diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2017-11-03 07:30:29 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-11-03 07:30:29 -0700 |
commit | c99bfde17bca322e8a89ba3e9dc4e4fdc2776448 (patch) | |
tree | c6e36f2b07ee6699e50065bb55f5d0e41da0a1fc /roles/openshift_docker_gc/templates | |
parent | 1b24db1dfb82b2b99605fdfc016c59161981d487 (diff) | |
parent | b88adec6c15157c2894ccfe2ac855e67fb48ca33 (diff) | |
download | openshift-c99bfde17bca322e8a89ba3e9dc4e4fdc2776448.tar.gz openshift-c99bfde17bca322e8a89ba3e9dc4e4fdc2776448.tar.bz2 openshift-c99bfde17bca322e8a89ba3e9dc4e4fdc2776448.tar.xz openshift-c99bfde17bca322e8a89ba3e9dc4e4fdc2776448.zip |
Merge pull request #5995 from ashcrow/docker-gc-daemonset
Automatic merge from submit-queue.
openshift_hosted: Add docker-gc
Two new inventory variables have been created:
- ``openshift_crio_enable_docker_gc``: Enable docker_gc daemon set
- ``openshift_crio_docker_gc_node_selector``: Optional dictionary to use node
selector
When ``openshift_crio_enable_docker_gc`` and ``openshift_use_crio`` are both true
then ``docker_gc`` daemonset will be created along with adding a ``docker-gc``
sa.
Diffstat (limited to 'roles/openshift_docker_gc/templates')
-rw-r--r-- | roles/openshift_docker_gc/templates/dockergc-ds.yaml.j2 | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/roles/openshift_docker_gc/templates/dockergc-ds.yaml.j2 b/roles/openshift_docker_gc/templates/dockergc-ds.yaml.j2 new file mode 100644 index 000000000..53e8b448b --- /dev/null +++ b/roles/openshift_docker_gc/templates/dockergc-ds.yaml.j2 @@ -0,0 +1,58 @@ +apiVersion: v1 +kind: List +items: +- apiVersion: v1 + kind: ServiceAccount + metadata: + name: dockergc + # You must grant privileged via: oadm policy add-scc-to-user -z dockergc privileged + # in order for the dockergc to access the docker socket and root directory +- apiVersion: extensions/v1beta1 + kind: DaemonSet + metadata: + name: dockergc + labels: + app: dockergc + spec: + template: + metadata: + labels: + app: dockergc + name: dockergc + spec: +{# Only set nodeSelector if the dict is not empty #} +{% if r_docker_gc_node_selectors %} + nodeSelector: +{% for k,v in r_docker_gc_node_selectors.items() %} + {{ k }}: {{ v }}{% endfor %}{% endif %} + + serviceAccountName: dockergc + containers: + - image: openshift/origin:latest + args: + - "ex" + - "dockergc" + - "--image-gc-low-threshold=60" + - "--image-gc-high-threshold=80" + - "--minimum-ttl-duration=1h0m0s" + securityContext: + privileged: true + name: dockergc + resources: + requests: + memory: 30Mi + cpu: 50m + volumeMounts: + - name: docker-root + readOnly: true + mountPath: /var/lib/docker + - name: docker-socket + readOnly: false + mountPath: /var/run/docker.sock + volumes: + - name: docker-root + hostPath: + path: /var/lib/docker + - name: docker-socket + hostPath: + path: /var/run/docker.sock |