summaryrefslogtreecommitdiffstats
path: root/roles/docker
Commit message (Collapse)AuthorAgeFilesLines
* doc: Add link to daemon.json upstream docSteve Milner2017-05-111-0/+2
|
* Remove unused daemon.json keysSteve Milner2017-05-111-45/+0
| | | | | | Instead of providing every possible key in the daemon.json configuration file, this update only provides keys which are actively set/used by the installer.
* Merge pull request #4158 from ganhuang/lower_boolScott Dodson2017-05-111-2/+2
|\ | | | | lower case in /etc/daemon.json and correct block-registry
| * lower case in /etc/daemon.json and correct block-registryGan Huang2017-05-111-2/+2
| |
* | Merge pull request #4152 from sdodson/iptables-defaultOpenShift Bot2017-05-102-2/+2
|\ \ | |/ |/| Merged by openshift-bot
| * Default to iptables on masterScott Dodson2017-05-102-2/+2
| | | | | | | | | | | | We did this in 3.5 but never on master and we never came back to add migration support. So we'll revert this on master and if/when we add migration support we'll switch the default.
* | Rename blocked-registries to block-registriesSteve Milner2017-05-101-1/+1
| | | | | | | | | | The daemon.json configuration key is block-registries. The code and installer bits call it blocked-registries.
* | Ensure true is lowercase in daemon.jsonSteve Milner2017-05-102-1/+2
|/
* Use local variables for daemon.json templateSteve Milner2017-05-082-6/+14
| | | | | | | | | | | Instead of using bare lists and dicts this change converts variables into json for use with daemon.json. jinja2 does have an ability to do this in side of templates, however it is only available in 2.9+. Until then the use of ansible's to_json in the playbook is being used. Refs: - http://jinja.pocoo.org/docs/2.9/templates/#tojson - http://docs.ansible.com/ansible/playbooks_filters.html#filters-for-formatting-data
* Fix 1448368, and some other minors issuesGan Huang2017-05-054-19/+22
|
* System container dockerSteve Milner2017-05-039-116/+350
| | | | | | | | | | | | | | | This change allows for the use of either the traditional package install of docker OR a system container install of docker. Two new inventory options, openshift_docker_use_system_container and openshift_docker_systemcontainer_image_registry_override, have been added which are be used to install with a system container. By default this option is commented out. One new fact has been added: - docker.service_name: docker by default, container-engine-docker for system container
* Loosely couple docker to iptables serviceRussell Teague2017-03-071-1/+1
|
* Comma separate no_proxy host list in openshift_facts so that it appears as a ↵Andrew Butcher2017-01-251-1/+1
| | | | string everywhere it is used.
* Add new option 'openshift_docker_selinux_enabled'Russell Teague2017-01-241-1/+1
| | | | | Allows controlling 'selinux-enabled' docker options Can be set to true or false
* v1.3 Add RHAMPScott Dodson2017-01-171-8/+0
|
* Enable firewalld by defaultRussell Teague2016-12-142-11/+12
|
* YAML LintingRussell Teague2016-12-122-11/+11
| | | | | * Added checks to make ci for yaml linting * Modified y(a)ml files to pass lint checks
* Refactored to use Ansible systemd moduleRussell Teague2016-11-282-9/+4
| | | | | | * Ansible systemd module used in place of service module * Refactored command tasks which are no longer necessary * Applying rules from openshift-ansible Best Practices Guide
* Updating docs for Ansible 2.2 requirementsRussell Teague2016-11-282-2/+2
|
* Refactor to use Ansible package moduleRussell Teague2016-11-171-1/+1
| | | | | The Ansible package module will call the correct package manager for the underlying OS.
* Docker daemon is started prematurely.Eric Mountain2016-11-141-11/+11
| | | | | | | | | Docker service is started prior to configuration changes being applied. The service is then not restarted by the handlers, so configuration changes are not applied. We now start the docker service only once all config changes have been made.
* Added dependency of os_firewall to docker roleRussell Teague2016-11-143-5/+4
| | | | | | | | | | | The docker role requires iptables-services to be installed. Added dependency on so_firewall role to ensure the iptables service is installed first. Currently this will only work with iptables and not with firewalld. * Added allow_duplicates to os_firewall role meta * Removed unused task from docker/tasks * Corrected os_firewall Defaults in README
* Resolve docker and iptables service dependenciesRussell Teague2016-11-113-1/+19
| | | | | | | | | | The docker service adds rules to the iptables configuration to support proper network functionality for running containers. If the service is started prior to iptables, these rules are not properly created. * Ensure iptables is started prior to docker Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1390835
* Fix typosRodolfo Carvalho2016-10-191-1/+1
|
* Skip the docker role in early upgrade stages.Devan Goodwin2016-09-292-5/+4
| | | | | | | | This improves the situation further and prevents configuration changes from accidentally triggering docker restarts, before we've evacuated nodes. Now in two places, we skip the role entirely, instead of previous implementation which only skipped upgrading the installed version. (which did not catch config issues)
* Fix review commentsManjunath A Kumatagi2016-08-271-2/+2
|
* Fix typoManjunath A Kumatagi2016-08-181-3/+3
|
* Fix errors in docker roleManjunath A Kumatagi2016-08-171-3/+4
|
* Clarify message when old docker pre-installed but 1.10+ requested.Devan Goodwin2016-07-151-1/+1
|
* Fix upgrade with docker_version set.Devan Goodwin2016-07-141-3/+3
|
* Fix more docker role logic.Devan Goodwin2016-07-131-2/+2
|
* Add checks to docker role for 1.9.1+.Devan Goodwin2016-07-131-3/+13
| | | | | | | | If Docker 1.8.2 is pre-installed, and no docker_version was requested, role will now error out because 1.9.1 is required. If docker_version is set to <= 1.9.1, we also error out as this is not supported.
