2 # Cookbook Name:: docker-grid
5 # Copyright 2016-2018, whitestar
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
11 # http://www.apache.org/licenses/LICENSE-2.0
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
20 ::Chef::Node::Attribute.send(:include, DockerGrid::Helper)
22 platform = node['platform']
24 default['docker-grid']['install_flavor'] = 'dockerproject' # or 'os-repository'
25 default['docker-grid']['dockerproject']['enable_new_repo'] = true
27 force_override['docker-grid']['dockerproject']['apt_new_repo_url'] = "https://download.docker.com/linux/#{platform}"
28 force_override['docker-grid']['dockerproject']['apt_old_repo_url'] = 'https://apt.dockerproject.org/repo'
29 # e.g. 'stable edge', 'edge test',...
30 default['docker-grid']['dockerproject']['apt_new_repo_sections'] = 'stable'
31 default['docker-grid']['dockerproject']['package_name'] \
32 = node['docker-grid']['dockerproject']['enable_new_repo'] ? 'docker-ce' : 'docker-engine'
34 if node['docker-grid']['dockerproject']['enable_new_repo']
35 node['docker-grid']['dockerproject']['apt_new_repo_url']
37 node['docker-grid']['dockerproject']['apt_old_repo_url']
39 default['docker-grid']['apt_repo'] = {
40 'url' => apt_repo_url,
41 'override_apt_line' => '', # e.g. 'deb https://apt.dockerproject.org/repo ubuntu-xenial main'
43 'keyserver' => 'hkp://p80.pool.sks-keyservers.net:80',
44 'recv-keys' => '58118E89F3A912897C070ADBF76221572C52609D',
46 # e.g. 'docker-ce-edge,docker-ce-test'
47 default['docker-grid']['dockerproject']['yum_new_repo_extra_enablerepo'] = ''
49 default['docker-grid']['yum_repo'] = {
50 'baseurl' => 'https://yum.dockerproject.org/repo/main/centos/$releasever/',
52 'gpgkey' => 'https://yum.dockerproject.org/gpg',
55 default['docker-grid']['compose']['install_flavor'] = 'dockerproject' # or 'os-repository'
56 default['docker-grid']['compose']['skip_setup'] = false
57 # dockerproject: direct download.
58 # Note: non-support by this cookbook.
59 # os-repository (Ubuntu): http://packages.ubuntu.com/search?keywords=docker-compose&searchon=names
60 # os-repository (CentOS): none.
61 default['docker-grid']['compose']['auto_upgrade'] = false
62 # latest: 'https://github.com/docker/compose/releases/download/1.22.0'
63 default['docker-grid']['compose']['version'] = '1.21.2'
64 default['docker-grid']['compose']['release_base_url'] = "https://github.com/docker/compose/releases/download/#{node['docker-grid']['compose']['version']}"
65 default['docker-grid']['compose']['release_url'] = "#{node['docker-grid']['compose']['release_base_url']}/docker-compose-#{node['kernel']['name']}-#{node['kernel']['machine']}"
66 default['docker-grid']['compose']['home_dir'] = '/opt/docker-compose'
67 default['docker-grid']['compose']['app_dir'] = "#{node['docker-grid']['compose']['home_dir']}/app"
69 default['docker-grid']['dind-compose']['app_dir'] = "#{node['docker-grid']['compose']['app_dir']}/docker-in-docker"
70 default['docker-grid']['dind-compose']['data_dir'] = "#{node['docker-grid']['dind-compose']['app_dir']}/data"
71 default['docker-grid']['dind-compose']['config'] = {
72 # Version 2 docker-compose format
76 'image' => 'docker:stable-dind',
79 #'--storage-driver=overlay2', # same as host Docker's storage driver
82 # These volumes will be set by the docker-grid::dind-compose recipe automatically.
83 #"#{node['docker-grid']['dind-compose']['data_dir']}:/var/lib/docker",
91 default['docker-grid']['engine']['skip_setup'] = false
92 default['docker-grid']['engine']['autopilot'] = {
94 'log_dir' => '/var/log',
95 'containers_prune_period' => '5 */4 * * *',
96 'images_prune_period' => '10 */4 * * *',
97 'volumes_prune_period' => '15 */4 * * *',
100 # dockerproject: 18.06.0.ce-3, 18.03.1.ce-1, 17.12.1.ce-1, 1.13.1-1
101 # os-repository: yum list docker
102 # http://mirror.centos.org/centos/7.3.1611/extras/x86_64/Packages/
103 default['docker-grid']['engine']['version_on_centos'] = '17.12.1.ce-1'
104 # dockerproject: 5:18.09.0~3-0, 18.06.1~ce~3-0, 18.03.1~ce-0, 17.12.1~ce-0, 1.13.1-0
105 default['docker-grid']['engine']['version_on_debian'] = '17.12.1~ce-0'
106 # dockerproject: 5:18.09.0~3-0, 18.06.1~ce~3-0, 18.03.1~ce-0, 17.12.1~ce-0
107 # os-repository: http://packages.ubuntu.com/search?keywords=docker.io&searchon=names
108 default['docker-grid']['engine']['version_on_ubuntu'] = '17.12.1~ce-0'
110 # '' (empty) or 'latest' version -> latest version
112 when 'centos', 'redhat'
113 version_on_centos = node['docker-grid']['engine']['version_on_centos']
114 if !version_on_centos.nil? && !version_on_centos.empty? && version_on_centos != 'latest'
115 version_on_centos = docker_full_ver(node, version_on_centos)
118 version_on_debian = node['docker-grid']['engine']['version_on_debian']
119 if !version_on_debian.nil? && !version_on_debian.empty? && version_on_debian != 'latest' \
120 && node['docker-grid']['install_flavor'] == 'dockerproject'
121 version_on_debian = docker_full_ver(node, version_on_debian)
124 version_on_ubuntu = node['docker-grid']['engine']['version_on_ubuntu']
125 if !version_on_ubuntu.nil? && !version_on_ubuntu.empty? && version_on_ubuntu != 'latest' \
126 && node['docker-grid']['install_flavor'] == 'dockerproject'
127 version_on_ubuntu = docker_full_ver(node, version_on_ubuntu)
131 # '' (empty) or 'latest' version -> latest version
132 # Note: if you would OVERRIDE the ['docker-grid']['engine']['version'] attribute ONCE,
133 # the ['docker-grid']['engine']['version_on_*'] attributes are IGNORED.
