Enhance Podman configuration and management
- Update pruning options to include filters for containers, images, networks, and volumes. - Modify handlers to restart Podman resources based on new conditions. - Expand Molecule tests to verify networks, volumes, pods, and containers. - Adjust service management tasks for Podman services and auto-update. - Refactor tasks for better clarity and maintainability.
This commit is contained in:
Daniel Akulenok
@@ -205,7 +205,7 @@
|
||||
retry_delay: "{{ container_item.retry_delay | default(omit) }}"
|
||||
|
||||
# Systemd generation
|
||||
generate_systemd: "{{ container_item.generate_systemd | default(podman_systemd_options) }}"
|
||||
generate_systemd: "{{ container_item.generate_systemd | default(omit) }}"
|
||||
|
||||
# Quadlet options
|
||||
quadlet_dir: "{{ container_item.quadlet_dir | default(omit) }}"
|
||||
|
||||
@@ -6,63 +6,91 @@
|
||||
pod_item: "{{ podman_pod_defaults | default({}) | combine(item) }}"
|
||||
containers.podman.podman_pod:
|
||||
name: "{{ pod_item.name }}"
|
||||
state: "{{ pod_item.state | default('created') }}"
|
||||
state: "{{ pod_item.state | default('present') }}"
|
||||
|
||||
# Pod networking and publishing
|
||||
publish: "{{ pod_item.ports | default(omit) }}"
|
||||
network: "{{ pod_item.networks | default(omit) }}"
|
||||
volume: "{{ pod_item.volumes | default(omit) }}"
|
||||
label: "{{ pod_item.labels | default(omit) }}"
|
||||
hostname: "{{ pod_item.hostname | default(omit) }}"
|
||||
infra: "{{ pod_item.infra | default(omit) }}"
|
||||
infra_image: "{{ pod_item.infra_image | default(omit) }}"
|
||||
infra_command: "{{ pod_item.infra_command | default(omit) }}"
|
||||
infra_name: "{{ pod_item.infra_name | default(omit) }}"
|
||||
network_alias: "{{ pod_item.network_alias | default(omit) }}"
|
||||
ip: "{{ pod_item.ip | default(omit) }}"
|
||||
ip6: "{{ pod_item.ip6 | default(omit) }}"
|
||||
mac_address: "{{ pod_item.mac_address | default(omit) }}"
|
||||
no_hosts: "{{ pod_item.no_hosts | bool | default(omit) }}"
|
||||
add_host: "{{ pod_item.add_host | default(omit) }}"
|
||||
dns: "{{ pod_item.dns | default(omit) }}"
|
||||
dns_opt: "{{ pod_item.dns_opt | default(omit) }}"
|
||||
dns_search: "{{ pod_item.dns_search | default(omit) }}"
|
||||
ip: "{{ pod_item.ip | default(omit) }}"
|
||||
ip6: "{{ pod_item.ip6 | default(omit) }}"
|
||||
mac_address: "{{ pod_item.mac_address | default(omit) }}"
|
||||
no_hosts: "{{ pod_item.no_hosts | default(omit) }}"
|
||||
|
||||
# Pod storage and volumes
|
||||
volume: "{{ pod_item.volumes | default(omit) }}"
|
||||
volumes_from: "{{ pod_item.volumes_from | default(omit) }}"
|
||||
|
||||
# Infrastructure container
|
||||
infra: "{{ pod_item.infra | bool | default(omit) }}"
|
||||
infra_image: "{{ pod_item.infra_image | default(omit) }}"
|
||||
infra_command: "{{ pod_item.infra_command | default(omit) }}"
|
||||
infra_name: "{{ pod_item.infra_name | default(omit) }}"
|
||||
share_parent: "{{ pod_item.share_parent | bool | default(omit) }}"
|
||||
|
||||
# Pod configuration
|
||||
hostname: "{{ pod_item.hostname | default(omit) }}"
|
||||
share: "{{ pod_item.share | default(omit) }}"
|
||||
share_parent: "{{ pod_item.share_parent | default(omit) }}"
|
||||
label: "{{ pod_item.labels | default(omit) }}"
|
||||
