From adceaf60e18c71269dde939f4e43aed6c8ba91fa Mon Sep 17 00:00:00 2001 From: Spencer Smith Date: Tue, 10 May 2016 15:49:27 -0700 Subject: [PATCH 1/6] support proxies with docker on rhel --- inventory/group_vars/all.yml | 5 +++++ roles/docker/tasks/main.yml | 5 +++++ roles/docker/tasks/rhel-proxies.yml | 21 +++++++++++++++++++++ roles/docker/templates/http-proxy.conf.j2 | 3 +++ 4 files changed, 34 insertions(+) create mode 100644 roles/docker/tasks/rhel-proxies.yml create mode 100644 roles/docker/templates/http-proxy.conf.j2 diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml index 836e40107..aa6ac5426 100644 --- a/inventory/group_vars/all.yml +++ b/inventory/group_vars/all.yml @@ -123,3 +123,8 @@ dns_server: "{{ kube_service_addresses|ipaddr('net')|ipaddr(2)|ipaddr('address') # server master2 10.99.0.27:443 # balance roundrobin # apiserver_loadbalancer_domain_name: "lb-apiserver.kubernetes.local" + +##Set these proxy values in order to update docker daemon to use proxies +#http_proxy: "" +#https_proxy: "" +#no_proxy: "" diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 47e5d24a1..116f2f9f6 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -53,6 +53,11 @@ with_items: "{{ docker_package_info.pkgs }}" when: docker_package_info.pkgs|length > 0 +- name: allow for proxies on RHEL systems + include: rhel-proxies.yml + when: ansible_distribution in ["CentOS","RedHat"] and + ansible_distribution_major_version >= 7 + - meta: flush_handlers - name: ensure docker service is started and enabled diff --git a/roles/docker/tasks/rhel-proxies.yml b/roles/docker/tasks/rhel-proxies.yml new file mode 100644 index 000000000..10fafb618 --- /dev/null +++ b/roles/docker/tasks/rhel-proxies.yml @@ -0,0 +1,21 @@ +--- +- name: create docker service directory for RHEL family + file: path=/etc/systemd/system/docker.service.d state=directory + when: ansible_distribution in ["CentOS","RedHat"] and + ansible_distribution_major_version >= 7 + +- name: drop docker environment for RHEL family + template: + src: http-proxy.conf.j2 + dest: /etc/systemd/system/docker.service.d/http-proxy.conf + when: ansible_distribution in ["CentOS","RedHat"] and + ansible_distribution_major_version >= 7 + register: rheldockerproxy + +- name: reload systemctl daemons for RHEL family + shell: systemctl daemon-reload + when: rheldockerproxy.changed + +- name: restart docker for RHEL family + service: name=docker state=restarted + when: rheldockerproxy.changed diff --git a/roles/docker/templates/http-proxy.conf.j2 b/roles/docker/templates/http-proxy.conf.j2 new file mode 100644 index 000000000..7e558837c --- /dev/null +++ b/roles/docker/templates/http-proxy.conf.j2 @@ -0,0 +1,3 @@ +[Service] + +Environment={% if http_proxy %}"HTTP_PROXY={{ http_proxy }}"{% endif %} {% if https_proxy %}"HTTPS_PROXY={{ https_proxy }}"{% endif %} {% if no_proxy %}"NO_PROXY={{ no_proxy }}"{% endif %} From ebf8231c9a63aed036ef5a9da2ed8cd2530f484a Mon Sep 17 00:00:00 2001 From: Spencer Smith Date: Tue, 10 May 2016 15:53:32 -0700 Subject: [PATCH 2/6] only run if proxy variables are added --- roles/docker/tasks/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 116f2f9f6..9201f56ec 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -56,7 +56,8 @@ - name: allow for proxies on RHEL systems include: rhel-proxies.yml when: ansible_distribution in ["CentOS","RedHat"] and - ansible_distribution_major_version >= 7 + ansible_distribution_major_version >= 7 and + (http_proxy is defined or https_proxy is defined or no_proxy is defined) - meta: flush_handlers From c90c981bb28001fe7e47b5ef9c2732c4db1e998f Mon Sep 17 00:00:00 2001 From: Spencer Smith Date: Thu, 12 May 2016 09:03:11 -0700 Subject: [PATCH 3/6] updated to support all OSes using systemd --- roles/docker/tasks/main.yml | 5 ++--- roles/docker/tasks/{rhel-proxies.yml => systemd-proxies.yml} | 0 2 files changed, 2 insertions(+), 3 deletions(-) rename roles/docker/tasks/{rhel-proxies.yml => systemd-proxies.yml} (100%) diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 9201f56ec..18154cb34 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -54,9 +54,8 @@ when: docker_package_info.pkgs|length > 0 - name: allow for proxies on RHEL systems - include: rhel-proxies.yml - when: ansible_distribution in ["CentOS","RedHat"] and - ansible_distribution_major_version >= 7 and + include: systemd-proxies.yml + when: ansible_service_mgr == "systemd" and (http_proxy is defined or https_proxy is defined or no_proxy is defined) - meta: flush_handlers diff --git a/roles/docker/tasks/rhel-proxies.yml b/roles/docker/tasks/systemd-proxies.yml similarity index 100% rename from roles/docker/tasks/rhel-proxies.yml rename to roles/docker/tasks/systemd-proxies.yml From 962155e4635e7a7163c1f1d0363ef18613be38e7 Mon Sep 17 00:00:00 2001 From: Spencer Smith Date: Thu, 12 May 2016 09:06:31 -0700 Subject: [PATCH 4/6] updated names and removed checks for rhel, as we already know we have systemd inside that play --- roles/docker/tasks/systemd-proxies.yml | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/roles/docker/tasks/systemd-proxies.yml b/roles/docker/tasks/systemd-proxies.yml index 10fafb618..38bbd716d 100644 --- a/roles/docker/tasks/systemd-proxies.yml +++ b/roles/docker/tasks/systemd-proxies.yml @@ -1,21 +1,17 @@ --- -- name: create docker service directory for RHEL family +- name: create docker service directory for systemd file: path=/etc/systemd/system/docker.service.d state=directory - when: ansible_distribution in ["CentOS","RedHat"] and - ansible_distribution_major_version >= 7 -- name: drop docker environment for RHEL family +- name: drop docker environment conf to enable proxy usage template: src: http-proxy.conf.j2 dest: /etc/systemd/system/docker.service.d/http-proxy.conf - when: ansible_distribution in ["CentOS","RedHat"] and - ansible_distribution_major_version >= 7 - register: rheldockerproxy + register: systemddockerproxy -- name: reload systemctl daemons for RHEL family +- name: reload systemctl daemons shell: systemctl daemon-reload - when: rheldockerproxy.changed + when: systemddockerproxy.changed -- name: restart docker for RHEL family +- name: restart docker so configs are applies service: name=docker state=restarted - when: rheldockerproxy.changed + when: systemddockerproxy.changed From 9b8a7575265baa877ef529c70b2914eac91efa27 Mon Sep 17 00:00:00 2001 From: Spencer Smith Date: Thu, 12 May 2016 09:30:11 -0700 Subject: [PATCH 5/6] missed a name update :) --- roles/docker/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 18154cb34..c15d148c8 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -53,7 +53,7 @@ with_items: "{{ docker_package_info.pkgs }}" when: docker_package_info.pkgs|length > 0 -- name: allow for proxies on RHEL systems +- name: allow for proxies on systems using systemd include: systemd-proxies.yml when: ansible_service_mgr == "systemd" and (http_proxy is defined or https_proxy is defined or no_proxy is defined) From 66d9a6ebbcd74415720d011b1174315c8e681d0f Mon Sep 17 00:00:00 2001 From: Spencer Smith Date: Thu, 12 May 2016 12:18:38 -0700 Subject: [PATCH 6/6] updated to use handlers --- roles/docker/handlers/main.yml | 15 +++++++++++++++ roles/docker/tasks/systemd-proxies.yml | 10 +--------- 2 files changed, 16 insertions(+), 9 deletions(-) create mode 100644 roles/docker/handlers/main.yml diff --git a/roles/docker/handlers/main.yml b/roles/docker/handlers/main.yml new file mode 100644 index 000000000..4153d123d --- /dev/null +++ b/roles/docker/handlers/main.yml @@ -0,0 +1,15 @@ +--- +- name: restart docker + command: /bin/true + notify: + - reload systemd + - reload docker + +- name : reload systemd + shell: systemctl daemon-reload + when: ansible_service_mgr == "systemd" + +- name: reload docker + service: + name: docker + state: restarted diff --git a/roles/docker/tasks/systemd-proxies.yml b/roles/docker/tasks/systemd-proxies.yml index 38bbd716d..4bbc423c9 100644 --- a/roles/docker/tasks/systemd-proxies.yml +++ b/roles/docker/tasks/systemd-proxies.yml @@ -6,12 +6,4 @@ template: src: http-proxy.conf.j2 dest: /etc/systemd/system/docker.service.d/http-proxy.conf - register: systemddockerproxy - -- name: reload systemctl daemons - shell: systemctl daemon-reload - when: systemddockerproxy.changed - -- name: restart docker so configs are applies - service: name=docker state=restarted - when: systemddockerproxy.changed + notify: restart docker