Make improvements to role

- add prefix to role variable names to avoid name collisions - use ini_file rather than blockinfile for setting mount flags - use ansible_selinux fact rather than depending on variable in role - use role variables for setting values to be used in tasks rather than in line conditionals - use filters for creating JSON file rather than a template - remove '---' from YAML files since Ansible does not user YAML front matter - update meta/main.yml
2018-04-16 15:39:56 -04:00 · 2018-04-16 15:39:56 -04:00 · 933411899c
commit 933411899c
parent 9f4336318a
10 changed files with 50 additions and 106 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -1,16 +1,14 @@
 ---
 # defaults file for ansible-role-container-registry
-debug: false
+container_registry_debug: false
-deploy_docker: true
+container_registry_deploy_docker: true
-deploy_docker_distribution: true
+container_registry_deploy_docker_distribution: true
-deployment_user: centos
+container_registry_deployment_user: centos
-docker_options: '--log-driver=journald --signature-verification=false --iptables=false --live-restore'
+container_registry_docker_options: '--log-driver=journald --signature-verification=false --iptables=false --live-restore'
-enable_container_images_build: true
+container_registry_enable_container_images_build: true
-insecure_registries: []
+container_registry_insecure_registries: []
-network_options: ''
+container_registry_network_options: ''
-registry_host: localhost
+container_registry_host: localhost
-registry_mirror: ''
+container_registry_port: 8787
-registry_port: 8787
+container_registry_mirrors: []
-selinux_enabled: false
+container_registry_storage_options: '-s overlay2'
 storage_options: '-s overlay2'
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -1,4 +1,3 @@
 ---
 # handlers file for ansible-role-container-registry
 - name: restart docker
--- a/meta/main.yml
+++ b/meta/main.yml
@ -1,57 +1,18 @@
 galaxy_info:
-  author: your name
+  author: Emilien Macchi
  description: your description
  company: your company (optional)
-  # If the issue tracker for your role is not on github, uncomment the
+  license: Apache 2.0
  # next line and provide a value
  # issue_tracker_url: http://example.com/issue/tracker
-  # Some suggested licenses:
+  min_ansible_version: 2.4
  # - BSD (default)
  # - MIT
  # - GPLv2
  # - GPLv3
  # - Apache
  # - CC-BY
  license: license (GPLv2, CC-BY, etc)
-  min_ansible_version: 1.2
+  platforms:
    - name: EL
      versions:
        - 7
-  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  galaxy_tags:
-  # min_ansible_container_version:
+    - docker
-
+    - registry
  # Optionally specify the branch Galaxy will use when accessing the GitHub
  # repo for this role. During role install, if no tags are available,
  # Galaxy will use this branch. During import Galaxy will access files on
  # this branch. If Travis integration is configured, only notifications for this
  # branch will be accepted. Otherwise, in all cases, the repo's default branch
  # (usually master) will be used.
  #github_branch:
  #
  # platforms is a list of platforms, and each platform has a name and a list of versions.
  #
  # platforms:
  # - name: Fedora
  #   versions:
  #   - all
  #   - 25
  # - name: SomePlatform
  #   versions:
  #   - all
  #   - 1.0
  #   - 7
  #   - 99.99
  galaxy_tags: []
    # List tags for your role here, one per line. A tag is a keyword that describes
    # and categorizes the role. Users find roles by searching for tags. Be sure to
    # remove the '[]' above, if you add tags to this list.
    #
    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
    #       Maximum 20 tags per role.
 dependencies: []