* Remove/update TODOs.Devan Goodwin2016-07-081-2/+0
|
* Remove all debug used during devel of openshift_version.Devan Goodwin2016-07-081-5/+0
|
* Merge branch 'master' into upgrade33Devan Goodwin2016-07-041-1/+0
|\
| * Switch to repoquery, enable plugins for satellite supportScott Dodson2016-06-291-1/+0
| |
* | Only nuke images when crossing the Docker 1.10 boundary in upgrade.Devan Goodwin2016-06-272-1/+2
| |
* | Fix docker restarts during openshift_version role.Devan Goodwin2016-06-201-1/+0
| | | | | | | | | | | | | | | | | | The variable here must be explicitly passed to the docker role, if it's passed sometimes and not others, the docker config changes triggers a docker restart effectively killing everything on the node in an unsafe manner. Instead lets make sure the value is set.
* | Support setting a docker version in inventory.Devan Goodwin2016-06-201-1/+36
|/
* Remove Docker 1.10 requirement temporarily.Devan Goodwin2016-06-101-28/+0
| | | | | | Docker 1.10 is not widely available in RHEL / CentOS yet, lets remove the restriction for users of master / origin. We can revert as soon as it's available publically.
* Merge pull request #2005 from brenton/bz1338726Brenton Leanhardt2016-06-091-29/+30
|\ | | | | Bug 1338726 - never abort install if the latest version of docker is already installed
| * Bug 1338726 - never abort install if the latest version of docker is already ↵Brenton Leanhardt2016-06-081-1/+1
| | | | | | | | installed
| * Docker 1.10 UpgradeDevan Goodwin2016-06-031-29/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds a separate playbook for Docker 1.10 upgrade that can be run standalone on a pre-existing 3.2 cluster. The upgrade will take each node out of rotation, and remove *all* containers and images on it, as this is reportedly faster and more storage efficient than performing the in place 1.10 upgrade. This process is integrated into the 3.1 to 3.2 upgrade process. Normal config playbooks now become 3.2 only, and require Docker 1.10. Users of older environments will have to use an appropriate openshift-ansible version. Config playbooks no longer are in the business of upgrading or downgrading docker.
* | Preserve proxy config if it's undefinedScott Dodson2016-06-071-0/+1
|/
* Merge tag 'openshift-ansible-3.0.89-1'Brenton Leanhardt2016-05-091-1/+1
|\ | | | | | | Tagging package [openshift-ansible] version [3.0.89-1] in directory [./].
| * Use yum swap to downgrade dockerScott Dodson2016-05-091-1/+1
| |
* | Fix cli_docker_additional_registries being erased during upgrade.Devan Goodwin2016-05-091-1/+1
|/ | | | | | Legacy options (cli_*) were not being migrated during upgrade. Add the oo_all_hosts group, and migrate the facts as we do in the normal cluster playbooks.
* Don't set empty HTTP_PROXY, HTTPS_PROXY, NO_PROXY valuesScott Dodson2016-04-261-0/+1
|
* Add global proxy configurationScott Dodson2016-04-221-0/+15
| | | | | | | | | | | | | | | | | | | | | | | | | Configures HTTP_PROXY, HTTPS_PROXY, NO_PROXY for master and docker services. Configugres BuildDefaults Admission controller for master to automatically insert proxy environment configuration into build environments. To use set at least these variables - openshift_http_proxy - openshift_https_proxy NO_PROXY entries will automatically be configured for hostnames of all openshift hosts. You may specify additional NO_PROXY hosts or patterns by setting `openshift_no_proxy` If you wish to disable automatic generation of NO_PROXY hosts you may set `openshift_generate_no_proxy_hosts` to False. If you wish to have different builddefaults proxy configuration than baseline proxy configuration set these variables - openshift_builddefaults_http_proxy - openshift_builddefaults_https_proxy - openshift_builddefaults_no_proxy - openshift_builddefaults_git_http_proxy - openshift_builddefaults_git_https_proxy
* Fix for docker not presentJason DeTiberus2016-04-221-1/+1
|