Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: b733e7fb2c
Branches Tags
okd
/
roles
/
openshift_docker
/
tasks
/
main.yml

main.yml 2.3 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253 
  1. ---
    2. 

  2. - name: Set docker facts
    3. 

  3.   openshift_facts:
    4. 

  4.     role: "{{ item.role }}"
    5. 

  5.     local_facts: "{{ item.local_facts }}"
    6. 

  6.   with_items:
    7. 

  7.   - role: common
    8. 

  8.     local_facts:
    9. 

  9.       deployment_type: "{{ openshift_deployment_type }}"
    10. 

  10.       docker_additional_registries: "{{ docker_additional_registries }}"
    11. 

  11.       docker_insecure_registries: "{{ docker_insecure_registries }}"
    12. 

  12.       docker_blocked_registries: "{{ docker_blocked_registries }}"
    13. 

  13.   - role: node
    14. 

  14.     local_facts:
    15. 

  15.       portal_net: "{{ openshift_master_portal_net | default(None) }}"
    16. 

  16.       docker_log_driver:  "{{ lookup( 'oo_option' , 'docker_log_driver'  )  | default('',True) }}"
    17. 

  17.       docker_log_options: "{{ lookup( 'oo_option' , 'docker_log_options' )  | default('',True) }}"
    18. 

  18. 

  19. - stat: path=/etc/sysconfig/docker
    20. 

  20.   register: docker_check
    21. 

  21. 

  22. - name: Set registry params
    23. 

  23.   lineinfile:
    24. 

  24.     dest: /etc/sysconfig/docker
    25. 

  25.     regexp: '^{{ item.reg_conf_var }}=.*$'
    26. 

  26.     line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val | oo_prepend_strings_in_list(item.reg_flag ~ ' ') | join(' ') }}'"
    27. 

  27.   when: "'docker_additional_registries' in openshift.common and docker_check.stat.isreg"
    28. 

  28.   with_items:
    29. 

  29.   - reg_conf_var: ADD_REGISTRY
    30. 

  30.     reg_fact_val: "{{ openshift.common.docker_additional_registries }}"
    31. 

  31.     reg_flag: --add-registry
    32. 

  32.   - reg_conf_var: BLOCK_REGISTRY
    33. 

  33.     reg_fact_val: "{{ openshift.common.docker_blocked_registries }}"
    34. 

  34.     reg_flag: --block-registry
    35. 

  35.   - reg_conf_var: INSECURE_REGISTRY
    36. 

  36.     reg_fact_val: "{{ openshift.common.docker_insecure_registries }}"
    37. 

  37.     reg_flag: --insecure-registry
    38. 

  38.   notify:
    39. 

  39.   - restart openshift_docker
    40. 

  40. 

  41. # TODO: Enable secure registry when code available in origin
    42. 

  42. # TODO: perhaps move this to openshift_docker?
    43. 

  43. - name: Secure Registry and Logs Options
    44. 

  44.   lineinfile:
    45. 

  45.     dest: /etc/sysconfig/docker
    46. 

  46.     regexp: '^OPTIONS=.*$'
    47. 

  47.     line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} \
    48. 

  48.       {% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %} \
    49. 

  49.       {% if openshift.node.docker_log_driver is defined  %} --log-driver {{ openshift.node.docker_log_driver }}  {% endif %} \
    50. 

  50.       {% if openshift.node.docker_log_options is defined %}   {{ openshift.node.docker_log_options |  oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}}  {% endif %} '"
    51. 

  51.   when: docker_check.stat.isreg
    52. 

  52.   notify:
    53. 

  53.     - restart openshift_docker
    54.