From 17c6b4c5da76ecff6f8c68254ab6424d0d9a736e Mon Sep 17 00:00:00 2001
From: Jhon Honce <jhonce@redhat.com>
Date: Fri, 12 Jun 2015 11:19:29 -0700
Subject: Infrastructure - Set OpenShift Registry

* TODO: update to secure when 'add volume' feature available in origin
---
 roles/openshift_node/tasks/main.yml | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'roles/openshift_node')

diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index c5202650f..7dd76e0b8 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -56,6 +56,17 @@
   notify:
   - restart openshift-node
 
+- stat: path=/etc/sysconfig/docker
+  register: docker_check
+
+  # TODO: Enable secure registry when code available in origin
+- name: Secure OpenShift Registry
+  lineinfile:
+    dest: /etc/sysconfig/docker
+    regexp: '^OPTIONS=.*'
+    line: "OPTIONS='--insecure-registry=172.30.0.0/16 --selinux-enabled'"
+  when: docker_check.stat.isreg
+
 - name: Allow NFS access for VMs
   seboolean: name=virt_use_nfs state=yes persistent=yes
 
-- 
cgit v1.2.3


From ccf7dfedb636c2fc7392f1c2ec1f1d06f0d0c5b5 Mon Sep 17 00:00:00 2001
From: Jhon Honce <jhonce@redhat.com>
Date: Fri, 12 Jun 2015 13:43:46 -0700
Subject: * Make portal_net configurable when wetting up the nodes OpenShift
 Registry

---
 roles/openshift_node/tasks/main.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'roles/openshift_node')

diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index 7dd76e0b8..15d18f510 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -20,6 +20,7 @@
       annotations: "{{ openshift_node_annotations | default(none) }}"
       registry_url: "{{ oreg_url | default(none) }}"
       debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}"
+      portal_net: "{{ openshift_master_portal_net | default(None) }}"
 
 - name: Install OpenShift Node package
   yum: pkg=openshift-node state=present
@@ -64,7 +65,7 @@
   lineinfile:
     dest: /etc/sysconfig/docker
     regexp: '^OPTIONS=.*'
-    line: "OPTIONS='--insecure-registry=172.30.0.0/16 --selinux-enabled'"
+    line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} --selinux-enabled'"
   when: docker_check.stat.isreg
 
 - name: Allow NFS access for VMs
-- 
cgit v1.2.3