68 lines
1.7 KiB
YAML
68 lines
1.7 KiB
YAML
---
|
|
|
|
- name: Deploy docker daemon configuration
|
|
template: src=daemon.json.j2 dest=/etc/docker/daemon.json mode=600
|
|
notify: restart docker
|
|
tags: docker
|
|
|
|
- name: Create systemd snippet dir
|
|
file: path=/etc/systemd/system/docker.{{ item }}.d state=directory
|
|
loop:
|
|
- service
|
|
- socket
|
|
tags: docker
|
|
|
|
- name: Create systemd service snippet dir
|
|
file: path=/etc/systemd/system/docker.service.d state=directory
|
|
tags: docker
|
|
|
|
- name: Configure Docker to restart on failure
|
|
copy:
|
|
content: |
|
|
[Unit]
|
|
After=sssd.service
|
|
|
|
[Service]
|
|
Restart=on-failure
|
|
StartLimitInterval=0
|
|
RestartSec=30
|
|
dest: /etc/systemd/system/docker.service.d/99-ansible.conf
|
|
register: docker_service_unit
|
|
tags: docker
|
|
|
|
- name: Override docker socket configuration
|
|
copy:
|
|
content: |
|
|
[Unit]
|
|
After=sssd.service
|
|
DefaultDependencies=no
|
|
|
|
[Socket]
|
|
SocketGroup={{ docker_conf.group }}
|
|
dest: /etc/systemd/system/docker.socket.d/99-ansible.conf
|
|
when: docker_conf.group is defined
|
|
register: docker_socket_unit
|
|
notify: restart docker
|
|
tags: docker
|
|
|
|
- name: Remove obsolete conf
|
|
file: path=/etc/systemd/system/docker.socket.d/group.conf state=absent
|
|
register: docker_old_unit
|
|
tags: docker
|
|
|
|
- name: Disable docker.socket to ensure the socket is pulled by the service
|
|
systemd: name=docker.socket enabled=False
|
|
tags: docker
|
|
|
|
- name: Reload systemd
|
|
systemd: daemon_reload=True
|
|
when: docker_socket_unit.changed or docker_service_unit.changed or docker_old_unit.changed
|
|
tags: docker
|
|
|
|
- name: Fix the dockremap UID namespace
|
|
lineinfile: path=/etc/{{ item }} regexp='^dockremap\s.*' line='dockremap:100000:65536'
|
|
loop:
|
|
- subuid
|
|
- subgid
|
|
tags: docker
|