feat: switch to binary runc and containerd install (#333)
* feat: switch to binary runc and containerd install
* fix: always download directly to dst node
* feat: add crictl role
* ci: add tests for binary downloads
* ci: rename scenario and add matrix
* ci: move to using prepare
* ci: stop using anchors
* chore: refactor to download_artifact
* chore: add jammy to containerd+runc
* chore: bump ansible-lint
* chore: add more platforms for cri
* fix: ensure tar command exists
* chore: drop amznlinux2
---------
Co-authored-by: Mohammed Naser <mnaser@vexxhost.com>
diff --git a/molecule/containerd/converge.yml b/molecule/containerd/converge.yml
new file mode 100644
index 0000000..ca8b887
--- /dev/null
+++ b/molecule/containerd/converge.yml
@@ -0,0 +1,20 @@
+# Copyright (c) 2023 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- name: Converge
+ hosts: all
+ become: true
+ roles:
+ - vexxhost.atmosphere.containerd
+ - vexxhost.atmosphere.crictl
diff --git a/molecule/containerd/molecule.yml b/molecule/containerd/molecule.yml
new file mode 100644
index 0000000..bf62b9c
--- /dev/null
+++ b/molecule/containerd/molecule.yml
@@ -0,0 +1,31 @@
+# Copyright (c) 2023 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+dependency:
+ name: galaxy
+driver:
+ name: docker
+platforms:
+ - name: instance
+ image: geerlingguy/docker-${MOLECULE_DISTRO:-ubuntu2004}-ansible:latest
+ command: ${MOLECULE_DOCKER_COMMAND:-""}
+ privileged: true
+ cgroupns_mode: host
+ pre_build_image: true
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:rw
+provisioner:
+ name: ansible
+verifier:
+ name: ansible
diff --git a/molecule/containerd/prepare.yml b/molecule/containerd/prepare.yml
new file mode 100644
index 0000000..f538ad1
--- /dev/null
+++ b/molecule/containerd/prepare.yml
@@ -0,0 +1,28 @@
+# Copyright (c) 2023 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- name: Prepare
+ hosts: all
+ become: true
+ pre_tasks:
+ - name: Wait for systemd to complete initialization
+ ansible.builtin.command: systemctl is-system-running
+ register: systemctl_status
+ until: >
+ 'running' in systemctl_status.stdout or
+ 'degraded' in systemctl_status.stdout
+ retries: 30
+ delay: 5
+ changed_when: false
+ failed_when: systemctl_status.rc > 1
diff --git a/molecule/containerd/verify.yml b/molecule/containerd/verify.yml
new file mode 100644
index 0000000..1462252
--- /dev/null
+++ b/molecule/containerd/verify.yml
@@ -0,0 +1,40 @@
+# Copyright (c) 2023 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- name: Verify
+ hosts: all
+ become: true
+
+ pre_tasks:
+ - name: Gather service facts
+ service_facts:
+
+ tasks:
+ - name: Make sure containerd service is running
+ ansible.builtin.assert:
+ that:
+ - ansible_facts.services['containerd.service'].state in ['active', 'running']
+
+ - name: Make sure containerd service is enabled
+ ansible.builtin.assert:
+ that:
+ - ansible_facts.services['containerd.service'].status == 'enabled'
+
+ - name: Pull image from registry
+ ansible.builtin.command: ctr image pull docker.io/library/alpine:latest
+
+ - name: List images
+ ansible.builtin.command: ctr images ls
+ register: images
+ failed_when: not(images.stdout.find('alpine') != -1)