1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
---
# Going forward we require Docker 1.10 or greater. If the user has a lesser version installed they must run a separate upgrade process.
- name: Get current installed Docker version
command: "{{ repoquery_cmd }} --installed --qf '%{version}' docker"
when: not openshift.common.is_atomic | bool
register: curr_docker_version
changed_when: false
# TODO: The use of upgrading var will be removed in the coming upgrade refactor. This is a temporary
# fix to wory around the fact that right now, this role is called during upgrade, before we're
# ready to upgrade Docker.
- name: Fail if Docker upgrade is required
fail:
msg: "Docker {{ curr_docker_version.stdout }} must be upgraded to Docker 1.10 or greater"
when: not upgrading | bool and not curr_docker_version | skipped and curr_docker_version.stdout | default('0.0', True) | version_compare('1.10', '<')
- name: Get latest available version of Docker
command: >
{{ repoquery_cmd }} --qf '%{version}' "docker"
register: avail_docker_version
failed_when: false
changed_when: false
when: not openshift.common.is_atomic | bool
- name: Verify Docker >= 1.10 is available
fail:
msg: "Docker {{ avail_docker_version.stdout }} is available, but 1.10 or greater is required"
when: not avail_docker_version | skipped and avail_docker_version.stdout | default('0.0', True) | version_compare('1.10', '<')
- stat: path=/etc/sysconfig/docker-storage
register: docker_storage_check
# Make sure Docker is installed, but does not update a running version.
# Docker upgrades are handled by a separate playbook.
- name: Install Docker
action: "{{ ansible_pkg_mgr }} name=docker state=present"
when: not openshift.common.is_atomic | bool
- name: Start the Docker service
service:
name: docker
enabled: yes
state: started
register: start_result
- set_fact:
docker_service_status_changed: start_result | changed
- include: udev_workaround.yml
when: docker_udev_workaround | default(False) | bool
- stat: path=/etc/sysconfig/docker
register: docker_check
- name: Set registry params
lineinfile:
dest: /etc/sysconfig/docker
regexp: '^{{ item.reg_conf_var }}=.*$'
line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val | oo_prepend_strings_in_list(item.reg_flag ~ ' ') | join(' ') }}'"
when: item.reg_fact_val != '' and docker_check.stat.isreg
with_items:
- reg_conf_var: ADD_REGISTRY
reg_fact_val: "{{ docker_additional_registries | default(None, true)}}"
reg_flag: --add-registry
- reg_conf_var: BLOCK_REGISTRY
reg_fact_val: "{{ docker_blocked_registries| default(None, true) }}"
reg_flag: --block-registry
- reg_conf_var: INSECURE_REGISTRY
reg_fact_val: "{{ docker_insecure_registries| default(None, true) }}"
reg_flag: --insecure-registry
notify:
- restart docker
- name: Set Proxy Settings
lineinfile:
dest: /etc/sysconfig/docker
regexp: '^{{ item.reg_conf_var }}=.*$'
line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val }}'"
state: "{{ 'present' if item.reg_fact_val != '' else 'absent'}}"
with_items:
- reg_conf_var: HTTP_PROXY
reg_fact_val: "{{ docker_http_proxy | default('') }}"
- reg_conf_var: HTTPS_PROXY
reg_fact_val: "{{ docker_https_proxy | default('') }}"
- reg_conf_var: NO_PROXY
reg_fact_val: "{{ docker_no_proxy | default('') | join(',') }}"
notify:
- restart docker
- name: Set various Docker options
lineinfile:
dest: /etc/sysconfig/docker
regexp: '^OPTIONS=.*$'
line: "OPTIONS='\
{% if ansible_selinux and ansible_selinux.status == '''enabled''' %} --selinux-enabled{% endif %}\
{% if docker_log_driver is defined %} --log-driver {{ docker_log_driver }}{% endif %}\
{% if docker_log_options is defined %} {{ docker_log_options | oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}}{% endif %}\
{% if docker_options is defined %} {{ docker_options }}{% endif %}\
{% if docker_disable_push_dockerhub is defined %} --confirm-def-push={{ docker_disable_push_dockerhub | bool }}{% endif %}'"
when: docker_check.stat.isreg
notify:
- restart docker
- meta: flush_handlers
|