diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2021-09-16 14:13:51 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2021-09-16 14:13:51 +0200 |
| commit | 4c467bf47401c408b3eca719f18aa5d34013d901 (patch) | |
| tree | 67ae4f7e65549ff3bf9b4143650313128d4ef907 | |
| parent | kubernetes/kubeadm/base: apt pinning vs package hold (diff) | |
docker and containerd: apt pinning vs package hold
| -rw-r--r-- | roles/containerd/tasks/main.yml | 25 | ||||
| -rw-r--r-- | roles/docker/engine/tasks/main.yml | 25 | ||||
| -rw-r--r-- | roles/streaming/blackmagic/mediaexpress/tasks/main.yml | 4 |
3 files changed, 42 insertions, 12 deletions
diff --git a/roles/containerd/tasks/main.yml b/roles/containerd/tasks/main.yml index 26acea66..56970268 100644 --- a/roles/containerd/tasks/main.yml +++ b/roles/containerd/tasks/main.yml @@ -17,20 +17,35 @@ include_role: name: "apt-repo/{{ containerd_pkg_provider }}" +- name: generate apt pin file for containerd package + when: containerd_pkg_version is defined + copy: + dest: "/etc/apt/preferences.d/{{ containerd_pkg_name }}.pref" + content: | + Package: {{ containerd_pkg_name }} + Pin: version {{ containerd_pkg_version }} + Pin-Priority: 1001 + +- name: remove apt pin file for containerd package + when: containerd_pkg_version is not defined + file: + path: "/etc/apt/preferences.d/{{ containerd_pkg_name }}.pref" + state: absent + - name: install containerd apt: name: "{{ containerd_pkg_name }}{% if containerd_pkg_version is defined %}={{ containerd_pkg_version }}{% endif %}" state: present force: yes - ## TODO: remove force once the following changes are available - ## https://github.com/ansible/ansible/pull/73629 or https://github.com/ansible/ansible/pull/72562 + # allow_downgrade: yes + ## TODO: replace force with allow_downgrade once the following change is available (ansible >= 5.0) ## https://github.com/ansible/ansible/pull/74852 -- name: disable automatic upgrades for containerd package - when: containerd_pkg_version is defined + ## TODO: remove this when all machines are migrated to use pin files +- name: unhold packages (we now use APT pinning) dpkg_selections: name: "{{ containerd_pkg_name }}" - selection: hold + selection: install - name: fetch containerd default config check_mode: no diff --git a/roles/docker/engine/tasks/main.yml b/roles/docker/engine/tasks/main.yml index b6f5bb12..d07d6d63 100644 --- a/roles/docker/engine/tasks/main.yml +++ b/roles/docker/engine/tasks/main.yml @@ -26,6 +26,21 @@ include_role: name: "apt-repo/{{ docker_pkg_provider }}" +- name: generate apt pin file for docker package + when: docker_pkg_version is defined + copy: + dest: "/etc/apt/preferences.d/{{ docker_pkg_name }}.pref" + content: | + Package: {{ docker_pkg_name }} + Pin: version {{ docker_pkg_version }} + Pin-Priority: 1001 + +- name: remove apt pin file for docker package + when: docker_pkg_version is not defined + file: + path: "/etc/apt/preferences.d/{{ docker_pkg_name }}.pref" + state: absent + - name: install docker apt: name: @@ -33,15 +48,15 @@ - "{{ python_basename }}-docker" state: present force: yes - ## TODO: remove force once the following changes are available - ## https://github.com/ansible/ansible/pull/73629 or https://github.com/ansible/ansible/pull/72562 + # allow_downgrade: yes + ## TODO: replace force with allow_downgrade once the following change is available (ansible >= 5.0) ## https://github.com/ansible/ansible/pull/74852 -- name: disable automatic upgrades for docker package - when: docker_pkg_version is defined + ## TODO: remove this when all machines are migrated to use pin files +- name: unhold packages (we now use APT pinning) dpkg_selections: name: "{{ docker_pkg_name }}" - selection: hold + selection: install - name: start and enable docker service: diff --git a/roles/streaming/blackmagic/mediaexpress/tasks/main.yml b/roles/streaming/blackmagic/mediaexpress/tasks/main.yml index 7cb771d9..9aa83c28 100644 --- a/roles/streaming/blackmagic/mediaexpress/tasks/main.yml +++ b/roles/streaming/blackmagic/mediaexpress/tasks/main.yml @@ -3,7 +3,7 @@ import_role: name: apt-repo/blackmagic -- name: generate apt pin files for blackmagic mediaexpress +- name: generate apt pin file for blackmagic mediaexpress when: blackmagic_mediaexpress_version is defined copy: dest: "/etc/apt/preferences.d/mediaexpress.pref" @@ -12,7 +12,7 @@ Pin: version {{ blackmagic_mediaexpress_version }} Pin-Priority: 1001 -- name: remove apt pin files for blackmagic mediaexpress +- name: remove apt pin file for blackmagic mediaexpress when: blackmagic_mediaexpress_version is not defined file: path: "/etc/apt/preferences.d/mediaexpress.pref" |