summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/openshift_docker/tasks/main.yml32
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py5
-rw-r--r--roles/openshift_node/tasks/main.yml2
3 files changed, 31 insertions, 8 deletions
diff --git a/roles/openshift_docker/tasks/main.yml b/roles/openshift_docker/tasks/main.yml
index 4f9fe1f97..75e782eef 100644
--- a/roles/openshift_docker/tasks/main.yml
+++ b/roles/openshift_docker/tasks/main.yml
@@ -1,18 +1,30 @@
---
-- openshift_facts:
- role: common
+- name: Set docker facts
+ openshift_facts:
+ role: "{{ item.role }}"
+ local_facts: "{{ item.local_facts }}"
+ with_items:
+ - role: common
local_facts:
deployment_type: "{{ openshift_deployment_type }}"
docker_additional_registries: "{{ docker_additional_registries }}"
docker_insecure_registries: "{{ docker_insecure_registries }}"
docker_blocked_registries: "{{ docker_blocked_registries }}"
+ - role: node
+ local_facts:
+ portal_net: "{{ openshift_master_portal_net | default(None) }}"
+ docker_log_driver: "{{ lookup( 'oo_option' , 'docker_log_driver' ) | default('',True) }}"
+ docker_log_options: "{{ lookup( 'oo_option' , 'docker_log_options' ) | default('',True) }}"
+- stat: path=/etc/sysconfig/docker
+ register: docker_check
+
- name: Set registry params
lineinfile:
dest: /etc/sysconfig/docker
regexp: '^{{ item.reg_conf_var }}=.*$'
line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val | oo_prepend_strings_in_list(item.reg_flag ~ ' ') | join(' ') }}'"
- when: "'docker_additional_registries' in openshift.common"
+ when: "'docker_additional_registries' in openshift.common and docker_check.stat.isreg"
with_items:
- reg_conf_var: ADD_REGISTRY
reg_fact_val: "{{ openshift.common.docker_additional_registries }}"
@@ -25,3 +37,17 @@
reg_flag: --insecure-registry
notify:
- restart docker
+
+# TODO: Enable secure registry when code available in origin
+# TODO: perhaps move this to openshift_docker?
+- name: Secure Registry and Logs Options
+ lineinfile:
+ dest: /etc/sysconfig/docker
+ regexp: '^OPTIONS=.*$'
+ line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} \
+ {% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %} \
+ {% if openshift.node.docker_log_driver is defined %} --log-driver {{ openshift.node.docker_log_driver }} {% endif %} \
+ {% if openshift.node.docker_log_options is defined %} {{ openshift.node.docker_log_options | oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}} {% endif %} '"
+ when: docker_check.stat.isreg
+ notify:
+ - restart docker \ No newline at end of file
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index 35ee18f4f..c33e395a9 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -652,10 +652,9 @@ def set_deployment_facts_if_unset(facts):
if deployment_type in ['enterprise', 'atomic-enterprise', 'openshift-enterprise']:
addtl_regs = facts['common'].get('docker_additional_registries', [])
- ent_reg = ['registry.access.redhat.com']
+ ent_reg = 'registry.access.redhat.com'
if ent_reg not in addtl_regs:
- facts['common']['docker_additional_registries'] = addtl_regs + ent_reg
-
+ facts['common']['docker_additional_registries'] = addtl_regs + [ent_reg]
for role in ('master', 'node'):
if role in facts:
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index f77e0250d..597d5566f 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -22,8 +22,6 @@
local_facts:
annotations: "{{ openshift_node_annotations | default(none) }}"
debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}"
- docker_log_driver: "{{ lookup( 'oo_option' , 'docker_log_driver' ) | default('',True) }}"
- docker_log_options: "{{ lookup( 'oo_option' , 'docker_log_options' ) | default('',True) }}"
iptables_sync_period: "{{ openshift_node_iptables_sync_period | default(None) }}"
kubelet_args: "{{ openshift_node_kubelet_args | default(None) }}"
labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default(none), true) }}"