Add role for installing docker and configuring registry mirror
There are two different ways to install docker - from upstream repos or from distro. At the moment each of these carries with it the need for a different caching proxy setup. Add a role that will install docker from upstream by default, but which also supports installing directly from distros. The role also sets up the registry proxy appropriately for each. This role at the moment only works on ubuntu. It should obviously be updated to work on centos and fedora as well. Needed-By: https://review.openstack.org/580160 Change-Id: I7d6bac68a2c0fecf13a8bd9535a3fdeb85e7d999
This commit is contained in:
parent
e3d911b3ef
commit
899bd89833
|
@ -0,0 +1,26 @@
|
|||
An ansible role to install docker and configure it to use mirrors if available.
|
||||
|
||||
**Role Variables**
|
||||
|
||||
.. zuul:rolevar:: mirror_fqdn
|
||||
:default: {{ zuul_site_mirror_fqdn }}
|
||||
|
||||
The base host for mirror servers.
|
||||
|
||||
.. zuul:rolevar:: docker_mirror
|
||||
|
||||
URL to override the generated docker hub mirror url based on
|
||||
:zuul:rolevar:`install-docker.mirror_fqdn`.
|
||||
|
||||
.. zuul:rolevar:: use_upstream_docker
|
||||
:default: True
|
||||
|
||||
By default this role adds repositories to install docker from upstream
|
||||
docker. Set this to False to use the docker that comes with the distro.
|
||||
|
||||
.. zuul:rolevar:: docker_update_channel
|
||||
:default: stable
|
||||
|
||||
Which update channel to use for upstream docker. The two choices are
|
||||
``stable``, which is the default and updates quarterly, and ``edge``
|
||||
which updates monthly.
|
|
@ -0,0 +1,2 @@
|
|||
use_upstream_docker: True
|
||||
docker_update_channel: stable
|
|
@ -0,0 +1,5 @@
|
|||
- name: Install docker
|
||||
become: yes
|
||||
package:
|
||||
name: docker-engine
|
||||
state: present
|
|
@ -0,0 +1,30 @@
|
|||
- name: Set mirror_fqdn fact
|
||||
when:
|
||||
- mirror_fqdn is not defined
|
||||
- zuul_site_mirror_fqdn is defined
|
||||
set_fact:
|
||||
mirror_fqdn: "{{ zuul_site_mirror_fqdn }}"
|
||||
|
||||
- name: Set up docker mirrors
|
||||
include: mirror.yaml
|
||||
when: mirror_fqdn is defined
|
||||
static: no
|
||||
|
||||
- name: Install docker-ce from upstream
|
||||
include: upstream.yaml
|
||||
when: use_upstream_docker
|
||||
|
||||
- name: Install docker-engine from distro
|
||||
include: distro.yaml
|
||||
when: not use_upstream_docker
|
||||
|
||||
- name: Add user to docker group
|
||||
become: yes
|
||||
user:
|
||||
name: "{{ ansible_user }}"
|
||||
groups:
|
||||
- docker
|
||||
append: yes
|
||||
|
||||
- name: reset ssh connection to pick up docker group
|
||||
meta: reset_connection
|
|
@ -0,0 +1,28 @@
|
|||
- name: Create docker directory
|
||||
become: yes
|
||||
file:
|
||||
state: directory
|
||||
path: /etc/docker
|
||||
|
||||
- name: Set docker_mirror fact for upstream docker
|
||||
when:
|
||||
