Fix: authenticated registry support for containerized hosts

Currently, openshift-anisble supports authentication to
container registries to pull down openshift container images.
The openshift_verison role uses the docker cli to gather
image information from container registries before authentication
credentials are provided by openshift-ansible.

This commit creates the necessary token to authenticate to
private registries during openshift_version.  The token
is generated by the role 'docker' on all hosts where
docker is installed/configured when oreg_auth_users
is defined.

This commit also adds a read-only mount into the
openshift master and node container services.  This
mount is '/var/lib/origin/.docker:/root/.docker:ro'.
This is because the container images do not currently
read the values in '/var/lib/origin/.docker' as this
may be a bug upstream.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341

1 files changed, 1 insertions, 1 deletions

diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml
index f1e64f3aa..5424a64d2 100644
--- a/roles/openshift_node/defaults/main.yml
+++ b/roles/openshift_node/defaults/main.yml
@@ -84,7 +84,7 @@ oreg_url: ''
 oreg_host: "{{ oreg_url.split('/')[0] if '.' in oreg_url.split('/')[0] else '' }}"
 oreg_auth_credentials_path: "{{ openshift_node_data_dir }}/.docker"
 oreg_auth_credentials_replace: False
-
+l_bind_docker_reg_auth: False
 
 # NOTE
 # r_openshift_node_*_default may be defined external to this role.