diff options
Diffstat (limited to 'roles/docker')
| -rw-r--r-- | roles/docker/tasks/systemcontainer_docker.yml | 56 | ||||
| -rw-r--r-- | roles/docker/templates/daemon.json | 3 | ||||
| -rw-r--r-- | roles/docker/templates/systemcontainercustom.conf.j2 | 18 | ||||
| -rw-r--r-- | roles/docker/vars/main.yml | 1 |
4 files changed, 48 insertions, 30 deletions
diff --git a/roles/docker/tasks/systemcontainer_docker.yml b/roles/docker/tasks/systemcontainer_docker.yml index a461c479a..3af3e00b2 100644 --- a/roles/docker/tasks/systemcontainer_docker.yml +++ b/roles/docker/tasks/systemcontainer_docker.yml @@ -27,27 +27,51 @@ state: present when: not openshift.common.is_atomic | bool -# If we are on atomic, set http_proxy and https_proxy in /etc/atomic.conf +# Make sure Docker is installed so we are able to use the client +- name: Install Docker so we can use the client + package: name=docker{{ '-' + docker_version if docker_version is defined else '' }} state=present + when: not openshift.common.is_atomic | bool + +# Make sure docker is disabled. Errors are ignored. +- name: Disable Docker + systemd: + name: docker + enabled: no + state: stopped + daemon_reload: yes + ignore_errors: True + +# Set http_proxy, https_proxy, and no_proxy in /etc/atomic.conf +# regexp: the line starts with or without #, followed by the string +# http_proxy, then either : or = - block: - name: Add http_proxy to /etc/atomic.conf lineinfile: - path: /etc/atomic.conf - line: "http_proxy={{ openshift.common.http_proxy | default('') }}" + dest: /etc/atomic.conf + regexp: "^#?http_proxy[:=]{1}" + line: "http_proxy: {{ openshift.common.http_proxy | default('') }}" when: - openshift.common.http_proxy is defined - openshift.common.http_proxy != '' - name: Add https_proxy to /etc/atomic.conf lineinfile: - path: /etc/atomic.conf - line: "https_proxy={{ openshift.common.https_proxy | default('') }}" + dest: /etc/atomic.conf + regexp: "^#?https_proxy[:=]{1}" + line: "https_proxy: {{ openshift.common.https_proxy | default('') }}" when: - openshift.common.https_proxy is defined - openshift.common.https_proxy != '' - when: openshift.common.is_atomic | bool - + - name: Add no_proxy to /etc/atomic.conf + lineinfile: + dest: /etc/atomic.conf + regexp: "^#?no_proxy[:=]{1}" + line: "no_proxy: {{ openshift.common.no_proxy | default('') }}" + when: + - openshift.common.no_proxy is defined + - openshift.common.no_proxy != '' - block: @@ -77,23 +101,17 @@ set_fact: l_docker_image: "{{ l_docker_image_prepend }}/{{ openshift.docker.service_name }}:latest" +# NOTE: no_proxy added as a workaround until https://github.com/projectatomic/atomic/pull/999 is released - name: Pre-pull Container Enginer System Container image command: "atomic pull --storage ostree {{ l_docker_image }}" changed_when: false + environment: + NO_PROXY: "{{ openshift.common.no_proxy | default('') }}" -# Make sure docker is disabled Errors are ignored as docker may not -# be installed. -- name: Disable Docker - systemd: - name: docker - enabled: no - state: stopped - daemon_reload: yes - ignore_errors: True -- name: Ensure docker.service.d directory exists +- name: Ensure container-engine.service.d directory exists file: - path: "{{ docker_systemd_dir }}" + path: "{{ container_engine_systemd_dir }}" state: directory - name: Ensure /etc/docker directory exists @@ -111,7 +129,7 @@ - name: Configure Container Engine Service File template: - dest: "{{ docker_systemd_dir }}/custom.conf" + dest: "{{ container_engine_systemd_dir }}/custom.conf" src: systemcontainercustom.conf.j2 # Set local versions of facts that must be in json format for daemon.json diff --git a/roles/docker/templates/daemon.json b/roles/docker/templates/daemon.json index c607e6afe..a41b7cdbd 100644 --- a/roles/docker/templates/daemon.json +++ b/roles/docker/templates/daemon.json @@ -16,6 +16,5 @@ }, "selinux-enabled": {{ l_docker_selinux_enabled | lower }}, "add-registry": {{ l_docker_additional_registries }}, - "block-registry": {{ l_docker_blocked_registries }}, - "userland-proxy-path": "/usr/libexec/docker/docker-proxy-current" + "block-registry": {{ l_docker_blocked_registries }} } diff --git a/roles/docker/templates/systemcontainercustom.conf.j2 b/roles/docker/templates/systemcontainercustom.conf.j2 index 1faad506a..86eebfba6 100644 --- a/roles/docker/templates/systemcontainercustom.conf.j2 +++ b/roles/docker/templates/systemcontainercustom.conf.j2 @@ -1,15 +1,15 @@ # {{ ansible_managed }} [Service] -{%- if "http_proxy" in openshift.common %} -ENVIRONMENT=HTTP_PROXY={{ docker_http_proxy }} -{%- endif -%} -{%- if "https_proxy" in openshift.common %} -ENVIRONMENT=HTTPS_PROXY={{ docker_http_proxy }} -{%- endif -%} -{%- if "no_proxy" in openshift.common %} -ENVIRONMENT=NO_PROXY={{ docker_no_proxy }} -{%- endif %} +{% if "http_proxy" in openshift.common %} +Environment=HTTP_PROXY={{ docker_http_proxy }} +{% endif -%} +{% if "https_proxy" in openshift.common %} +Environment=HTTPS_PROXY={{ docker_http_proxy }} +{% endif -%} +{% if "no_proxy" in openshift.common %} +Environment=NO_PROXY={{ docker_no_proxy }} +{% endif %} {%- if os_firewall_use_firewalld|default(false) %} [Unit] Wants=iptables.service diff --git a/roles/docker/vars/main.yml b/roles/docker/vars/main.yml index 0082ded1e..4e940b7f5 100644 --- a/roles/docker/vars/main.yml +++ b/roles/docker/vars/main.yml @@ -1,4 +1,5 @@ --- docker_systemd_dir: /etc/systemd/system/docker.service.d +container_engine_systemd_dir: /etc/systemd/system/container-engine.service.d docker_conf_dir: /etc/docker/ udevw_udevd_dir: /etc/systemd/system/systemd-udevd.service.d |