Merge pull request #4 from samdoran/role-improvements

Make improvements to role
This commit is contained in:
Emilien Macchi 2018-04-16 12:52:19 -07:00 committed by GitHub
commit 8e65cbd566
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 50 additions and 106 deletions

View File

@ -1,16 +1,14 @@
---
# defaults file for ansible-role-container-registry
debug: false
deploy_docker: true
deploy_docker_distribution: true
deployment_user: centos
docker_options: '--log-driver=journald --signature-verification=false --iptables=false --live-restore'
enable_container_images_build: true
insecure_registries: []
network_options: ''
registry_host: localhost
registry_mirror: ''
registry_port: 8787
selinux_enabled: false
storage_options: '-s overlay2'
container_registry_debug: false
container_registry_deploy_docker: true
container_registry_deploy_docker_distribution: true
container_registry_deployment_user: centos
container_registry_docker_options: '--log-driver=journald --signature-verification=false --iptables=false --live-restore'
container_registry_enable_container_images_build: true
container_registry_insecure_registries: []
container_registry_network_options: ''
container_registry_host: localhost
container_registry_port: 8787
container_registry_mirrors: []
container_registry_storage_options: '-s overlay2'

View File

@ -1,4 +1,3 @@
---
# handlers file for ansible-role-container-registry
- name: restart docker

View File

@ -1,57 +1,18 @@
galaxy_info:
author: your name
author: Emilien Macchi
description: your description
company: your company (optional)
# If the issue tracker for your role is not on github, uncomment the
# next line and provide a value
# issue_tracker_url: http://example.com/issue/tracker
license: Apache 2.0
# Some suggested licenses:
# - BSD (default)
# - MIT
# - GPLv2
# - GPLv3
# - Apache
# - CC-BY
license: license (GPLv2, CC-BY, etc)
min_ansible_version: 2.4
min_ansible_version: 1.2
platforms:
- name: EL
versions:
- 7
# If this a Container Enabled role, provide the minimum Ansible Container version.
# min_ansible_container_version:
# Optionally specify the branch Galaxy will use when accessing the GitHub
# repo for this role. During role install, if no tags are available,
# Galaxy will use this branch. During import Galaxy will access files on
# this branch. If Travis integration is configured, only notifications for this
# branch will be accepted. Otherwise, in all cases, the repo's default branch
# (usually master) will be used.
#github_branch:
#
# platforms is a list of platforms, and each platform has a name and a list of versions.
#
# platforms:
# - name: Fedora
# versions:
# - all
# - 25
# - name: SomePlatform
# versions:
# - all
# - 1.0
# - 7
# - 99.99
galaxy_tags: []
# List tags for your role here, one per line. A tag is a keyword that describes
# and categorizes the role. Users find roles by searching for tags. Be sure to
# remove the '[]' above, if you add tags to this list.
#
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
# Maximum 20 tags per role.
galaxy_tags:
- docker
- registry
dependencies: []
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
# if you add dependencies to this list.

View File

@ -1,4 +1,3 @@
---
# tasks file for ansible-role-container-registry
- name: ensure docker-distribution is installed
@ -10,7 +9,7 @@
yum:
name: openstack-kolla
state: latest
when: enable_container_images_build|bool
when: container_registry_enable_container_images_build|bool
- name: manage /etc/docker-distribution/registry/config.yml
template:

