summaryrefslogtreecommitdiffstats
path: root/roles/docker
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #5359 from mgugino-upstream-stage/version-docker-auth-configOpenShift Bot2017-09-132-0/+17
|\ | | | | Merged by openshift-bot
| * Fix: authenticated registry support for containerized hostsMichael Gugino2017-09-112-0/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, openshift-anisble supports authentication to container registries to pull down openshift container images. The openshift_verison role uses the docker cli to gather image information from container registries before authentication credentials are provided by openshift-ansible. This commit creates the necessary token to authenticate to private registries during openshift_version. The token is generated by the role 'docker' on all hosts where docker is installed/configured when oreg_auth_users is defined. This commit also adds a read-only mount into the openshift master and node container services. This mount is '/var/lib/origin/.docker:/root/.docker:ro'. This is because the container images do not currently read the values in '/var/lib/origin/.docker' as this may be a bug upstream. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
* | cri-o: Fix Fedora image nameSteve Milner2017-09-131-1/+1
| | | | | | | | Signed-off-by: Steve Milner <smilner@redhat.com>
* | container-engine: Allow full image overrideSteve Milner2017-09-111-8/+12
|/ | | | | | | | | | | | | openshift_docker_systemcontainer_image_registry_override has been replaced with openshift_docker_systemcontainer_image_override. The difference is openshift_docker_systemcontainer_image_override takes a full image path including the tag. Example: openshift_docker_systemcontainer_image_override=gscrivano/container-engine:latest Signed-off-by: Steve Milner <smilner@redhat.com>
* Merge pull request #5310 from ashcrow/split-rhel-centos-crioOpenShift Bot2017-09-071-2/+8
|\ | | | | Merged by openshift-bot
| * cri-o: Split RHEL and CentOS imagesSteve Milner2017-09-061-2/+8
| |
* | Merge pull request #5202 from giuseppe/crio-additional-registriesOpenShift Bot2017-09-062-0/+14
|\ \ | |/ |/| Merged by openshift-bot
| * cri-o: add support for additional registriesGiuseppe Scrivano2017-08-242-0/+14
| | | | | | | | | | | | | | Support added to CRI-O with: https://github.com/kubernetes-incubator/cri-o/commit/a35727c80bd2a26613aae21db00628045cb9be24 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | roles: use openshift_use_crioGiuseppe Scrivano2017-08-251-2/+2
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | cri-o: change to system runcGiuseppe Scrivano2017-08-251-1/+1
|/ | | | | | | Newer versions of cri-o do not carry runc but use the one from the system. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* First attempt at refactor of os_firewallKenny Woodson2017-08-081-1/+0
|
* cri-o: configure the CNI networkGiuseppe Scrivano2017-08-042-0/+15
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* cri-o: allow to override CRI-O image indipendently from DockerGiuseppe Scrivano2017-08-031-3/+3
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* docker: introduce use_crio_onlyGiuseppe Scrivano2017-08-031-2/+3
| | | | | | | | Introduce a new variable that disable the installation of Docker. For the time being we will still need Docker for building images, so by default leave it installed. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* docker: skip Docker setup when using CRI-OGiuseppe Scrivano2017-08-031-1/+3
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* cri-o: use only images from Docker HubGiuseppe Scrivano2017-08-031-10/+6
| | | | | | | For the time being it won't be added to the Red Hat registry, so use only what is available on Docker Hub. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* cri-o: Enable systemd-modules-load if requiredSteve Milner2017-08-031-0/+6
| | | | | If we had to drop the overlay file in /etc/modules-load.d/ then enable the systemd-modules-load service and make sure it runs.
* cri-o: Ensure overlay is availableSteve Milner2017-08-032-0/+22
| | | | | | | Some distro releases may not have overlay loaded into the kernel. This change looks for overlay via lsmod and, if it isn't already there, uses modprobe to load it in and then drops a load config into /etc/modules-load.d/overlay.conf.
