diff options
Diffstat (limited to 'roles/docker')
| -rw-r--r-- | roles/docker/README.md | 2 | ||||
| -rw-r--r-- | roles/docker/tasks/systemcontainer_docker.yml | 9 | ||||
| -rw-r--r-- | roles/docker/templates/daemon.json | 50 | ||||
| -rw-r--r-- | roles/docker/templates/systemcontainercustom.conf.j2 | 12 | ||||
| -rw-r--r-- | roles/docker/vars/main.yml | 1 |
5 files changed, 14 insertions, 60 deletions
diff --git a/roles/docker/README.md b/roles/docker/README.md index f25ca03cd..4a9f21f22 100644 --- a/roles/docker/README.md +++ b/roles/docker/README.md @@ -3,6 +3,8 @@ Docker Ensures docker package or system container is installed, and optionally raises timeout for systemd-udevd.service to 5 minutes. +daemon.json items may be found at https://docs.docker.com/engine/reference/commandline/dockerd/#daemon-configuration-file + Requirements ------------ diff --git a/roles/docker/tasks/systemcontainer_docker.yml b/roles/docker/tasks/systemcontainer_docker.yml index a461c479a..4cea266cc 100644 --- a/roles/docker/tasks/systemcontainer_docker.yml +++ b/roles/docker/tasks/systemcontainer_docker.yml @@ -27,7 +27,7 @@ state: present when: not openshift.common.is_atomic | bool -# If we are on atomic, set http_proxy and https_proxy in /etc/atomic.conf +# Set http_proxy and https_proxy in /etc/atomic.conf - block: - name: Add http_proxy to /etc/atomic.conf @@ -46,9 +46,6 @@ - openshift.common.https_proxy is defined - openshift.common.https_proxy != '' - when: openshift.common.is_atomic | bool - - - block: - name: Set to default prepend @@ -93,7 +90,7 @@ - name: Ensure docker.service.d directory exists file: - path: "{{ docker_systemd_dir }}" + path: "{{ container_engine_systemd_dir }}" state: directory - name: Ensure /etc/docker directory exists @@ -111,7 +108,7 @@ - name: Configure Container Engine Service File template: - dest: "{{ docker_systemd_dir }}/custom.conf" + dest: "{{ container_engine_systemd_dir }}/custom.conf" src: systemcontainercustom.conf.j2 # Set local versions of facts that must be in json format for daemon.json diff --git a/roles/docker/templates/daemon.json b/roles/docker/templates/daemon.json index 82edf27c0..a41b7cdbd 100644 --- a/roles/docker/templates/daemon.json +++ b/roles/docker/templates/daemon.json @@ -1,66 +1,20 @@ - { - "api-cors-header": "", "authorization-plugins": ["rhel-push-plugin"], - "bip": "", - "bridge": "", - "cgroup-parent": "", - "cluster-store": "", - "cluster-store-opts": {}, - "cluster-advertise": "", - "debug": true, - "default-gateway": "", - "default-gateway-v6": "", "default-runtime": "oci", "containerd": "/run/containerd.sock", - "default-ulimits": {}, "disable-legacy-registry": false, - "dns": [], - "dns-opts": [], - "dns-search": [], "exec-opts": ["native.cgroupdriver=systemd"], - "exec-root": "", - "fixed-cidr": "", - "fixed-cidr-v6": "", - "graph": "", - "group": "", - "hosts": [], - "icc": false, "insecure-registries": {{ l_docker_insecure_registries }}, - "ip": "0.0.0.0", - "iptables": false, - "ipv6": false, - "ip-forward": false, - "ip-masq": false, - "labels": [], - "live-restore": true, {% if docker_log_driver is defined %} "log-driver": "{{ docker_log_driver }}", {%- endif %} - "log-level": "", "log-opts": {{ l_docker_log_options }}, - "max-concurrent-downloads": 3, - "max-concurrent-uploads": 5, - "mtu": 0, - "oom-score-adjust": -500, - "pidfile": "", - "raw-logs": false, - "registry-mirrors": [], "runtimes": { "oci": { "path": "/usr/libexec/docker/docker-runc-current" } }, - "selinux-enabled": {{ l_docker_selinux_enabled }}, - "storage-driver": "", - "storage-opts": [], - "tls": true, - "tlscacert": "", - "tlscert": "", - "tlskey": "", - "tlsverify": true, - "userns-remap": "", + "selinux-enabled": {{ l_docker_selinux_enabled | lower }}, "add-registry": {{ l_docker_additional_registries }}, - "block-registries": {{ l_docker_blocked_registries }}, - "userland-proxy-path": "/usr/libexec/docker/docker-proxy-current" + "block-registry": {{ l_docker_blocked_registries }} } diff --git a/roles/docker/templates/systemcontainercustom.conf.j2 b/roles/docker/templates/systemcontainercustom.conf.j2 index 1faad506a..b727c57d4 100644 --- a/roles/docker/templates/systemcontainercustom.conf.j2 +++ b/roles/docker/templates/systemcontainercustom.conf.j2 @@ -1,15 +1,15 @@ # {{ ansible_managed }} [Service] -{%- if "http_proxy" in openshift.common %} +{% if "http_proxy" in openshift.common %} ENVIRONMENT=HTTP_PROXY={{ docker_http_proxy }} -{%- endif -%} -{%- if "https_proxy" in openshift.common %} +{% endif -%} +{% if "https_proxy" in openshift.common %} ENVIRONMENT=HTTPS_PROXY={{ docker_http_proxy }} -{%- endif -%} -{%- if "no_proxy" in openshift.common %} +{% endif -%} +{% if "no_proxy" in openshift.common %} ENVIRONMENT=NO_PROXY={{ docker_no_proxy }} -{%- endif %} +{% endif %} {%- if os_firewall_use_firewalld|default(false) %} [Unit] Wants=iptables.service diff --git a/roles/docker/vars/main.yml b/roles/docker/vars/main.yml index 0082ded1e..4e940b7f5 100644 --- a/roles/docker/vars/main.yml +++ b/roles/docker/vars/main.yml @@ -1,4 +1,5 @@ --- docker_systemd_dir: /etc/systemd/system/docker.service.d +container_engine_systemd_dir: /etc/systemd/system/container-engine.service.d docker_conf_dir: /etc/docker/ udevw_udevd_dir: /etc/systemd/system/systemd-udevd.service.d |