View File

@ -1,4 +1,3 @@
---
# tasks file for ansible-role-container-registry
# NOTE(aschultz): LP#1750194 - need to set ip_forward before docker starts
@ -20,48 +19,39 @@
file:
path: /etc/systemd/system/docker.service.d
state: directory
when: ansible_service_mgr == 'systemd'
- name: unset mountflags
blockinfile:
ini_file:
path: /etc/systemd/system/docker.service.d/99-unset-mountflags.conf
block: |
[Service]
MountFlags=
section: Service
option: MountFlags
value: ""
create: yes
notify: restart docker service
- name: configure OPTIONS and enable selinux in /etc/sysconfig/docker
lineinfile:
path: /etc/sysconfig/docker
regexp: '^OPTIONS='
line: "OPTIONS='--selinux-enabled {{ docker_options }}'"
create: yes
notify: restart docker service
when: selinux_enabled|bool
when: ansible_service_mgr == 'systemd'
- name: configure OPTIONS in /etc/sysconfig/docker
lineinfile:
path: /etc/sysconfig/docker
regexp: '^OPTIONS='
line: "OPTIONS='{{ docker_options }}'"
line: "OPTIONS='{{ _full_docker_options }}'"
create: yes
notify: restart docker service
when: not selinux_enabled|bool
- name: configure INSECURE_REGISTRY in /etc/sysconfig/docker
lineinfile:
path: /etc/sysconfig/docker
regexp: '^INSECURE_REGISTRY='
line: "INSECURE_REGISTRY='{{ registry_flags }}'"
when: insecure_registries | length > 0
when: container_registry_insecure_registries | length > 0
notify: restart docker service
vars:
registry_flags: "{% for reg in insecure_registries %}--insecure-registry {{ reg }}{% if not loop.last %} {% endif %}{% endfor %}"
registry_flags: "{% for reg in container_registry_insecure_registries %}--insecure-registry {{ reg }}{% if not loop.last %} {% endif %}{% endfor %}"
# There is no native way to edit JSON so we use a template.
- name: manage /etc/docker/daemon.json
template:
src: docker-daemon.json.j2
copy:
content: "{{ _docker_daemon_config | from_yaml | to_nice_json }}"
dest: /etc/docker/daemon.json
notify: restart docker service
@ -69,18 +59,18 @@
lineinfile:
path: /etc/sysconfig/docker-storage
regexp: '^DOCKER_STORAGE_OPTIONS='
line: "DOCKER_STORAGE_OPTIONS=' {{ storage_options }}'"
line: "DOCKER_STORAGE_OPTIONS=' {{ container_registry_storage_options }}'"
create: yes
when: storage_options != ""
when: container_registry_storage_options != ""
notify: restart docker service
- name: configure DOCKER_NETWORK_OPTIONS in /etc/sysconfig/docker-network
lineinfile:
path: /etc/sysconfig/docker-network
regexp: '^DOCKER_NETWORK_OPTIONS='
line: "DOCKER_NETWORK_OPTIONS=' {{ network_options }}'"
line: "DOCKER_NETWORK_OPTIONS=' {{ container_registry_network_options }}'"
create: yes
when: storage_options != ""
when: container_registry_storage_options != ""
notify: restart docker service
- name: ensure docker group exists
@ -90,15 +80,18 @@
- name: add deployment user to docker group
user:
name: "{{ deployment_user }}"
name: "{{ container_registry_deployment_user }}"
groups: docker
append: yes
- name: force systemd to reread configs
systemd: daemon_reload=yes
systemd:
daemon_reload: yes
when: ansible_service_mgr == 'systemd'
- name: enable and start docker
systemd:
enabled: true
state: started
name: docker
when: ansible_service_mgr == 'systemd'

View File

@ -1,8 +1,7 @@
---
# tasks file for ansible-role-container-registry
- include: docker.yml
when: deploy_docker|bool
when: container_registry_deploy_docker|bool
- include: docker-distribution.yml
when: deploy_docker_distribution|bool
when: container_registry_deploy_docker_distribution|bool

View File

@ -1,6 +0,0 @@
{
{% if registry_mirror != "" %}
"registry-mirrors": ["{{ registry_mirror }}"],
{% endif %}
"debug": {{ debug|lower }}
}

View File

@ -8,4 +8,4 @@ storage:
filesystem:
rootdirectory: /var/lib/registry
http:
addr: {{ registry_host }}:{{ registry_port }}
addr: {{ container_registry_host }}:{{ container_registry_port }}

View File

@ -1,4 +1,3 @@
---
- hosts: localhost
become: true
roles:

View File

@ -1,2 +1,4 @@
---
# vars file for ansible-role-container-registry
_full_docker_options: "{% if ansible_selinux.status == 'enabled' %}--selinux-enabled {% endif %}{{ container_registry_docker_options }}"
_docker_daemon_config: |
debug: {{ container_registry_debug }}
{% if container_registry_mirrors | length > 0 %}registry-mirrors: {{ container_registry_mirrors }}{% endif %}