diff options
author | Scott Dodson <sdodson@redhat.com> | 2016-10-26 16:49:11 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-10-26 16:49:11 -0400 |
commit | cab68138cd264b9a4cb5dad9801a42ee50e1bc9b (patch) | |
tree | 803b6245cb49fc7e22f58af895243869a529b6bb | |
parent | 52ab71a6f741f2477ab395d48dacfe609cf1411a (diff) | |
parent | 33da79e7389a3fceeaf735663fd8051a0a2fe057 (diff) | |
download | openshift-cab68138cd264b9a4cb5dad9801a42ee50e1bc9b.tar.gz openshift-cab68138cd264b9a4cb5dad9801a42ee50e1bc9b.tar.bz2 openshift-cab68138cd264b9a4cb5dad9801a42ee50e1bc9b.tar.xz openshift-cab68138cd264b9a4cb5dad9801a42ee50e1bc9b.zip |
Merge pull request #2670 from abutcher/hosted-registry-insecure
Bug 1388016 - The insecure-registry address was removed during upgrade
4 files changed, 24 insertions, 5 deletions
diff --git a/playbooks/common/openshift-cluster/openshift_hosted.yml b/playbooks/common/openshift-cluster/openshift_hosted.yml index 352d266a5..ccbba54b4 100644 --- a/playbooks/common/openshift-cluster/openshift_hosted.yml +++ b/playbooks/common/openshift-cluster/openshift_hosted.yml @@ -65,4 +65,4 @@ openshift_hosted_logging_elasticsearch_ops_pvc_prefix: "{{ 'logging-es' if openshift_hosted_logging_storage_kind | default(none) =='dynamic' else '' }}" - role: cockpit-ui - when: ( openshift.common.version_gte_3_3_or_1_3 | bool ) and ( openshift_hosted_manage_registry | default(true) | bool ) + when: ( openshift.common.version_gte_3_3_or_1_3 | bool ) and ( openshift_hosted_manage_registry | default(true) | bool ) and not (openshift.docker.hosted_registry_insecure | default(false) | bool) diff --git a/roles/openshift_docker_facts/tasks/main.yml b/roles/openshift_docker_facts/tasks/main.yml index 0c8a36d65..c690c5243 100644 --- a/roles/openshift_docker_facts/tasks/main.yml +++ b/roles/openshift_docker_facts/tasks/main.yml @@ -13,7 +13,7 @@ log_options: "{{ openshift_docker_log_options | default(None) }}" options: "{{ openshift_docker_options | default(None) }}" disable_push_dockerhub: "{{ openshift_disable_push_dockerhub | default(None) }}" - hosted_registry_insecure: "{{ openshift_docker_hosted_registry_insecure | default(False) }}" + hosted_registry_insecure: "{{ openshift_docker_hosted_registry_insecure | default(openshift.docker.hosted_registry_insecure | default(False)) }}" hosted_registry_network: "{{ openshift_docker_hosted_registry_network | default(None) }}" - set_fact: diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 1d611f010..0a783b164 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -55,7 +55,6 @@ def migrate_docker_facts(facts): facts['docker'][param] = facts[role].pop(old_param) if 'node' in facts and 'portal_net' in facts['node']: - facts['docker']['hosted_registry_insecure'] = True facts['docker']['hosted_registry_network'] = facts['node'].pop('portal_net') # log_options was originally meant to be a comma separated string, but @@ -1171,6 +1170,24 @@ def get_docker_version_info(): } return result +def get_hosted_registry_insecure(): + """ Parses OPTIONS from /etc/sysconfig/docker to determine if the + registry is currently insecure. + """ + hosted_registry_insecure = None + if os.path.exists('/etc/sysconfig/docker'): + try: + ini_str = unicode('[root]\n' + open('/etc/sysconfig/docker', 'r').read(), 'utf-8') + ini_fp = io.StringIO(ini_str) + config = ConfigParser.RawConfigParser() + config.readfp(ini_fp) + options = config.get('root', 'OPTIONS') + if 'insecure-registry' in options: + hosted_registry_insecure = True + except: + pass + return hosted_registry_insecure + def get_openshift_version(facts): """ Get current version of openshift on the host. @@ -1826,13 +1843,15 @@ class OpenShiftFacts(object): if 'docker' in roles: docker = dict(disable_push_dockerhub=False, - hosted_registry_insecure=True, options='--log-driver=json-file --log-opt max-size=50m') version_info = get_docker_version_info() if version_info is not None: docker['api_version'] = version_info['api_version'] docker['version'] = version_info['version'] docker['gte_1_10'] = LooseVersion(version_info['version']) >= LooseVersion('1.10') + hosted_registry_insecure = get_hosted_registry_insecure() + if hosted_registry_insecure is not None: + docker['hosted_registry_insecure'] = hosted_registry_insecure defaults['docker'] = docker if 'clock' in roles: diff --git a/roles/openshift_hosted/tasks/registry/registry.yml b/roles/openshift_hosted/tasks/registry/registry.yml index c29df1873..93b701ebc 100644 --- a/roles/openshift_hosted/tasks/registry/registry.yml +++ b/roles/openshift_hosted/tasks/registry/registry.yml @@ -53,7 +53,7 @@ - include: secure.yml static: no - when: replicas | int > 0 + when: replicas | int > 0 and not (openshift.docker.hosted_registry_insecure | default(false) | bool) - include: storage/object_storage.yml static: no |