label_file: "{{ pod_item.label_file | default(omit) }}"
|
||||
annotation: "{{ pod_item.annotations | default(omit) }}"
|
||||
|
||||
# Namespaces
|
||||
userns: "{{ pod_item.userns | default(omit) }}"
|
||||
uidmap: "{{ pod_item.uidmap | default(omit) }}"
|
||||
gidmap: "{{ pod_item.gidmap | default(omit) }}"
|
||||
subuidname: "{{ pod_item.subuidname | default(omit) }}"
|
||||
subgidname: "{{ pod_item.subgidname | default(omit) }}"
|
||||
pid: "{{ pod_item.pid | default(omit) }}"
|
||||
uts: "{{ pod_item.uts | default(omit) }}"
|
||||
|
||||
# Security options
|
||||
security_opt: "{{ pod_item.security_opt | default(omit) }}"
|
||||
|
||||
# Resource constraints
|
||||
memory: "{{ pod_item.memory | default(omit) }}"
|
||||
memory_swap: "{{ pod_item.memory_swap | default(omit) }}"
|
||||
cpu_shares: "{{ pod_item.cpu_shares | default(omit) }}"
|
||||
cpus: "{{ pod_item.cpus | default(omit) }}"
|
||||
cpu_shares: "{{ pod_item.cpu_shares | default(omit) }}"
|
||||
cpuset_cpus: "{{ pod_item.cpuset_cpus | default(omit) }}"
|
||||
cpuset_mems: "{{ pod_item.cpuset_mems | default(omit) }}"
|
||||
blkio_weight: "{{ pod_item.blkio_weight | default(omit) }}"
|
||||
blkio_weight_device: "{{ pod_item.blkio_weight_device | default(omit) }}"
|
||||
|
||||
# Device access
|
||||
device: "{{ pod_item.device | default(omit) }}"
|
||||
device_read_bps: "{{ pod_item.device_read_bps | default(omit) }}"
|
||||
device_write_bps: "{{ pod_item.device_write_bps | default(omit) }}"
|
||||
gpus: "{{ pod_item.gpus | default(omit) }}"
|
||||
|
||||
# Shared memory and system configuration
|
||||
shm_size: "{{ pod_item.shm_size | default(omit) }}"
|
||||
shm_size_systemd: "{{ pod_item.shm_size_systemd | default(omit) }}"
|
||||
sysctl: "{{ pod_item.sysctl | default(omit) }}"
|
||||
cgroup_parent: "{{ pod_item.cgroup_parent | default(omit) }}"
|
||||
pid: "{{ pod_item.pid | default(omit) }}"
|
||||
uts: "{{ pod_item.uts | default(omit) }}"
|
||||
network_alias: "{{ pod_item.network_alias | default(omit) }}"
|
||||
volumes_from: "{{ pod_item.volumes_from | default(omit) }}"
|
||||
|
||||
# Pod lifecycle management
|
||||
exit_policy: "{{ pod_item.exit_policy | default(omit) }}"
|
||||
restart_policy: "{{ pod_item.restart_policy | default(omit) }}"
|
||||
pod_id_file: "{{ pod_item.pod_id_file | default(omit) }}"
|
||||
label_file: "{{ pod_item.label_file | default(omit) }}"
|
||||
gpus: "{{ pod_item.gpus | default(omit) }}"
|
||||
|
||||
# Systemd and Quadlet generation
|
||||
generate_systemd: "{{ pod_item.generate_systemd | default(omit) }}"
|
||||
quadlet_dir: "{{ pod_item.quadlet_dir | default(omit) }}"
|
||||
quadlet_filename: "{{ pod_item.quadlet_filename | default(omit) }}"
|
||||
quadlet_file_mode: "{{ pod_item.quadlet_file_mode | default(omit) }}"
|
||||
quadlet_options: "{{ pod_item.quadlet_options | default(omit) }}"
|
||||
recreate: "{{ pod_item.recreate | default(omit) }}"
|
||||
debug: "{{ pod_item.debug | default(omit) }}"
|
||||
|
||||
# Control and debugging options
|
||||
recreate: "{{ pod_item.recreate | bool | default(omit) }}"
|
||||
force_restart: "{{ pod_item.force_restart | bool | default(omit) }}"
|
||||
force_delete: "{{ pod_item.force_delete | bool | default(omit) }}"
|
||||
executable: "{{ pod_item.executable | default('podman') }}"
|
||||
debug: "{{ pod_item.debug | bool | default(omit) }}"
