docker options refactor

previously the various network_plugins owned `/etc/default/docker`
which makes it difficult for other roles ( like docker itself ) to
set docker options.

this removes that and turns it all into lineinfile tasks, with
docker role creating `/etc/default/docker` if it doesn't already
exist.

By Appending strings together and using comments to regexp against in
lineinfile this makes it somewhat idempotent and reliable.

roles/docker/defaults/main.yml

@@ -1,5 +1,7 @@
 docker_version: 1.10
 
+docker_options: ~
+
 docker_package_info:
   pkgs:
 

roles/docker/tasks/main.yml

@@ -53,11 +53,41 @@
   with_items: "{{ docker_package_info.pkgs }}"
   when: docker_package_info.pkgs|length > 0
 
+- name: ensure docker defaults exists
+  file:
+    path: /etc/default/docker
+    state: touch
+
+- name: Set docker daemon options for Debian/CoreOS
+  lineinfile:
+    dest: /etc/default/docker
+    regexp: "# DOCKER_OPTIONS"
+    line: "DOCKER_OPTS=\"$DOCKER_OPTS {{ docker_options }}\" # DOCKER_OPTIONS"
+  when: docker_options and (ansible_os_family == "Debian" or ansible_os_family == "CoreOS")
+  notify:
+    - restart docker
+
+- name: Set docker daemon options for redhat
+  lineinfile:
+    dest: /etc/default/docker
+    regexp: "# DOCKER_OPTIONS"
+    line: "OPTIONS=\"$OPTIONS {{ docker_options }}\" # DOCKER_OPTIONS"
+  when: docker_options and ansible_os_family == "RedHat"
+  notify:
+    - restart docker
+
 - name: allow for proxies on systems using systemd
   include: systemd-proxies.yml
   when: ansible_service_mgr == "systemd" and
         (http_proxy is defined or https_proxy is defined or no_proxy is defined)
 
+- name: write docker.service systemd file
+  template:
+    src: systemd-docker.service
+    dest: /lib/systemd/system/docker.service
+  notify: restart docker
+  when: ansible_service_mgr == "systemd" and ansible_os_family != "CoreOS"
+
 - meta: flush_handlers
 
 - name: ensure docker service is started and enabled

roles/network_plugin/calico/tasks/main.yml

@@ -1,21 +1,21 @@
 ---
-- name: Calico | Set docker daemon options
-  template:
-    src: docker
-    dest: "/etc/default/docker"
-    owner: root
-    group: root
-    mode: 0644
+- name: Calico | Set docker daemon options for Debian/CoreOS
+  lineinfile:
+    dest: /etc/default/docker
+    regexp: "# NETWORK_OVERLAY"
+    line: "DOCKER_OPTS=$DOCKER_OPTS --bip={{ flannel_subnet }} --mtu={{ flannel_mtu }} # NETWORK_OVERLAY"
+  when: ansible_os_family == "Debian" or ansible_os_family == "CoreOS"
   notify:
     - restart docker
-  when: ansible_os_family != "CoreOS"
 
-- name: Calico | Write docker.service systemd file
-  template:
-    src: systemd-docker.service
-    dest: /lib/systemd/system/docker.service
-  notify: restart docker
-  when: ansible_service_mgr == "systemd" and ansible_os_family != "CoreOS"
+- name: Calico | Set docker daemon options for redhat
+  lineinfile:
+    dest: /etc/default/docker
+    regexp: "# NETWORK_OVERLAY"
+    line: DOCKER_NETWORK_OPTIONS="$DOCKER_NETWORK_OPTIONS --bip={{ flannel_subnet }} --mtu={{ flannel_mtu }} # NETWORK_OVERLAY"
+  when: ansible_os_family == "RedHat"
+  notify:
+    - restart docker
 
 - meta: flush_handlers
 

roles/network_plugin/calico/templates/docker

@@ -1,8 +0,0 @@
-# Deployed by Ansible
-{% if ansible_service_mgr in ["sysvinit","upstart"] and kube_network_plugin == "flannel" and ansible_os_family == "Debian" %}
-DOCKER_OPTS="--bip={{ flannel_subnet }} --mtu={{ flannel_mtu }}"
-{% elif kube_network_plugin == "flannel" and ansible_os_family == "RedHat" %}
-DOCKER_NETWORK_OPTIONS="--bip={{ flannel_subnet }} --mtu={{ flannel_mtu }}"
-{% elif kube_network_plugin == "flannel" %}
-OPTIONS="--bip={{ flannel_subnet }} --mtu={{ flannel_mtu }}"
-{% endif %}

roles/network_plugin/flannel/tasks/main.yml

@@ -33,13 +33,21 @@
 - set_fact:
     flannel_mtu: "{{ flannel_mtu_output.stdout }}"
 
