heat_template_version: rocky description: > Configures docker on the host parameters: DockerInsecureRegistryAddress: description: Optional. The IP Address and Port of an insecure docker namespace that will be configured in /etc/sysconfig/docker. The value can be multiple addresses separated by commas. type: comma_delimited_list default: [] DockerRegistryMirror: description: Optional. Configure a registry-mirror in the /etc/docker/daemon.json file. default: '' type: string EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json Debug: type: boolean default: false description: Set to True to enable debugging on all services. DockerDebug: default: '' description: Set to True to enable debugging Docker services. type: string constraints: - allowed_values: [ '', 'true', 'True', 'TRUE', 'false', 'False', 'FALSE'] DockerOptions: default: '--log-driver=journald --signature-verification=false --iptables=false --live-restore' description: Options that are used to startup the docker service. type: string DockerAdditionalSockets: default: ['/var/lib/openstack/docker.sock'] description: Additional domain sockets for the docker daemon to bind to (useful for mounting into containers that launch other containers) type: comma_delimited_list DockerNetworkOptions: default: '--bip=172.31.0.1/24' description: More startup options, like CIDR for the default docker0 bridge (useful for the network configuration conflicts resolution) type: string DeploymentUser: default: '' description: User added to the docker group in order to use container commands. type: string conditions: insecure_registry_is_empty: {equals : [{get_param: DockerInsecureRegistryAddress}, []]} service_debug_unset: {equals : [{get_param: DockerDebug}, '']} outputs: role_data: description: Role data for the docker service value: service_name: docker config_settings: {} step_config: '' host_prep_tasks: - name: Install, Configure and Run Docker block: # NOTE(bogdando): w/a https://github.com/ansible/ansible/issues/42621 - set_fact: &docker_vars container_registry_debug: if: - service_debug_unset - {get_param: Debug } - {get_param: DockerDebug} container_registry_deployment_user: {get_param: DeploymentUser} container_registry_docker_options: {get_param: DockerOptions} container_registry_additional_sockets: {get_param: DockerAdditionalSockets} container_registry_insecure_registries: if: - insecure_registry_is_empty - [] - {get_param: DockerInsecureRegistryAddress} container_registry_mirror: {get_param: DockerRegistryMirror} container_registry_network_options: {get_param: DockerNetworkOptions} - include_role: name: container-registry tasks_from: docker service_config_settings: neutron_l3: docker_additional_sockets: {get_param: DockerAdditionalSockets} neutron_dhcp: docker_additional_sockets: {get_param: DockerAdditionalSockets} ovn_metadata: docker_additional_sockets: {get_param: DockerAdditionalSockets} upgrade_tasks: - name: Install docker packages on upgrade if missing when: step|int == 3 package: name=docker state=latest update_tasks: - name: Restart Docker when needed when: step|int == 2 block: - set_fact: *docker_vars - include_role: name: container-registry tasks_from: docker-update