|
||||
loop: "{{ podman_pods }}"
|
||||
loop_control:
|
||||
label: "{{ item.name }}"
|
||||
|
||||
@@ -3,10 +3,16 @@
|
||||
|
||||
- name: Prune Podman resources
|
||||
containers.podman.podman_prune:
|
||||
container: "{{ podman_prune_options.container }}"
|
||||
image: "{{ podman_prune_options.image }}"
|
||||
network: "{{ podman_prune_options.network }}"
|
||||
system: "{{ podman_prune_options.system }}"
|
||||
system_all: "{{ podman_prune_options.system_all }}"
|
||||
volume: "{{ podman_prune_options.volume }}"
|
||||
container: "{{ podman_prune_options.container | default(omit) }}"
|
||||
container_filters: "{{ podman_prune_options.container_filters | default(omit) }}"
|
||||
executable: "{{ podman_prune_options.executable | default(omit) }}"
|
||||
image: "{{ podman_prune_options.image | default(omit) }}"
|
||||
image_filters: "{{ podman_prune_options.image_filters | default(omit) }}"
|
||||
network: "{{ podman_prune_options.network | default(omit) }}"
|
||||
network_filters: "{{ podman_prune_options.network_filters | default(omit) }}"
|
||||
system: "{{ podman_prune_options.system | default(omit) }}"
|
||||
system_all: "{{ podman_prune_options.system_all | default(omit) }}"
|
||||
system_volumes: "{{ podman_prune_options.system_volumes | default(omit) }}"
|
||||
volume: "{{ podman_prune_options.volume | default(omit) }}"
|
||||
volume_filters: "{{ podman_prune_options.volume_filters | default(omit) }}"
|
||||
when: podman_prune_enabled | bool
|
||||
|
||||
@@ -1,29 +1,23 @@
|
||||
---
|
||||
# Manage Podman services
|
||||
ansible.builtin.systemd_service:
|
||||
name: podman.socket
|
||||
enabled: true
|
||||
state: started
|
||||
daemon_reload: true
|
||||
|
||||
- name: Enable and start Podman API service
|
||||
- name: Enable Podman service
|
||||
ansible.builtin.systemd_service:
|
||||
name: podman.service
|
||||
enabled: true
|
||||
state: started
|
||||
daemon_reload: true
|
||||
|
||||
- name: Enable and start Podman auto-update service
|
||||
- name: Enable Podman socket
|
||||
ansible.builtin.systemd_service:
|
||||
name: podman.socket
|
||||
enabled: true
|
||||
|
||||
- name: Enable Podman auto-update service
|
||||
ansible.builtin.systemd_service:
|
||||
name: podman-auto-update.service
|
||||
enabled: true
|
||||
state: started
|
||||
daemon_reload: true
|
||||
when: podman_enable_auto_update
|
||||
|
||||
- name: Disable Podman auto-update service
|
||||
ansible.builtin.systemd_service:
|
||||
name: podman-auto-update.service
|
||||
enabled: false
|
||||
state: stopped
|
||||
when: not podman_enable_auto_update
|
||||
|
||||
@@ -23,10 +23,8 @@
|
||||
loop_control:
|
||||
label: "{{ item.name }}"
|
||||
when:
|
||||
- podman_generate_systemd | bool
|
||||
- podman_containers is defined
|
||||
- podman_containers | length > 0
|
||||
- (item.systemd is defined) or (item.generate_systemd is defined)
|
||||
notify: Reload systemd
|
||||
|
||||
- name: Generate systemd service files for pods
|
||||
@@ -51,8 +49,6 @@
|
||||
loop_control:
|
||||
label: "{{ item.name }}"
|
||||
when:
|
||||
- podman_generate_systemd | bool
|
||||
- podman_pods is defined
|
||||
- podman_pods | length > 0
|
||||
- (item.systemd is defined) or (item.generate_systemd is defined)
|
||||
notify: Reload systemd
|
||||
|
||||
Reference in New Issue
Block a user