summaryrefslogtreecommitdiffstats
path: root/roles/docker
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2017-09-28 11:17:25 -0700
committerGitHub <noreply@github.com>2017-09-28 11:17:25 -0700
commit099b032be0d5cc773a2e4fb16e428befdf16e536 (patch)
treeaf9bc31bf7d3dcd911cf2a5f306eee4c9ea216de /roles/docker
parente3d5519c6d68b9aa162a58e1a897b6e4f6b0eea1 (diff)
parent9d6e86c0217c97d33aecdcb47c35521a6ee91a29 (diff)
downloadopenshift-099b032be0d5cc773a2e4fb16e428befdf16e536.tar.gz
openshift-099b032be0d5cc773a2e4fb16e428befdf16e536.tar.bz2
openshift-099b032be0d5cc773a2e4fb16e428befdf16e536.tar.xz
openshift-099b032be0d5cc773a2e4fb16e428befdf16e536.zip
Merge pull request #5559 from mgugino-upstream-stage/readd-ent-registry
Automatic merge from submit-queue. Migrate enterprise registry logic to docker role Currently, the enterprise registry to forcefully added in openshift_facts. Recently, the docker role has been modified to consume registry variables directly, bypassing openshift_facts. This commit cleans up unused code in openshift_facts, and migrates enterprise registry logic to the docker role. Fixes: https://github.com/openshift/openshift-ansible/issues/5557
Diffstat (limited to 'roles/docker')
-rw-r--r--roles/docker/defaults/main.yml2
-rw-r--r--roles/docker/tasks/package_docker.yml8
-rw-r--r--roles/docker/tasks/systemcontainer_crio.yml12
-rw-r--r--roles/docker/tasks/systemcontainer_docker.yml6
4 files changed, 19 insertions, 9 deletions
diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml
index 274fd8603..e36dfa7b9 100644
--- a/roles/docker/defaults/main.yml
+++ b/roles/docker/defaults/main.yml
@@ -9,6 +9,8 @@ openshift_docker_additional_registries: []
openshift_docker_blocked_registries: []
openshift_docker_insecure_registries: []
+openshift_docker_ent_reg: 'registry.access.redhat.com'
+
# The l2_docker_* variables convert csv strings to lists, if
# necessary. These variables should be used in place of their respective
# openshift_docker_* counterparts to ensure the properly formatted lists are
diff --git a/roles/docker/tasks/package_docker.yml b/roles/docker/tasks/package_docker.yml
index 0c5621259..4215dc5bd 100644
--- a/roles/docker/tasks/package_docker.yml
+++ b/roles/docker/tasks/package_docker.yml
@@ -50,6 +50,14 @@
src: custom.conf.j2
when: not os_firewall_use_firewalld | default(False) | bool
+- name: Add enterprise registry, if necessary
+ set_fact:
+ l2_docker_additional_registries: "{{ l2_docker_additional_registries + [openshift_docker_ent_reg] }}"
+ when:
+ - openshift.common.deployment_type == 'openshift-enterprise'
+ - openshift_docker_ent_reg != ''
+ - openshift_docker_ent_reg not in l2_docker_additional_registries
+
- stat: path=/etc/sysconfig/docker
register: docker_check
diff --git a/roles/docker/tasks/systemcontainer_crio.yml b/roles/docker/tasks/systemcontainer_crio.yml
index 5b02b72be..66ce475e1 100644
--- a/roles/docker/tasks/systemcontainer_crio.yml
+++ b/roles/docker/tasks/systemcontainer_crio.yml
@@ -1,17 +1,17 @@
---
# TODO: Much of this file is shared with container engine tasks
- set_fact:
- l_insecure_crio_registries: "{{ '\"{}\"'.format('\", \"'.join(openshift.docker.insecure_registries)) }}"
- when: openshift.docker.insecure_registries
+ l_insecure_crio_registries: "{{ '\"{}\"'.format('\", \"'.join(l2_docker_insecure_registries)) }}"
+ when: l2_docker_insecure_registries
- set_fact:
- l_crio_registries: "{{ openshift.docker.additional_registries + ['docker.io'] }}"
- when: openshift.docker.additional_registries
+ l_crio_registries: "{{ l2_docker_additional_registries + ['docker.io'] }}"
+ when: l2_docker_additional_registries
- set_fact:
l_crio_registries: "{{ ['docker.io'] }}"
- when: not openshift.docker.additional_registries
+ when: not l2_docker_additional_registries
- set_fact:
l_additional_crio_registries: "{{ '\"{}\"'.format('\", \"'.join(l_crio_registries)) }}"
- when: openshift.docker.additional_registries
+ when: l2_docker_additional_registries
- name: Ensure container-selinux is installed
package:
diff --git a/roles/docker/tasks/systemcontainer_docker.yml b/roles/docker/tasks/systemcontainer_docker.yml
index 146e5f430..8b43393cb 100644
--- a/roles/docker/tasks/systemcontainer_docker.yml
+++ b/roles/docker/tasks/systemcontainer_docker.yml
@@ -148,10 +148,10 @@
# Set local versions of facts that must be in json format for container-daemon.json
# NOTE: When jinja2.9+ is used the container-daemon.json file can move to using tojson
- set_fact:
- l_docker_insecure_registries: "{{ docker_insecure_registries | default([]) | to_json }}"
+ l_docker_insecure_registries: "{{ l2_docker_insecure_registries | default([]) | to_json }}"
l_docker_log_options: "{{ docker_log_options | default({}) | to_json }}"
- l_docker_additional_registries: "{{ docker_additional_registries | default([]) | to_json }}"
- l_docker_blocked_registries: "{{ docker_blocked_registries | default([]) | to_json }}"
+ l_docker_additional_registries: "{{ l2_docker_additional_registries | default([]) | to_json }}"
+ l_docker_blocked_registries: "{{ l2_docker_blocked_registries | default([]) | to_json }}"
l_docker_selinux_enabled: "{{ docker_selinux_enabled | default(true) | to_json }}"
# Configure container-engine using the container-daemon.json file