summaryrefslogtreecommitdiffstats
path: root/roles/docker/templates
diff options
context:
space:
mode:
authorMichael Gugino <mgugino@redhat.com>2017-08-24 17:24:41 -0400
committerMichael Gugino <mgugino@redhat.com>2017-09-21 15:27:28 -0400
commitb35272a794a572f60034293dd8cb7f057cf3fc8c (patch)
tree638339fb7d7b9b9bbc64326a4c0c160d9405a063 /roles/docker/templates
parent457e0f80784820b9ff0fb6a7407c271731f5b1d9 (diff)
downloadopenshift-b35272a794a572f60034293dd8cb7f057cf3fc8c.tar.gz
openshift-b35272a794a572f60034293dd8cb7f057cf3fc8c.tar.bz2
openshift-b35272a794a572f60034293dd8cb7f057cf3fc8c.tar.xz
openshift-b35272a794a572f60034293dd8cb7f057cf3fc8c.zip
Move additional/block/insecure registires to /etc/containers/registries.conf
This commit moves additional/block/insecure registries to /etc/containers/registries.conf and comments existing lines in /etc/sysconfig/docker. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1460930
Diffstat (limited to 'roles/docker/templates')
-rw-r--r--roles/docker/templates/registries.conf46
1 files changed, 46 insertions, 0 deletions
diff --git a/roles/docker/templates/registries.conf b/roles/docker/templates/registries.conf
new file mode 100644
index 000000000..c55dbd84f
--- /dev/null
+++ b/roles/docker/templates/registries.conf
@@ -0,0 +1,46 @@
+# {{ ansible_managed }}
+# This is a system-wide configuration file used to
+# keep track of registries for various container backends.
+# It adheres to YAML format and does not support recursive
+# lists of registries.
+
+# The default location for this configuration file is /etc/containers/registries.conf.
+
+# The only valid categories are: 'registries', 'insecure_registies',
+# and 'block_registries'.
+
+
+#registries:
+# - registry.access.redhat.com
+
+{% if l2_docker_additional_registries %}
+registries:
+{% for reg in l2_docker_additional_registries %}
+ - {{ reg }}
+{% endfor %}
+{% endif %}
+
+# If you need to access insecure registries, uncomment the section below
+# and add the registries fully-qualified name. An insecure registry is one
+# that does not have a valid SSL certificate or only does HTTP.
+#insecure_registries:
+# -
+
+{% if l2_docker_insecure_registries %}
+insecure_registries:
+{% for reg in l2_docker_insecure_registries %}
+ - {{ reg }}
+{% endfor %}
+{% endif %}
+
+# If you need to block pull access from a registry, uncomment the section below
+# and add the registries fully-qualified name.
+#block_registries:
+# -
+
+{% if l2_docker_blocked_registries %}
+block_registries:
+{% for reg in l2_docker_blocked_registries %}
+ - {{ reg }}
+{% endfor %}
+{% endif %}