From ee157b53be7c176081aed96a74fe8ff09b208cb8 Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Fri, 26 Apr 2019 13:26:45 +0200 Subject: Cleanup Rancher containers after Molecule converge Rancher role test do remove rancher/agent and rancher/server containers at 'cleanup' stage but Rancher Agent spawned containers are left orphaned. This patch adds tasks to remove them. This patch also adds custom ansible module for listing docker containers (as of ansible 2.7.10 no upstream module provides that feature, even new docker_container_info info module in ansible's devel branch doesn't have it) Change-Id: I6325dc81063b55b70136280273f8f6138c7a0375 Issue-ID: OOM-1811 Signed-off-by: Bartek Grzybowski --- ansible/library/docker_list_containers.py | 99 ++++++++++++++++++++++ ansible/roles/rancher/molecule/default/cleanup.yml | 10 +-- ansible/roles/rancher/tasks/rancher_server.yml | 2 +- ansible/test/roles/cleanup-rancher/tasks/main.yml | 18 ++++ 4 files changed, 123 insertions(+), 6 deletions(-) create mode 100644 ansible/library/docker_list_containers.py create mode 100644 ansible/test/roles/cleanup-rancher/tasks/main.yml diff --git a/ansible/library/docker_list_containers.py b/ansible/library/docker_list_containers.py new file mode 100644 index 00000000..d8a789c6 --- /dev/null +++ b/ansible/library/docker_list_containers.py @@ -0,0 +1,99 @@ +#!/usr/bin/python + +ANSIBLE_METADATA = { + 'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community' +} + +DOCUMENTATION = ''' +--- +module: docker_list_containers + +short_description: "List running docker containers" + +description: + - "Lists all running containers or those with matching label" + +options: + label_name: + description: + - container label name to match + required: false + label_value: + description: + - container label value to match + required: false + +author: + - Bartek Grzybowski (b.grzybowski@partner.samsung.com) +''' + +EXAMPLES = ''' +# List all running containers +- name: List containers + docker_list_containers: + +# List all running containers matching label +- name: List containers + docker_list_containers: + label_name: 'io.rancher.project.name' + label_value: 'kubernetes' +''' + +RETURN = ''' +containers: + description: List of running containers matching module criteria + type: list + returned: always + sample: [ + "rancher-agent", + "rancher-server", + "kubernetes-node-1", + "infrastructure-server" + ] +''' + +from ansible.module_utils.docker_common import AnsibleDockerClient + +class DockerListContainers: + + def __init__(self): + self.docker_client = AnsibleDockerClient( + argument_spec=dict( + label_name=dict(type='str', required=False), + label_value=dict(type='str', required=False) + ) + ) + + self.containers = self.docker_client.containers() + self.label_name=self.docker_client.module.params.get('label_name') + self.label_value=self.docker_client.module.params.get('label_value') + + if self.label_name: + self.containers_names=self._get_containers_names_by_label() + else: + self.containers_names=self._get_containers_names() + + self.result=dict( + containers=self.containers_names, + changed=False + ) + + def _get_containers_names(self): + return [str(container_meta.get('Names')[0][1:]) for container_meta in self.containers if 'Names' in container_meta] + + def _get_containers_names_by_label(self): + names=[] + for container_meta in self.containers: + if container_meta.get('Labels',{}).get(self.label_name) == self.label_value: + names.append(str(container_meta['Names'][0][1:])) # strip leading '/' in container name and convert to str from unicode + + return names + +def main(): + cont=DockerListContainers() + cont.docker_client.module.exit_json(**cont.result) + +if __name__ == '__main__': + main() diff --git a/ansible/roles/rancher/molecule/default/cleanup.yml b/ansible/roles/rancher/molecule/default/cleanup.yml index 13b48278..d4bf4495 100644 --- a/ansible/roles/rancher/molecule/default/cleanup.yml +++ b/ansible/roles/rancher/molecule/default/cleanup.yml @@ -7,8 +7,8 @@ container_list: - rancher-agent - rancher-server - # For some reason getting error "Device busy error" when trying to delete directory with root privileges and rancher-containers not anymore running. - # - role: cleanup-directories - # vars: - # directories_files_list_to_remove: - # - /var/lib/rancher/ + - role: cleanup-rancher + vars: + container_list_by_label: + - { 'label':'io.rancher.project.name', 'value':'healthcheck'} + - { 'label':'io.rancher.project.name', 'value':'kubernetes'} diff --git a/ansible/roles/rancher/tasks/rancher_server.yml b/ansible/roles/rancher/tasks/rancher_server.yml index 4cda3722..a0893b0b 100644 --- a/ansible/roles/rancher/tasks/rancher_server.yml +++ b/ansible/roles/rancher/tasks/rancher_server.yml @@ -55,7 +55,7 @@ account_key: "{{ key_public }}:{{ key_private }}" mode: access_control data: - account_id: 1a1 # default rancher admin account + account_id: 1a1 # default rancher admin account password: "{{ rancher.admin_password }}" when: "rancher.auth_enabled is defined and rancher.auth_enabled" diff --git a/ansible/test/roles/cleanup-rancher/tasks/main.yml b/ansible/test/roles/cleanup-rancher/tasks/main.yml new file mode 100644 index 00000000..21b02988 --- /dev/null +++ b/ansible/test/roles/cleanup-rancher/tasks/main.yml @@ -0,0 +1,18 @@ +--- +# Remove containers spawned by Rancher Agent +- name: Get list of containers spawned by Rancher Agent + docker_list_containers: + label_name: "{{ item.label }}" + label_value: "{{ item.value }}" + loop: "{{ container_list_by_label }}" + register: docker_list_containers_var + +- name: set fact # save a list of containers found by previous task to orphaned_containers var + set_fact: orphaned_containers="{{ orphaned_containers|default([]) + item.containers }}" + loop: "{{ docker_list_containers_var.results }}" + +- name: Remove orphaned containers + docker_container: + name: "{{ item }}" + state: absent + loop: "{{ orphaned_containers }}" -- cgit 1.2.3-korg