search

ansible-collections / community.docker

Community Docker Collection for Ansible: modules and plugins for working with Docker
https://galaxy.ansible.com/ui/repo/published/community/docker/
GNU General Public License v3.0
200 stars 115 forks source link

docker_swarm_service continuously attempts to update Swarm services which use host network #13

Open pa-yourserveradmin-com opened 4 years ago

pa-yourserveradmin-com commented 4 years ago
SUMMARY

The problem is docker_swarm_service module works incorrectly with Swarm services which use host network(s) and continuously attempts to update such services due to wrong processing of host networks.

Sample patch which also may help to solve the issue can be found in f43219827dbabf33f43af2114838ee20.

ISSUE TYPE
COMPONENT NAME

docker_swarm_service

ANSIBLE VERSION
ansible 2.9.12
  config file = /home/pa/PycharmProjects/ansible/ansible.cfg
  configured module search path = ['/home/pa/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/pa/PycharmProjects/ansible/venv/lib64/python3.8/site-packages/ansible
  executable location = /home/pa/PycharmProjects/ansible/venv/bin/ansible
  python version = 3.8.5 (default, Aug 12 2020, 00:00:00) [GCC 10.2.1 20200723 (Red Hat 10.2.1-1)]
CONFIGURATION
ANSIBLE_PIPELINING(/home/pa/PycharmProjects/ansible/ansible.cfg) = True
DEFAULT_CALLBACK_WHITELIST(/home/pa/PycharmProjects/ansible/ansible.cfg) = ['profile_tasks']
DISPLAY_SKIPPED_HOSTS(env: ANSIBLE_DISPLAY_SKIPPED_HOSTS) = False
HOST_KEY_CHECKING(env: ANSIBLE_HOST_KEY_CHECKING) = False
OS / ENVIRONMENT

Docker server and API information:

Server: Docker Engine - Community
 Engine:
  Version:          19.03.11
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.13.10
  Git commit:       42e35e61f3
  Built:            Mon Jun  1 09:12:26 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.2.13
  GitCommit:        7ad184331fa3e55e52b890ea95e65ba581ae3429
 runc:
  Version:          1.0.0-rc10
  GitCommit:        dc9208a3303feef5b3839f4323d9beb36df0a9dd
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683

Python docker module version:

Name: docker
Version: 4.3.0
Summary: A Python library for the Docker Engine API.
Home-page: https://github.com/docker/docker-py
Author: None
Author-email: None
License: Apache License 2.0
Location: /usr/lib/python3.6/site-packages
Requires: six, websocket-client, requests
STEPS TO REPRODUCE

Before all you will need Docker Swarm cluster to deploy service using example playbook provided below.

Example playbook which will deploy Nginx containers to Swarm using host network (please customize it according to local testing environment):

---
- hosts: all

  tasks:

    - docker_swarm_service:
        image: nginx:latest
        mode: global
        name: nginx
        networks:
          - host

Once playbook is applied - run it once again with --check --diff options to see planned changes.

Run playbook once again and it will report changes in Swarm service configuration while service configuration actually not changed (i.e. no downtime actually happen what significantly reduces impact of this issue).

EXPECTED RESULTS

No changes reported in dry-run and run modes when nothing really changed in service configuration.

ACTUAL RESULTS

Either in dry-run or run mode Ansible updates Swarm service with wrong network ID:

--- before
+++ after
@@ -1,7 +1,7 @@
 {
     "networks": [
         {
-            "id": "exvfwyotuxat3z1bt38s3rork"
+            "id": "71d4bd2cf80870bf68df480c876e01ea02183d8fc33d292658c49f323e5c795a"
         }
     ]
 }

Correct network exvfwyotuxat3z1bt38s3rork has swarm scope and inspect returns the next information:

$ docker network inspect exvfwyotuxat3z1bt38s3rork
[
    {
        "Name": "host",
        "Id": "exvfwyotuxat3z1bt38s3rork",
        "Created": "2020-07-01T17:26:48.708139127Z",
        "Scope": "swarm",
        "Driver": "host",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "",
            "Options": null,
            "Config": []
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": null,
        "Options": null,
        "Labels": {
            "com.docker.swarm.predefined": "true"
        }
    }
]

Wrong network 71d4bd2cf80870bf68df480c876e01ea02183d8fc33d292658c49f323e5c795a has local scope and inspect returns the next information:

$ docker network inspect 71d4bd2cf80870bf68df480c876e01ea02183d8fc33d292658c49f323e5c795a
[
    {
        "Name": "host",
        "Id": "71d4bd2cf80870bf68df480c876e01ea02183d8fc33d292658c49f323e5c795a",
        "Created": "2020-06-26T14:09:30.161137267Z",
        "Scope": "local",
        "Driver": "host",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": []
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {},
        "Options": {},
        "Labels": {}
    }
]
pa-yourserveradmin-com commented 4 years ago

Originally posted in https://github.com/ansible/ansible/issues/71386.

ansibullbot commented 4 years ago

cc @DBendit @WojciechowskiPiotr @akshay196 @chouseknecht @danihodovic @dariko @felixfontein @hannseman @jwitko @kassiansun @tbouvet click here for bot help

pa-yourserveradmin-com commented 4 years ago

Hey, guys. Do you need any additional details about this issue?

felixfontein commented 4 years ago

@dariko @jwitko @hannseman can you take a look at this?

felixfontein commented 4 years ago

Ping @dariko @jwitko @hannseman