218 lines
5.7 KiB
YAML
218 lines
5.7 KiB
YAML
---
|
||
- name: Integrated Podman Setup - Remove Docker, Install and Configure Podman with Compose for Nomad
|
||
hosts: all
|
||
become: yes
|
||
gather_facts: yes
|
||
|
||
tasks:
|
||
- name: 显示当前处理的节点
|
||
debug:
|
||
msg: "🔧 开始集成 Podman 设置: {{ inventory_hostname }}"
|
||
|
||
- name: 检查 Docker 服务状态
|
||
shell: systemctl is-active docker 2>/dev/null || echo "inactive"
|
||
register: docker_status
|
||
changed_when: false
|
||
|
||
- name: 停止 Docker 服务
|
||
systemd:
|
||
name: docker
|
||
state: stopped
|
||
enabled: no
|
||
ignore_errors: yes
|
||
when: docker_status.stdout == "active"
|
||
|
||
- name: 停止 Docker socket
|
||
systemd:
|
||
name: docker.socket
|
||
state: stopped
|
||
enabled: no
|
||
ignore_errors: yes
|
||
|
||
- name: 移除 Docker 相关包
|
||
apt:
|
||
name:
|
||
- docker-ce
|
||
- docker-ce-cli
|
||
- containerd.io
|
||
- docker-buildx-plugin
|
||
- docker-compose-plugin
|
||
- docker.io
|
||
- docker-doc
|
||
- docker-compose
|
||
- docker-registry
|
||
- containerd
|
||
- runc
|
||
state: absent
|
||
purge: yes
|
||
ignore_errors: yes
|
||
|
||
- name: 清理 Docker 数据目录
|
||
file:
|
||
path: "{{ item }}"
|
||
state: absent
|
||
loop:
|
||
- /var/lib/docker
|
||
- /var/lib/containerd
|
||
- /etc/docker
|
||
- /etc/containerd
|
||
ignore_errors: yes
|
||
|
||
- name: 清理 Docker 用户组
|
||
group:
|
||
name: docker
|
||
state: absent
|
||
ignore_errors: yes
|
||
|
||
- name: 更新包缓存
|
||
apt:
|
||
update_cache: yes
|
||
cache_valid_time: 3600
|
||
|
||
- name: 安装 Podman 及相关工具
|
||
apt:
|
||
name:
|
||
- podman
|
||
- buildah
|
||
- skopeo
|
||
- python3-pip
|
||
- python3-setuptools
|
||
state: present
|
||
retries: 3
|
||
delay: 10
|
||
|
||
- name: 安装 Podman Compose via pip
|
||
pip:
|
||
name: podman-compose
|
||
state: present
|
||
ignore_errors: yes
|
||
|
||
- name: 启用 Podman socket 服务
|
||
systemd:
|
||
name: podman.socket
|
||
enabled: yes
|
||
state: started
|
||
ignore_errors: yes
|
||
|
||
- name: 创建 Podman 用户服务目录
|
||
file:
|
||
path: /etc/systemd/user
|
||
state: directory
|
||
mode: '0755'
|
||
|
||
- name: 验证 Podman 安装
|
||
shell: podman --version
|
||
register: podman_version
|
||
|
||
- name: 验证 Podman Compose 安装
|
||
shell: podman-compose --version 2>/dev/null || echo "未安装"
|
||
register: podman_compose_version
|
||
|
||
- name: 检查 Docker 清理状态
|
||
shell: systemctl is-active docker 2>/dev/null || echo "已移除"
|
||
register: final_docker_status
|
||
|
||
- name: 显示 Docker 移除和 Podman 安装结果
|
||
debug:
|
||
msg: |
|
||
✅ 节点 {{ inventory_hostname }} Docker 移除和 Podman 安装完成
|
||
🐳 Docker 状态: {{ final_docker_status.stdout }}
|
||
📦 Podman 版本: {{ podman_version.stdout }}
|
||
🔧 Compose 状态: {{ podman_compose_version.stdout }}
|
||
|
||
- name: 创建 Podman 系统配置目录
|
||
file:
|
||
path: /etc/containers
|
||
state: directory
|
||
mode: '0755'
|
||
|
||
- name: 配置 Podman 使用系统 socket
|
||
copy:
|
||
content: |
|
||
[engine]
|
||
# 使用系统级 socket 而不是用户级 socket
|
||
active_service = "system"
|
||
[engine.service_destinations]
|
||
[engine.service_destinations.system]
|
||
uri = "unix:///run/podman/podman.sock"
|
||
dest: /etc/containers/containers.conf
|
||
mode: '0644'
|
||
|
||
- name: 检查是否存在 nomad 用户
|
||
getent:
|
||
database: passwd
|
||
key: nomad
|
||
register: nomad_user_check
|
||
ignore_errors: yes
|
||
|
||
- name: 为 nomad 用户创建配置目录
|
||
file:
|
||
path: "/home/nomad/.config/containers"
|
||
state: directory
|
||
owner: nomad
|
||
group: nomad
|
||
mode: '0755'
|
||
when: nomad_user_check is succeeded
|
||
|
||
- name: 为 nomad 用户配置 Podman
|
||
copy:
|
||
content: |
|
||
[engine]
|
||
active_service = "system"
|
||
[engine.service_destinations]
|
||
[engine.service_destinations.system]
|
||
uri = "unix:///run/podman/podman.sock"
|
||
dest: /home/nomad/.config/containers/containers.conf
|
||
owner: nomad
|
||
group: nomad
|
||
mode: '0644'
|
||
when: nomad_user_check is succeeded
|
||
|
||
- name: 将 nomad 用户添加到 podman 组
|
||
user:
|
||
name: nomad
|
||
groups: podman
|
||
append: yes
|
||
when: nomad_user_check is succeeded
|
||
ignore_errors: yes
|
||
|
||
- name: 创建 podman 组(如果不存在)
|
||
group:
|
||
name: podman
|
||
state: present
|
||
ignore_errors: yes
|
||
|
||
- name: 设置 podman socket 目录权限
|
||
file:
|
||
path: /run/podman
|
||
state: directory
|
||
mode: '0755'
|
||
group: podman
|
||
ignore_errors: yes
|
||
|
||
- name: 验证 Podman socket 权限
|
||
file:
|
||
path: /run/podman/podman.sock
|
||
mode: '0666'
|
||
when: nomad_user_check is succeeded
|
||
ignore_errors: yes
|
||
|
||
- name: 测试 Podman 功能
|
||
shell: podman info
|
||
register: podman_info
|
||
ignore_errors: yes
|
||
|
||
- name: 清理 apt 缓存
|
||
apt:
|
||
autoclean: yes
|
||
autoremove: yes
|
||
|
||
- name: 显示最终配置结果
|
||
debug:
|
||
msg: |
|
||
🎉 节点 {{ inventory_hostname }} 集成 Podman 设置完成!
|
||
📦 Podman 版本: {{ podman_version.stdout }}
|
||
🐳 Podman Compose: {{ podman_compose_version.stdout }}
|
||
👤 Nomad 用户: {{ 'FOUND' if nomad_user_check is succeeded else 'NOT FOUND' }}
|
||
🔧 Podman 状态: {{ 'SUCCESS' if podman_info.rc == 0 else 'WARNING' }}
|
||
🚀 Docker 已移除,Podman 已配置为与 Nomad 集成 |