首頁 探索 說明
註冊 登入
shixiong
/
okd
1
0
複刻 0
Files 問題管理 0 合併請求 0 Wiki
目錄樹: 7459157413
分支列表 標籤列表
okd
/
roles
/
openshift_hosted
/
tasks
/
registry
/
storage
/
s3.yml

s3.yml 2.1 KB
文件歷史 原始文件

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849 
  1. ---
    2. 

  2. - name: Assert that S3 variables are provided for registry_config template
    3. 

  3.   assert:
    4. 

  4.     that:
    5. 

  5.     - openshift.hosted.registry.storage.s3.accesskey | default(none) is not none
    6. 

  6.     - openshift.hosted.registry.storage.s3.secretkey | default(none) is not none
    7. 

  7.     - openshift.hosted.registry.storage.s3.bucket | default(none) is not none
    8. 

  8.     - openshift.hosted.registry.storage.s3.region | default(none) is not none
    9. 

  9.     msg: |
    10. 

  10.       When using S3 storage, the following variables are required:
    11. 

  11.         openshift_hosted_registry_storage_s3_accesskey
    12. 

  12.         openshift_hosted_registry_storage_s3_secretkey
    13. 

  13.         openshift_hosted_registry_storage_s3_bucket
    14. 

  14.         openshift_hosted_registry_storage_s3_region
    15. 

  15. 

  16. - name: If cloudfront is being used, assert that we have all the required variables
    17. 

  17.   assert:
    18. 

  18.     that:
    19. 

  19.     - "openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile | default(none) is not none"
    20. 

  20.     - "openshift_hosted_registry_storage_s3_cloudfront_keypairid | default(none) is not none"
    21. 

  21.     msg: |
    22. 

  22.       When openshift_hosted_registry_storage_s3_cloudfront_baseurl is provided
    23. 

  23.         openshift_hosted_registry_storage_s3_cloudfront_keypairid and
    24. 

  24.         openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile are required
    25. 

  25.   when: openshift_hosted_registry_storage_s3_cloudfront_baseurl is defined
    26. 

  26. 

  27. # Inject the cloudfront private key as a secret when required
    28. 

  28. - block:
    29. 

  29. 

  30.   - name: Create registry secret for cloudfront
    31. 

  31.     oc_secret:
    32. 

  32.       state: present
    33. 

  33.       namespace: "{{ openshift_hosted_registry_namespace }}"
    34. 

  34.       name: docker-registry-s3-cloudfront
    35. 

  35.       contents:
    36. 

  36.       - path: cloudfront.pem
    37. 

  37.         data: "{{ lookup('file', openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile) }}"
    38. 

  38. 

  39.   - name: Append cloudfront secret registry volume to openshift_hosted_registry_volumes
    40. 

  40.     set_fact:
    41. 

  41.       openshift_hosted_registry_volumes: "{{ openshift_hosted_registry_volumes | union(s3_volume_mount) }}"
    42. 

  42.     vars:
    43. 

  43.       s3_volume_mount:
    44. 

  44.       - name: cloudfront-vol
    45. 

  45.         path: /etc/origin
    46. 

  46.         type: secret
    47. 

  47.         secret_name: docker-registry-s3-cloudfront
    48. 

  48. 

  49.   when: openshift_hosted_registry_storage_s3_cloudfront_baseurl | default(none) is not none
    50.