add CA conf for private registry
This commit is contained in:
parent
1b96a20895
commit
b73b0b8a4d
@ -17,3 +17,9 @@ docker_storage_volume_thinpool_meta: docker-thinpoolmeta
|
|||||||
# Size of the docker storage metadata LVM volume (see lvol module size
|
# Size of the docker storage metadata LVM volume (see lvol module size
|
||||||
# argument).
|
# argument).
|
||||||
docker_storage_volume_thinpool_meta_size: 1%VG
|
docker_storage_volume_thinpool_meta_size: 1%VG
|
||||||
|
|
||||||
|
# URL of docker registry
|
||||||
|
docker_registry:
|
||||||
|
|
||||||
|
# CA of docker registry
|
||||||
|
docker_registry_ca:
|
||||||
|
@ -25,5 +25,11 @@ docker_storage_thinpool_autoextend_threshold: 80
|
|||||||
# Percentage by which to extend thin-provisioned docker storage volumes.
|
# Percentage by which to extend thin-provisioned docker storage volumes.
|
||||||
docker_storage_thinpool_autoextend_percent: 20
|
docker_storage_thinpool_autoextend_percent: 20
|
||||||
|
|
||||||
|
# URL of docker registry
|
||||||
|
docker_registry:
|
||||||
|
|
||||||
|
# CA of docker registry
|
||||||
|
docker_registry_ca:
|
||||||
|
|
||||||
# MTU to pass through to containers not using net=host
|
# MTU to pass through to containers not using net=host
|
||||||
docker_daemon_mtu: 1500
|
docker_daemon_mtu: 1500
|
||||||
|
@ -4,3 +4,9 @@
|
|||||||
name: docker
|
name: docker
|
||||||
state: restarted
|
state: restarted
|
||||||
become: True
|
become: True
|
||||||
|
|
||||||
|
- name: reload docker service
|
||||||
|
service:
|
||||||
|
name: docker
|
||||||
|
state: reloaded
|
||||||
|
become: True
|
||||||
|
@ -5,3 +5,11 @@
|
|||||||
dest: /etc/docker/daemon.json
|
dest: /etc/docker/daemon.json
|
||||||
become: True
|
become: True
|
||||||
notify: restart docker service
|
notify: restart docker service
|
||||||
|
|
||||||
|
- name: Ensure the CA file for private registry exists
|
||||||
|
copy:
|
||||||
|
src: "{{ docker_registry_ca }}"
|
||||||
|
dest: "/etc/docker/certs.d/{{ docker_registry }}/ca.crt"
|
||||||
|
become: True
|
||||||
|
when: docker_registry is not none and docker_registry_ca is not none
|
||||||
|
notify: reload docker service
|
||||||
|
@ -22,6 +22,12 @@
|
|||||||
# argument).
|
# argument).
|
||||||
#docker_storage_volume_thinpool_meta_size:
|
#docker_storage_volume_thinpool_meta_size:
|
||||||
|
|
||||||
|
# URL of docker registry
|
||||||
|
#docker_registry:
|
||||||
|
|
||||||
|
# CA of docker registry
|
||||||
|
#docker_registry_ca:
|
||||||
|
|
||||||
###############################################################################
|
###############################################################################
|
||||||
# Dummy variable to allow Ansible to accept this file.
|
# Dummy variable to allow Ansible to accept this file.
|
||||||
workaround_ansible_issue_8743: yes
|
workaround_ansible_issue_8743: yes
|
||||||
|
Loading…
Reference in New Issue
Block a user