98 lines
2.8 KiB
YAML
98 lines
2.8 KiB
YAML
# tasks file for ansible-role-container-registry
|
|
|
|
# NOTE(aschultz): LP#1750194 - need to set ip_forward before docker starts
|
|
# so lets set it before we install the package if we're managing it.
|
|
- name: enable net.ipv4.ip_forward
|
|
sysctl:
|
|
name: net.ipv4.ip_forward
|
|
value: 1
|
|
sysctl_set: yes
|
|
state: present
|
|
reload: yes
|
|
|
|
- name: ensure docker is installed
|
|
yum:
|
|
name: docker
|
|
state: present
|
|
|
|
- name: manage /etc/systemd/system/docker.service.d
|
|
file:
|
|
path: /etc/systemd/system/docker.service.d
|
|
state: directory
|
|
when: ansible_service_mgr == 'systemd'
|
|
|
|
- name: unset mountflags
|
|
ini_file:
|
|
path: /etc/systemd/system/docker.service.d/99-unset-mountflags.conf
|
|
section: Service
|
|
option: MountFlags
|
|
value: ""
|
|
create: yes
|
|
notify: restart docker service
|
|
when: ansible_service_mgr == 'systemd'
|
|
|
|
- name: configure OPTIONS in /etc/sysconfig/docker
|
|
lineinfile:
|
|
path: /etc/sysconfig/docker
|
|
regexp: '^OPTIONS='
|
|
line: "OPTIONS='{{ _full_docker_options }}'"
|
|
create: yes
|
|
notify: restart docker service
|
|
|
|
- name: configure INSECURE_REGISTRY in /etc/sysconfig/docker
|
|
lineinfile:
|
|
path: /etc/sysconfig/docker
|
|
regexp: '^INSECURE_REGISTRY='
|
|
line: "INSECURE_REGISTRY='{{ registry_flags }}'"
|
|
when: container_registry_insecure_registries | length > 0
|
|
notify: restart docker service
|
|
vars:
|
|
registry_flags: "{% for reg in container_registry_insecure_registries %}--insecure-registry {{ reg }}{% if not loop.last %} {% endif %}{% endfor %}"
|
|
|
|
- name: manage /etc/docker/daemon.json
|
|
copy:
|
|
content: "{{ _docker_daemon_config | from_yaml | to_nice_json }}"
|
|
dest: /etc/docker/daemon.json
|
|
notify: restart docker service
|
|
|
|
- name: configure DOCKER_STORAGE_OPTIONS in /etc/sysconfig/docker-storage
|
|
lineinfile:
|
|
path: /etc/sysconfig/docker-storage
|
|
regexp: '^DOCKER_STORAGE_OPTIONS='
|
|
line: "DOCKER_STORAGE_OPTIONS=' {{ container_registry_storage_options }}'"
|
|
create: yes
|
|
when: container_registry_storage_options != ""
|
|
notify: restart docker service
|
|
|
|
- name: configure DOCKER_NETWORK_OPTIONS in /etc/sysconfig/docker-network
|
|
lineinfile:
|
|
path: /etc/sysconfig/docker-network
|
|
regexp: '^DOCKER_NETWORK_OPTIONS='
|
|
line: "DOCKER_NETWORK_OPTIONS=' {{ container_registry_network_options }}'"
|
|
create: yes
|
|
when: container_registry_storage_options != ""
|
|
notify: restart docker service
|
|
|
|
- name: ensure docker group exists
|
|
group:
|
|
name: docker
|
|
state: present
|
|
|
|
- name: add deployment user to docker group
|
|
user:
|
|
name: "{{ container_registry_deployment_user }}"
|
|
groups: docker
|
|
append: yes
|
|
|
|
- name: force systemd to reread configs
|
|
systemd:
|
|
daemon_reload: yes
|
|
when: ansible_service_mgr == 'systemd'
|
|
|
|
- name: enable and start docker
|
|
systemd:
|
|
enabled: true
|
|
state: started
|
|
name: docker
|
|
when: ansible_service_mgr == 'systemd'
|