Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Add new option 'openshift_docker_selinux_enabled'

Allows controlling 'selinux-enabled' docker options
Can be set to true or false
Russell Teague 8 years ago
parent
7765603657
commit
4397b6e3db
3 changed files with 6 additions and 1 deletions
Split View Show Diff Stats
  1. 3 0
      playbooks/common/openshift-cluster/config.yml
  2. 1 1
      roles/docker/tasks/main.yml
  3. 2 0
      roles/openshift_docker_facts/tasks/main.yml

+ 3 - 0
playbooks/common/openshift-cluster/config.yml
View File 

@@ -38,6 +38,9 @@
 
   - set_fact:
 
       openshift_docker_log_options: "{{ lookup('oo_option', 'docker_log_options') }}"
 
     when: openshift_docker_log_options is not defined
 
+  - set_fact:
 
+      openshift_docker_selinux_enabled: "{{ lookup('oo_option', 'docker_selinux_enabled') }}"
 
+    when: openshift_docker_selinux_enabled is not defined
 
 
 - include: ../openshift-etcd/config.yml
 
   tags:

+ 1 - 1
roles/docker/tasks/main.yml
View File 

@@ -96,7 +96,7 @@
 
     dest: /etc/sysconfig/docker
 
     regexp: '^OPTIONS=.*$'
 
     line: "OPTIONS='\
 
-      {% if ansible_selinux and ansible_selinux.status == '''enabled''' %} --selinux-enabled{% endif %}\
 
+      {% if ansible_selinux.status | default(None) == '''enabled''' and docker_selinux_enabled | default(true) %} --selinux-enabled {% endif %}\
 
       {% if docker_log_driver is defined  %} --log-driver {{ docker_log_driver }}{% endif %}\
 
       {% if docker_log_options is defined %} {{ docker_log_options |  oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}}{% endif %}\
 
       {% if docker_options is defined %} {{ docker_options }}{% endif %}\

+ 2 - 0
roles/openshift_docker_facts/tasks/main.yml
View File 

@@ -9,6 +9,7 @@
 
       additional_registries: "{{ openshift_docker_additional_registries | default(None) }}"
 
       blocked_registries: "{{ openshift_docker_blocked_registries | default(None) }}"
 
       insecure_registries: "{{ openshift_docker_insecure_registries | default(None) }}"
 
+      selinux_enabled: "{{ openshift_docker_selinux_enabled | default(None) }}"
 
       log_driver: "{{ openshift_docker_log_driver | default(None) }}"
 
       log_options: "{{ openshift_docker_log_options | default(None) }}"
 
       options: "{{ openshift_docker_options | default(None) }}"
 
@@ -23,6 +24,7 @@
 
                                    | default(omit) }}"
 
     docker_insecure_registries: "{{ openshift.docker.insecure_registries
 
                                     | default(omit) }}"
 
+    docker_selinux_enabled: "{{ openshift.docker.selinux_enabled | default(omit) }}"
 
     docker_log_driver: "{{ openshift.docker.log_driver | default(omit) }}"
 
     docker_log_options: "{{ openshift.docker.log_options | default(omit) }}"
 
     docker_push_dockerhub: "{{ openshift.docker.disable_push_dockerhub