From 7fa419cfc39b16445f81536f8964d4f8277d45f7 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 21 Oct 2020 09:13:53 +0200 Subject: [PATCH] baremetal: Add support for Docker http/https proxy setup Change-Id: I947c2940518c0f4872acaa977edeaca370dc9a96 --- ansible/roles/baremetal/defaults/main.yml | 4 ++++ .../roles/baremetal/tasks/post-install.yml | 19 ++++++++++++++++--- .../templates/docker_systemd_service.j2 | 9 +++++++++ .../bootstrap-servers.rst | 4 ++++ .../docker-http-proxy-f3925e652ea3fc5d.yaml | 4 ++++ 5 files changed, 37 insertions(+), 3 deletions(-) create mode 100644 releasenotes/notes/docker-http-proxy-f3925e652ea3fc5d.yaml diff --git a/ansible/roles/baremetal/defaults/main.yml b/ansible/roles/baremetal/defaults/main.yml index 27226aa8fe..35947469cb 100644 --- a/ansible/roles/baremetal/defaults/main.yml +++ b/ansible/roles/baremetal/defaults/main.yml @@ -34,6 +34,10 @@ docker_storage_driver: "" docker_custom_option: "" docker_custom_config: {} +docker_http_proxy: "" +docker_https_proxy: "" +docker_no_proxy: "" + # Version of python used to execute Ansible modules. host_python_version: "{{ ansible_python.version.major }}.{{ ansible_python.version.minor }}" diff --git a/ansible/roles/baremetal/tasks/post-install.yml b/ansible/roles/baremetal/tasks/post-install.yml index e742e11629..5d1be104db 100644 --- a/ansible/roles/baremetal/tasks/post-install.yml +++ b/ansible/roles/baremetal/tasks/post-install.yml @@ -136,7 +136,10 @@ state: absent when: - not docker_custom_option - - not docker_configure_for_zun|bool + - not docker_configure_for_zun | bool + - not docker_http_proxy + - not docker_https_proxy + - not docker_no_proxy - name: Ensure docker service directory exists become: True @@ -144,14 +147,24 @@ path: /etc/systemd/system/docker.service.d state: directory recurse: yes - when: docker_custom_option | length > 0 or docker_configure_for_zun|bool + when: > + docker_custom_option | length > 0 or + docker_configure_for_zun | bool or + docker_http_proxy | length > 0 or + docker_https_proxy | length > 0 or + docker_no_proxy | length > 0 - name: Configure docker service become: True template: src: docker_systemd_service.j2 dest: /etc/systemd/system/docker.service.d/kolla.conf - when: docker_custom_option | length > 0 or docker_configure_for_zun|bool + when: > + docker_custom_option | length > 0 or + docker_configure_for_zun | bool or + docker_http_proxy | length > 0 or + docker_https_proxy | length > 0 or + docker_no_proxy | length > 0 - name: Reload docker service file become: True diff --git a/ansible/roles/baremetal/templates/docker_systemd_service.j2 b/ansible/roles/baremetal/templates/docker_systemd_service.j2 index f6d19c226a..4f15d60cec 100644 --- a/ansible/roles/baremetal/templates/docker_systemd_service.j2 +++ b/ansible/roles/baremetal/templates/docker_systemd_service.j2 @@ -1,4 +1,13 @@ [Service] +{% if docker_http_proxy | length > 0 %} +Environment="HTTP_PROXY={{ docker_http_proxy }}" +{% endif %} +{% if docker_https_proxy | length > 0 %} +Environment="HTTPS_PROXY={{ docker_https_proxy }}" +{% endif %} +{% if docker_no_proxy | length > 0 %} +Environment="NO_PROXY={{ docker_no_proxy }}" +{% endif %} ExecStart= # ExecStart commandline copied from 'docker-ce' package. Same on CentOS/Debian/Ubuntu systems. ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock{% if docker_custom_option %} {{ docker_custom_option }}{% endif %}{% if docker_configure_for_zun|bool %} {{ docker_zun_options }}{% endif %} diff --git a/doc/source/reference/deployment-and-bootstrapping/bootstrap-servers.rst b/doc/source/reference/deployment-and-bootstrapping/bootstrap-servers.rst index 71e952c7fd..147dce9655 100644 --- a/doc/source/reference/deployment-and-bootstrapping/bootstrap-servers.rst +++ b/doc/source/reference/deployment-and-bootstrapping/bootstrap-servers.rst @@ -178,6 +178,10 @@ maximum number of log files to retain per container. The ``docker_log_max_size`` variable, which defaults to ``50m``, defines the maximum size of each rotated log file per container. +The ``docker_http_proxy``, ``docker_https_proxy`` and ``docker_no_proxy`` +variables can be used to configure Docker Engine to connect to the internet +using http/https proxies. + Additional options for the Docker engine can be passed in ``docker_custom_config`` variable. It will be stored in ``daemon.json`` config file. Example: diff --git a/releasenotes/notes/docker-http-proxy-f3925e652ea3fc5d.yaml b/releasenotes/notes/docker-http-proxy-f3925e652ea3fc5d.yaml new file mode 100644 index 0000000000..e795b32b66 --- /dev/null +++ b/releasenotes/notes/docker-http-proxy-f3925e652ea3fc5d.yaml @@ -0,0 +1,4 @@ +--- +features: + - | + Add support for configuring Docker Engine http/https proxy.