daniel/ansible-podman
1
0
Fork 0
Code Pull Requests Activity
Files
0938e4b6016ce67347b436f004fb1706980743f6
ansible-podman/tasks/containers.yml
Daniel Akulenok 0938e4b601 podman
2025-09-10 15:10:55 +02:00

242 lines
10 KiB
YAML
Raw Blame History

---
# Manage Podman containers
- name: Manage Podman containers
containers.podman.podman_container:
name: "{{ item.name }}"
image: "{{ item.image }}"
state: "{{ item.state | default('present') }}"
# Basic container configuration
command: "{{ item.command | default(omit) }}"
entrypoint: "{{ item.entrypoint | default(omit) }}"
user: "{{ item.user | default(omit) }}"
workdir: "{{ item.working_dir | default(omit) }}"
hostname: "{{ item.hostname | default(omit) }}"
# Container runtime options
detach: "{{ item.detach | bool | default(omit) }}"
interactive: "{{ item.interactive | bool | default(omit) }}"
tty: "{{ item.tty | bool | default(omit) }}"
rm: "{{ item.auto_remove | bool | default(omit) }}"
rmi: "{{ item.remove_image | bool | default(omit) }}"
privileged: "{{ item.privileged | bool | default(omit) }}"
read_only: "{{ item.read_only | bool | default(omit) }}"
read_only_tmpfs: "{{ item.read_only_tmpfs | bool | default(omit) }}"
init: "{{ item.init | bool | default(omit) }}"
init_path: "{{ item.init_path | default(omit) }}"
# Networking
network: "{{ item.networks | default(omit) }}"
publish: "{{ item.ports | default(omit) }}"
publish_all: "{{ item.publish_all | bool | default(omit) }}"
expose: "{{ item.expose | default(omit) }}"
ip: "{{ item.ip | default(omit) }}"
ip6: "{{ item.ip6 | default(omit) }}"
mac_address: "{{ item.mac_address | default(omit) }}"
network_aliases: "{{ item.network_aliases | default(omit) }}"
dns: "{{ item.dns | default(omit) }}"
dns_option: "{{ item.dns_options | default(omit) }}"
dns_search: "{{ item.dns_search | default(omit) }}"
etc_hosts: "{{ item.add_hosts | default(omit) }}"
no_hosts: "{{ item.no_hosts | bool | default(omit) }}"
# Storage and volumes
volume: "{{ item.volumes | default(omit) }}"
volumes_from: "{{ item.volumes_from | default(omit) }}"
mount: "{{ item.mounts | default(omit) }}"
tmpfs: "{{ item.tmpfs | default(omit) }}"
image_volume: "{{ item.image_volume | default(omit) }}"
# Environment variables
env: "{{ item.env | default(omit) }}"
env_file: "{{ item.env_files | default(omit) }}"
env_host: "{{ item.env_host | bool | default(omit) }}"
env_merge: "{{ item.env_merge | default(omit) }}"
unsetenv: "{{ item.unsetenv | default(omit) }}"
unsetenv_all: "{{ item.unsetenv_all | bool | default(omit) }}"
# Resource constraints
memory: "{{ item.memory | default(omit) }}"
memory_reservation: "{{ item.memory_reservation | default(omit) }}"
memory_swap: "{{ item.memory_swap | default(omit) }}"
memory_swappiness: "{{ item.memory_swappiness | default(omit) }}"
kernel_memory: "{{ item.kernel_memory | default(omit) }}"
cpus: "{{ item.cpus | default(omit) }}"
cpu_shares: "{{ item.cpu_shares | default(omit) }}"
cpu_period: "{{ item.cpu_period | default(omit) }}"
cpu_quota: "{{ item.cpu_quota | default(omit) }}"
cpu_rt_period: "{{ item.cpu_rt_period | default(omit) }}"
cpu_rt_runtime: "{{ item.cpu_rt_runtime | default(omit) }}"
cpuset_cpus: "{{ item.cpuset_cpus | default(omit) }}"
cpuset_mems: "{{ item.cpuset_mems | default(omit) }}"
blkio_weight: "{{ item.blkio_weight | default(omit) }}"
blkio_weight_device: "{{ item.blkio_weight_device | default(omit) }}"
