richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Planning the configuration of docker parameters

pull/3270/head
rongzhang 6 years ago
parent
009d2ffc6c
commit
c41ca22a78
3 changed files with 21 additions and 46 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 38
      inventory/sample/group_vars/all/docker.yml
  2. 3
      roles/docker/defaults/main.yml
  3. 26
      roles/kubespray-defaults/defaults/main.yaml

38
inventory/sample/group_vars/all/docker.yml
View File

@ -1,42 +1,46 @@
## Uncomment this if you want to force overlay/overlay2 as docker storage driver ## Uncomment this if you want to force overlay/overlay2 as docker storage driver
## Please note that overlay2 is only supported on newer kernels ## Please note that overlay2 is only supported on newer kernels
#docker_storage_options: -s overlay2 #docker_storage_options: -s overlay2
## Uncomment this if you have more than 3 nameservers, then we'll only use the first 3. ## Uncomment this if you have more than 3 nameservers, then we'll only use the first 3.
#docker_dns_servers_strict: false
docker_dns_servers_strict: false
# Path used to store Docker data # Path used to store Docker data
docker_daemon_graph: "/var/lib/docker" docker_daemon_graph: "/var/lib/docker"
## Used to set docker daemon iptables options to true ## Used to set docker daemon iptables options to true
#docker_iptables_enabled: "true"
docker_iptables_enabled: "false"
# Docker log options
# Rotate container stderr/stdout logs at 50m and keep last 5
docker_log_opts: "--log-opt max-size=50m --log-opt max-file=5"
# define docker bin_dir
docker_bin_dir: "/usr/bin"
## A string of extra options to pass to the docker daemon.
## This string should be exactly as you wish it to appear.
## An obvious use case is allowing insecure-registry access to self hosted registries. ## An obvious use case is allowing insecure-registry access to self hosted registries.
## Can be ipddress and domain_name. ## Can be ipddress and domain_name.
## example define 172.19.16.11 or mirror.registry.io ## example define 172.19.16.11 or mirror.registry.io
#insecure_registries: #insecure_registries:
# - mirror.registry.io # - mirror.registry.io
# - 172.19.16.11 # - 172.19.16.11
## If non-empty will override default system MounFlags value.
## This option takes a mount propagation flag: shared, slave
## or private, which control whether mounts in the file system
## namespace set up for docker will receive or propagate mounts
## and unmounts. Leave empty for system default
#docker_mount_flags:
## A string of extra options to pass to the docker daemon.
## This string should be exactly as you wish it to appear.
docker_options: >- docker_options: >-
{%- if insecure_registries is defined %}
{%- if insecure_registries is defined -%}
{{ insecure_registries | map('regex_replace', '^(.*)$', '--insecure-registry=\1' ) | list | join(' ') }} {{ insecure_registries | map('regex_replace', '^(.*)$', '--insecure-registry=\1' ) | list | join(' ') }}
{%- endif -%}
{%- endif %}
--graph={{ docker_daemon_graph }} {{ docker_log_opts }} --graph={{ docker_daemon_graph }} {{ docker_log_opts }}
{%- if ansible_architecture == "aarch64" and ansible_os_family == "RedHat" %} {%- if ansible_architecture == "aarch64" and ansible_os_family == "RedHat" %}
--add-runtime docker-runc=/usr/libexec/docker/docker-runc-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current
--default-runtime=docker-runc --exec-opt native.cgroupdriver=systemd --default-runtime=docker-runc --exec-opt native.cgroupdriver=systemd
--userland-proxy-path=/usr/libexec/docker/docker-proxy-current --signature-verification=false --userland-proxy-path=/usr/libexec/docker/docker-proxy-current --signature-verification=false
{%- endif -%} {%- endif -%}
docker_bin_dir: "/usr/bin"
## If non-empty will override default system MounFlags value.
## This option takes a mount propagation flag: shared, slave
## or private, which control whether mounts in the file system
## namespace set up for docker will receive or propagate mounts
## and unmounts. Leave empty for system default
docker_mount_flags:

3
roles/docker/defaults/main.yml
View File

@ -40,6 +40,3 @@ dockerproject_rh_repo_base_url: 'https://yum.dockerproject.org/repo/main/centos/
dockerproject_rh_repo_gpgkey: 'https://yum.dockerproject.org/gpg' dockerproject_rh_repo_gpgkey: 'https://yum.dockerproject.org/gpg'
dockerproject_apt_repo_base_url: 'https://apt.dockerproject.org/repo' dockerproject_apt_repo_base_url: 'https://apt.dockerproject.org/repo'
dockerproject_apt_repo_gpgkey: 'https://apt.dockerproject.org/gpg' dockerproject_apt_repo_gpgkey: 'https://apt.dockerproject.org/gpg'
# Used to set docker daemon iptables options
docker_iptables_enabled: "false"

26
roles/kubespray-defaults/defaults/main.yaml
View File

@ -142,32 +142,6 @@ kube_api_aggregator_routing: false
# Container for runtime # Container for runtime
container_manager: docker container_manager: docker
# Path used to store Docker data
docker_daemon_graph: "/var/lib/docker"
# Docker log options
# Rotate container stderr/stdout logs at 50m and keep last 5
docker_log_opts: "--log-opt max-size=50m --log-opt max-file=5"
## A string of extra options to pass to the docker daemon.
## This string should be exactly as you wish it to appear.
## An obvious use case is allowing insecure-registry access
## to self hosted registries like so:
docker_options: >
--insecure-registry={{ kube_service_addresses }} --graph={{ docker_daemon_graph }} {{ docker_log_opts }}
{% if ansible_architecture == "aarch64" and ansible_os_family == "RedHat" %}
--add-runtime docker-runc=/usr/libexec/docker/docker-runc-current
--default-runtime=docker-runc --exec-opt native.cgroupdriver=systemd
--userland-proxy-path=/usr/libexec/docker/docker-proxy-current --signature-verification=false
{% endif %}
## If non-empty will override default system MounFlags value.
## This option takes a mount propagation flag: shared, slave
## or private, which control whether mounts in the file system
## namespace set up for docker will receive or propagate mounts
## and unmounts. Leave empty for system default
docker_mount_flags:
# Settings for containerized control plane (etcd/kubelet/secrets) # Settings for containerized control plane (etcd/kubelet/secrets)
etcd_deployment_type: docker etcd_deployment_type: docker
kubelet_deployment_type: docker kubelet_deployment_type: docker

Write Preview
Loading…
Cancel
Save