summaryrefslogtreecommitdiffstats
path: root/roles/docker/tasks/main.yml
blob: 5f94500a0c390a8e7c08abeb552e37a0dc051a81 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
---
# tasks file for docker

- name: Get current installed version if docker_version is specified
  command: "{{ repoquery_cmd }} --installed --qf '%{version}' docker"
  when:  not openshift.common.is_atomic | bool and docker_version != ''
  register: docker_version_result
  changed_when: false

- stat: path=/etc/sysconfig/docker-storage
  register: docker_storage_check

- name: Remove deferred deletion for downgrades from 1.9
  command: >
    sed -i 's/--storage-opt dm.use_deferred_deletion=true//' /etc/sysconfig/docker-storage
  when: docker_storage_check.stat.exists | bool and not docker_version_result | skipped and docker_version_result.stdout | default('0.0', True) | version_compare('1.9', '>=') and docker_version | version_compare('1.9', '<')

- name: Downgrade docker if necessary
  command: "{{ ansible_pkg_mgr }} swap -y docker-* docker-*{{ docker_version }}"
  register: docker_downgrade_result
  when: not docker_version_result | skipped and docker_version_result.stdout | default('0.0', True) | version_compare(docker_version, 'gt')

- name: Install docker
  action: "{{ ansible_pkg_mgr }} name=docker{{ '-' + docker_version if docker_version is defined and docker_version != '' else '' }} state=present"
  when: not openshift.common.is_atomic | bool and docker_downgrade_result | skipped

# If docker were enabled and started before we downgraded it may have entered a
# failed state. Check for that and clear it if necessary.
- name: Check that docker hasn't entered failed state
  command: systemctl show docker
  register: docker_state
  changed_when: False

- name: Reset docker service state
  command: systemctl reset-failed docker.service
  when: " 'ActiveState=failed' in docker_state.stdout "

- name: Start the docker service
  service:
    name: docker
    enabled: yes
    state: started
  register: start_result

- set_fact:
    docker_service_status_changed: start_result | changed

- include: udev_workaround.yml
  when: docker_udev_workaround | default(False) | bool

- stat: path=/etc/sysconfig/docker
  register: docker_check

- name: Set registry params
  lineinfile:
    dest: /etc/sysconfig/docker
    regexp: '^{{ item.reg_conf_var }}=.*$'
    line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val | oo_prepend_strings_in_list(item.reg_flag ~ ' ') | join(' ') }}'"
  when: item.reg_fact_val != '' and  docker_check.stat.isreg
  with_items:
  - reg_conf_var: ADD_REGISTRY
    reg_fact_val: "{{ docker_additional_registries | default(None, true)}}"
    reg_flag: --add-registry
  - reg_conf_var: BLOCK_REGISTRY
    reg_fact_val: "{{ docker_blocked_registries| default(None, true) }}"
    reg_flag: --block-registry
  - reg_conf_var: INSECURE_REGISTRY
    reg_fact_val: "{{ docker_insecure_registries| default(None, true) }}"
    reg_flag: --insecure-registry
  notify:
  - restart docker

- name: Set Proxy Settings
  lineinfile:
    dest: /etc/sysconfig/docker
    regexp: '^{{ item.reg_conf_var }}=.*$'
    line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val }}'"
    state: "{{ 'present' if item.reg_fact_val != '' else 'absent'}}"
  with_items:
    - reg_conf_var: HTTP_PROXY
      reg_fact_val: "{{ docker_http_proxy | default('') }}"
    - reg_conf_var: HTTPS_PROXY
      reg_fact_val: "{{ docker_https_proxy | default('') }}"
    - reg_conf_var: NO_PROXY
      reg_fact_val: "{{ docker_no_proxy | default('') | join(',') }}"
  notify:
    - restart docker
  when: "{{ 'http_proxy' in openshift.common or 'https_proxy' in openshift.common and docker_check.stat.isreg }}"

- name: Set various docker options
  lineinfile:
    dest: /etc/sysconfig/docker
    regexp: '^OPTIONS=.*$'
    line: "OPTIONS='\
      {% if ansible_selinux and ansible_selinux.status == '''enabled''' %} --selinux-enabled{% endif %}\
      {% if docker_log_driver is defined  %} --log-driver {{ docker_log_driver }}{% endif %}\
      {% if docker_log_options is defined %} {{ docker_log_options |  oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}}{% endif %}\
      {% if docker_options is defined %} {{ docker_options }}{% endif %}\
      {% if docker_disable_push_dockerhub is defined %} --confirm-def-push={{ docker_disable_push_dockerhub | bool }}{% endif %}'"
  when: docker_check.stat.isreg
  notify:
    - restart docker

- meta: flush_handlers