Начало Каталог Помощ
Регистрация Вход
shixiong
/
okd
1
0
Разклонения 0
Файлове Задачи 0 Заявки за сливане 0 Уики
ИН на ревизия: 9d6e86c021
Клонове Маркери
okd
/
roles
/
docker
/
tasks
/
package_docker.yml

package_docker.yml 6.4 KB
История Директен файл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156 
  1. ---
    2. 

  2. - name: Get current installed Docker version
    3. 

  3.   command: "{{ repoquery_cmd }} --installed --qf '%{version}' docker"
    4. 

  4.   when: not openshift.common.is_atomic | bool
    5. 

  5.   register: curr_docker_version
    6. 

  6.   retries: 4
    7. 

  7.   until: curr_docker_version | succeeded
    8. 

  8.   changed_when: false
    9. 

  9. 

  10. - name: Error out if Docker pre-installed but too old
    11. 

  11.   fail:
    12. 

  12.     msg: "Docker {{ curr_docker_version.stdout }} is installed, but >= 1.9.1 is required."
    13. 

  13.   when: not curr_docker_version | skipped and curr_docker_version.stdout != '' and curr_docker_version.stdout | version_compare('1.9.1', '<') and not docker_version is defined
    14. 

  14. 

  15. - name: Error out if requested Docker is too old
    16. 

  16.   fail:
    17. 

  17.     msg: "Docker {{ docker_version }} requested, but >= 1.9.1 is required."
    18. 

  18.   when: docker_version is defined and docker_version | version_compare('1.9.1', '<')
    19. 

  19. 

  20. # If a docker_version was requested, sanity check that we can install or upgrade to it, and
    21. 

  21. # no downgrade is required.
    22. 

  22. - name: Fail if Docker version requested but downgrade is required
    23. 

  23.   fail:
    24. 

  24.     msg: "Docker {{ curr_docker_version.stdout }} is installed, but version {{ docker_version }} was requested."
    25. 

  25.   when: not curr_docker_version | skipped and curr_docker_version.stdout != '' and docker_version is defined and curr_docker_version.stdout | version_compare(docker_version, '>')
    26. 

  26. 

  27. # This involves an extremely slow migration process, users should instead run the
    28. 

  28. # Docker 1.10 upgrade playbook to accomplish this.
    29. 

  29. - name: Error out if attempting to upgrade Docker across the 1.10 boundary
    30. 

  30.   fail:
    31. 

  31.     msg: "Cannot upgrade Docker to >= 1.10, please upgrade or remove Docker manually, or use the Docker upgrade playbook if OpenShift is already installed."
    32. 

  32.   when: not curr_docker_version | skipped and curr_docker_version.stdout != '' and curr_docker_version.stdout | version_compare('1.10', '<') and docker_version is defined and docker_version | version_compare('1.10', '>=')
    33. 

  33. 

  34. # Make sure Docker is installed, but does not update a running version.
    35. 

  35. # Docker upgrades are handled by a separate playbook.
    36. 

  36. - name: Install Docker
    37. 

  37.   package: name=docker{{ '-' + docker_version if docker_version is defined else '' }} state=present
    38. 

  38.   when: not openshift.common.is_atomic | bool
    39. 

  39. 

  40. - block:
    41. 

  41.   # Extend the default Docker service unit file when using iptables-services
    42. 

  42.   - name: Ensure docker.service.d directory exists
    43. 

  43.     file:
    44. 

  44.       path: "{{ docker_systemd_dir }}"
    45. 

  45.       state: directory
    46. 

  46. 

  47.   - name: Configure Docker service unit file
    48. 

  48.     template:
    49. 

  49.       dest: "{{ docker_systemd_dir }}/custom.conf"
    50. 

  50.       src: custom.conf.j2
    51. 

  51.   when: not os_firewall_use_firewalld | default(False) | bool
    52. 

  52. 

  53. - name: Add enterprise registry, if necessary
    54. 

  54.   set_fact:
    55. 

  55.     l2_docker_additional_registries: "{{ l2_docker_additional_registries + [openshift_docker_ent_reg] }}"
    56. 

  56.   when:
    57. 

  57.   - openshift.common.deployment_type == 'openshift-enterprise'
    58. 

  58.   - openshift_docker_ent_reg != ''
    59. 

  59.   - openshift_docker_ent_reg not in l2_docker_additional_registries
    60. 

  60. 

  61. - stat: path=/etc/sysconfig/docker
    62. 

  62.   register: docker_check
    63. 

  63. 

  64. - name: Comment old registry params in /etc/sysconfig/docker
    65. 

  65.   lineinfile:
    66. 

  66.     dest: /etc/sysconfig/docker
    67. 

  67.     regexp: '^{{ item.reg_conf_var }}=.*$'
    68. 

  68.     line: "#{{ item.reg_conf_var }}=''# Moved to {{ containers_registries_conf_path }}"
    69. 

  69.   with_items:
    70. 

  70.   - reg_conf_var: ADD_REGISTRY
    71. 

  71.   - reg_conf_var: BLOCK_REGISTRY
    72. 

  72.   - reg_conf_var: INSECURE_REGISTRY
    73. 

