summaryrefslogtreecommitdiffstats
path: root/roles/docker
diff options
context:
space:
mode:
authorRussell Teague <rteague@redhat.com>2016-11-28 14:43:47 -0500
committerRussell Teague <rteague@redhat.com>2016-12-14 14:43:02 -0500
commit05e189a039dada5edc4f9afb700b594c4dea4c9b (patch)
treeefa63c5b2a61ebf6a84a2533ea5249c94a6469be /roles/docker
parent002fdef1769baccdd6c90a4caa8c0028ec9559db (diff)
downloadopenshift-05e189a039dada5edc4f9afb700b594c4dea4c9b.tar.gz
openshift-05e189a039dada5edc4f9afb700b594c4dea4c9b.tar.bz2
openshift-05e189a039dada5edc4f9afb700b594c4dea4c9b.tar.xz
openshift-05e189a039dada5edc4f9afb700b594c4dea4c9b.zip
Enable firewalld by default
Diffstat (limited to 'roles/docker')
-rw-r--r--roles/docker/meta/main.yml1
-rw-r--r--roles/docker/tasks/main.yml22
2 files changed, 12 insertions, 11 deletions
diff --git a/roles/docker/meta/main.yml b/roles/docker/meta/main.yml
index dadd62c93..ad28cece9 100644
--- a/roles/docker/meta/main.yml
+++ b/roles/docker/meta/main.yml
@@ -11,4 +11,3 @@ galaxy_info:
- 7
dependencies:
- role: os_firewall
- os_firewall_use_firewalld: False
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index a93bdc2ad..57da23e0a 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -43,16 +43,18 @@
package: name=docker{{ '-' + docker_version if docker_version is defined else '' }} state=present
when: not openshift.common.is_atomic | bool
-- name: Ensure docker.service.d directory exists
- file:
- path: "{{ docker_systemd_dir }}"
- state: directory
-
-# Extend the default Docker service unit file
-- name: Configure Docker service unit file
- template:
- dest: "{{ docker_systemd_dir }}/custom.conf"
- src: custom.conf.j2
+- block:
+ # Extend the default Docker service unit file when using iptables-services
+ - name: Ensure docker.service.d directory exists
+ file:
+ path: "{{ docker_systemd_dir }}"
+ state: directory
+
+ - name: Configure Docker service unit file
+ template:
+ dest: "{{ docker_systemd_dir }}/custom.conf"
+ src: custom.conf.j2
+ when: not os_firewall_use_firewalld | default(True) | bool
- include: udev_workaround.yml
when: docker_udev_workaround | default(False) | bool