- docker_mirror is not defined
|
||||
- use_upstream_docker
|
||||
set_fact:
|
||||
docker_mirror: "http://{{ mirror_fqdn }}:8082"
|
||||
|
||||
- name: Set docker_mirror fact for distro docker
|
||||
when:
|
||||
- docker_mirror is not defined
|
||||
- not use_upstream_docker
|
||||
set_fact:
|
||||
docker_mirror: "http://{{ mirror_fqdn }}:8081/registry-1.docker/"
|
||||
|
||||
- name: Install dockerhub proxy configuration
|
||||
become: yes
|
||||
template:
|
||||
dest: /etc/docker/daemon.json
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: root
|
||||
src: daemon.json.j2
|
|
@ -0,0 +1,32 @@
|
|||
- name: Install pre-reqs
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items:
|
||||
- apt-transport-https
|
||||
- ca-certificates
|
||||
- curl
|
||||
- software-properties-common
|
||||
become: yes
|
||||
|
||||
- name: Add docker GPG key
|
||||
become: yes
|
||||
apt_key:
|
||||
data: "{{ ubuntu_gpg_key }}"
|
||||
|
||||
# TODO(mordred) We should add a proxy cache mirror for this
|
||||
- name: Add docker apt repo
|
||||
become: yes
|
||||
template:
|
||||
dest: /etc/apt/sources.list.d/docker.list
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: root
|
||||
src: sources.list.j2
|
||||
|
||||
- name: Install docker
|
||||
become: yes
|
||||
apt:
|
||||
name: docker-ce
|
||||
state: present
|
||||
update_cache: yes
|
|
@ -0,0 +1,3 @@
|
|||
{
|
||||
"registry-mirrors": ["{{ docker_mirror }}"]
|
||||
}
|
|
@ -0,0 +1 @@
|
|||
deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename }} {{ docker_update_channel }}
|
|
@ -0,0 +1,63 @@
|
|||
ubuntu_gpg_key: |
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQINBFit2ioBEADhWpZ8/wvZ6hUTiXOwQHXMAlaFHcPH9hAtr4F1y2+OYdbtMuth
|
||||
lqqwp028AqyY+PRfVMtSYMbjuQuu5byyKR01BbqYhuS3jtqQmljZ/bJvXqnmiVXh
|
||||
38UuLa+z077PxyxQhu5BbqntTPQMfiyqEiU+BKbq2WmANUKQf+1AmZY/IruOXbnq
|
||||
L4C1+gJ8vfmXQt99npCaxEjaNRVYfOS8QcixNzHUYnb6emjlANyEVlZzeqo7XKl7
|
||||
UrwV5inawTSzWNvtjEjj4nJL8NsLwscpLPQUhTQ+7BbQXAwAmeHCUTQIvvWXqw0N
|
||||
cmhh4HgeQscQHYgOJjjDVfoY5MucvglbIgCqfzAHW9jxmRL4qbMZj+b1XoePEtht
|
||||
ku4bIQN1X5P07fNWzlgaRL5Z4POXDDZTlIQ/El58j9kp4bnWRCJW0lya+f8ocodo
|
||||
vZZ+Doi+fy4D5ZGrL4XEcIQP/Lv5uFyf+kQtl/94VFYVJOleAv8W92KdgDkhTcTD
|
||||
G7c0tIkVEKNUq48b3aQ64NOZQW7fVjfoKwEZdOqPE72Pa45jrZzvUFxSpdiNk2tZ
|
||||
XYukHjlxxEgBdC/J3cMMNRE1F4NCA3ApfV1Y7/hTeOnmDuDYwr9/obA8t016Yljj
|
||||
q5rdkywPf4JF8mXUW5eCN1vAFHxeg9ZWemhBtQmGxXnw9M+z6hWwc6ahmwARAQAB
|
||||
tCtEb2NrZXIgUmVsZWFzZSAoQ0UgZGViKSA8ZG9ja2VyQGRvY2tlci5jb20+iQI3
|
||||
BBMBCgAhBQJYrefAAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEI2BgDwO
|
||||
v82IsskP/iQZo68flDQmNvn8X5XTd6RRaUH33kXYXquT6NkHJciS7E2gTJmqvMqd
|
||||
tI4mNYHCSEYxI5qrcYV5YqX9P6+Ko+vozo4nseUQLPH/ATQ4qL0Zok+1jkag3Lgk
|
||||
jonyUf9bwtWxFp05HC3GMHPhhcUSexCxQLQvnFWXD2sWLKivHp2fT8QbRGeZ+d3m
|
||||
6fqcd5Fu7pxsqm0EUDK5NL+nPIgYhN+auTrhgzhK1CShfGccM/wfRlei9Utz6p9P
|
||||
XRKIlWnXtT4qNGZNTN0tR+NLG/6Bqd8OYBaFAUcue/w1VW6JQ2VGYZHnZu9S8LMc
