Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: a0e7f19f9f
Branches Tags
okd
/
roles
/
openshift_docker
/
tasks
/
main.yml

main.yml 2.5 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 
  1. ---
    2. 

  2. - name: Set docker facts
    3. 

  3.   openshift_facts:
    4. 

  4.     role: "{{ item.role }}"
    5. 

  5.     local_facts: "{{ item.local_facts }}"
    6. 

  6.   with_items:
    7. 

  7.   - role: common
    8. 

  8.     local_facts:
    9. 

  9.       deployment_type: "{{ openshift_deployment_type }}"
    10. 

  10.       docker_additional_registries: "{{ docker_additional_registries }}"
    11. 

  11.       docker_insecure_registries: "{{ docker_insecure_registries }}"
    12. 

  12.       docker_blocked_registries: "{{ docker_blocked_registries }}"
    13. 

  13.       docker_options: "{{ openshift_docker_options | default('',True) }}"
    14. 

  14.   - role: node
    15. 

  15.     local_facts:
    16. 

  16.       portal_net: "{{ openshift_master_portal_net | default(None) }}"
    17. 

  17.       docker_log_driver:  "{{ lookup( 'oo_option' , 'docker_log_driver'  )  | default('',True) }}"
    18. 

  18.       docker_log_options: "{{ lookup( 'oo_option' , 'docker_log_options' )  | default('',True) }}"
    19. 

  19. 

  20. - stat: path=/etc/sysconfig/docker
    21. 

  21.   register: docker_check
    22. 

  22. 

  23. - name: Set registry params
    24. 

  24.   lineinfile:
    25. 

  25.     dest: /etc/sysconfig/docker
    26. 

  26.     regexp: '^{{ item.reg_conf_var }}=.*$'
    27. 

  27.     line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val | oo_prepend_strings_in_list(item.reg_flag ~ ' ') | join(' ') }}'"
    28. 

  28.   when: "'docker_additional_registries' in openshift.common and docker_check.stat.isreg"
    29. 

  29.   with_items:
    30. 

  30.   - reg_conf_var: ADD_REGISTRY
    31. 

  31.     reg_fact_val: "{{ openshift.common.docker_additional_registries }}"
    32. 

  32.     reg_flag: --add-registry
    33. 

  33.   - reg_conf_var: BLOCK_REGISTRY
    34. 

  34.     reg_fact_val: "{{ openshift.common.docker_blocked_registries }}"
    35. 

  35.     reg_flag: --block-registry
    36. 

  36.   - reg_conf_var: INSECURE_REGISTRY
    37. 

  37.     reg_fact_val: "{{ openshift.common.docker_insecure_registries }}"
    38. 

  38.     reg_flag: --insecure-registry
    39. 

  39.   notify:
    40. 

  40.   - restart openshift_docker
    41. 

  41. 

  42. # TODO: Enable secure registry when code available in origin
    43. 

  43. # TODO: perhaps move this to openshift_docker?
    44. 

  44. - name: Secure Registry and Logs Options
    45. 

  45.   lineinfile:
    46. 

  46.     dest: /etc/sysconfig/docker
    47. 

  47.     regexp: '^OPTIONS=.*$'
    48. 

  48.     line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }}\
    49. 

  49.       {% if ansible_selinux and ansible_selinux.status == '''enabled''' %} --selinux-enabled{% endif %}\
    50. 

  50.       {% if openshift.node.docker_log_driver is defined  %} --log-driver {{ openshift.node.docker_log_driver }}{% endif %}\
    51. 

  51.       {% if openshift.node.docker_log_options is defined %} {{ openshift.node.docker_log_options |  oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}}{% endif %}\
    52. 

  52.       {% if openshift.common.docker_options is defined %} {{ openshift.common.docker_options }}{% endif %}'"
    53. 

  53.   when: docker_check.stat.isreg
    54. 

  54.   notify:
    55. 

  55.     - restart openshift_docker
    56.