summaryrefslogtreecommitdiffstats
path: root/roles/docker
diff options
context:
space:
mode:
Diffstat (limited to 'roles/docker')
-rw-r--r--roles/docker/tasks/package_docker.yml2
-rw-r--r--roles/docker/tasks/systemcontainer_docker.yml1
-rw-r--r--roles/docker/templates/daemon.json4
-rw-r--r--roles/docker/templates/systemcontainercustom.conf.j22
4 files changed, 5 insertions, 4 deletions
diff --git a/roles/docker/tasks/package_docker.yml b/roles/docker/tasks/package_docker.yml
index 10fb5772c..e101730d2 100644
--- a/roles/docker/tasks/package_docker.yml
+++ b/roles/docker/tasks/package_docker.yml
@@ -46,7 +46,7 @@
template:
dest: "{{ docker_systemd_dir }}/custom.conf"
src: custom.conf.j2
- when: not os_firewall_use_firewalld | default(True) | bool
+ when: not os_firewall_use_firewalld | default(False) | bool
- stat: path=/etc/sysconfig/docker
register: docker_check
diff --git a/roles/docker/tasks/systemcontainer_docker.yml b/roles/docker/tasks/systemcontainer_docker.yml
index 722232a9b..a461c479a 100644
--- a/roles/docker/tasks/systemcontainer_docker.yml
+++ b/roles/docker/tasks/systemcontainer_docker.yml
@@ -121,6 +121,7 @@
l_docker_log_options: "{{ docker_log_options | default({}) | to_json }}"
l_docker_additional_registries: "{{ docker_additional_registries | default([]) | to_json }}"
l_docker_blocked_registries: "{{ docker_blocked_registries | default([]) | to_json }}"
+ l_docker_selinux_enabled: "{{ docker_selinux_enabled | default(true) | to_json }}"
# Configure container-engine using the daemon.json file
- name: Configure Container Engine
diff --git a/roles/docker/templates/daemon.json b/roles/docker/templates/daemon.json
index 7ea8164b3..bebdd3cb2 100644
--- a/roles/docker/templates/daemon.json
+++ b/roles/docker/templates/daemon.json
@@ -51,7 +51,7 @@
"path": "/usr/libexec/docker/docker-runc-current"
}
},
- "selinux-enabled": {{ docker_selinux_enabled|default(true) }},
+ "selinux-enabled": {{ l_docker_selinux_enabled | lower }},
"storage-driver": "",
"storage-opts": [],
"tls": true,
@@ -61,6 +61,6 @@
"tlsverify": true,
"userns-remap": "",
"add-registry": {{ l_docker_additional_registries }},
- "blocked-registries": {{ l_docker_blocked_registries }},
+ "block-registry": {{ l_docker_blocked_registries }},
"userland-proxy-path": "/usr/libexec/docker/docker-proxy-current"
}
diff --git a/roles/docker/templates/systemcontainercustom.conf.j2 b/roles/docker/templates/systemcontainercustom.conf.j2
index a4fb01d2b..1faad506a 100644
--- a/roles/docker/templates/systemcontainercustom.conf.j2
+++ b/roles/docker/templates/systemcontainercustom.conf.j2
@@ -10,7 +10,7 @@ ENVIRONMENT=HTTPS_PROXY={{ docker_http_proxy }}
{%- if "no_proxy" in openshift.common %}
ENVIRONMENT=NO_PROXY={{ docker_no_proxy }}
{%- endif %}
-{%- if os_firewall_use_firewalld|default(true) %}
+{%- if os_firewall_use_firewalld|default(false) %}
[Unit]
Wants=iptables.service
After=iptables.service