summaryrefslogtreecommitdiffstats
path: root/roles/docker
Commit message (Collapse)AuthorAgeFilesLines
* cri-o: configure storage and insecure registriesGiuseppe Scrivano2017-08-032-3/+34
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* cri-o: Allow cri-o usage.Steve Milner2017-08-032-0/+110
| | | | This change reuses the docker role to inject cri-o usage.
* Merge pull request #4757 from sosiouxme/20170703-docker-storage-overlay2Scott Dodson2017-07-201-1/+1
|\ | | | | openshift_checks/docker_storage: overlay/2 support
| * docker: fix docker_selinux_enabledLuke Meyer2017-07-181-1/+1
| | | | | | | | | | Document the option so that those who want to run on OverlayFS can find it. Fix the task so that setting it to False isn't interpreted as true.
* | Ensure proper fact evaluationScott Dodson2017-07-182-2/+2
| |
* | Wrap additional service changes in retriesScott Dodson2017-07-183-5/+15
| |
* | Test docker restart with retries 3 delay 30Steve Milner2017-07-181-1/+1
|/
* container-engine: Update Fedora registry urlSteve Milner2017-07-071-1/+1
|
* Install container-selinux with container-engineSteve Milner2017-07-061-0/+6
|
* Add a retry to the docker restart handlerScott Dodson2017-06-281-0/+5
|
* rename daemon.json to container-daemon.jsonSteve Milner2017-06-052-5/+7
| | | | | | The container-engine build has moved daemon.json to container-daemon.json to avoid collision. This change updates the template file location to follow suit.
* Add mtu setting to /etc/sysconfig/docker-networkScott Dodson2017-06-011-0/+15
| | | | Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1457062
* Remove typos that got reintroducedSteve Milner2017-05-251-2/+2
|
* Remove system-package=no from container-engine installSteve Milner2017-05-251-2/+0
|
* Merge pull request #4214 from giuseppe/rename-ENIRONMENT-to-EnvironmentOpenShift Bot2017-05-171-3/+3
|\ | | | | Merged by openshift-bot
| * systemcontainercustom.conf.j2: use Environment instead of ENVIRONMENTGiuseppe Scrivano2017-05-171-3/+3
| | | | | | | | | | | | Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1451187 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Add regexp for container-engine lineinfileSteve Milner2017-05-161-0/+5
| | | | | | | | | | This ensures that if the line already exists it will be updated with the expected results from the installer.
* | use dest instead of path for lineinfileSteve Milner2017-05-151-6/+6
| | | | | | | | | | | | | | Switching to dest instead of path for lineinfile. path is the name for ansible 2.3+ though dest will work for 2.2 and 2.3. Ref: http://docs.ansible.com/ansible/lineinfile_module.html
* | Add NO_PROXY workaround for container-engine atomic commandSteve Milner2017-05-151-0/+4
| | | | | | | | Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1450310
* | Add no_proxy to atomic.confSteve Milner2017-05-151-1/+9
|/ | | | Requires: https://github.com/projectatomic/atomic/pull/999
* Add docker package for container-engine installSteve Milner2017-05-141-11/+15
| | | | | The package is required so that openshift_facts is able to use the docker client to gain information on the versions.
* Merge pull request #4174 from ashcrow/remove-userland-proxyOpenShift Bot2017-05-121-2/+1
|\ | | | | Merged by openshift-bot
| * Remove userland-proxy-path from daemon.jsonSteve Milner2017-05-121-2/+1
| | | | | | | | | | This flag is currently being set within the system container via the init.sh
* | Fix whistespace issues in custom templateSteve Milner2017-05-121-6/+6
| |
* | Always add proxy items to atomic.confSteve Milner2017-05-121-4/+1
| |
* | Move container-engine systemd environment to updated locationSteve Milner2017-05-122-2/+3
|/
* doc: Add link to daemon.json upstream docSteve Milner2017-05-111-0/+2
|
* Remove unused daemon.json keysSteve Milner2017-05-111-45/+0
| | | | | | Instead of providing every possible key in the daemon.json configuration file, this update only provides keys which are actively set/used by the installer.
