EnforcedStyleForMultiline: comma
Style/WordArray:
Enabled: false
-
+
+Metrics/BlockNesting:
+ Max: 4
#Style/AccessorMethodName:
# Enabled: false
#Metrics/MethodLength:
# docker-grid CHANGELOG
+0.3.3
+-----
+- adds OS distributed Docker Engine package support.
+- adds the `['docker-grid']['install_flavor']` attribute.
+
0.3.2
-----
- refactoring.
|Key|Type|Description, example|Default|
|:--|:--|:--|:--|
+|`['docker-grid']['install_flavor']`|String|`'dockerproject'` or `'os-repository'`|`'dockerproject'`|
|`['docker-grid']['apt_repo']['url']`|String||`'https://apt.dockerproject.org/repo'`|
|`['docker-grid']['apt_repo']['keyserver']`|String||`'hkp://p80.pool.sks-keyservers.net:80'`|
|`['docker-grid']['apt_repo']['recv-keys']`|String||`'58118E89F3A912897C070ADBF76221572C52609D'`|
### Role Examples
-- `roles/docker.rb`
+- `roles/docker.rb`: installs the `docker-engine` package.
```ruby
name 'docker'
-description 'Docker Engine'
+description 'Docker Engine distributed by dockerproject'
run_list(
'recipe[docker-grid::engine]',
override_attributes(
'docker-grid' => {
+ 'install_flavor' => 'dockerproject',
'engine' => {
'version_on_centos' => '1.11.2-1',
'version_on_ubuntu' => '1.11.2-0',
'storage-driver_on_centos' => 'overlay',
'storage-driver_on_ubuntu' => 'overlay', # default: 'aufs'
- 'userns-remap' => 'default', # default: nil (inactive)
+ #'userns-remap' => 'default', # default: nil (inactive)
'daemon_extra_options' => '-H fd:// --bip=192.168.128.1/24 --fixed-cidr=192.168.128.0/24',
},
},
)
```
+- `roles/docker-rhel.rb`: installs the `docker` package.
+
+```ruby
+name 'docker-rhel'
+description 'Docker Engine distributed by RHEL'
+
+run_list(
+ 'recipe[docker-grid::engine]',
+)
+
+override_attributes(
+ 'docker-grid' => {
+ 'install_flavor' => 'os-repository',
+ 'engine' => {
+ 'version_on_centos' => '1.12.5-14', # docker package
+ 'version_on_ubuntu' => '1.12.3-0ubuntu4~16.04.2', # docker.io package
+ 'storage-driver_on_centos' => 'overlay',
+ 'storage-driver_on_ubuntu' => 'overlay', # default: aufs
+ #'userns-remap' => 'default',
+ 'daemon_extra_options' => '-H fd://',
+ # for RHEL docker package >= 1.12: '-H fd://' option automatically removed by this cookbook.
+ # See https://github.com/docker/docker/issues/22847
+ },
+ },
+)
+```
+
+- `roles/docker-ubuntu.rb`: installs the `docker.io` package.
+
+```ruby
+name 'docker-ubuntu'
+description 'Docker Engine distributed by Ubuntu'
+
+run_list(
+ 'recipe[docker-grid::engine]',
+)
+
+override_attributes(
+ 'docker-grid' => {
+ 'install_flavor' => 'os-repository',
+ 'engine' => {
+ 'version_on_centos' => '1.12.5-14', # docker package
+ 'version_on_ubuntu' => '1.12.3-0ubuntu4~16.04.2', # docker.io package
+ 'storage-driver_on_centos' => 'overlay',
+ 'storage-driver_on_ubuntu' => 'overlay', # default: aufs
+ #'userns-remap' => 'default',
+ 'daemon_extra_options' => '-H fd://',
+ },
+ },
+)
+```
+
- `roles/docker-registry.rb`
```ruby
# Cookbook Name:: docker-grid
# Attributes:: default
#
-# Copyright 2016, whitestar
+# Copyright 2016-2017, whitestar
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
#
+default['docker-grid']['install_flavor'] = 'dockerproject' # or 'os-repository'
default['docker-grid']['apt_repo'] = {
'url' => 'https://apt.dockerproject.org/repo',
'keyserver' => 'hkp://p80.pool.sks-keyservers.net:80',
'gpgkey' => 'https://yum.dockerproject.org/gpg',
}
+# dockerproject: direct download.
+# Note: non-support by this cookbook.
