heat_template_version: queens description: > Configures docker on the host parameters: DockerInsecureRegistryAddress: description: Optional. The IP Address and Port of an insecure docker namespace that will be configured in /etc/sysconfig/docker. The value can be multiple addresses separated by commas. type: comma_delimited_list default: [] DockerRegistryMirror: description: Optional. Configure a registry-mirror in the /etc/docker/daemon.json file. default: '' type: string EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json Debug: type: boolean default: false description: Set to True to enable debugging on all services. DockerDebug: default: '' description: Set to True to enable debugging Docker services. type: string constraints: - allowed_values: [ '', 'true', 'True', 'TRUE', 'false', 'False', 'FALSE'] DockerOptions: default: '--log-driver=journald --signature-verification=false --iptables=false --live-restore' description: Options that are used to startup the docker service. type: string DeploymentUser: default: '' description: User added to the docker group in order to use container commands. type: string conditions: insecure_registry_is_empty: {equals : [{get_param: DockerInsecureRegistryAddress}, []]} insecure_registry_mirror_is_empty: {equals : [{get_param: DockerRegistryMirror}, '']} service_debug_unset: {equals : [{get_param: DockerDebug}, '']} deployment_user_is_empty: {equals : [{get_param: DeploymentUser}, '']} outputs: role_data: description: Role data for the docker service value: service_name: docker config_settings: map_merge: - tripleo::profile::base::docker::configure_network: true tripleo::profile::base::docker::network_options: "--bip=172.31.0.1/24" tripleo::profile::base::docker::docker_options: {get_param: DockerOptions} tripleo::profile::base::docker::debug: if: - service_debug_unset - {get_param: Debug } - {get_param: DockerDebug} - if: - insecure_registry_is_empty - {} - tripleo::profile::base::docker::insecure_registries: {get_param: DockerInsecureRegistryAddress} - if: - insecure_registry_mirror_is_empty - {} - tripleo::profile::base::docker::registry_mirror: {get_param: DockerRegistryMirror} - if: - deployment_user_is_empty - {} - tripleo::profile::base::docker::deployment_user: {get_param: DeploymentUser} step_config: | include ::tripleo::profile::base::docker upgrade_tasks: - name: Install docker packages on upgrade if missing when: step|int == 3 yum: name=docker state=latest