oom_kill_disable: "{{ item.oom_kill_disable | bool | default(omit) }}"
oom_score_adj: "{{ item.oom_score_adj | default(omit) }}"
pids_limit: "{{ item.pids_limit | default(omit) }}"
# Device access
device: "{{ item.devices | default(omit) }}"
device_cgroup_rule: "{{ item.device_cgroup_rule | default(omit) }}"
device_read_bps: "{{ item.device_read_bps | default(omit) }}"
device_read_iops: "{{ item.device_read_iops | default(omit) }}"
device_write_bps: "{{ item.device_write_bps | default(omit) }}"
device_write_iops: "{{ item.device_write_iops | default(omit) }}"
gpus: "{{ item.gpus | default(omit) }}"
# Security options
security_opt: "{{ item.security_opt | default(omit) }}"
cap_add: "{{ item.cap_add | default(omit) }}"
cap_drop: "{{ item.cap_drop | default(omit) }}"
seccomp_policy: "{{ item.seccomp_policy | default(omit) }}"
userns: "{{ item.userns | default(omit) }}"
uidmap: "{{ item.uidmap | default(omit) }}"
gidmap: "{{ item.gidmap | default(omit) }}"
subuidname: "{{ item.subuidname | default(omit) }}"
subgidname: "{{ item.subgidname | default(omit) }}"
group_add: "{{ item.groups | default(omit) }}"
group_entry: "{{ item.group_entry | default(omit) }}"
passwd: "{{ item.passwd | default(omit) }}"
passwd_entry: "{{ item.passwd_entry | default(omit) }}"
# Namespaces
ipc: "{{ item.ipc_mode | default(omit) }}"
pid: "{{ item.pid_mode | default(omit) }}"
uts: "{{ item.uts | default(omit) }}"
cgroupns: "{{ item.cgroupns | default(omit) }}"
# Cgroups
cgroups: "{{ item.cgroups | default(omit) }}"
cgroup_parent: "{{ item.cgroup_parent | default(omit) }}"
cgroup_conf: "{{ item.cgroup_conf | default(omit) }}"
# System configuration
sysctl: "{{ item.sysctl | default(omit) }}"
systemd: "{{ item.systemd | default(omit) }}"
ulimit: "{{ item.ulimits | default(omit) }}"
umask: "{{ item.umask | default(omit) }}"
# Shared memory and tmpfs
shm_size: "{{ item.shm_size | default(omit) }}"
shm_size_systemd: "{{ item.shm_size_systemd | default(omit) }}"
# Pods
pod: "{{ item.pod | default(omit) }}"
pod_id_file: "{{ item.pod_id_file | default(omit) }}"
# Logging
log_driver: "{{ item.log_driver | default(omit) }}"
log_opt: "{{ item.log_options | default(omit) }}"
log_level: "{{ item.log_level | default(omit) }}"
# Health checks
healthcheck: "{{ item.healthcheck | default(omit) }}"
healthcheck_interval: "{{ item.healthcheck_interval | default(omit) }}"
healthcheck_timeout: "{{ item.healthcheck_timeout | default(omit) }}"
healthcheck_start_period: "{{ item.healthcheck_start_period | default(omit) }}"
healthcheck_retries: "{{ item.healthcheck_retries | default(omit) }}"
healthcheck_failure_action: "{{ item.healthcheck_failure_action | default(omit) }}"
no_healthcheck: "{{ item.no_healthcheck | bool | default(omit) }}"
# Startup health checks
health_startup_cmd: "{{ item.health_startup_cmd | default(omit) }}"
health_startup_interval: "{{ item.health_startup_interval | default(omit) }}"
health_startup_timeout: "{{ item.health_startup_timeout | default(omit) }}"
health_startup_retries: "{{ item.health_startup_retries | default(omit) }}"
health_startup_success: "{{ item.health_startup_success | default(omit) }}"
# Metadata and labels
label: "{{ item.labels | default(omit) }}"
label_file: "{{ item.label_file | default(omit) }}"
annotation: "{{ item.annotations | default(omit) }}"
# Container lifecycle
restart_policy: "{{ item.restart_policy | default(omit) }}"