+# os-repository (Ubuntu): http://packages.ubuntu.com/search?keywords=docker-compose&searchon=names
+# os-repository (CentOS): none.
default['docker-grid']['compose']['auto_upgrade'] = false
default['docker-grid']['compose']['release_base_url'] = 'https://github.com/docker/compose/releases/download/1.9.0'
default['docker-grid']['compose']['release_url'] = "#{node['docker-grid']['compose']['release_base_url']}/docker-compose-#{node['kernel']['name']}-#{node['kernel']['machine']}"
default['docker-grid']['compose']['home_dir'] = '/opt/docker-compose'
default['docker-grid']['compose']['app_dir'] = "#{node['docker-grid']['compose']['home_dir']}/app"
-default['docker-grid']['engine']['version_on_centos'] = '1.11.2-1' # 1.12.3-1, 1.11.2-1, 1.10.3-1
-default['docker-grid']['engine']['version_on_ubuntu'] = '1.11.2-0' # 1.12.3-0, 1.11.2-0
+# dockerproject: 1.13.0-1, 1.12.3-1, 1.11.2-1, 1.10.3-1
+# os-repository: yum list docker
+# http://mirror.centos.org/centos/7.3.1611/extras/x86_64/Packages/
+default['docker-grid']['engine']['version_on_centos'] = '1.11.2-1'
+# dockerproject: 1.13.0-0, 1.12.6-0, 1.11.2-0
+# os-repository: http://packages.ubuntu.com/search?keywords=docker.io&searchon=names
+default['docker-grid']['engine']['version_on_ubuntu'] = '1.11.2-0'
+
+case node['platform']
+when 'centos', 'redhat'
+ version_on_centos = "#{node['docker-grid']['engine']['version_on_centos']}.el#{node['platform_version'].to_i}.#{node['platform']}"
+when 'ubuntu'
+ version_on_ubuntu = \
+ if node['docker-grid']['install_flavor'] == 'dockerproject'
+ if Gem::Version.create(node['docker-grid']['engine']['version_on_ubuntu']) >= Gem::Version.create('1.12.4-0')
+ "#{node['docker-grid']['engine']['version_on_ubuntu']}~ubuntu-#{node['lsb']['codename']}"
+ else
+ "#{node['docker-grid']['engine']['version_on_ubuntu']}~#{node['lsb']['codename']}"
+ end
+ else
+ # e.g. 1.12.3-0ubuntu4~16.10.2, 1.12.3-0ubuntu4~16.04.2
+ node['docker-grid']['engine']['version_on_ubuntu']
+ end
+end
+
default['docker-grid']['engine']['version'] = node.value_for_platform(
['centos', 'redhat'] => {
- 'default' => "#{node['docker-grid']['engine']['version_on_centos']}.el#{node['platform_version'].to_i}.#{node['platform']}",
+ 'default' => version_on_centos,
},
'ubuntu' => {
- 'default' => "#{node['docker-grid']['engine']['version_on_ubuntu']}~#{node['lsb']['codename']}",
+ 'default' => version_on_ubuntu,
}
)
+# overlay2: Docker >= 1.12, Kernel >= 4.0
default['docker-grid']['engine']['storage-driver_on_centos'] = 'overlay'
default['docker-grid']['engine']['storage-driver_on_ubuntu'] = 'aufs'
default['docker-grid']['engine']['storage-driver'] = node.value_for_platform(
}
)
default['docker-grid']['engine']['userns-remap'] = nil # default: inactive
+# CentOS default: '--selinux-enabled --log-driver=journald --signature-verification=false'
default['docker-grid']['engine']['daemon_extra_options'] = '-H fd://'
default['docker-grid']['engine']['users_allow'] = []
+# dockerproject: container image from https://hub.docker.com/
+# Note: non-support by this cookbook.
+# os-repository (Ubuntu): http://packages.ubuntu.com/search?keywords=docker-registry&searchon=names
+# os-repository (CentOS): http://mirror.centos.org/centos/7.3.1611/extras/x86_64/Packages/
default['docker-grid']['registry']['with_ssl_cert_cookbook'] = false
# If node['docker-grid']['registry']['with_ssl_cert_cookbook'] is true,
# node['docker-grid']['registry']['docker-compose']['config']
license 'Apache 2.0'
description 'Installs/Configures Docker Engine.'
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version '0.3.2'
+version '0.3.3'
source_url 'http://scm.osdn.jp/gitroot/metasearch/grid-chef-repo.git'
issues_url 'https://osdn.jp/projects/metasearch/ticket'
::Chef::Recipe.send(:include, PlatformUtils::Helper)
::Chef::Recipe.send(:include, PlatformUtils::VirtUtils)
+docker_ver = node['docker-grid']['engine']['version']
+
+[
+ 'bridge-utils',
+].each {|pkg|
+ resources(package: pkg) rescue package pkg do
+ action :install
+ end
+}
+
bash 'systemctl_daemon-reload' do
code <<-EOH
systemctl daemon-reload
end
end
-if node['docker-grid']['engine']['storage-driver'] == 'overlay'
- load_kernel_module('overlay')
+storage_driver = node['docker-grid']['engine']['storage-driver']
+
+if storage_driver == 'overlay2'
+ unless Gem::Version.create(docker_ver.tr('~', '-')) >= Gem::Version.create('1.12')
+ # tr('~', '-') for Ubuntu.