-- name: Flannel | Set docker daemon options
-  template:
-    src: docker
-    dest: "/etc/default/docker"
-    owner: root
-    group: root
-    mode: 0644
+- name: Flannel | Set docker daemon options for Debian/CoreOS
+  lineinfile:
+    dest: /etc/default/docker
+    regexp: "# NETWORK_OVERLAY"
+    line: "DOCKER_OPTS=\"$DOCKER_OPTS --bip={{ flannel_subnet }} --mtu={{ flannel_mtu }}\" # NETWORK_OVERLAY"
+  when: ansible_os_family == "Debian" or ansible_os_family == "CoreOS"
+  notify:
+    - restart docker
+
+- name: Flannel | Set docker daemon options for redhat
+  lineinfile:
+    dest: /etc/default/docker
+    regexp: "# NETWORK_OVERLAY"
+    line: "OPTIONS=\"$OPTIONS --bip={{ flannel_subnet }} --mtu={{ flannel_mtu }}\" # NETWORK_OVERLAY"
+  when: ansible_os_family == "RedHat"
   notify:
     - restart docker
 
@@ -50,11 +58,4 @@
     state: link
   when: ansible_os_family == "CoreOS"
 
-- name: Flannel | Write docker.service systemd file
-  template:
-    src: systemd-docker.service
-    dest: /lib/systemd/system/docker.service
-  notify: restart docker
-  when: ansible_service_mgr == "systemd" and ansible_os_family != "CoreOS"
-
 - meta: flush_handlers

roles/network_plugin/flannel/templates/docker

@@ -1,7 +0,0 @@
-# Deployed by Ansible
-{% if (ansible_service_mgr in ["sysvinit","upstart"] and kube_network_plugin == "flannel" and ansible_os_family == "Debian") or
-   (kube_network_plugin == "flannel" and ansible_os_family == "CoreOS") %}
-DOCKER_OPTS="--bip={{ flannel_subnet }} --mtu={{ flannel_mtu }}"
-{% elif kube_network_plugin == "flannel" %}
-OPTIONS="--bip={{ flannel_subnet }} --mtu={{ flannel_mtu }}"
-{% endif %}

roles/network_plugin/flannel/templates/systemd-docker.service

@@ -1,28 +0,0 @@
-[Unit]
-Description=Docker Application Container Engine
-Documentation=http://docs.docker.com
-{% if ansible_os_family == "RedHat" %}
-After=network.target
-Wants=docker-storage-setup.service
-{% elif ansible_os_family == "Debian" %}
-After=network.target docker.socket
-Requires=docker.socket
-{% endif %}
-
-[Service]
-Type=notify
-EnvironmentFile=-/etc/default/docker
-Environment=GOTRACEBACK=crash
-ExecStart=/usr/bin/docker daemon \
-          $OPTIONS \
-          $DOCKER_STORAGE_OPTIONS \
-          $DOCKER_NETWORK_OPTIONS \
-          $INSECURE_REGISTRY
-LimitNOFILE=1048576
-LimitNPROC=1048576
-LimitCORE=infinity
-MountFlags=slave
-TimeoutStartSec=1min
-
-[Install]
-WantedBy=multi-user.target

roles/network_plugin/weave/tasks/main.yml

@@ -1,23 +1,4 @@
 ---
-- name: Set docker daemon options
-  template:
-    src: docker
-    dest: "/etc/default/docker"
-    owner: root
-    group: root
-    mode: 0644
-  notify:
-    - restart docker
-
-- name: Write docker.service systemd file
-  template:
-    src: systemd-docker.service
-    dest: /lib/systemd/system/docker.service
-  notify: restart docker
-  when: ansible_service_mgr == "systemd" and ansible_os_family != "CoreOS"
-
-- meta: flush_handlers
-
 - name: Weave | Install weave
   command: rsync -piu "{{ local_release_dir }}/weave/bin/weave" "{{ bin_dir }}/weave"
   changed_when: false

roles/network_plugin/weave/templates/docker

@@ -1,2 +0,0 @@
-# Deployed by Ansible
-DOCKER_OPTS=""

roles/network_plugin/weave/templates/systemd-docker.service

@@ -1,28 +0,0 @@
-[Unit]
-Description=Docker Application Container Engine
-Documentation=http://docs.docker.com
-{% if ansible_os_family == "RedHat" %}
-After=network.target
-Wants=docker-storage-setup.service
-{% elif ansible_os_family == "Debian" %}
-After=network.target docker.socket
-Requires=docker.socket
-{% endif %}
-
-[Service]
-Type=notify
-EnvironmentFile=-/etc/default/docker
-Environment=GOTRACEBACK=crash
-ExecStart=/usr/bin/docker daemon \
-          $OPTIONS \
-          $DOCKER_STORAGE_OPTIONS \
-          $DOCKER_NETWORK_OPTIONS \
-          $INSECURE_REGISTRY
-LimitNOFILE=1048576
-LimitNPROC=1048576
-LimitCORE=infinity
-MountFlags=slave
-TimeoutStartSec=1min
-
-[Install]
-WantedBy=multi-user.target