Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 8a0fde1c2d
Branches Tags
okd
/
roles
/
openshift_master
/
tasks
/
registry_auth.yml

registry_auth.yml 2.0 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152 
  1. ---
    2. 

  2. - name: Check for credentials file for registry auth
    3. 

  3.   stat:
    4. 

  4.     path: "{{ oreg_auth_credentials_path }}"
    5. 

  5.   when: oreg_auth_user is defined
    6. 

  6.   register: master_oreg_auth_credentials_stat
    7. 

  7. 

  8. - name: Create credentials for registry auth
    9. 

  9.   command: "docker --config={{ oreg_auth_credentials_path }} login -u {{ oreg_auth_user }} -p {{ oreg_auth_password }} {{ oreg_host }}"
    10. 

  10.   when:
    11. 

  11.   - not (openshift_docker_alternative_creds | default(False))
    12. 

  12.   - oreg_auth_user is defined
    13. 

  13.   - (not master_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool
    14. 

  14.   register: master_oreg_auth_credentials_create
    15. 

  15.   retries: 3
    16. 

  16.   delay: 5
    17. 

  17.   until: master_oreg_auth_credentials_create.rc == 0
    18. 

  18.   notify:
    19. 

  19.   - restart master api
    20. 

  20.   - restart master controllers
    21. 

  21. 

  22. # docker_creds is a custom module from lib_utils
    23. 

  23. # 'docker login' requires a docker.service running on the local host, this is an
    24. 

  24. # alternative implementation for non-docker hosts.  This implementation does not
    25. 

  25. # check the registry to determine whether or not the credentials will work.
    26. 

  26. - name: Create credentials for registry auth (alternative)
    27. 

  27.   docker_creds:
    28. 

  28.     path: "{{ oreg_auth_credentials_path }}"
    29. 

  29.     registry: "{{ oreg_host }}"
    30. 

  30.     username: "{{ oreg_auth_user }}"
    31. 

  31.     password: "{{ oreg_auth_password }}"
    32. 

  32.   when:
    33. 

  33.   - openshift_docker_alternative_creds | default(False) | bool
    34. 

  34.   - oreg_auth_user is defined
    35. 

  35.   - (not master_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool
    36. 

  36.   register: master_oreg_auth_credentials_create_alt
    37. 

  37.   notify:
    38. 

  38.   - restart master api
    39. 

  39.   - restart master controllers
    40. 

  40. 

  41. # Container images may need the registry credentials
    42. 

  42. - name: Setup ro mount of /root/.docker for containerized hosts
    43. 

  43.   set_fact:
    44. 

  44.     l_bind_docker_reg_auth: True
    45. 

  45.   when:
    46. 

  46.   - openshift_is_containerized | bool
    47. 

  47.   - oreg_auth_user is defined
    48. 

  48.   - >
    49. 

  49.       (master_oreg_auth_credentials_stat.stat.exists
    50. 

  50.       or oreg_auth_credentials_replace
    51. 

  51.       or master_oreg_auth_credentials_create.changed
    52. 

  52.       or master_oreg_auth_credentials_create_alt.changed) | bool
    53.