summaryrefslogtreecommitdiffstats
path: root/roles/docker/templates
diff options
context:
space:
mode:
authorSteve Milner <smilner@redhat.com>2017-04-24 16:28:37 -0400
committerSteve Milner <smilner@redhat.com>2017-05-03 09:22:17 -0400
commit44115530148069e200e3a5d92b00e981aaa6e824 (patch)
treed2b30e5d22f58f1e9802b2f8ad7ae2a253b608d4 /roles/docker/templates
parentba5c6594ade6679d055aaecc7c38836444f0f791 (diff)
downloadopenshift-44115530148069e200e3a5d92b00e981aaa6e824.tar.gz
openshift-44115530148069e200e3a5d92b00e981aaa6e824.tar.bz2
openshift-44115530148069e200e3a5d92b00e981aaa6e824.tar.xz
openshift-44115530148069e200e3a5d92b00e981aaa6e824.zip
System container docker
This change allows for the use of either the traditional package install of docker OR a system container install of docker. Two new inventory options, openshift_docker_use_system_container and openshift_docker_systemcontainer_image_registry_override, have been added which are be used to install with a system container. By default this option is commented out. One new fact has been added: - docker.service_name: docker by default, container-engine-docker for system container
Diffstat (limited to 'roles/docker/templates')
-rw-r--r--roles/docker/templates/daemon.json64
-rw-r--r--roles/docker/templates/systemcontainercustom.conf.j217
2 files changed, 81 insertions, 0 deletions
diff --git a/roles/docker/templates/daemon.json b/roles/docker/templates/daemon.json
new file mode 100644
index 000000000..bd085d2be
--- /dev/null
+++ b/roles/docker/templates/daemon.json
@@ -0,0 +1,64 @@
+
+{
+ "api-cors-header": "",
+ "authorization-plugins": ["rhel-push-plugin"],
+ "bip": "",
+ "bridge": "",
+ "cgroup-parent": "",
+ "cluster-store": "",
+ "cluster-store-opts": {},
+ "cluster-advertise": "",
+ "debug": true,
+ "default-gateway": "",
+ "default-gateway-v6": "",
+ "default-runtime": "oci",
+ "containerd": "/var/run/containerd.sock",
+ "default-ulimits": {},
+ "disable-legacy-registry": false,
+ "dns": [],
+ "dns-opts": [],
+ "dns-search": [],
+ "exec-opts": ["native.cgroupdriver=systemd"],
+ "exec-root": "",
+ "fixed-cidr": "",
+ "fixed-cidr-v6": "",
+ "graph": "",
+ "group": "",
+ "hosts": [],
+ "icc": false,
+ "insecure-registries": {{ docker_insecure_registries|default([]) }},
+ "ip": "0.0.0.0",
+ "iptables": false,
+ "ipv6": false,
+ "ip-forward": false,
+ "ip-masq": false,
+ "labels": [],
+ "live-restore": true,
+ "log-driver": "{{ docker_log_driver }}",
+ "log-level": "",
+ "log-opts": {{ docker_log_options|default({}) }},
+ "max-concurrent-downloads": 3,
+ "max-concurrent-uploads": 5,
+ "mtu": 0,
+ "oom-score-adjust": -500,
+ "pidfile": "",
+ "raw-logs": false,
+ "registry-mirrors": [],
+ "runtimes": {
+ "oci": {
+ "path": "/usr/libexec/docker/docker-runc-current"
+ }
+ },
+ "selinux-enabled": {{ docker_selinux_enabled|default(true) }},
+ "storage-driver": "",
+ "storage-opts": [],
+ "tls": true,
+ "tlscacert": "",
+ "tlscert": "",
+ "tlskey": "",
+ "tlsverify": true,
+ "userns-remap": "",
+ "add-registry": {{ docker_additional_registries|default([]) }},
+ "blocked-registries": {{ docker_blocked_registries|defaukt([]) }},
+ "userland-proxy-path": "/usr/libexec/docker/docker-proxy-current"
+}
diff --git a/roles/docker/templates/systemcontainercustom.conf.j2 b/roles/docker/templates/systemcontainercustom.conf.j2
new file mode 100644
index 000000000..a2cfed8a9
--- /dev/null
+++ b/roles/docker/templates/systemcontainercustom.conf.j2
@@ -0,0 +1,17 @@
+# {{ ansible_managed }}
+
+[Service]
+{%- if docker_http_proxy %}
+ENVIRONMENT=HTTP_PROXY={{ docker_http_proxy }}
+{%- endif -%}
+{%- if docker_https_proxy %}
+ENVIRONMENT=HTTPS_PROXY={{ docker_http_proxy }}
+{%- endif -%}
+{%- if docker_no_proxy %}
+ENVIRONMENT=NO_PROXY={{ docker_no_proxy }}
+{%- endif %}
+{%- if os_firewall_use_firewalld|default(true) %}
+[Unit]
+Wants=iptables.service
+After=iptables.service
+{%- endif %}