+ Chef::Application.fatal!('Docker version must be 1.12 or later for overlay2 storage driver.') # and exit.
+ end
end
+load_kernel_module('overlay') if storage_driver =~ /overlay2?/
userns_remap = node['docker-grid']['engine']['userns-remap']
if !userns_remap.nil? && !userns_remap.empty?
- unless Gem::Version.create(node['docker-grid']['engine']['version'].tr('~', '-')) >= Gem::Version.create('1.10')
+ unless Gem::Version.create(docker_ver.tr('~', '-')) >= Gem::Version.create('1.10')
# tr('~', '-') for Ubuntu.
Chef::Application.fatal!('Docker version must be 1.10 or later for userns-remap.') # and exit.
end
append_subusers([remap_user], notifies_conf)
end
+bash 'clean_up_docker0_bridge' do
+ code <<-"EOH"
+ if brctl show | grep docker0; then
+ ip link set docker0 down
+ brctl delbr docker0
+ fi
+ # https://github.com/docker/docker/issues/23630
+ if [ -d /var/lib/docker/network ]; then
+ rm -rf /var/lib/docker/network
+ fi
+ EOH
+ action :nothing
+end
+
directory '/etc/systemd/system/docker.service.d' do
owner 'root'
group 'root'
owner 'root'
group 'root'
mode '0644'
+ not_if { node['docker-grid']['install_flavor'] == 'os-repository' && node['platform_family'] == 'rhel' }
notifies :run, 'bash[systemctl_daemon-reload]', :immediately
notifies :restart, 'service[docker]'
end
case node['platform_family']
when 'rhel'
- # https://dcos.io/docs/1.8/administration/installing/custom/system-requirements/install-docker-centos/
- template '/etc/yum.repos.d/docker.repo' do
- source 'etc/yum.repos.d/docker.repo'
- owner 'root'
- group 'root'
- mode '0644'
- end
+ if node['docker-grid']['install_flavor'] == 'dockerproject'
+ # https://dcos.io/docs/1.8/administration/installing/custom/system-requirements/install-docker-centos/
+ template '/etc/yum.repos.d/docker.repo' do
+ source 'etc/yum.repos.d/docker.repo'
+ owner 'root'
+ group 'root'
+ mode '0644'
+ end
- [
- 'docker-engine-selinux',
- 'docker-engine',
- ].each {|pkg|
- resources(package: pkg) rescue package pkg do
- action :install
- version node['docker-grid']['engine']['version']
- # dockerrepo is disabled by default to prevent automatic update.
- options '--enablerepo=dockerrepo'
+ [
+ 'docker',
+ 'container-selinux',
+ 'docker-common',
+ ].each {|pkg|
+ resources(package: pkg) rescue package pkg do
+ action :remove
+ notifies :run, 'bash[clean_up_docker0_bridge]', :immediately
+ end
+ }
+
+ [
+ 'docker-engine-selinux',
+ 'docker-engine',
+ ].each {|pkg|
+ resources(yum_package: pkg) rescue yum_package pkg do
+ allow_downgrade true
+ action :install
+ version docker_ver
+ # dockerrepo is disabled by default to prevent automatic update.
+ options '--enablerepo=dockerrepo'
+ notifies :run, 'bash[clean_up_docker0_bridge]', :before if pkg == 'docker-engine'
+ end
+ }
+ else
+ # OS distribution
+ [
+ 'docker-engine-selinux',
+ 'docker-engine',
+ ].each {|pkg|
+ resources(package: pkg) rescue package pkg do
+ action :remove
+ notifies :run, 'bash[clean_up_docker0_bridge]', :immediately
+ end
+ }
+
+ file '/etc/systemd/system/docker.service.d/override.conf' do
+ action :delete
end
- }
+
+ [
+ 'docker',
+ ].each {|pkg|
+ resources(yum_package: pkg) rescue yum_package pkg do
+ allow_downgrade true
+ action :install
+ version docker_ver
+ notifies :run, 'bash[clean_up_docker0_bridge]', :before
+ end
+ }
+
+ template '/etc/sysconfig/docker' do
+ source 'etc/sysconfig/docker'
+ owner 'root'
+ group 'root'
+ mode '0644'
+ notifies :restart, 'service[docker]'
+ end
+ end
when 'debian'
# https://docs.docker.com/engine/installation/linux/ubuntulinux/
pkgs = [
'ca-certificates',
]
- if node['docker-grid']['engine']['storage-driver'] == 'aufs' \
+ if storage_driver == 'aufs' \
&& !container_guest_node?