restart_time: "{{ item.restart_time | default(omit) }}"
stop_signal: "{{ item.stop_signal | default(omit) }}"
stop_time: "{{ item.stop_time | default(omit) }}"
stop_timeout: "{{ item.stop_timeout | default(omit) }}"
timeout: "{{ item.timeout | default(omit) }}"
# Pull and image options
pull: "{{ item.pull | default(omit) }}"
image_strict: "{{ item.image_strict | bool | default(omit) }}"
arch: "{{ item.arch | default(omit) }}"
os: "{{ item.os | default(omit) }}"
platform: "{{ item.platform | default(omit) }}"
variant: "{{ item.variant | default(omit) }}"
# Registry and authentication
authfile: "{{ item.authfile | default(omit) }}"
tls_verify: "{{ item.tls_verify | default(omit) }}"
decryption_key: "{{ item.decryption_key | default(omit) }}"
# File operations
cidfile: "{{ item.cidfile | default(omit) }}"
conmon_pidfile: "{{ item.conmon_pidfile | default(omit) }}"
pid_file: "{{ item.pid_file | default(omit) }}"
# Special options
attach: "{{ item.attach | default(omit) }}"
detach_keys: "{{ item.detach_keys | default(omit) }}"
sig_proxy: "{{ item.sig_proxy | bool | default(omit) }}"
http_proxy: "{{ item.http_proxy | bool | default(omit) }}"
# Advanced options
chrootdirs: "{{ item.chrootdirs | default(omit) }}"
hooks_dir: "{{ item.hooks_dir | default(omit) }}"
hostuser: "{{ item.hostuser | default(omit) }}"
init_ctr: "{{ item.init_ctr | default(omit) }}"
personality: "{{ item.personality | default(omit) }}"
preserve_fd: "{{ item.preserve_fd | default(omit) }}"
preserve_fds: "{{ item.preserve_fds | default(omit) }}"
rdt_class: "{{ item.rdt_class | default(omit) }}"
requires: "{{ item.requires | default(omit) }}"
rootfs: "{{ item.rootfs | bool | default(omit) }}"
sdnotify: "{{ item.sdnotify | default(omit) }}"
secrets: "{{ item.secrets | default(omit) }}"
timezone: "{{ item.timezone | default(omit) }}"
# Retry options
retry: "{{ item.retry | default(omit) }}"
retry_delay: "{{ item.retry_delay | default(omit) }}"
# Systemd generation
generate_systemd: "{{ item.generate_systemd | default(omit) }}"
# Quadlet options
quadlet_dir: "{{ item.quadlet_dir | default(omit) }}"
quadlet_filename: "{{ item.quadlet_filename | default(omit) }}"
quadlet_file_mode: "{{ item.quadlet_file_mode | default(omit) }}"
quadlet_options: "{{ item.quadlet_options | default(omit) }}"
# Control options
cmd_args: "{{ item.cmd_args | default(omit) }}"
executable: "{{ item.executable | default('podman') }}"
recreate: "{{ item.recreate | bool | default(omit) }}"
force_restart: "{{ item.force_restart | bool | default(omit) }}"
force_delete: "{{ item.force_delete | bool | default(omit) }}"
delete_depend: "{{ item.delete_depend | bool | default(omit) }}"
delete_time: "{{ item.delete_time | default(omit) }}"
delete_volumes: "{{ item.delete_volumes | bool | default(omit) }}"
debug: "{{ item.debug | bool | default(omit) }}"
loop: "{{ podman_containers }}"
loop_control:
label: "{{ item.name }}"
register: podman_container_results
- name: Enable and start container systemd services
ansible.builtin.systemd:
name: "container-{{ item.item.name }}"
enabled: true
state: started
daemon_reload: true
loop: "{{ podman_container_results.results }}"
loop_control:
label: "{{ item.item.name }}"
when:
- item.item.generate_systemd is defined
- item.item.generate_systemd
- item.item.state | default('present') in ['present', 'started']
View Git Blame Copy Permalink