  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
  # if you add dependencies to this list.
--- a/tasks/docker-distribution.yml
+++ b/tasks/docker-distribution.yml
@ -1,4 +1,3 @@
 ---
 # tasks file for ansible-role-container-registry
 - name: ensure docker-distribution is installed
@ -10,7 +9,7 @@
  yum:
    name: openstack-kolla
    state: latest
-  when: enable_container_images_build|bool
+  when: container_registry_enable_container_images_build|bool
 - name: manage /etc/docker-distribution/registry/config.yml
  template:
--- a/tasks/docker.yml
+++ b/tasks/docker.yml
@ -1,4 +1,3 @@
 ---
 # tasks file for ansible-role-container-registry
 # NOTE(aschultz): LP#1750194 - need to set ip_forward before docker starts
@ -20,48 +19,39 @@
  file:
    path: /etc/systemd/system/docker.service.d
    state: directory
  when: ansible_service_mgr == 'systemd'
 - name: unset mountflags
-  blockinfile:
+  ini_file:
    path: /etc/systemd/system/docker.service.d/99-unset-mountflags.conf
-    block: |
+    section: Service
-      [Service]
+    option: MountFlags
-      MountFlags=
+    value: ""
    create: yes
  notify: restart docker service
-
+  when: ansible_service_mgr == 'systemd'
 - name: configure OPTIONS and enable selinux in /etc/sysconfig/docker
  lineinfile:
    path: /etc/sysconfig/docker
    regexp: '^OPTIONS='
    line: "OPTIONS='--selinux-enabled {{ docker_options }}'"
    create: yes
  notify: restart docker service
  when: selinux_enabled|bool
 - name: configure OPTIONS in /etc/sysconfig/docker
  lineinfile:
    path: /etc/sysconfig/docker
    regexp: '^OPTIONS='
-    line: "OPTIONS='{{ docker_options }}'"
+    line: "OPTIONS='{{ _full_docker_options }}'"
    create: yes
  notify: restart docker service
  when: not selinux_enabled|bool
 - name: configure INSECURE_REGISTRY in /etc/sysconfig/docker
  lineinfile:
    path: /etc/sysconfig/docker
    regexp: '^INSECURE_REGISTRY='
    line: "INSECURE_REGISTRY='{{ registry_flags }}'"
-  when: insecure_registries | length > 0
+  when: container_registry_insecure_registries | length > 0
  notify: restart docker service
  vars:
-    registry_flags: "{% for reg in insecure_registries %}--insecure-registry {{ reg }}{% if not loop.last %} {% endif %}{% endfor %}"
+    registry_flags: "{% for reg in container_registry_insecure_registries %}--insecure-registry {{ reg }}{% if not loop.last %} {% endif %}{% endfor %}"
 # There is no native way to edit JSON so we use a template.
 - name: manage /etc/docker/daemon.json
-  template:
+  copy:
-    src: docker-daemon.json.j2
+    content: "{{ _docker_daemon_config | from_yaml | to_nice_json }}"
    dest: /etc/docker/daemon.json
  notify: restart docker service
@ -69,18 +59,18 @@
  lineinfile:
    path: /etc/sysconfig/docker-storage
    regexp: '^DOCKER_STORAGE_OPTIONS='
-    line: "DOCKER_STORAGE_OPTIONS=' {{ storage_options }}'"
+    line: "DOCKER_STORAGE_OPTIONS=' {{ container_registry_storage_options }}'"
    create: yes
-  when: storage_options != ""
+  when: container_registry_storage_options != ""
  notify: restart docker service
 - name: configure DOCKER_NETWORK_OPTIONS in /etc/sysconfig/docker-network
  lineinfile:
    path: /etc/sysconfig/docker-network
    regexp: '^DOCKER_NETWORK_OPTIONS='
-    line: "DOCKER_NETWORK_OPTIONS=' {{ network_options }}'"
+    line: "DOCKER_NETWORK_OPTIONS=' {{ container_registry_network_options }}'"
    create: yes
-  when: storage_options != ""
+  when: container_registry_storage_options != ""
  notify: restart docker service
 - name: ensure docker group exists
@ -90,15 +80,18 @@
 - name: add deployment user to docker group
  user:
-    name: "{{ deployment_user }}"
+    name: "{{ container_registry_deployment_user }}"
    groups: docker
    append: yes
 - name: force systemd to reread configs
-  systemd: daemon_reload=yes
+  systemd:
    daemon_reload: yes
  when: ansible_service_mgr == 'systemd'
 - name: enable and start docker
  systemd:
    enabled: true
    state: started
    name: docker
  when: ansible_service_mgr == 'systemd'
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,8 +1,7 @@
 ---
 # tasks file for ansible-role-container-registry
 - include: docker.yml
-  when: deploy_docker|bool
+  when: container_registry_deploy_docker|bool
 - include: docker-distribution.yml
-  when: deploy_docker_distribution|bool
+  when: container_registry_deploy_docker_distribution|bool
--- a/templates/docker-daemon.json.j2
+++ b/templates/docker-daemon.json.j2
@ -1,6 +0,0 @@
 {
 {% if registry_mirror != "" %}
 "registry-mirrors": ["{{ registry_mirror }}"],
 {% endif %}
  "debug": {{ debug|lower }}
 }
--- a/templates/docker-distribution-config.yml.j2
+++ b/templates/docker-distribution-config.yml.j2
@ -8,4 +8,4 @@ storage:
    filesystem:
        rootdirectory: /var/lib/registry
 http:
-    addr: {{ registry_host }}:{{ registry_port }}
+    addr: {{ container_registry_host }}:{{ container_registry_port }}
--- a/tests/test.yml
+++ b/tests/test.yml
@ -1,4 +1,3 @@
 ---
 - hosts: localhost
  become: true
  roles:
--- a/vars/main.yml
+++ b/vars/main.yml
@ -1,2 +1,4 @@
---
+_full_docker_options: "{% if ansible_selinux.status == 'enabled' %}--selinux-enabled {% endif %}{{ container_registry_docker_options }}"
-# vars file for ansible-role-container-registry
+_docker_daemon_config: |
  debug: {{ container_registry_debug }}
  {% if container_registry_mirrors | length > 0 %}registry-mirrors: {{ container_registry_mirrors }}{% endif %}