  73.   notify:
    74. 

  74.   - restart docker
    75. 

  75. 

  76. - name: Place additional/blocked/insecure registies in /etc/containers/registries.conf
    77. 

  77.   template:
    78. 

  78.     dest: "{{ containers_registries_conf_path }}"
    79. 

  79.     src: registries.conf
    80. 

  80.   notify:
    81. 

  81.   - restart docker
    82. 

  82. 

  83. - name: Set Proxy Settings
    84. 

  84.   lineinfile:
    85. 

  85.     dest: /etc/sysconfig/docker
    86. 

  86.     regexp: '^{{ item.reg_conf_var }}=.*$'
    87. 

  87.     line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val }}'"
    88. 

  88.     state: "{{ 'present' if item.reg_fact_val != '' else 'absent'}}"
    89. 

  89.   with_items:
    90. 

  90.   - reg_conf_var: HTTP_PROXY
    91. 

  91.     reg_fact_val: "{{ docker_http_proxy | default('') }}"
    92. 

  92.   - reg_conf_var: HTTPS_PROXY
    93. 

  93.     reg_fact_val: "{{ docker_https_proxy | default('') }}"
    94. 

  94.   - reg_conf_var: NO_PROXY
    95. 

  95.     reg_fact_val: "{{ docker_no_proxy | default('') }}"
    96. 

  96.   notify:
    97. 

  97.   - restart docker
    98. 

  98.   when:
    99. 

  99.   - docker_check.stat.isreg is defined and docker_check.stat.isreg and '"http_proxy" in openshift.common or "https_proxy" in openshift.common'
    100. 

  100. 

  101. - name: Set various Docker options
    102. 

  102.   lineinfile:
    103. 

  103.     dest: /etc/sysconfig/docker
    104. 

  104.     regexp: '^OPTIONS=.*$'
    105. 

  105.     line: "OPTIONS='\
    106. 

  106.       {% if ansible_selinux.status | default(None) == 'enabled' and docker_selinux_enabled | default(true) | bool %} --selinux-enabled {% endif %}\
    107. 

  107.       {% if docker_log_driver is defined  %} --log-driver {{ docker_log_driver }}{% endif %}\
    108. 

  108.       {% if docker_log_options is defined %} {{ docker_log_options |  oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}}{% endif %}\
    109. 

  109.       {% if docker_options is defined %} {{ docker_options }}{% endif %}\
    110. 

  110.       {% if docker_disable_push_dockerhub is defined %} --confirm-def-push={{ docker_disable_push_dockerhub | bool }}{% endif %}'"
    111. 

  111.   when: docker_check.stat.isreg is defined and docker_check.stat.isreg
    112. 

  112.   notify:
    113. 

  113.   - restart docker
    114. 

  114. 

  115. - stat: path=/etc/sysconfig/docker-network
    116. 

  116.   register: sysconfig_docker_network_check
    117. 

  117. 

  118. - name: Configure Docker Network OPTIONS
    119. 

  119.   lineinfile:
    120. 

  120.     dest: /etc/sysconfig/docker-network
    121. 

  121.     regexp: '^DOCKER_NETWORK_OPTIONS=.*$'
    122. 

  122.     line: "DOCKER_NETWORK_OPTIONS='\
    123. 

  123.       {% if openshift.node is defined and openshift.node.sdn_mtu is defined %} --mtu={{ openshift.node.sdn_mtu }}{% endif %}'"
    124. 

  124.   when:
    125. 

  125.   - sysconfig_docker_network_check.stat.isreg is defined
    126. 

  126.   - sysconfig_docker_network_check.stat.isreg
    127. 

  127.   notify:
    128. 

  128.   - restart docker
    129. 

  129. 

  130. - name: Check for credentials file for registry auth
    131. 

  131.   stat:
    132. 

  132.     path: "{{ docker_cli_auth_config_path }}/config.json"
    133. 

  133.   when: oreg_auth_user is defined
    134. 

  134.   register: docker_cli_auth_credentials_stat
    135. 

  135. 

  136. - name: Create credentials for docker cli registry auth
    137. 

  137.   command: "docker --config={{ docker_cli_auth_config_path }} login -u {{ oreg_auth_user }} -p {{ oreg_auth_password }} {{ oreg_host }}"
    138. 

  138.   when:
    139. 

  139.   - oreg_auth_user is defined
    140. 

  140.   - (not docker_cli_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool
    141. 

  141. 

  142. - name: Start the Docker service
    143. 

  143.   systemd:
    144. 

  144.     name: docker
    145. 

  145.     enabled: yes
    146. 

  146.     state: started
    147. 

  147.     daemon_reload: yes
    148. 

  148.   register: r_docker_package_docker_start_result
    149. 

  149.   until: not r_docker_package_docker_start_result | failed
    150. 

  150.   retries: 3
    151. 

  151.   delay: 30
    152. 

  152. 

  153. - set_fact:
    154. 

  154.     docker_service_status_changed: "{{ r_docker_package_docker_start_result | changed }}"
    155. 

  155. 

  156. - meta: flush_handlers
    157.