From nobody Thu Apr 25 10:53:27 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=patchew-devel-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=patchew-devel-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1675763640; cv=none; d=zohomail.com; s=zohoarc; b=Hz1/DNVgfDFOP4U+TGnuyr4rsuxOJ9TWLpE+ImjWZOEWkZV1tuppJh8+9k9x7zMcSbQyJ3lkHdodJRFZmX8GCAOnVHdarfEFMhiNNDCbDNSDaRo+i8AKPHnExNwSR2HdlulOghVtPB9OhZetnSU+STnICYXmzc0Msa/rB20wxGE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675763640; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=jI8GE8f4uy1WFlTXQ/1kUpQvp/MymUOBeLFdFrLx41c=; b=Q//vaogP6ODx5AyoL8sgO4W70apTe0cJ++sWGl0NBQaBrrqfS+RvbLBRFKxGYwS/OC9w1eZ4ste7HR5xOrsFq4jz//rQmx5RjJs8YMVDlFLck/85yK3bgEm1JoITW3+YQu/gIasnyEmSi/pENNdYLRWBQnZUGIbdeWPHumeC6EE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=patchew-devel-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1675763640312784.594583054928; Tue, 7 Feb 2023 01:54:00 -0800 (PST) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-673-Czc4VO98PPSYL9itj8pmTA-1; Tue, 07 Feb 2023 04:53:56 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C64471C0A584; Tue, 7 Feb 2023 09:53:55 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id BD87F1121314; Tue, 7 Feb 2023 09:53:55 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id AA6C71946594; Tue, 7 Feb 2023 09:53:50 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 7CD9E1946589 for ; Tue, 7 Feb 2023 09:53:37 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 536A914171B8; Tue, 7 Feb 2023 09:53:37 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast05.extmail.prod.ext.rdu2.redhat.com [10.11.55.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 4BA4F14171B6 for ; Tue, 7 Feb 2023 09:53:37 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 2EB1985C6F4 for ; Tue, 7 Feb 2023 09:53:37 +0000 (UTC) Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_128_GCM_SHA256) id us-mta-613-Fra4WLm-OLuvlfYqzSne6w-1; Tue, 07 Feb 2023 04:53:35 -0500 Received: by mail-ed1-f70.google.com with SMTP id s3-20020a50ab03000000b0049ec3a108beso9578428edc.7 for ; Tue, 07 Feb 2023 01:53:35 -0800 (PST) Received: from avogadro.local ([2001:b07:6468:f312:9af8:e5f5:7516:fa89]) by smtp.gmail.com with ESMTPSA id u26-20020aa7d55a000000b004a0b0cd2e45sm6194387edr.75.2023.02.07.01.53.33 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Feb 2023 01:53:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1675763639; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=jI8GE8f4uy1WFlTXQ/1kUpQvp/MymUOBeLFdFrLx41c=; b=dB2zjAIUWf6dq1CPPx9NvSFE4OFmMkq/lA44GEUafOIUxLfuUjMlFKofd2QIxltphXG7gJ 4NXN9zejA/mijcnR+9fVOGaCE9JJEg+RopS7s04Uqxy2ThXQ8Y0S/5aRfPWswSWicgr4Ta Cwp6jm2KFB5NkJoFkDZXnhVoWb0Sji0= X-MC-Unique: Czc4VO98PPSYL9itj8pmTA-1 X-Original-To: patchew-devel@listman.corp.redhat.com X-MC-Unique: Fra4WLm-OLuvlfYqzSne6w-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hOjwhSmPn8ute01r7SQZde2hVgSIR9uy7jVDDBK7QhA=; b=o+cLJfIxM6r1HLl0IzK8wpBcI/IhnSPGlqWE9afTKKLSWXCC4wNtyaHoOpRWGYeBNO uGF3KsKP+eEjUp3m9K/+8J/1Nus662LXq/EoS1XC4V8af55qeuTo5Hom2mZGgt/NHnaz WXWGZQyROsCAqH415PYOKgTbVbomMv6Bb9/mb1Iw0MdS3feZEcyyW+3UZDs/JHMn+zuX ilG4EGKVHP/wCcS1uWXpfOc1LlXEObAps521yWy9Y6egzJkJfYUqTzQrc2Zq4+tXqkXj