* Merge pull request #4158 from ganhuang/lower_boolScott Dodson2017-05-111-2/+2
|\ | | | | lower case in /etc/daemon.json and correct block-registry
| * lower case in /etc/daemon.json and correct block-registryGan Huang2017-05-111-2/+2
| |
* | Merge pull request #4152 from sdodson/iptables-defaultOpenShift Bot2017-05-102-2/+2
|\ \ | |/ |/| Merged by openshift-bot
| * Default to iptables on masterScott Dodson2017-05-102-2/+2
| | | | | | | | | | | | We did this in 3.5 but never on master and we never came back to add migration support. So we'll revert this on master and if/when we add migration support we'll switch the default.
* | Rename blocked-registries to block-registriesSteve Milner2017-05-101-1/+1
| | | | | | | | | | The daemon.json configuration key is block-registries. The code and installer bits call it blocked-registries.
* | Ensure true is lowercase in daemon.jsonSteve Milner2017-05-102-1/+2
|/
* Use local variables for daemon.json templateSteve Milner2017-05-082-6/+14
| | | | | | | | | | | Instead of using bare lists and dicts this change converts variables into json for use with daemon.json. jinja2 does have an ability to do this in side of templates, however it is only available in 2.9+. Until then the use of ansible's to_json in the playbook is being used. Refs: - http://jinja.pocoo.org/docs/2.9/templates/#tojson - http://docs.ansible.com/ansible/playbooks_filters.html#filters-for-formatting-data
* Fix 1448368, and some other minors issuesGan Huang2017-05-054-19/+22
|
* System container dockerSteve Milner2017-05-039-116/+350
| | | | | | | | | | | | | | | This change allows for the use of either the traditional package install of docker OR a system container install of docker. Two new inventory options, openshift_docker_use_system_container and openshift_docker_systemcontainer_image_registry_override, have been added which are be used to install with a system container. By default this option is commented out. One new fact has been added: - docker.service_name: docker by default, container-engine-docker for system container
* Loosely couple docker to iptables serviceRussell Teague2017-03-071-1/+1
|
* Comma separate no_proxy host list in openshift_facts so that it appears as a ↵Andrew Butcher2017-01-251-1/+1
| | | | string everywhere it is used.
* Add new option 'openshift_docker_selinux_enabled'Russell Teague2017-01-241-1/+1
| | | | | Allows controlling 'selinux-enabled' docker options Can be set to true or false
* v1.3 Add RHAMPScott Dodson2017-01-171-8/+0
|
* Enable firewalld by defaultRussell Teague2016-12-142-11/+12
|
* YAML LintingRussell Teague2016-12-122-11/+11
| | | | | * Added checks to make ci for yaml linting * Modified y(a)ml files to pass lint checks
* Refactored to use Ansible systemd moduleRussell Teague2016-11-282-9/+4
| | | | | | * Ansible systemd module used in place of service module * Refactored command tasks which are no longer necessary * Applying rules from openshift-ansible Best Practices Guide
* Updating docs for Ansible 2.2 requirementsRussell Teague2016-11-282-2/+2
|
* Refactor to use Ansible package moduleRussell Teague2016-11-171-1/+1
| | | | | The Ansible package module will call the correct package manager for the underlying OS.
* Docker daemon is started prematurely.Eric Mountain2016-11-141-11/+11
| | | | | | | | | Docker service is started prior to configuration changes being applied. The service is then not restarted by the handlers, so configuration changes are not applied. We now start the docker service only once all config changes have been made.
* Added dependency of os_firewall to docker roleRussell Teague2016-11-143-5/+4
| | | | | | | | | | | The docker role requires iptables-services to be installed. Added dependency on so_firewall role to ensure the iptables service is installed first. Currently this will only work with iptables and not with firewalld. * Added allow_duplicates to os_firewall role meta * Removed unused task from docker/tasks * Corrected os_firewall Defaults in README
* Resolve docker and iptables service dependenciesRussell Teague2016-11-113-1/+19
| | | | | | | | | | The docker service adds rules to the iptables configuration to support proper network functionality for running containers. If the service is started prior to iptables, these rules are not properly created. * Ensure iptables is started prior to docker Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1390835
* Fix typosRodolfo Carvalho2016-10-191-1/+1
|