blob: 62b3e141a7812d6bc43e600d2d13cfc2535d0691 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
---
docker_cli_auth_config_path: '/root/.docker'
openshift_docker_signature_verification: False
repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery --plugins' }}"
openshift_docker_alternative_creds: False
# oreg_url is defined by user input.
oreg_host: "{{ oreg_url.split('/')[0] if (oreg_url is defined and '.' in oreg_url.split('/')[0]) else '' }}"
oreg_auth_credentials_replace: False
openshift_docker_use_system_container: False
openshift_docker_disable_push_dockerhub: False # bool
openshift_docker_selinux_enabled: True
openshift_docker_service_name: "{{ 'container-engine' if (openshift_docker_use_system_container | default(False)) else 'docker' }}"
openshift_docker_hosted_registry_insecure: False # bool
openshift_docker_hosted_registry_network_default: "{{ openshift_portal_net | default(False) }}"
openshift_docker_hosted_registry_network: "{{ openshift_docker_hosted_registry_network_default }}"
openshift_docker_additional_registries: []
openshift_docker_blocked_registries: []
openshift_docker_insecure_registries: []
openshift_docker_ent_reg: 'registry.access.redhat.com'
openshift_docker_options: False # str
openshift_docker_log_driver: False # str
openshift_docker_log_options: []
# The l2_docker_* variables convert csv strings to lists, if
# necessary. These variables should be used in place of their respective
# openshift_docker_* counterparts to ensure the properly formatted lists are
# utilized.
l2_docker_additional_registries: "{% if openshift_docker_additional_registries is string %}{% if openshift_docker_additional_registries == '' %}[]{% elif ',' in openshift_docker_additional_registries %}{{ openshift_docker_additional_registries.split(',') | list }}{% else %}{{ [ openshift_docker_additional_registries ] }}{% endif %}{% else %}{{ openshift_docker_additional_registries }}{% endif %}"
l2_docker_blocked_registries: "{% if openshift_docker_blocked_registries is string %}{% if openshift_docker_blocked_registries == '' %}[]{% elif ',' in openshift_docker_blocked_registries %}{{ openshift_docker_blocked_registries.split(',') | list }}{% else %}{{ [ openshift_docker_blocked_registries ] }}{% endif %}{% else %}{{ openshift_docker_blocked_registries }}{% endif %}"
l2_docker_insecure_registries: "{% if openshift_docker_insecure_registries is string %}{% if openshift_docker_insecure_registries == '' %}[]{% elif ',' in openshift_docker_insecure_registries %}{{ openshift_docker_insecure_registries.split(',') | list }}{% else %}{{ [ openshift_docker_insecure_registries ] }}{% endif %}{% else %}{{ openshift_docker_insecure_registries }}{% endif %}"
l2_docker_log_options: "{% if openshift_docker_log_options is string %}{% if ',' in openshift_docker_log_options %}{{ openshift_docker_log_options.split(',') | list }}{% else %}{{ [ openshift_docker_log_options ] }}{% endif %}{% else %}{{ openshift_docker_log_options }}{% endif %}"
openshift_docker_use_etc_containers: False
containers_registries_conf_path: /etc/containers/registries.conf
r_crio_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
r_crio_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"
r_crio_os_firewall_deny: []
r_crio_os_firewall_allow:
- service: crio
port: 10010/tcp
openshift_docker_is_node_or_master: "{{ True if inventory_hostname in (groups['oo_masters_to_config']|default([])) or inventory_hostname in (groups['oo_nodes_to_config']|default([])) else False | bool }}"
docker_alt_storage_path: /var/lib/containers/docker
docker_default_storage_path: /var/lib/docker
# Set local versions of facts that must be in json format for container-daemon.json
# NOTE: When jinja2.9+ is used the container-daemon.json file can move to using tojson
l_docker_log_options: "{{ l2_docker_log_options | to_json }}"
l_docker_additional_registries: "{{ l2_docker_additional_registries | to_json }}"
l_docker_blocked_registries: "{{ l2_docker_blocked_registries | to_json }}"
l_docker_insecure_registries: "{{ l2_docker_insecure_registries | to_json }}"
l_docker_selinux_enabled: "{{ openshift_docker_selinux_enabled | to_json }}"
docker_http_proxy: "{{ openshift_http_proxy | default('') }}"
docker_https_proxy: "{{ openshift.common.https_proxy | default('') }}"
docker_no_proxy: "{{ openshift.common.no_proxy | default('') }}"
openshift_use_crio: False
openshift_use_crio_only: False
l_insecure_crio_registries: "{{ '\"{}\"'.format('\", \"'.join(l2_docker_insecure_registries)) }}"
l_crio_registries: "{{ l2_docker_additional_registries + ['docker.io'] }}"
l_additional_crio_registries: "{{ '\"{}\"'.format('\", \"'.join(l_crio_registries)) }}"
l_openshift_image_tag_default: "{{ openshift_release }}"
l_openshift_image_tag: "{{ openshift_image_tag | default(l_openshift_image_tag_default) | string}}"
|