Z4U2tvkHPwukl++HmytdWi1YnIo/SJW4j9R052e/0eN4wOJwUfzmDu8C2VQH2UZEzjCb Pq9w== X-Gm-Message-State: AO0yUKWSNQ0s636dHxFgDJXLDUQDExkkadmLfp1kaHYyYfbMb4JLLOeo uW1uyPc/EiwiNQviR5HG5W4KmZdAt7bh7IpwiXRGrzf521XbzXY7HHsh2ap5m3ahp/eVlAympam aNa/ldugOaeHTkmeopMsAI5DN6YhKJzVP+Gl1VRYLEKH/qLPQMpafbnaYWZbggh1ryHr8ZsmyKX 63o5U= X-Received: by 2002:a50:d695:0:b0:49d:a87f:ba7b with SMTP id r21-20020a50d695000000b0049da87fba7bmr2998222edi.39.1675763614486; Tue, 07 Feb 2023 01:53:34 -0800 (PST) X-Google-Smtp-Source: AK7set/Ejs+uDBEnBXpWGk6CFnmGytvBf+XH2/dsXMdSlT2gffJjO++kyg+RbiBKHTsqNY6TsaQ9aA== X-Received: by 2002:a50:d695:0:b0:49d:a87f:ba7b with SMTP id r21-20020a50d695000000b0049da87fba7bmr2998199edi.39.1675763614112; Tue, 07 Feb 2023 01:53:34 -0800 (PST) From: Paolo Bonzini To: patchew-devel@redhat.com Date: Tue, 7 Feb 2023 10:53:18 +0100 Message-Id: <20230207095318.57814-6-pbonzini@redhat.com> In-Reply-To: <20230207095318.57814-1-pbonzini@redhat.com> References: <20230207095318.57814-1-pbonzini@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 Subject: [Patchew-devel] [PATCH 5/5] playbooks: switch from docker to podman X-BeenThere: patchew-devel@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Patchew development and discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: patchew-devel-bounces@redhat.com Sender: "Patchew-devel" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1675763641270100001 Content-Type: text/plain; charset="utf-8" This has been tested on a CentOS Stream 9 host. Signed-off-by: Paolo Bonzini --- scripts/playbooks/deploy-appliers.yml | 2 +- scripts/playbooks/deploy-db.yml | 7 ++- scripts/playbooks/deploy-importers-lore.yml | 4 +- scripts/playbooks/deploy-importers.yml | 2 +- scripts/playbooks/deploy-servers.yml | 10 +++- .../{docker-deploy.yml =3D> podman-deploy.yml} | 55 ++++++++++--------- .../{docker.service.j2 =3D> podman.service.j2} | 12 ++-- 7 files changed, 50 insertions(+), 42 deletions(-) rename scripts/playbooks/tasks/{docker-deploy.yml =3D> podman-deploy.yml} = (45%) rename scripts/playbooks/templates/{docker.service.j2 =3D> podman.service.= j2} (38%) diff --git a/scripts/playbooks/deploy-appliers.yml b/scripts/playbooks/depl= oy-appliers.yml index fa5118e..863c167 100644 --- a/scripts/playbooks/deploy-appliers.yml +++ b/scripts/playbooks/deploy-appliers.yml @@ -47,6 +47,6 @@ template: src: "templates/applier-config.j2" dest: "{{ config_file }}" - - import_tasks: tasks/docker-deploy.yml + - import_tasks: tasks/podman-deploy.yml vars: instance_role: applier diff --git a/scripts/playbooks/deploy-db.yml b/scripts/playbooks/deploy-db.= yml index 2bb514f..daac7b5 100644 --- a/scripts/playbooks/deploy-db.yml +++ b/scripts/playbooks/deploy-db.yml @@ -12,11 +12,16 @@ base_dir: "{{ container_dir }}/{{ instance_name }}" src_dir: "{{ base_dir }}/src" data_dir: "{{ base_dir }}/data" + podman_run_args: "--net patchew" tasks: - name: Create data dir file: path: "{{ data_dir }}" state: directory - - import_tasks: tasks/docker-deploy.yml + - name: Create podman network + containers.podman.podman_network: + name: patchew + become: true + - import_tasks: tasks/podman-deploy.yml vars: instance_role: db diff --git a/scripts/playbooks/deploy-importers-lore.yml