diff options
| -rw-r--r-- | manifests/profile/base/docker.pp | 35 | ||||
| -rw-r--r-- | spec/classes/tripleo_profile_base_docker_spec.rb | 59 |
2 files changed, 90 insertions, 4 deletions
diff --git a/manifests/profile/base/docker.pp b/manifests/profile/base/docker.pp index d035f6a..bc784b5 100644 --- a/manifests/profile/base/docker.pp +++ b/manifests/profile/base/docker.pp @@ -32,6 +32,18 @@ # Configure a registry-mirror in the /etc/docker/daemon.json file. # (defaults to false) # +# [*docker_options*] +# OPTIONS that are used to startup the docker service. NOTE: +# --selinux-enabled is dropped due to recommendations here: +# https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.2_Release_Notes/technology-preview-file_systems.html +# Defaults to '--log-driver=journald --signature-verification=false' +# +# [*configure_storage*] +# Boolean. Whether to configure a docker storage backend. Defaults to true. +# +# [*storage_options*] +# Storage options to configure. Defaults to '-s overlay2' +# # [*step*] # step defaults to hiera('step') # @@ -39,6 +51,9 @@ class tripleo::profile::base::docker ( $docker_namespace = undef, $insecure_registry = false, $registry_mirror = false, + $docker_options = '--log-driver=journald --signature-verification=false', + $configure_storage = true, + $storage_options = '-s overlay2', $step = hiera('step'), ) { if $step >= 1 { @@ -57,9 +72,11 @@ class tripleo::profile::base::docker ( fail('You must provide a $docker_namespace in order to configure insecure registry') } $namespace = strip($docker_namespace.split('/')[0]) - $changes = [ "set INSECURE_REGISTRY '\"--insecure-registry ${namespace}\"'", ] + $changes = [ "set INSECURE_REGISTRY '\"--insecure-registry ${namespace}\"'", + "set OPTIONS '\"${docker_options}\"'" ] } else { - $changes = [ 'rm INSECURE_REGISTRY', ] + $changes = [ 'rm INSECURE_REGISTRY', + "set OPTIONS '\"${docker_options}\"'" ] } augeas { 'docker-sysconfig': @@ -95,6 +112,20 @@ class tripleo::profile::base::docker ( notify => Service['docker'], require => File['/etc/docker/daemon.json'], } + if $configure_storage { + if $storage_options == undef { + fail('You must provide a $storage_options in order to configure storage') + } + $storage_changes = [ "set DOCKER_STORAGE_OPTIONS '\" ${storage_options}\"'", ] + } else { + $storage_changes = [ 'rm DOCKER_STORAGE_OPTIONS', ] + } + + augeas { 'docker-sysconfig-storage': + lens => 'Shellvars.lns', + incl => '/etc/sysconfig/docker-storage', + changes => $storage_changes, + } } } diff --git a/spec/classes/tripleo_profile_base_docker_spec.rb b/spec/classes/tripleo_profile_base_docker_spec.rb index b52fe24..0b988f6 100644 --- a/spec/classes/tripleo_profile_base_docker_spec.rb +++ b/spec/classes/tripleo_profile_base_docker_spec.rb @@ -27,7 +27,10 @@ describe 'tripleo::profile::base::docker' do it { is_expected.to contain_package('docker') } it { is_expected.to contain_service('docker') } it { - is_expected.to contain_augeas('docker-sysconfig').with_changes(['rm INSECURE_REGISTRY']) + is_expected.to contain_augeas('docker-sysconfig').with_changes([ + 'rm INSECURE_REGISTRY', + "set OPTIONS '\"--log-driver=journald --signature-verification=false\"'", + ]) } end @@ -42,7 +45,10 @@ describe 'tripleo::profile::base::docker' do it { is_expected.to contain_package('docker') } it { is_expected.to contain_service('docker') } it { - is_expected.to contain_augeas('docker-sysconfig').with_changes(["set INSECURE_REGISTRY '\"--insecure-registry foo:8787\"'"]) + is_expected.to contain_augeas('docker-sysconfig').with_changes([ + "set INSECURE_REGISTRY '\"--insecure-registry foo:8787\"'", + "set OPTIONS '\"--log-driver=journald --signature-verification=false\"'", + ]) } end @@ -69,6 +75,55 @@ describe 'tripleo::profile::base::docker' do } end + context 'with step 1 and docker_options configured' do + let(:params) { { + :docker_options => '--log-driver=syslog', + :step => 1, + } } + + it { is_expected.to contain_class('tripleo::profile::base::docker') } + it { is_expected.to contain_package('docker') } + it { is_expected.to contain_service('docker') } + it { + is_expected.to contain_augeas('docker-sysconfig').with_changes([ + "rm INSECURE_REGISTRY", + "set OPTIONS '\"--log-driver=syslog\"'", + ]) + } + end + + context 'with step 1 and storage_options configured' do + let(:params) { { + :step => 1, + :storage_options => '-s devicemapper', + } } + + it { is_expected.to contain_class('tripleo::profile::base::docker') } + it { is_expected.to contain_package('docker') } + it { is_expected.to contain_service('docker') } + it { + is_expected.to contain_augeas('docker-sysconfig-storage').with_changes([ + "set DOCKER_STORAGE_OPTIONS '\" #{params[:storage_options]}\"'", + ]) + } + end + + context 'with step 1 and configure_storage disabled' do + let(:params) { { + :step => 1, + :configure_storage => false, + } } + + it { is_expected.to contain_class('tripleo::profile::base::docker') } + it { is_expected.to contain_package('docker') } + it { is_expected.to contain_service('docker') } + it { + is_expected.to contain_augeas('docker-sysconfig-storage').with_changes([ + "rm DOCKER_STORAGE_OPTIONS", + ]) + } + end + end on_supported_os.each do |os, facts| |