|
||||
FYBa5Ig9PxwGQOgq6RDKDbV+PqTQT5EFMeR1mrjckk4DQJjbxeMZbiNMG5kGECA8
|
||||
g383P3elhn03WGbEEa4MNc3Z4+7c236QI3xWJfNPdUbXRaAwhy/6rTSFbzwKB0Jm
|
||||
ebwzQfwjQY6f55MiI/RqDCyuPj3r3jyVRkK86pQKBAJwFHyqj9KaKXMZjfVnowLh
|
||||
9svIGfNbGHpucATqREvUHuQbNnqkCx8VVhtYkhDb9fEP2xBu5VvHbR+3nfVhMut5
|
||||
G34Ct5RS7Jt6LIfFdtcn8CaSas/l1HbiGeRgc70X/9aYx/V/CEJv0lIe8gP6uDoW
|
||||
FPIZ7d6vH+Vro6xuWEGiuMaiznap2KhZmpkgfupyFmplh0s6knymuQINBFit2ioB
|
||||
EADneL9S9m4vhU3blaRjVUUyJ7b/qTjcSylvCH5XUE6R2k+ckEZjfAMZPLpO+/tF
|
||||
M2JIJMD4SifKuS3xck9KtZGCufGmcwiLQRzeHF7vJUKrLD5RTkNi23ydvWZgPjtx
|
||||
Q+DTT1Zcn7BrQFY6FgnRoUVIxwtdw1bMY/89rsFgS5wwuMESd3Q2RYgb7EOFOpnu
|
||||
w6da7WakWf4IhnF5nsNYGDVaIHzpiqCl+uTbf1epCjrOlIzkZ3Z3Yk5CM/TiFzPk
|
||||
z2lLz89cpD8U+NtCsfagWWfjd2U3jDapgH+7nQnCEWpROtzaKHG6lA3pXdix5zG8
|
||||
eRc6/0IbUSWvfjKxLLPfNeCS2pCL3IeEI5nothEEYdQH6szpLog79xB9dVnJyKJb
|
||||
VfxXnseoYqVrRz2VVbUI5Blwm6B40E3eGVfUQWiux54DspyVMMk41Mx7QJ3iynIa
|
||||
1N4ZAqVMAEruyXTRTxc9XW0tYhDMA/1GYvz0EmFpm8LzTHA6sFVtPm/ZlNCX6P1X
|
||||
zJwrv7DSQKD6GGlBQUX+OeEJ8tTkkf8QTJSPUdh8P8YxDFS5EOGAvhhpMBYD42kQ
|
||||
pqXjEC+XcycTvGI7impgv9PDY1RCC1zkBjKPa120rNhv/hkVk/YhuGoajoHyy4h7
|
||||
ZQopdcMtpN2dgmhEegny9JCSwxfQmQ0zK0g7m6SHiKMwjwARAQABiQQ+BBgBCAAJ
|
||||
BQJYrdoqAhsCAikJEI2BgDwOv82IwV0gBBkBCAAGBQJYrdoqAAoJEH6gqcPyc/zY
|
||||
1WAP/2wJ+R0gE6qsce3rjaIz58PJmc8goKrir5hnElWhPgbq7cYIsW5qiFyLhkdp
|
||||
YcMmhD9mRiPpQn6Ya2w3e3B8zfIVKipbMBnke/ytZ9M7qHmDCcjoiSmwEXN3wKYI
|
||||
mD9VHONsl/CG1rU9Isw1jtB5g1YxuBA7M/m36XN6x2u+NtNMDB9P56yc4gfsZVES
|
||||
KA9v+yY2/l45L8d/WUkUi0YXomn6hyBGI7JrBLq0CX37GEYP6O9rrKipfz73XfO7
|
||||
JIGzOKZlljb/D9RX/g7nRbCn+3EtH7xnk+TK/50euEKw8SMUg147sJTcpQmv6UzZ
|
||||
cM4JgL0HbHVCojV4C/plELwMddALOFeYQzTif6sMRPf+3DSj8frbInjChC3yOLy0
|
||||
6br92KFom17EIj2CAcoeq7UPhi2oouYBwPxh5ytdehJkoo+sN7RIWua6P2WSmon5
|
||||
U888cSylXC0+ADFdgLX9K2zrDVYUG1vo8CX0vzxFBaHwN6Px26fhIT1/hYUHQR1z
|
||||
VfNDcyQmXqkOnZvvoMfz/Q0s9BhFJ/zU6AgQbIZE/hm1spsfgvtsD1frZfygXJ9f
|
||||
irP+MSAI80xHSf91qSRZOj4Pl3ZJNbq4yYxv0b1pkMqeGdjdCYhLU+LZ4wbQmpCk
|
||||
SVe2prlLureigXtmZfkqevRz7FrIZiu9ky8wnCAPwC7/zmS18rgP/17bOtL4/iIz
|
||||
QhxAAoAMWVrGyJivSkjhSGx1uCojsWfsTAm11P7jsruIL61ZzMUVE2aM3Pmj5G+W
|
||||
9AcZ58Em+1WsVnAXdUR//bMmhyr8wL/G1YO1V3JEJTRdxsSxdYa4deGBBY/Adpsw
|
||||
24jxhOJR+lsJpqIUeb999+R8euDhRHG9eFO7DRu6weatUJ6suupoDTRWtr/4yGqe
|
||||
dKxV3qQhNLSnaAzqW/1nA3iUB4k7kCaKZxhdhDbClf9P37qaRW467BLCVO/coL3y
|
||||
Vm50dwdrNtKpMBh3ZpbB1uJvgi9mXtyBOMJ3v8RZeDzFiG8HdCtg9RvIt/AIFoHR
|
||||
H3S+U79NT6i0KPzLImDfs8T7RlpyuMc4Ufs8ggyg9v3Ae6cN3eQyxcK3w0cbBwsh
|
||||
/nQNfsA6uu+9H7NhbehBMhYnpNZyrHzCmzyXkauwRAqoCbGCNykTRwsur9gS41TQ
|
||||
M8ssD1jFheOJf3hODnkKU+HKjvMROl1DK7zdmLdNzA1cvtZH/nCC9KPj1z8QC47S
|
||||
xx+dTZSx4ONAhwbS/LN3PoKtn8LPjY9NP9uDWI+TWYquS2U+KHDrBDlsgozDbs/O
|
||||
jCxcpDzNmXpWQHEtHU7649OXHP7UeNST1mCUCH5qdank0V1iejF6/CfTFU4MfcrG
|
||||
YT90qFF93M3v01BbxP+EIY2/9tiIPbrd
|
||||
=0YYh
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
Loading…
Reference in New Issue