summaryrefslogtreecommitdiffstats
path: root/roles/docker/tasks
Commit message (Collapse)AuthorAgeFilesLines
* cri-o: configure the CNI networkGiuseppe Scrivano2017-08-041-0/+10
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* cri-o: allow to override CRI-O image indipendently from DockerGiuseppe Scrivano2017-08-031-3/+3
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* docker: introduce use_crio_onlyGiuseppe Scrivano2017-08-031-2/+3
| | | | | | | | Introduce a new variable that disable the installation of Docker. For the time being we will still need Docker for building images, so by default leave it installed. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* docker: skip Docker setup when using CRI-OGiuseppe Scrivano2017-08-031-1/+3
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* cri-o: use only images from Docker HubGiuseppe Scrivano2017-08-031-10/+6
| | | | | | | For the time being it won't be added to the Red Hat registry, so use only what is available on Docker Hub. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* cri-o: Enable systemd-modules-load if requiredSteve Milner2017-08-031-0/+6
| | | | | If we had to drop the overlay file in /etc/modules-load.d/ then enable the systemd-modules-load service and make sure it runs.
* cri-o: Ensure overlay is availableSteve Milner2017-08-031-0/+20
| | | | | | | Some distro releases may not have overlay loaded into the kernel. This change looks for overlay via lsmod and, if it isn't already there, uses modprobe to load it in and then drops a load config into /etc/modules-load.d/overlay.conf.
* cri-o: Default insecure registries to ""Steve Milner2017-08-031-0/+1
|
* crio: use a template for the configurationGiuseppe Scrivano2017-08-031-24/+5
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* cri-o: Minor fixes for tasksSteve Milner2017-08-031-2/+1
|
* cri-o: Hardcode image name to cri-oSteve Milner2017-08-031-1/+1
|
* cri-o: configure storage and insecure registriesGiuseppe Scrivano2017-08-032-3/+34
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* cri-o: Allow cri-o usage.Steve Milner2017-08-032-0/+110
| | | | This change reuses the docker role to inject cri-o usage.
* Merge pull request #4757 from sosiouxme/20170703-docker-storage-overlay2Scott Dodson2017-07-201-1/+1
|\ | | | | openshift_checks/docker_storage: overlay/2 support
| * docker: fix docker_selinux_enabledLuke Meyer2017-07-181-1/+1
| | | | | | | | | | Document the option so that those who want to run on OverlayFS can find it. Fix the task so that setting it to False isn't interpreted as true.
* | Ensure proper fact evaluationScott Dodson2017-07-182-2/+2
| |
* | Wrap additional service changes in retriesScott Dodson2017-07-182-4/+15
|/
* container-engine: Update Fedora registry urlSteve Milner2017-07-071-1/+1
|
* Install container-selinux with container-engineSteve Milner2017-07-061-0/+6
|
* rename daemon.json to container-daemon.jsonSteve Milner2017-06-051-4/+6
| | | | | | The container-engine build has moved daemon.json to container-daemon.json to avoid collision. This change updates the template file location to follow suit.
* Add mtu setting to /etc/sysconfig/docker-networkScott Dodson2017-06-011-0/+15
| | | | Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1457062
* Remove typos that got reintroducedSteve Milner2017-05-251-2/+2
|
* Remove system-package=no from container-engine installSteve Milner2017-05-251-2/+0
|
* Add regexp for container-engine lineinfileSteve Milner2017-05-161-0/+5
| | | | | This ensures that if the line already exists it will be updated with the expected results from the installer.
* use dest instead of path for lineinfileSteve Milner2017-05-151-6/+6
| | | | | | | Switching to dest instead of path for lineinfile. path is the name for ansible 2.3+ though dest will work for 2.2 and 2.3. Ref: http://docs.ansible.com/ansible/lineinfile_module.html
* Add NO_PROXY workaround for container-engine atomic commandSteve Milner2017-05-151-0/+4
| | | | Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1450310
* Add no_proxy to atomic.confSteve Milner2017-05-151-1/+9
| | | | Requires: https://github.com/projectatomic/atomic/pull/999
* Add docker package for container-engine installSteve Milner2017-05-141-11/+15
| | | | | The package is required so that openshift_facts is able to use the docker client to gain information on the versions.
