External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-02 01:58:12 -03:30
Code Issues Packages Projects Releases Wiki Activity

Docker Options Refactor

Browse Source
This commit is contained in:
Chad Swenson
2016-11-04 16:40:14 -05:00
parent 7328e0e1ac
commit 8b5b27bb51
17 changed files with 131 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
roles/docker/tasks/main.yml
View File

@@ -62,20 +62,13 @@
with_items: "{{ docker_package_info.pkgs }}"
when: (ansible_os_family != "CoreOS") and (docker_package_info.pkgs|length > 0)
- name: allow for proxies on systems using systemd
include: systemd-proxies.yml
when: ansible_service_mgr == "systemd" and
(http_proxy is defined or https_proxy is defined or no_proxy is defined)
- name: Set docker upstart and sysvinit config
include: non-systemd.yml
when: ansible_service_mgr in ["sysvinit","upstart"]
- name: Write docker.service systemd file
template:
src: systemd-docker.service.j2
dest: /etc/systemd/system/docker.service
register: docker_service_file
notify: restart docker
when: ansible_service_mgr == "systemd" and ansible_os_family != "CoreOS"
- meta: flush_handlers
- name: Set docker systemd config
include: systemd.yml
when: ansible_service_mgr == "systemd"
- name: ensure docker service is started and enabled
service:
@@ -83,4 +76,4 @@
enabled: yes
state: started
with_items:
- docker
- docker

61
roles/docker/tasks/non-systemd.yml Normal file
View File

@@ -0,0 +1,61 @@
---
# This uses lineinfile instead of templates for idempotency in files that may be modified by different roles
- name: Set docker options config file path
set_fact:
docker_options_file: >-
{%- if ansible_os_family == "Debian" -%}/etc/default/docker{%- elif ansible_os_family == "RedHat" -%}/etc/sysconfig/docker{%- endif -%}
- name: Set docker options config variable name
set_fact:
docker_options_name: >-
{%- if ansible_os_family == "Debian" -%}DOCKER_OPTS{%- elif ansible_os_family == "RedHat" -%}other_args{%- endif -%}
- name: Set docker options config value to be written
set_fact:
docker_options_value: '"{{ docker_options }} $DOCKER_NETWORK_OPTIONS $DOCKER_STORAGE_OPTIONS $INSECURE_REGISTRY"'
- name: Set docker options config line to be written
set_fact:
docker_options_line: "{{ docker_options_name }}={{ docker_options_value }}"
- name: Set docker proxy lines to be written
set_fact:
docker_proxy_lines:
- { name: "HTTP_PROXY", value: '"{{ http_proxy }}"' }
- { name: "HTTPS_PROXY", value: '"{{ https_proxy }}"' }
- { name: "NO_PROXY", value: '"{{ no_proxy }}"' }
- name: Remove docker daemon proxy config lines that don't match desired lines
lineinfile:
dest: "{{ docker_options_file }}"
regexp: "^{{ item.name }}=(?!{{ item.value|regex_escape() }})"
state: absent
with_items: "{{ docker_proxy_lines|default([]) }}"
when: item.value is defined and (item.value | trim != '')
- name: Write docker daemon proxy config lines
lineinfile:
dest: "{{ docker_options_file }}"
line: "{{ item.name }}={{ item.value }}"
owner: root
group: root
mode: 0644
with_items: "{{ docker_proxy_lines|default([]) }}"
when: item.value is defined and (item.value | trim != '')
- name: Remove docker daemon options lines that don't match desired line
lineinfile:
dest: "{{ docker_options_file }}"
regexp: "^(DOCKER_OPTS|OPTIONS|other_args)=(?!{{ docker_options_value|regex_escape() }})"
state: absent
- name: Write docker daemon options line
lineinfile:
dest: "{{ docker_options_file }}"
line: "{{ docker_options_line }}"
owner: root
group: root
mode: 0644
notify: restart docker
- meta: flush_handlers

9
roles/docker/tasks/systemd-proxies.yml
View File

@@ -1,9 +0,0 @@
---
- name: create docker service directory for systemd
file: path=/etc/systemd/system/docker.service.d state=directory
- name: drop docker environment conf to enable proxy usage
template:
src: http-proxy.conf.j2
dest: /etc/systemd/system/docker.service.d/http-proxy.conf
notify: restart docker

24
roles/docker/tasks/systemd.yml Normal file
View File

@@ -0,0 +1,24 @@
---
- name: Create docker service systemd directory if it doesn't exist
file: path=/etc/systemd/system/docker.service.d state=directory
- name: Write docker proxy drop-in
template:
src: http-proxy.conf.j2
dest: /etc/systemd/system/docker.service.d/http-proxy.conf
when: http_proxy is defined or https_proxy is defined or no_proxy is defined
- name: Write docker.service systemd file
template:
src: docker.service.j2
dest: /etc/systemd/system/docker.service
register: docker_service_file
when: ansible_os_family != "CoreOS"
- name: Write docker options systemd drop-in
template:
src: docker-options.conf.j2
dest: "/etc/systemd/system/docker.service.d/docker-options.conf"
notify: restart docker
- meta: flush_handlers

2
roles/docker/templates/docker-options.conf.j2 Normal file
View File

@@ -0,0 +1,2 @@
[Service]
Environment="DOCKER_OPTS={% if docker_options is defined %}{{ docker_options }}{% endif %}"

13
roles/docker/templates/systemd-docker.service.j2 → roles/docker/templates/docker.service.j2
View File

@@ -11,24 +11,15 @@ Wants=docker.socket
[Service]
Type=notify
{% if ansible_os_family == "RedHat" %}
EnvironmentFile=-/etc/default/docker
EnvironmentFile=-/etc/sysconfig/docker
EnvironmentFile=-/etc/sysconfig/docker-network
EnvironmentFile=-/etc/sysconfig/docker-storage
{% elif ansible_os_family == "Debian" %}
EnvironmentFile=-/etc/default/docker
{% endif %}
Environment=GOTRACEBACK=crash
ExecReload=/bin/kill -s HUP $MAINPID
Delegate=yes
KillMode=process
ExecStart=/usr/bin/docker daemon \
$OPTIONS \
$DOCKER_OPTS \
$DOCKER_STORAGE_OPTIONS \
$DOCKER_NETWORK_OPTIONS \
$INSECURE_REGISTRY \
$DOCKER_OPTS
$INSECURE_REGISTRY
TasksMax=infinity
LimitNOFILE=1048576
LimitNPROC=1048576

1
roles/docker/templates/http-proxy.conf.j2
View File

@@ -1,3 +1,2 @@
[Service]
Environment={% if http_proxy %}"HTTP_PROXY={{ http_proxy }}"{% endif %} {% if https_proxy %}"HTTPS_PROXY={{ https_proxy }}"{% endif %} {% if no_proxy %}"NO_PROXY={{ no_proxy }}"{% endif %}