag to restart the container if file was changed - set_fact: container_restart='yes' - when: file_changed is defined and file_changed.changed - tags: always - + register: generic_template + notify: Restart container - name: Append templated files to the mapping list set_fact: #build a list to pass to docker containing the source of the file(As on disk on the host) and the destination mount within the container @@ -141,12 +134,9 @@ loop_control: loop_var: outer_item when: files_Defined == 1 and outer_item.value.generic is not defined and outer_item.value.src_text is not defined - register: file_changed - tags: always -- name: Set the flag to restart the container if file was changed - set_fact: container_restart='yes' - when: file_changed is defined and file_changed.changed tags: always + register: file_copy + notify: Restart container #Copy files from a generic dir, allow ansible to search - name: "Generic File mappings for {{ container_Name }}" #Files will be copied to the 'config' dir as defined by container_configDir, they will be stored using their file name @@ -156,45 +146,41 @@ loop_control: loop_var: outer_item when: files_Defined == 1 and outer_item.value.generic is defined and outer_item.value.src_text is not defined - register: file_changed tags: always -- name: Set the flag to restart the container if file was changed - set_fact: container_restart='yes' - when: file_changed is defined and file_changed.changed - tags: always - -# Create files based on the suplied src_text param + register: generic_copy + notify: Restart container +#Create files based on the suplied src_text param - name: "Text based file creation for {{ container_Name }}" - # Files will be copied to the 'config' dir as defined by container_configDir, they will be stored using their file name - # Need to ensure you dont have duplicate files names here + #Files will be copied to the 'config' dir as defined by container_configDir, they will be stored using their file name + #Need to ensure you dont have duplicate files names here copy: content="{{ outer_item.value.src_text }}" dest="{{ container_configDir }}/{{ outer_item.key }}" mode=0644 with_dict: "{{ item.value.mappings.files }}" loop_control: loop_var: outer_item when: files_Defined == 1 and outer_item.value.src_text is defined - register: file_changed - tags: always -- name: Set the flag to restart the container if file was changed - set_fact: container_restart='yes' - when: file_changed is defined and file_changed.changed tags: always + register: text_copy + notify: Restart container - name: Append static remote files to the mapping list set_fact: - # build a list to pass to docker containing the source of the file(As on disk on the host) and the destination mount within the container - # Also allows the passing of 'params' which is rw or ro, defaults to rw + #build a list to pass to docker containing the source of the file(As on disk on the host) and the destination mount within the container + #Also allows the passing of 'params' which is rw or ro, defaults to rw mappings: "{{ mappings + [ container_configDir + outer_item.key + ':' + outer_item.value.dest + ':' + outer_item.value.params | default('rw') ] }}" with_dict: "{{ item.value.mappings.files }}" loop_control: loop_var: outer_item when: files_Defined == 1 tags: always -# ----------------------------------/FILES---------------------------------- +#----------------------------------/FILES---------------------------------- -# ----------------------------------LOCAL---------------------------------- -# Local files alreeady exist on the host, commonly local time and or netns for namespace, could also be locl disk drives? -# Nothing gets copied for local mappings, just defintiions added to the mapping list -# Only copy files if there are local files defined in the incoming defintion dict + + + +#----------------------------------LOCAL---------------------------------- +#Local files alreeady exist on the host, commonly local time and or netns for namespace, could also be locl disk drives? +#Nothing gets copied for local mappings, just defintiions added to the mapping list +#Only copy files if there are local files defined in the incoming defintion dict - set_fact: local_Defined=0 tags: always - name: Check if Local files have been defined or not @@ -202,32 +188,25 @@ local_Defined: 1 when: item.value.mappings.local is defined tags: always -# - debug: msg="local not defined" +#- debug: msg="local not defined" # when: local_Defined is not defined - name: Append static local files to the mapping list set_fact: - # build a list to pass to docker containing the source of the file(As on disk on the host) and the destination mount within the container - # Also allows the passing of 'params' which is rw or ro, defaults to rw - # mappings: "{{ mappings + ['type=\"bind\", source=\"' + item.value.src + '\",target=\"' + item.value.dest + '\",readonly=\"' + item.value.readonly | default('false') +'\"'] }}" + #build a list