b/scripts/playbook= s/deploy-importers-lore.yml index 0ccbf8e..ab76ba6 100644 --- a/scripts/playbooks/deploy-importers-lore.yml +++ b/scripts/playbooks/deploy-importers-lore.yml @@ -28,7 +28,7 @@ src_dir: "{{ base_dir }}/src" data_dir: "{{ base_dir }}/data" config_file: "{{ data_dir }}/config" - docker_run_args: "--init" + podman_run_args: "--init" tasks: - name: Create data dir file: @@ -38,6 +38,6 @@ template: src: "templates/importer-lore-config.j2" dest: "{{ config_file }}" - - import_tasks: tasks/docker-deploy.yml + - import_tasks: tasks/podman-deploy.yml vars: instance_role: importer-lore diff --git a/scripts/playbooks/deploy-importers.yml b/scripts/playbooks/dep= loy-importers.yml index 1ef6c80..3711dbd 100644 --- a/scripts/playbooks/deploy-importers.yml +++ b/scripts/playbooks/deploy-importers.yml @@ -58,6 +58,6 @@ template: src: "templates/importer-config.j2" dest: "{{ config_file }}" - - import_tasks: tasks/docker-deploy.yml + - import_tasks: tasks/podman-deploy.yml vars: instance_role: importer diff --git a/scripts/playbooks/deploy-servers.yml b/scripts/playbooks/deplo= y-servers.yml index bf709a0..6b81f9a 100644 --- a/scripts/playbooks/deploy-servers.yml +++ b/scripts/playbooks/deploy-servers.yml @@ -25,19 +25,23 @@ src_dir: "{{ base_dir }}/src" data_dir: "{{ base_dir }}/data" db_arg: "{{ '-e PATCHEW_DB_PORT_5432_TCP_ADDR=3D' if db_host !=3D '' e= lse '' }}{{ db_host }}" - docker_run_args: "--link {{ instance_name }}-db:patchew-db {{db_arg}}" + podman_run_args: "--net patchew {{db_arg}}" tasks: - name: Create data dir file: path: "{{ data_dir }}" state: directory - - import_tasks: tasks/docker-deploy.yml + - name: Create podman network + containers.podman.podman_network: + name: patchew + become: true + - import_tasks: tasks/podman-deploy.yml vars: instance_role: server - name: Create superuser when: superuser_name !=3D "" shell: | - docker exec -i {{ instance_name }} bash -c " + podman exec -i {{ instance_name }} bash -c " cd /opt/patchew && . venv/bin/activate && ./manage.py migrate && diff --git a/scripts/playbooks/tasks/docker-deploy.yml b/scripts/playbooks/= tasks/podman-deploy.yml similarity index 45% rename from scripts/playbooks/tasks/docker-deploy.yml rename to scripts/playbooks/tasks/podman-deploy.yml index 2cd2f32..6d7792f 100644 --- a/scripts/playbooks/tasks/docker-deploy.yml +++ b/scripts/playbooks/tasks/podman-deploy.yml @@ -4,27 +4,17 @@ name: rsync - name: Install pip package: - name: python-pip -- name: Install docker + name: python3-pip +- name: Install podman package: - name: docker -- name: Start docker daemon - service: - name: docker - state: started -- name: Install docker python library for ansible - pip: - name: docker-py -- name: Install SELinux python bindings (for systemd setup) - package: - name: libselinux-python + name: podman - name: Stop systemd service for "{{ instance_name }}" service: name: "{{ instance_name }}" state: stopped ignore_errors: yes -- name: Stop docker instance - docker_container: +- name: Stop podman instance + containers.podman.podman_container: name: "{{ instance_name }}" state: absent - name: Create patchew data folder @@ -40,27 +30,38 @@ owner: no delete: yes rsync_opts: + - "--exclude=3D__pycache__" - "--exclude=3D*.pyc" - - "--exclude=3D*.swp" + - "--exclude=3D*.pyo" + - "--exclude=3D*.sw*" - "--exclude=3D/venv" -- name: Delete old docker image stash - docker_image: - force_absent: yes +- name: Check for existing backup image + containers.podman.podman_image_info: name: "patchew:{{ instance_name }}-prev" - state: absent -- name: Stash docker image - shell: docker tag "patchew:{{ instance_name }}" "patchew:{{ instance_nam= e }}-prev" || true -- name: Rebuild docker image - # docker_image module doesn't work on Fedora - shell: docker build -t "patchew:{{ instance_name }}" -f "{{ src_dir }}/s= cripts/dockerfiles/{{ instance_role }}.docker" "{{ src_dir }}" + register: prev_image +- name: Delete old podman image stash + shell: "podman untag 'patchew:{{ instance_name }}-prev'" + when: prev_image.images +- name: Check for existing image + containers.podman.podman_image_info: + name: "patchew:{{ instance_name }}" + register: current_image +- name: Stash podman image + containers.podman.podman_tag: + image: "patchew:{{ instance_name }}" + target_names: "patchew:{{ instance_name }}-prev" + when: current_image.images +- name: Rebuild podman image + # docker_image module wants a file named Dockerfile + shell: "podman build -t 'patchew:{{ instance_name }}' -f '{{ src_dir }}/= scripts/dockerfiles/{{ instance_role }}.docker' '{{ src_dir }}'" - name: Install systemd service template: - src: "templates/docker.service.j2" + src: "templates/podman.service.j2" dest: "/etc/systemd/system/{{ instance_name }}.service" - name: Systemd daemon reload systemd: daemon_reload: yes -- name: Start docker instance +- name: Start podman instance service: name: "{{ instance_name }}" state: restarted diff --git a/scripts/playbooks/templates/docker.service.j2 b/scripts/playbo= oks/templates/podman.service.j2 similarity index 38% rename from scripts/playbooks/templates/docker.service.j2 rename to scripts/playbooks/templates/podman.service.j2 index 85dd9d2..e1edfb9 100644 --- a/scripts/playbooks/templates/docker.service.j2 +++ b/scripts/playbooks/templates/podman.service.j2 @@ -1,18 +1,18 @@ [Unit] -Description=3DPatchew docker instance control service for {{ instance_name= }} -Requires=3Ddocker.service -After=3Ddocker.service +Description=3DPatchew podman instance control service for {{ instance_name= }} +Requires=3Dnetwork.target +After=3Dnetwork.target StartLimitIntervalSec=3D0 =20 [Service] Restart=3Dalways -ExecStartPre=3D-/usr/bin/docker stop {{ instance_name }} ; -/usr/bin/docke= r rm {{ instance_name }} -ExecStart=3D/usr/bin/docker run --privileged --name {{ instance_name }} \ +ExecStartPre=3D-podman stop {{ instance_name }} ; -podman rm {{ instance_n= ame }} +ExecStart=3Dpodman run --privileged --name {{ instance_name }} \ -v {{ data_dir }}:/data/patchew:rw \ -e PATCHEW_DATA_DIR=3D/data/patchew \ - {{ docker_run_args | default() }} \ + {{ podman_run_args | default() }} \ patchew:{{ instance_name }} -ExecStop=3D/usr/bin/docker stop -t 10 {{ instance_name }} +ExecStop=3Dpodman stop -t 10 {{ instance_name }} RestartSec=3D60 =20 [Install] --=20 2.38.1 _______________________________________________ Patchew-devel mailing list Patchew-devel@redhat.com https://listman.redhat.com/mailman/listinfo/patchew-devel