podman: переход на Podman, Minikube, локальные образы и док для новичков

- Molecule: драйвер delegated, коллекция containers.podman, create/destroy/verify на Podman - Makefile: все вызовы docker заменены на podman, сокет /run/podman/podman.sock - Сборка образов: podman build (без buildx), buildall/buildall-image — только локально без push - Ansible-controller: Podman в образе, docker-compose на podman compose, сокет Podman - K8s: Kind заменён на Minikube (драйвер podman), скрипты и Makefile обновлены - Пресеты: проверка локальных образов, без podman pull (registry запрещён) - Документация: docs/podman.md, docs/quickstart-for-dummies.md (роли, плейбук, линт, тесты, пресеты, инвентори) - README: ссылка на quickstart-for-dummies Made-with: Cursor
2026-03-11 19:59:47 +03:00
parent 23e1a6037b
commit 05881e8d74
16 changed files with 859 additions and 790 deletions
--- a/molecule/default/verify.yml
+++ b/molecule/default/verify.yml
@@ -46,10 +46,8 @@
          Count: {{ hosts | selectattr('type','undefined') | list | length }}
          ================================================================================

-    - name: Check systemd nodes status
-      community.docker.docker_container_exec:
-        container: "{{ item.name }}"
-        command: systemctl is-system-running
+    - name: Check systemd nodes status (Podman exec)
+      command: "podman exec {{ item.name }} systemctl is-system-running"
      loop: "{{ hosts | selectattr('type','undefined') | list }}"
      loop_control: { label: "{{ item.name }}" }
      register: systemd_status
@@ -61,43 +59,23 @@
      loop: "{{ systemd_status.results | default([]) }}"
      when: systemd_status is defined

-    # Проверка DinD узлов
-    - name: Check DinD nodes docker daemon
-      community.docker.docker_container_exec:
-        container: "{{ item.name }}"
-        command: docker version --format '{{.Server.Version}}'
-      loop: "{{ hosts | selectattr('type','defined') | selectattr('type','equalto','dind') | list }}"
-      loop_control: { label: "{{ item.name }}" }
-      register: dind_status
-      ignore_errors: true
-
-    - name: Display DinD nodes status
-      debug:
-        msg: "DinD node {{ item.0.name }}: Docker {{ item.1.stdout | default('not running') }}"
-      loop: "{{ dind_status.results | default([]) }}"
-      when: dind_status is defined
-
-    # Проверка DOoD узлов
-    - name: Check DOoD nodes docker access
-      community.docker.docker_container_exec:
-        container: "{{ item.name }}"
-        command: docker ps --format '{{.Names}}'
+    # Проверка POoD узлов (Podman-out-of-Podman)
+    - name: Check POoD nodes podman access
+      command: "podman exec {{ item.name }} podman ps --format '{{'{{' }}.Names{{ '}}' }}'"
      loop: "{{ hosts | selectattr('type','defined') | selectattr('type','equalto','dood') | list }}"
      loop_control: { label: "{{ item.name }}" }
      register: dood_status
      ignore_errors: true

-    - name: Display DOoD nodes status
+    - name: Display POoD nodes status
      debug:
-        msg: "DOoD node {{ item.0.name }}: Can access {{ item.1.stdout_lines | length | default(0) }} containers"
+        msg: "POoD node {{ item.0.name }}: Can access {{ item.1.stdout_lines | length | default(0) }} containers"
      loop: "{{ dood_status.results | default([]) }}"
      when: dood_status is defined

    # Проверка сетевого подключения
    - name: Test network connectivity between nodes
-      community.docker.docker_container_exec:
-        container: "{{ item.0.name }}"
-        command: ping -c 1 {{ item.1.name }}
+      command: "podman exec {{ item.0.name }} ping -c 1 {{ item.1.name }}"
      loop: "{{ hosts | subelements(hosts, 'name') }}"
      loop_control: { label: "{{ item.0.name }} -> {{ item.1.name }}" }
      when: item.0.name != item.1.name
@@ -112,9 +90,7 @@

    # Проверка портов
    - name: Check published ports
-      community.docker.docker_container_exec:
-        container: "{{ item.name }}"
-        command: netstat -tlnp
+      command: "podman exec {{ item.name }} netstat -tlnp 2>/dev/null || podman exec {{ item.name }} ss -tlnp"
      loop: "{{ hosts | selectattr('publish','defined') | list }}"
      loop_control: { label: "{{ item.name }}" }
      register: port_status
@@ -139,11 +115,10 @@
    - name: Display verification summary
      debug:
        msg: |
-          ✅ Verification Summary:
+          ✅ Verification Summary (Podman):
          - Total hosts: {{ hosts | length }}
          - Systemd nodes: {{ hosts | selectattr('type','undefined') | list | length }}
-          - DinD nodes: {{ hosts | selectattr('type','defined') | selectattr('type','equalto','dind') | list | length }}
-          - DOoD nodes: {{ hosts | selectattr('type','defined') | selectattr('type','equalto','dood') | list | length }}
+          - POoD nodes: {{ hosts | selectattr('type','defined') | selectattr('type','equalto','dood') | list | length }}
          - Groups: {{ groups_map.keys() | list | join(', ') }}
          - Network: {{ docker_network }}