cri-o: configure storage and insecure registries

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>

roles/docker/tasks/main.yml

@@ -7,7 +7,7 @@
 
 - set_fact:
     l_use_system_container: "{{ openshift.docker.use_system_container | default(False) }}"
-    l_use_crio: "{{ openshift.docker.use_crio | default(False) }}"
+    l_use_crio: "{{ use_crio | default(False) }}"
 
 - name: Use Package Docker if Requested
   include: package_docker.yml
@@ -15,8 +15,12 @@
 
 - name: Use System Container Docker if Requested
   include: systemcontainer_docker.yml
-  when: l_use_system_container
+  when:
+  - l_use_system_container
+  - not l_use_crio
 
 - name: Add CRI-O usage Requested
   include: systemcontainer_crio.yml
-  when: l_use_crio
+  when:
+  - l_use_system_container
+  - l_use_crio

roles/docker/tasks/systemcontainer_crio.yml

@@ -1,5 +1,7 @@
 ---
 # TODO: Much of this file is shared with container engine tasks
+- set_fact:
+    l_insecure_registries: "{{ '\"{}\"'.format('\", \"'.join(openshift.docker.insecure_registries)) }}"
 
 - name: Ensure container-selinux is installed
   package:
@@ -94,6 +96,31 @@
     image: "{{ l_crio_image }}"
     state: latest
 
+- name: run CRI-O with overlay2
+  replace:
+    regexp: 'storage_driver = ""'
+    replace: 'storage_driver = "overlay2"'
+    name: /etc/crio/crio.conf
+    backup: yes
+
+- name: Add overlay2 storage opts for CRI-O
+  lineinfile:
+    dest: /etc/crio/crio.conf
+    line: '"overlay2.override_kernel_check=1"'
+    insertafter: 'storage_option = \['
+    regexp: 'overlay2\.override_kernel_check=1'
+    state: present
+  when: ansible_distribution in ['RedHat', 'CentOS']
+
+- name: Configure insecure registries for CRI-O
+  lineinfile:
+    dest: /etc/crio/crio.conf
+    line: "{{ l_insecure_registries }}"
+    insertafter: 'insecure_registries = \['
+    regexp: "{{ l_insecure_registries }}"
+    state: present
+  when: openshift_docker_insecure_registries is defined
+
 - name: Start the CRI-O service
   systemd:
     name: "cri-o"