* cri-o: Default insecure registries to ""Steve Milner2017-08-032-1/+2
|
* crio: use a template for the configurationGiuseppe Scrivano2017-08-032-24/+137
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* cri-o: Minor fixes for tasksSteve Milner2017-08-031-2/+1
|
* cri-o: Hardcode image name to cri-oSteve Milner2017-08-031-1/+1
|
* cri-o: configure storage and insecure registriesGiuseppe Scrivano2017-08-032-3/+34
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* cri-o: Allow cri-o usage.Steve Milner2017-08-032-0/+110
| | | | This change reuses the docker role to inject cri-o usage.
* Merge pull request #4757 from sosiouxme/20170703-docker-storage-overlay2Scott Dodson2017-07-201-1/+1
|\ | | | | openshift_checks/docker_storage: overlay/2 support
| * docker: fix docker_selinux_enabledLuke Meyer2017-07-181-1/+1
| | | | | | | | | | Document the option so that those who want to run on OverlayFS can find it. Fix the task so that setting it to False isn't interpreted as true.
* | Ensure proper fact evaluationScott Dodson2017-07-182-2/+2
| |
* | Wrap additional service changes in retriesScott Dodson2017-07-183-5/+15
| |
* | Test docker restart with retries 3 delay 30Steve Milner2017-07-181-1/+1
|/
* container-engine: Update Fedora registry urlSteve Milner2017-07-071-1/+1
|
* Install container-selinux with container-engineSteve Milner2017-07-061-0/+6
|
* Add a retry to the docker restart handlerScott Dodson2017-06-281-0/+5
|
* rename daemon.json to container-daemon.jsonSteve Milner2017-06-052-5/+7
| | | | | | The container-engine build has moved daemon.json to container-daemon.json to avoid collision. This change updates the template file location to follow suit.
* Add mtu setting to /etc/sysconfig/docker-networkScott Dodson2017-06-011-0/+15
| | | | Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1457062
* Remove typos that got reintroducedSteve Milner2017-05-251-2/+2
|
* Remove system-package=no from container-engine installSteve Milner2017-05-251-2/+0
|
* Merge pull request #4214 from giuseppe/rename-ENIRONMENT-to-EnvironmentOpenShift Bot2017-05-171-3/+3
|\ | | | | Merged by openshift-bot
| * systemcontainercustom.conf.j2: use Environment instead of ENVIRONMENTGiuseppe Scrivano2017-05-171-3/+3
| | | | | | | | | | | | Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1451187 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Add regexp for container-engine lineinfileSteve Milner2017-05-161-0/+5
| | | | | | | | | | This ensures that if the line already exists it will be updated with the expected results from the installer.
* | use dest instead of path for lineinfileSteve Milner2017-05-151-6/+6
| | | | | | | | | | | | | | Switching to dest instead of path for lineinfile. path is the name for ansible 2.3+ though dest will work for 2.2 and 2.3. Ref: http://docs.ansible.com/ansible/lineinfile_module.html
* | Add NO_PROXY workaround for container-engine atomic commandSteve Milner2017-05-151-0/+4
| | | | | | | | Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1450310
* | Add no_proxy to atomic.confSteve Milner2017-05-151-1/+9
|/ | | | Requires: https://github.com/projectatomic/atomic/pull/999
* Add docker package for container-engine installSteve Milner2017-05-141-11/+15
| | | | | The package is required so that openshift_facts is able to use the docker client to gain information on the versions.
* Merge pull request #4174 from ashcrow/remove-userland-proxyOpenShift Bot2017-05-121-2/+1
|\ | | | | Merged by openshift-bot
| * Remove userland-proxy-path from daemon.jsonSteve Milner2017-05-121-2/+1
| | | | | | | | | | This flag is currently being set within the system container via the init.sh
* | Fix whistespace issues in custom templateSteve Milner2017-05-121-6/+6
| |
* | Always add proxy items to atomic.confSteve Milner2017-05-121-4/+1
| |
* | Move container-engine systemd environment to updated locationSteve Milner2017-05-122-2/+3
|/
* doc: Add link to daemon.json upstream docSteve Milner2017-05-111-0/+2
|
* Remove unused daemon.json keysSteve Milner2017-05-111-45/+0
| | | | | | Instead of providing every possible key in the daemon.json configuration file, this update only provides keys which are actively set/used by the installer.