aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--manifests/profile/base/docker.pp35
-rw-r--r--spec/classes/tripleo_profile_base_docker_spec.rb59
2 files changed, 90 insertions, 4 deletions
diff --git a/manifests/profile/base/docker.pp b/manifests/profile/base/docker.pp
index d035f6a..bc784b5 100644
--- a/manifests/profile/base/docker.pp
+++ b/manifests/profile/base/docker.pp
@@ -32,6 +32,18 @@
# Configure a registry-mirror in the /etc/docker/daemon.json file.
# (defaults to false)
#
+# [*docker_options*]
+# OPTIONS that are used to startup the docker service. NOTE:
+# --selinux-enabled is dropped due to recommendations here:
+# https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.2_Release_Notes/technology-preview-file_systems.html
+# Defaults to '--log-driver=journald --signature-verification=false'
+#
+# [*configure_storage*]
+# Boolean. Whether to configure a docker storage backend. Defaults to true.
+#
+# [*storage_options*]
+# Storage options to configure. Defaults to '-s overlay2'
+#
# [*step*]
# step defaults to hiera('step')
#
@@ -39,6 +51,9 @@ class tripleo::profile::base::docker (
$docker_namespace = undef,
$insecure_registry = false,
$registry_mirror = false,
+ $docker_options = '--log-driver=journald --signature-verification=false',
+ $configure_storage = true,
+ $storage_options = '-s overlay2',
$step = hiera('step'),
) {
if $step >= 1 {
@@ -57,9 +72,11 @@ class tripleo::profile::base::docker (
fail('You must provide a $docker_namespace in order to configure insecure registry')
}
$namespace = strip($docker_namespace.split('/')[0])
- $changes = [ "set INSECURE_REGISTRY '\"--insecure-registry ${namespace}\"'", ]
+ $changes = [ "set INSECURE_REGISTRY '\"--insecure-registry ${namespace}\"'",
+ "set OPTIONS '\"${docker_options}\"'" ]
} else {
- $changes = [ 'rm INSECURE_REGISTRY', ]
+ $changes = [ 'rm INSECURE_REGISTRY',
+ "set OPTIONS '\"${docker_options}\"'" ]
}
augeas { 'docker-sysconfig':
@@ -95,6 +112,20 @@ class tripleo::profile::base::docker (
notify => Service['docker'],
require => File['/etc/docker/daemon.json'],
}
+ if $configure_storage {
+ if $storage_options == undef {
+ fail('You must provide a $storage_options in order to configure storage')
+ }
+ $storage_changes = [ "set DOCKER_STORAGE_OPTIONS '\" ${storage_options}\"'", ]
+ } else {
+ $storage_changes = [ 'rm DOCKER_STORAGE_OPTIONS', ]
+ }
+
+ augeas { 'docker-sysconfig-storage':
+ lens => 'Shellvars.lns',
+ incl => '/etc/sysconfig/docker-storage',
+ changes => $storage_changes,
+ }
}
}
diff --git a/spec/classes/tripleo_profile_base_docker_spec.rb b/spec/classes/tripleo_profile_base_docker_spec.rb
index b52fe24..0b988f6 100644
--- a/spec/classes/tripleo_profile_base_docker_spec.rb
+++ b/spec/classes/tripleo_profile_base_docker_spec.rb
@@ -27,7 +27,10 @@ describe 'tripleo::profile::base::docker' do
it { is_expected.to contain_package('docker') }
it { is_expected.to contain_service('docker') }
it {
- is_expected.to contain_augeas('docker-sysconfig').with_changes(['rm INSECURE_REGISTRY'])
+ is_expected.to contain_augeas('docker-sysconfig').with_changes([
+ 'rm INSECURE_REGISTRY',
+ "set OPTIONS '\"--log-driver=journald --signature-verification=false\"'",
+ ])
}
end
@@ -42,7 +45,10 @@ describe 'tripleo::profile::base::docker' do
it { is_expected.to contain_package('docker') }
it { is_expected.to contain_service('docker') }
it {
- is_expected.to contain_augeas('docker-sysconfig').with_changes(["set INSECURE_REGISTRY '\"--insecure-registry foo:8787\"'"])
+ is_expected.to contain_augeas('docker-sysconfig').with_changes([
+ "set INSECURE_REGISTRY '\"--insecure-registry foo:8787\"'",
+ "set OPTIONS '\"--log-driver=journald --signature-verification=false\"'",
+ ])
}
end
@@ -69,6 +75,55 @@ describe 'tripleo::profile::base::docker' do
}
end
+ context 'with step 1 and docker_options configured' do
+ let(:params) { {
+ :docker_options => '--log-driver=syslog',
+ :step => 1,
+ } }
+
+ it { is_expected.to contain_class('tripleo::profile::base::docker') }
+ it { is_expected.to contain_package('docker') }
+ it { is_expected.to contain_service('docker') }
+ it {
+ is_expected.to contain_augeas('docker-sysconfig').with_changes([
+ "rm INSECURE_REGISTRY",
+ "set OPTIONS '\"--log-driver=syslog\"'",
+ ])
+ }
+ end
+
+ context 'with step 1 and storage_options configured' do
+ let(:params) { {
+ :step => 1,
+ :storage_options => '-s devicemapper',
+ } }
+
+ it { is_expected.to contain_class('tripleo::profile::base::docker') }
+ it { is_expected.to contain_package('docker') }
+ it { is_expected.to contain_service('docker') }
+ it {
+ is_expected.to contain_augeas('docker-sysconfig-storage').with_changes([
+ "set DOCKER_STORAGE_OPTIONS '\" #{params[:storage_options]}\"'",
+ ])
+ }
+ end
+
+ context 'with step 1 and configure_storage disabled' do
+ let(:params) { {
+ :step => 1,
+ :configure_storage => false,
+ } }
+
+ it { is_expected.to contain_class('tripleo::profile::base::docker') }
+ it { is_expected.to contain_package('docker') }
+ it { is_expected.to contain_service('docker') }
+ it {
+ is_expected.to contain_augeas('docker-sysconfig-storage').with_changes([
+ "rm DOCKER_STORAGE_OPTIONS",
+ ])
+ }
+ end
+
end
on_supported_os.each do |os, facts|