diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2017-09-28 11:17:25 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-09-28 11:17:25 -0700 |
commit | 099b032be0d5cc773a2e4fb16e428befdf16e536 (patch) | |
tree | af9bc31bf7d3dcd911cf2a5f306eee4c9ea216de /roles/docker | |
parent | e3d5519c6d68b9aa162a58e1a897b6e4f6b0eea1 (diff) | |
parent | 9d6e86c0217c97d33aecdcb47c35521a6ee91a29 (diff) | |
download | openshift-099b032be0d5cc773a2e4fb16e428befdf16e536.tar.gz openshift-099b032be0d5cc773a2e4fb16e428befdf16e536.tar.bz2 openshift-099b032be0d5cc773a2e4fb16e428befdf16e536.tar.xz openshift-099b032be0d5cc773a2e4fb16e428befdf16e536.zip |
Merge pull request #5559 from mgugino-upstream-stage/readd-ent-registry
Automatic merge from submit-queue.
Migrate enterprise registry logic to docker role
Currently, the enterprise registry to forcefully added
in openshift_facts. Recently, the docker role has
been modified to consume registry variables directly,
bypassing openshift_facts.
This commit cleans up unused code in openshift_facts,
and migrates enterprise registry logic to the
docker role.
Fixes: https://github.com/openshift/openshift-ansible/issues/5557
Diffstat (limited to 'roles/docker')
-rw-r--r-- | roles/docker/defaults/main.yml | 2 | ||||
-rw-r--r-- | roles/docker/tasks/package_docker.yml | 8 | ||||
-rw-r--r-- | roles/docker/tasks/systemcontainer_crio.yml | 12 | ||||
-rw-r--r-- | roles/docker/tasks/systemcontainer_docker.yml | 6 |
4 files changed, 19 insertions, 9 deletions
diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml index 274fd8603..e36dfa7b9 100644 --- a/roles/docker/defaults/main.yml +++ b/roles/docker/defaults/main.yml @@ -9,6 +9,8 @@ openshift_docker_additional_registries: [] openshift_docker_blocked_registries: [] openshift_docker_insecure_registries: [] +openshift_docker_ent_reg: 'registry.access.redhat.com' + # The l2_docker_* variables convert csv strings to lists, if # necessary. These variables should be used in place of their respective # openshift_docker_* counterparts to ensure the properly formatted lists are diff --git a/roles/docker/tasks/package_docker.yml b/roles/docker/tasks/package_docker.yml index 0c5621259..4215dc5bd 100644 --- a/roles/docker/tasks/package_docker.yml +++ b/roles/docker/tasks/package_docker.yml @@ -50,6 +50,14 @@ src: custom.conf.j2 when: not os_firewall_use_firewalld | default(False) | bool +- name: Add enterprise registry, if necessary + set_fact: + l2_docker_additional_registries: "{{ l2_docker_additional_registries + [openshift_docker_ent_reg] }}" + when: + - openshift.common.deployment_type == 'openshift-enterprise' + - openshift_docker_ent_reg != '' + - openshift_docker_ent_reg not in l2_docker_additional_registries + - stat: path=/etc/sysconfig/docker register: docker_check diff --git a/roles/docker/tasks/systemcontainer_crio.yml b/roles/docker/tasks/systemcontainer_crio.yml index 5b02b72be..66ce475e1 100644 --- a/roles/docker/tasks/systemcontainer_crio.yml +++ b/roles/docker/tasks/systemcontainer_crio.yml @@ -1,17 +1,17 @@ --- # TODO: Much of this file is shared with container engine tasks - set_fact: - l_insecure_crio_registries: "{{ '\"{}\"'.format('\", \"'.join(openshift.docker.insecure_registries)) }}" - when: openshift.docker.insecure_registries + l_insecure_crio_registries: "{{ '\"{}\"'.format('\", \"'.join(l2_docker_insecure_registries)) }}" + when: l2_docker_insecure_registries - set_fact: - l_crio_registries: "{{ openshift.docker.additional_registries + ['docker.io'] }}" - when: openshift.docker.additional_registries + l_crio_registries: "{{ l2_docker_additional_registries + ['docker.io'] }}" + when: l2_docker_additional_registries - set_fact: l_crio_registries: "{{ ['docker.io'] }}" - when: not openshift.docker.additional_registries + when: not l2_docker_additional_registries - set_fact: l_additional_crio_registries: "{{ '\"{}\"'.format('\", \"'.join(l_crio_registries)) }}" - when: openshift.docker.additional_registries + when: l2_docker_additional_registries - name: Ensure container-selinux is installed package: diff --git a/roles/docker/tasks/systemcontainer_docker.yml b/roles/docker/tasks/systemcontainer_docker.yml index 146e5f430..8b43393cb 100644 --- a/roles/docker/tasks/systemcontainer_docker.yml +++ b/roles/docker/tasks/systemcontainer_docker.yml @@ -148,10 +148,10 @@ # Set local versions of facts that must be in json format for container-daemon.json # NOTE: When jinja2.9+ is used the container-daemon.json file can move to using tojson - set_fact: - l_docker_insecure_registries: "{{ docker_insecure_registries | default([]) | to_json }}" + l_docker_insecure_registries: "{{ l2_docker_insecure_registries | default([]) | to_json }}" l_docker_log_options: "{{ docker_log_options | default({}) | to_json }}" - l_docker_additional_registries: "{{ docker_additional_registries | default([]) | to_json }}" - l_docker_blocked_registries: "{{ docker_blocked_registries | default([]) | to_json }}" + l_docker_additional_registries: "{{ l2_docker_additional_registries | default([]) | to_json }}" + l_docker_blocked_registries: "{{ l2_docker_blocked_registries | default([]) | to_json }}" l_docker_selinux_enabled: "{{ docker_selinux_enabled | default(true) | to_json }}" # Configure container-engine using the container-daemon.json file |