Option for enable SSL verification on docker registry

By default, kolla configure docker to use an insecure connection
with the private registry. If we want to use SSL verification we need
to add an option.

Change-Id: Id1805c9cfeb499da9bb56c70028f14c6f8bb20b6

ansible/group_vars/all.yml

@@ -89,6 +89,7 @@ docker_registry_email:
 docker_registry:
 docker_namespace: "kolla"
 docker_registry_username:
+docker_registry_insecure: "{{ 'yes' if docker_registry else 'no' }}"
 
 # Valid options are [ never, on-failure, always, unless-stopped ]
 docker_restart_policy: "unless-stopped"

ansible/roles/baremetal/templates/docker_systemd_service.j2

@@ -1,4 +1,4 @@
 [Service]
 MountFlags=shared
 ExecStart=
-ExecStart=/usr/bin/{{ docker_binary_name|default("docker daemon", true) }}{% if docker_registry %} --insecure-registry {{ docker_registry }}{% endif %}{% if docker_storage_driver %} --storage-driver {{ docker_storage_driver }}{% endif %}{% if docker_runtime_directory %} --graph {{ docker_runtime_directory }}{% endif %}{% if docker_custom_option %} {{ docker_custom_option }}{% endif %}
+ExecStart=/usr/bin/{{ docker_binary_name|default("docker daemon", true) }}{% if docker_registry_insecure | bool %} --insecure-registry {{ docker_registry }}{% endif %}{% if docker_storage_driver %} --storage-driver {{ docker_storage_driver }}{% endif %}{% if docker_runtime_directory %} --graph {{ docker_runtime_directory }}{% endif %}{% if docker_custom_option %} {{ docker_custom_option }}{% endif %}

releasenotes/notes/docker_insecure_registry-857bfb9c760aa3bf.yaml

@@ -0,0 +1,6 @@
+---
+upgrade:
+  - |
+    Add option `docker_registry_insecure` to enable the SSL verification
+    for the docker registry. Default value is true when a private
+    registry is defined.