search

containers / ansible-podman-collections

Repository for Ansible content that can include playbooks, roles, modules, and plugins for use with the Podman tool
GNU General Public License v3.0
273 stars 148 forks source link

Systemd unit file - container networks not updated #654

Closed lehmanju closed 6 months ago

lehmanju commented 1 year ago

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

If the systemd unit file already exists, updates to the list of a container's networks are not reflected in its unit file.

Steps to reproduce the issue:

  1. Use generate_systemd in podman_container.

  2. Run ansible-playbook and create container + unit file.

  3. Add a network to podman_container section`

  4. Run ansible-playbook again, container is changed but unit file isn't

Describe the results you received:

Incoherent unit file.

Describe the results you expected:

Change unit file such that it is coherent with container.

Additional information you deem important (e.g. issue happens only occasionally):

Version of the containers.podman collection: 1.10.3

Output of ansible --version:

ansible [core 2.15.5]
  config file = None
  configured module search path = ['/home/julius/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.11/site-packages/ansible
  ansible collection location = /home/julius/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.11.5 (main, Sep  2 2023, 14:16:33) [GCC 13.2.1 20230801] (/usr/bin/python)
  jinja version = 3.1.2
  libyaml = True

Output of podman version:

Client:       Podman Engine
Version:      4.3.1
API Version:  4.3.1
Go Version:   go1.20.2
Built:        Thu Jan  1 01:00:00 1970
OS/Arch:      linux/amd64

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.28.2
  cgroupControllers:
  - cpu
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon_2.1.6+ds1-1_amd64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.6, commit: unknown'
  cpuUtilization:
    idlePercent: 97.59
    systemPercent: 0.93
    userPercent: 1.47
  cpus: 4
  distribution:
    codename: lunar
    distribution: ubuntu
    version: "23.04"
  eventLogger: journald
  hostname: homeserv
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 6.2.0-34-generic
  linkmode: dynamic
  logDriver: journald
  memFree: 2060349440
  memTotal: 16402341888
  networkBackend: netavark
  ociRuntime:
    name: crun
    package: crun_1.8-1_amd64
    path: /usr/bin/crun
    version: |-
      crun version 1.8
      commit: 0356bf4aff9a133d655dc13b1d9ac9424706cac4
      rundir: /run/user/1000/crun
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  os: linux
  remoteSocket:
    exists: true
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns_1.2.0-1_amd64
    version: |-
      slirp4netns version 1.2.0
      commit: 656041d45cfca7a4176f6b7eed9e4fe6c11e8383
      libslirp: 4.7.0
      SLIRP_CONFIG_VERSION_MAX: 4
      libseccomp: 2.5.4
  swapFree: 4294963200
  swapTotal: 4294963200
  uptime: 1h 58m 30.00s (Approximately 0.04 days)
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  volume:
  - local
registries: {}
store:
  configFile: /home/julius/.config/containers/storage.conf
  containerStore:
    number: 18
    paused: 0
    running: 18
    stopped: 0
  graphDriverName: vfs
  graphOptions: {}
  graphRoot: /home/julius/.local/share/containers/storage
  graphRootAllocated: 97829425152
  graphRootUsed: 46158200832
  graphStatus: {}
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 14
  runRoot: /run/user/1000/containers
  volumePath: /home/julius/.local/share/containers/storage/volumes
version:
  APIVersion: 4.3.1
  Built: 0
  BuiltTime: Thu Jan  1 01:00:00 1970
  GitCommit: ""
  GoVersion: go1.20.2
  Os: linux
  OsArch: linux/amd64
  Version: 4.3.1

Package info (e.g. output of rpm -q podman or apt list podman):

podman/lunar,now 4.3.1+ds1-5ubuntu1 amd64 [installed]

Playbok you run with ansible (e.g. content of playbook.yaml):

- name: Vaultwarden container
  containers.podman.podman_container:
    name: vaultwarden
    image: ghcr.io/dani-garcia/vaultwarden:latest
    state: created
    rm: true
    volumes:
      - "{{ ansible_env.HOME }}/bitwarden/bw-data:/data"
    label:
      io.containers.autoupdate: registry
    generate_systemd:
      new: true
      restart_policy: always
      path: "{{ ansible_env.HOME }}/.config/systemd/user/"
    network:
      - bitwardennet
    env:
      WEBSOCKET_ENABLED: true
sshnaidm commented 1 year ago

What if you use state: present instead created?

lehmanju commented 1 year ago

Ah yes, thanks. That works. Is this still a bug though?