Docker CE support for hpc-rocky-linux-8 image

[m4r1k]

Summary
This PR restores support for Docker CE when Slurm is deployed on the hpc-rocky-linux-8 image.

Problem
Currently, setting docker.enabled: true causes deployments to fail on the official Google Cloud HPC image (Rocky Linux 8).

• The existing installation method relies on the get.docker.com script.
• As documented in docker-install#373, this script does not support Rocky Linux.

Motivation
Docker is essential for several HPC workflows, including Nextflow. While Nextflow supports other runtimes, Docker simplifies dependency management by keeping environments self-contained within Container Images.

Verification
I have attached the blueprint used to validate the Docker deployment.

• blueprint.yaml

[gemini-code-assist]

Summary of Changes

Hello @m4r1k, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request restores Docker CE support for Slurm deployments on the hpc-rocky-linux-8 image. The previous installation method, relying on the get.docker.com script, was incompatible with Rocky Linux 8, causing deployment failures. The changes introduce a robust DNF-based installation process for Docker CE and its components, including the Docker SDK for Python, specifically for Rocky Linux, ensuring that critical HPC workflows like Nextflow can leverage Docker for dependency management.

Highlights

• Rocky Linux 8 Docker Installation: Implemented a DNF-based installation method for Docker CE specifically for Rocky Linux 8, addressing the incompatibility with the get.docker.com script.
• Docker SDK for Python: Ensured the Docker SDK for Python is installed on Rocky Linux systems to support programmatic interaction with Docker.
• Conditional Installation Logic: Modified the Docker installation playbook to conditionally apply the DNF-based method for Rocky Linux and retain the get.docker.com script for other distributions.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request adds support for installing Docker CE on Rocky Linux 8, which is a valuable enhancement. The implementation correctly uses the native package manager. I have provided a few suggestions to improve the idempotency and clarity of the Ansible playbook by using more idiomatic modules and removing redundant code. Additionally, I have a question regarding the installation of the Docker SDK for Python, which currently seems limited to Rocky Linux.

[m4r1k]

Updated the original PR, addressing the comments from the Gemini Code Assist integration as well as improving the overall logic.

[m4r1k]

In the latest patch I've addressed all comments. Here the playbook run logs:

PLAY [Install and configure Docker] ********************************************

TASK [Gathering Facts] *********************************************************
ok: [localhost]

TASK [Gather distribution facts] ***********************************************
ok: [localhost]

TASK [Check if docker is installed] ********************************************
ok: [localhost]

TASK [Add Docker GPG key] ******************************************************
changed: [localhost]

TASK [Add Docker repository for Rocky Linux] ***********************************
changed: [localhost]

TASK [Install Docker Engine Community Edition] *********************************
changed: [localhost]

TASK [Download Docker Installer] ***********************************************
skipping: [localhost]

TASK [Install Docker Engine Community Edition] *********************************
skipping: [localhost]

TASK [Create Docker daemon configuration] **************************************
skipping: [localhost]

TASK [Create Docker service override directory] ********************************
changed: [localhost]

TASK [Create Docker service override configuration] ****************************
changed: [localhost]

TASK [Create Docker socket override directory] *********************************
changed: [localhost]

TASK [Create Docker socket override configuration] *****************************
changed: [localhost]

TASK [Delete Docker socket override configuration] *****************************
skipping: [localhost]

RUNNING HANDLER [Reload SystemD] ***********************************************
ok: [localhost]

RUNNING HANDLER [Recreate Docker socket] ***************************************
changed: [localhost]

TASK [Retart Docker] ***********************************************************
changed: [localhost]

PLAY RECAP *********************************************************************
localhost                  : ok=13   changed=9    unreachable=0    failed=0    skipped=4    rescued=0    ignored=0

Of course, Docker works like a charm:

srun -p c4highmem8 -N 1 docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
17eec7bbc9d7: Pulling fs layer
ea52d2000f90: Download complete
17eec7bbc9d7: Download complete
17eec7bbc9d7: Pull complete
Digest: sha256:d4aaab6242e0cace87e2ec17a2ed3d779d18fbfd03042ea58f2995626396a274
Status: Downloaded newer image for hello-world:latest

Hello from Docker!

[bytetwin]

/gcbrun