134 default['docker-grid']['engine']['version'] = node.value_for_platform(
135 ['centos', 'redhat'] => {
136 'default' => version_on_centos,
139 'default' => version_on_debian,
142 'default' => version_on_ubuntu,
145 # overlay2: Docker >= 1.12, Kernel >= 4.0
146 default['docker-grid']['engine']['storage-driver_on_centos'] = 'overlay'
147 default['docker-grid']['engine']['storage-driver_on_debian'] = 'overlay2'
148 default['docker-grid']['engine']['storage-driver_on_ubuntu'] = 'aufs'
149 default['docker-grid']['engine']['storage-driver'] = node.value_for_platform(
150 ['centos', 'redhat'] => {
151 'default' => node['docker-grid']['engine']['storage-driver_on_centos'],
154 'default' => node['docker-grid']['engine']['storage-driver_on_debian'],
157 'default' => node['docker-grid']['engine']['storage-driver_on_ubuntu'],
160 default['docker-grid']['engine']['userns-remap'] = nil # default: inactive
161 # CentOS default: '--selinux-enabled --log-driver=journald --signature-verification=false'
162 default['docker-grid']['engine']['daemon_extra_options'] = '-H fd://'
163 default['docker-grid']['engine']['users_allow'] = []
165 # dockerproject: container image from https://hub.docker.com/
166 # Note: non-support by this cookbook.
167 # os-repository (Ubuntu): http://packages.ubuntu.com/search?keywords=docker-registry&searchon=names
168 # os-repository (CentOS): http://mirror.centos.org/centos/7.3.1611/extras/x86_64/Packages/
169 default['docker-grid']['registry']['with_ssl_cert_cookbook'] = false
170 # If node['docker-grid']['registry']['with_ssl_cert_cookbook'] is true,
171 # node['docker-grid']['registry']['docker-compose']['config']
172 # are overridden by the following 'ca_name' and 'common_name' attributes.
173 #default['docker-grid']['registry']['ssl_cert']['ca_name'] = nil
174 default['docker-grid']['registry']['ssl_cert']['common_name'] = node['fqdn']
175 # See https://docs.docker.com/registry/configuration/
176 rootdirectory = node.value_for_platform(
177 ['centos', 'redhat'] => {
178 'default' => '/var/lib/registry',
180 ['debian', 'ubuntu'] => {
181 'default' => '/var/lib/docker-registry',
184 default['docker-grid']['registry']['server']['autopilot'] = {
186 'log_dir' => '/var/log',
187 'wait_time' => '120s',
189 default['docker-grid']['registry']['server']['config'] = {
193 'service' => 'registry',
198 # NOTE: Formerly, blobdescriptor was known as layerinfo.
199 # While these are equivalent, layerinfo has been deprecated.
200 'blobdescriptor' => 'inmemory',
203 'rootdirectory' => rootdirectory,
209 'X-Content-Type-Options' => [
215 # 'remoteurl' => 'https://registry-1.docker.io',
226 default['docker-grid']['registry']['docker-compose']['autopilot'] = {
228 'log_dir' => '/var/log',
229 'wait_time' => '180s',
230 'docker-compose_opts' => '--no-ansi',
232 default['docker-grid']['registry']['docker-compose']['app_dir'] = "#{node['docker-grid']['compose']['app_dir']}/registry"
233 # ./docker-compose.yml
234 default['docker-grid']['registry']['docker-compose']['config_format_version'] = '1'
235 default['docker-grid']['registry']['docker-compose']['service_name'] = 'registry'
236 default['docker-grid']['registry']['docker-compose']['host_data_volume'] = '/var/lib/docker-registry'
237 service_name = node['docker-grid']['registry']['docker-compose']['service_name']
239 # Version 1 docker-compose format
241 'restart' => 'always',
242 'image' => 'registry:2',
247 # 'REGISTRY_HTTP_TLS_CERTIFICATE' => '/certs/domain.crt',
248 # 'REGISTRY_HTTP_TLS_KEY' => '/certs/domain.key',
249 # 'REGISTRY_AUTH' => 'htpasswd',
250 # 'REGISTRY_AUTH_HTPASSWD_PATH' => '/auth/htpasswd',
251 # 'REGISTRY_AUTH_HTPASSWD_REALM' => 'Registry Realm',
254 # #'./etc/config.yml:/etc/docker/registry/config.yml', # Overriding the entire configuration file
255 # "#{node['docker-grid']['registry']['docker-compose']['host_data_volume']}:/var/lib/registry",
256 # '/path/certs:/certs',
257 # '/path/auth:/auth',
262 # Version 2 docker-compose format
264 'services' => version_1_config,
266 default['docker-grid']['registry']['docker-compose']['config'] = \
267 node['docker-grid']['registry']['docker-compose']['config_format_version'] == '2' ? version_2_config : version_1_config
269 # See: https://docs.docker.com/registry/configuration/#/overriding-the-entire-configuration-file
270 default['docker-grid']['registry']['docker-compose']['registry-config'] = nil