* Always add proxy items to atomic.confSteve Milner2017-05-121-4/+1
|
* Move container-engine systemd environment to updated locationSteve Milner2017-05-121-2/+2
|
* Merge pull request #4152 from sdodson/iptables-defaultOpenShift Bot2017-05-101-1/+1
|\ | | | | Merged by openshift-bot
| * Default to iptables on masterScott Dodson2017-05-101-1/+1
| | | | | | | | | | | | We did this in 3.5 but never on master and we never came back to add migration support. So we'll revert this on master and if/when we add migration support we'll switch the default.
* | Ensure true is lowercase in daemon.jsonSteve Milner2017-05-101-0/+1
|/
* Use local variables for daemon.json templateSteve Milner2017-05-081-0/+8
| | | | | | | | | | | Instead of using bare lists and dicts this change converts variables into json for use with daemon.json. jinja2 does have an ability to do this in side of templates, however it is only available in 2.9+. Until then the use of ansible's to_json in the playbook is being used. Refs: - http://jinja.pocoo.org/docs/2.9/templates/#tojson - http://docs.ansible.com/ansible/playbooks_filters.html#filters-for-formatting-data
* Fix 1448368, and some other minors issuesGan Huang2017-05-052-15/+16
|
* System container dockerSteve Milner2017-05-033-112/+260
| | | | | | | | | | | | | | | This change allows for the use of either the traditional package install of docker OR a system container install of docker. Two new inventory options, openshift_docker_use_system_container and openshift_docker_systemcontainer_image_registry_override, have been added which are be used to install with a system container. By default this option is commented out. One new fact has been added: - docker.service_name: docker by default, container-engine-docker for system container
* Comma separate no_proxy host list in openshift_facts so that it appears as a ↵Andrew Butcher2017-01-251-1/+1
| | | | string everywhere it is used.
* Add new option 'openshift_docker_selinux_enabled'Russell Teague2017-01-241-1/+1
| | | | | Allows controlling 'selinux-enabled' docker options Can be set to true or false
* v1.3 Add RHAMPScott Dodson2017-01-171-8/+0
|
* Enable firewalld by defaultRussell Teague2016-12-141-10/+12
|
* YAML LintingRussell Teague2016-12-121-9/+9
| | | | | * Added checks to make ci for yaml linting * Modified y(a)ml files to pass lint checks
* Refactored to use Ansible systemd moduleRussell Teague2016-11-281-7/+1
| | | | | | * Ansible systemd module used in place of service module * Refactored command tasks which are no longer necessary * Applying rules from openshift-ansible Best Practices Guide
* Refactor to use Ansible package moduleRussell Teague2016-11-171-1/+1
| | | | | The Ansible package module will call the correct package manager for the underlying OS.
* Docker daemon is started prematurely.Eric Mountain2016-11-141-11/+11
| | | | | | | | | Docker service is started prior to configuration changes being applied. The service is then not restarted by the handlers, so configuration changes are not applied. We now start the docker service only once all config changes have been made.
* Added dependency of os_firewall to docker roleRussell Teague2016-11-141-3/+0
| | | | | | | | | | | The docker role requires iptables-services to be installed. Added dependency on so_firewall role to ensure the iptables service is installed first. Currently this will only work with iptables and not with firewalld. * Added allow_duplicates to os_firewall role meta * Removed unused task from docker/tasks * Corrected os_firewall Defaults in README
* Resolve docker and iptables service dependenciesRussell Teague2016-11-111-1/+13
| | | | | | | | | | The docker service adds rules to the iptables configuration to support proper network functionality for running containers. If the service is started prior to iptables, these rules are not properly created. * Ensure iptables is started prior to docker Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1390835
* Fix typosRodolfo Carvalho2016-10-191-1/+1
|
* Skip the docker role in early upgrade stages.Devan Goodwin2016-09-291-4/+4
| | | | | | | | This improves the situation further and prevents configuration changes from accidentally triggering docker restarts, before we've evacuated nodes. Now in two places, we skip the role entirely, instead of previous implementation which only skipped upgrading the installed version. (which did not catch config issues)
* Fix review commentsManjunath A Kumatagi2016-08-271-2/+2
|
* Fix typoManjunath A Kumatagi2016-08-181-3/+3
|
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-25 03:44:46 +0000