okd/roles/container_runtime/tasks/systemcontainer_docker.yml

---
# If docker_options are provided we should fail. We should not install docker and ignore
# the users configuration. NOTE: docker_options == inventory:openshift_docker_options
- name: Fail quickly if openshift_docker_options are set
  assert:
    that:
      - "{% if not openshift_docker_options %}1{% else %}0{% endif %}"
    msg: |
      Docker via System Container does not allow for the use of the openshift_docker_options
      variable. If you want to use openshift_docker_options you will need to use the
      traditional docker package install. Otherwise, comment out openshift_docker_options
      in your inventory file.

- import_tasks: common/pre.yml

- import_tasks: common/syscontainer_packages.yml

# Make sure Docker is installed so we are able to use the client
- name: Install Docker so we can use the client
  package: name=docker{{ '-' + docker_version if docker_version is defined else '' }} state=present
  when: not openshift_is_atomic | bool
  register: result
  until: result is succeeded

# Make sure docker.service from docker rpm is disabled. Errors are ignored.
# docker runs as a system container as 'container-engine' in a later task.
- name: Disable Docker
  systemd:
    name: docker
    enabled: no
    state: stopped
    daemon_reload: yes
  ignore_errors: True
  register: r_docker_systemcontainer_docker_stop_result
  until: not (r_docker_systemcontainer_docker_stop_result is failed)
  retries: 3
  delay: 30

- name: Ensure proxies are in the atomic.conf
  import_tasks: common/atomic_proxy.yml

# Be nice and let the user see the variable result
- debug:
    var: l_docker_image

# Do the authentication before pulling the container engine system container
# as the pull might be from an authenticated registry.
- import_tasks: registry_auth.yml
  vars:
    openshift_docker_alternative_creds: True

# NOTE: no_proxy added as a workaround until https://github.com/projectatomic/atomic/pull/999 is released
- name: Pre-pull Container Engine System Container image
  command: "atomic pull --storage ostree {{ l_docker_image }}"
  changed_when: false
  environment:
    NO_PROXY: "{{ docker_no_proxy }}"


- name: Ensure container-engine.service.d directory exists
  file:
    path: "{{ container_engine_systemd_dir }}"
    state: directory

- name: Ensure /etc/docker directory exists
  file:
    path: "{{ docker_conf_dir }}"
    state: directory

- name: Install Container Engine System Container
  oc_atomic_container:
    name: "{{ openshift_docker_service_name }}"
    image: "{{ l_docker_image }}"
    state: latest
    values:
      - "ADDTL_MOUNTS={{ l_docker_additional_mounts }}"

- name: Configure Container Engine Service File
  template:
    dest: "{{ container_engine_systemd_dir }}/custom.conf"
    src: systemcontainercustom.conf.j2

# Configure container-engine using the container-daemon.json file
# NOTE: daemon.json and container-daemon.json have been seperated to avoid
#       collision.
- name: Configure Container Engine
  template:
    dest: "{{ docker_conf_dir }}/container-daemon.json"
    src: daemon.json

# Enable and start the container-engine service (docker as system container)
- name: Start the container-engine service
  systemd:
    name: "{{ openshift_docker_service_name }}"
    enabled: yes
    state: started
    daemon_reload: yes
  register: r_docker_systemcontainer_docker_start_result
  until: not (r_docker_systemcontainer_docker_start_result is failed)
  retries: 3
  delay: 30

- set_fact:
    docker_service_status_changed: "{{ r_docker_systemcontainer_docker_start_result is changed }}"

# Since docker is running as a system container, docker login will fail to create
# credentials.  Use alternate method if requiring authenticated registries.
- import_tasks: common/post.yml
  vars:
    openshift_docker_alternative_creds: True