summaryrefslogtreecommitdiffstats
path: root/roles/docker
diff options
context:
space:
mode:
Diffstat (limited to 'roles/docker')
-rw-r--r--roles/docker/defaults/main.yml4
-rw-r--r--roles/docker/tasks/main.yml54
-rw-r--r--roles/docker/tasks/package_docker.yml1
-rw-r--r--roles/docker/tasks/systemcontainer_crio.yml4
4 files changed, 59 insertions, 4 deletions
diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml
index fe938e52b..c086c28df 100644
--- a/roles/docker/defaults/main.yml
+++ b/roles/docker/defaults/main.yml
@@ -20,6 +20,7 @@ l2_docker_additional_registries: "{% if openshift_docker_additional_registries i
l2_docker_blocked_registries: "{% if openshift_docker_blocked_registries is string %}{% if openshift_docker_blocked_registries == '' %}[]{% elif ',' in openshift_docker_blocked_registries %}{{ openshift_docker_blocked_registries.split(',') | list }}{% else %}{{ [ openshift_docker_blocked_registries ] }}{% endif %}{% else %}{{ openshift_docker_blocked_registries }}{% endif %}"
l2_docker_insecure_registries: "{% if openshift_docker_insecure_registries is string %}{% if openshift_docker_insecure_registries == '' %}[]{% elif ',' in openshift_docker_insecure_registries %}{{ openshift_docker_insecure_registries.split(',') | list }}{% else %}{{ [ openshift_docker_insecure_registries ] }}{% endif %}{% else %}{{ openshift_docker_insecure_registries }}{% endif %}"
+openshift_docker_use_etc_containers: False
containers_registries_conf_path: /etc/containers/registries.conf
r_crio_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
@@ -32,3 +33,6 @@ r_crio_os_firewall_allow:
openshift_docker_is_node_or_master: "{{ True if inventory_hostname in (groups['oo_masters_to_config']|default([])) or inventory_hostname in (groups['oo_nodes_to_config']|default([])) else False | bool }}"
+
+docker_alt_storage_path: /var/lib/containers/docker
+docker_default_storage_path: /var/lib/docker
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index 1539af53f..3c814d8d8 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -25,6 +25,15 @@
- not l_use_system_container
- not l_use_crio_only
+- name: Ensure /var/lib/containers exists
+ file:
+ path: /var/lib/containers
+ state: directory
+
+- name: Fix SELinux Permissions on /var/lib/containers
+ command: "restorecon -R /var/lib/containers/"
+ changed_when: false
+
- name: Use System Container Docker if Requested
include: systemcontainer_docker.yml
when:
@@ -36,3 +45,48 @@
when:
- l_use_crio
- openshift_docker_is_node_or_master | bool
+
+- name: stat the docker data dir
+ stat:
+ path: "{{ docker_default_storage_path }}"
+ register: dockerstat
+
+- when:
+ - l_use_crio
+ - dockerstat.stat.islink is defined and not (dockerstat.stat.islink | bool)
+ block:
+ - name: stop the current running docker
+ systemd:
+ state: stopped
+ name: "{{ openshift.docker.service_name }}"
+
+ - name: "Ensure {{ docker_alt_storage_path }} exists"
+ file:
+ path: "{{ docker_alt_storage_path }}"
+ state: directory
+
+ - name: "Set the selinux context on {{ docker_alt_storage_path }}"
+ command: "semanage fcontext -a -e {{ docker_default_storage_path }} {{ docker_alt_storage_path }}"
+ register: results
+ failed_when:
+ - results.rc == 1
+ - "'already exists' not in results.stderr"
+
+ - name: "restorecon the {{ docker_alt_storage_path }}"
+ command: "restorecon -r {{ docker_alt_storage_path }}"
+
+ - name: Remove the old docker location
+ file:
+ state: absent
+ path: "{{ docker_default_storage_path }}"
+
+ - name: Setup the link
+ file:
+ state: link
+ src: "{{ docker_alt_storage_path }}"
+ path: "{{ docker_default_storage_path }}"
+
+ - name: start docker
+ systemd:
+ state: started
+ name: "{{ openshift.docker.service_name }}"
diff --git a/roles/docker/tasks/package_docker.yml b/roles/docker/tasks/package_docker.yml
index b16413f72..c1aedf879 100644
--- a/roles/docker/tasks/package_docker.yml
+++ b/roles/docker/tasks/package_docker.yml
@@ -81,6 +81,7 @@
template:
dest: "{{ containers_registries_conf_path }}"
src: registries.conf
+ when: openshift_docker_use_etc_containers | bool
notify:
- restart docker
diff --git a/roles/docker/tasks/systemcontainer_crio.yml b/roles/docker/tasks/systemcontainer_crio.yml
index 67ede0d21..1e2d64293 100644
--- a/roles/docker/tasks/systemcontainer_crio.yml
+++ b/roles/docker/tasks/systemcontainer_crio.yml
@@ -170,10 +170,6 @@
dest: /etc/cni/net.d/openshift-sdn.conf
src: 80-openshift-sdn.conf.j2
-- name: Fix SELinux Permissions on /var/lib/containers
- command: "restorecon -R /var/lib/containers/"
- changed_when: false
-
- name: Start the CRI-O service
systemd:
name: "cri-o"
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-04 02:11:34 +0000