to pass to docker containing the source of the file(As on disk on the host) and the destination mount within the container + #Also allows the passing of 'params' which is rw or ro, defaults to rw + #mappings: "{{ mappings + ['type=\"bind\", source=\"' + item.value.src + '\",target=\"' + item.value.dest + '\",readonly=\"' + item.value.readonly | default('false') +'\"'] }}" mappings: "{{ mappings + [ outer_item.value.src + ':' + outer_item.value.dest + ':' + outer_item.value.params | default('rw') ] }}" with_dict: "{{ item.value.mappings.local }}" loop_control: loop_var: outer_item when: local_Defined == 1 - register: file_changed tags: always - -- name: Set the flag to restart the container if file was changed - set_fact: container_restart='yes' - when: file_changed is defined and file_changed.changed - tags: always - -# ----------------------------------/LOCAL---------------------------------- +#----------------------------------/LOCAL---------------------------------- -# ----------------------------------Check ENV---------------------------------- -# If the env varibale isnt defined then dont error out, set the network variable to an empty list +#----------------------------------Check ENV---------------------------------- +#If the env varibale isnt defined then dont error out, set the network variable to an empty list - name: Setup a blank env variable set_fact: env_checked={} when: item.value.env is not defined @@ -236,32 +215,74 @@ set_fact: env_checked="{{ item.value.env }}" when: item.value.env is defined tags: always -# ----------------------------------/Check ENV---------------------------------- +#----------------------------------/Check ENV---------------------------------- -- name: Restart the container if file_changed is defined - set_fact: container_restart1='yes' - when: (container_restart is defined and container_restart=='yes') or (item.value.restart is defined and item.value.restart =='yes') +- name: Setup default values for this container + set_fact: + default: + name: "{{ container_Name }}" + hostname: "{{ item.value.hostname | default(container_Name) }}" + command: "{{ item.value.command | default('') }}" + pull: "{{ item.value.pull | default('false') }}" + recreate: "{{ item.value.recreate | default('false') }}" + image: "{{ item.value.image }}" + state: "{{ item.value.start | default ('started') }}" + restart: "{{ item.value.restart | default ('no') }}" + restart_policy: "{{ item.value.restart_policy | default ('always') }}" + purge_networks: "{{ item.value.purge_networks | default ('yes') }}" + networks: "{{ net_checked }}" + volumes: "{{ mappings }}" + env: "{{ env_checked }}" + privileged: "{{ item.value.privileged | default ('no') }}" + network_mode: "{{ item.value.network_mode | default ('default') }}" + shm_size: "{{ item.value.shm_size | default ('64M') }}" + ports: "{{ item.value.ports | default ([]) }}" + + tags: always + +- name: Setup devices_override blank + set_fact: + devices_override: + tags: always + +- name: Setup ulimit_override blank + set_fact: + ulimit_override: + tags: always + +#----------Merge ulimits-------------- +- name: Apply conditional override + set_fact: + ulimit_override: + ulimits: "{{ item.value.ulimits }}" + when: item.value.ulimits is defined + tags: always + +- name: Merge the two lists + set_fact: + ulimits_merged: "{{ default | combine(ulimit_override, recursive=true) }}" + tags: always + +#----------Merge devices-------------- +- name: Apply conditional override + set_fact: + devices_override: + devices: "{{ item.value.devices }}" + when: item.value.devices is defined + tags: always + +- name: Merge the two lists + set_fact: + final_merged: "{{ ulimits_merged | combine(devices_override, recursive=true) }}" + tags: always + +- name: debug value + debug: + msg: "{{final_merged}}" + tags: always - name: "Container {{ container_Name }}" become: true - docker_container: - name: "{{ container_Name }}" - hostname: "{{ item.value.hostname | default(container_Name) }}" - command: "{{ item.value.command | default('') }}" - pull: "{{ item.value.pull | default('false') }}" - recreate: "{{ item.value.recreate | default('false') }}" - image: "{{ item.value.image }}" - state: "{{ item.value.start | default ('started') }}" - restart: "{{ container_restart1 | default ('no') }}" - restart_policy: "{{ item.value.restart_policy | default ('always') }}" - purge_networks: "{{ item.value.purge_networks | default ('yes') }}" - networks: "{{ net_checked }}" - volumes: "{{ mappings }}" - env: "{{ env_checked }}" - privileged: "{{ item.value.privileged | default ('no') }}" - network_mode: "{{ item.value.network_mode | default ('default') }}" - shm_size: "{{ item.value.shm_size | default ('64M') }}" - ports: "{{ item.value.ports | default ([]) }}" - # ulimits: "{{ item.value.ulimits | default ('') }}" - devices: "{{ item.value.devices | default (None) }}" - tags: always \ No newline at end of file + docker_container: "{{ final_merged }}" + tags: always +