pkgs += [
"linux-image-extra-#{node['os_version']}",
action :nothing
end
- apt_repo_config = node['docker-grid']['apt_repo']
- bash 'apt-key_adv_docker_tools_key' do
- code <<-"EOH"
- apt-key adv --keyserver #{apt_repo_config['keyserver']} --recv-keys #{apt_repo_config['recv-keys']}
- #apt-get update
- EOH
- action :nothing
- not_if 'apt-key list | grep -i docker'
- end
+ if node['docker-grid']['install_flavor'] == 'dockerproject'
+ pkg_name_removed = 'docker.io'
+ pkg_name = 'docker-engine'
- template '/etc/apt/sources.list.d/docker.list' do
- source 'etc/apt/sources.list.d/docker.list'
- owner 'root'
- group 'root'
- mode '0644'
- notifies :run, 'bash[apt-key_adv_docker_tools_key]', :before
- notifies :run, "execute[#{apt_get_update}]", :immediately
+ apt_repo_config = node['docker-grid']['apt_repo']
+ bash 'apt-key_adv_docker_tools_key' do
+ code <<-"EOH"
+ apt-key adv --keyserver #{apt_repo_config['keyserver']} --recv-keys #{apt_repo_config['recv-keys']}
+ #apt-get update
+ EOH
+ action :nothing
+ not_if 'apt-key list | grep -i docker'
+ end
+
+ template '/etc/apt/sources.list.d/docker.list' do
+ source 'etc/apt/sources.list.d/docker.list'
+ owner 'root'
+ group 'root'
+ mode '0644'
+ notifies :run, 'bash[apt-key_adv_docker_tools_key]', :before
+ notifies :run, "execute[#{apt_get_update}]", :immediately
+ end
+ else
+ # OS distribution
+ pkg_name_removed = 'docker-engine'
+ pkg_name = 'docker.io'
end
# Pinning Docker version
owner 'root'
group 'root'
mode '0644'
+ variables(
+ pkg_name: pkg_name
+ )
end
- [
- 'docker-engine',
- ].each {|pkg|
- resources(package: pkg) rescue package pkg do
- action :install
- version node['docker-grid']['engine']['version']
- end
- }
+ resources(package: pkg_name_removed) rescue package pkg_name_removed do
+ action :remove
+ notifies :run, 'bash[clean_up_docker0_bridge]', :immediately
+ end
+
+ resources(package: pkg_name) rescue package pkg_name do
+ action :install
+ options '--allow-downgrades'
+ version docker_ver
+ notifies :run, 'bash[clean_up_docker0_bridge]', :before
+ end
end
service 'docker' do
-Package: docker-engine
+Package: <%= @pkg_name %>
Pin: version <%= node['docker-grid']['engine']['version'] %>
Pin-Priority: 1001
--- /dev/null
+<%
+options = []
+
+storage_driver = node['docker-grid']['engine']['storage-driver']
+if !storage_driver.nil? && !storage_driver.empty?
+ options.push("--storage-driver=#{storage_driver}")
+end
+
+userns_remap = node['docker-grid']['engine']['userns-remap']
+if !userns_remap.nil? && !userns_remap.empty?
+ options.push("--userns-remap=#{userns_remap}")
+end
+
+extra_options = node['docker-grid']['engine']['daemon_extra_options']
+# for docker package: remove '-H fd://'
+# https://github.com/docker/docker/issues/22847
+if Gem::Version.create(node['docker-grid']['engine']['version']) >= Gem::Version.create('1.12')
+ extra_options.gsub!(%r{-H\sfd://}, '')
+end
+if !extra_options.nil? && !extra_options.empty?
+ options.push(extra_options)
+end
+-%>
+# /etc/sysconfig/docker
+
+# Modify these options if you want to change the way the docker daemon runs
+#OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false'
+OPTIONS='<%= options.join(' ') %>'
+if [ -z "${DOCKER_CERT_PATH}" ]; then
+ DOCKER_CERT_PATH=/etc/docker
+fi
+
+# If you want to add your own registry to be used for docker search and docker
+# pull use the ADD_REGISTRY option to list a set of registries, each prepended
+# with --add-registry flag. The first registry added will be the first registry
+# searched.
+#ADD_REGISTRY='--add-registry registry.access.redhat.com'
+
+# If you want to block registries from being used, uncomment the BLOCK_REGISTRY
+# option and give it a set of registries, each prepended with --block-registry
+# flag. For example adding docker.io will stop users from downloading images
+# from docker.io
+# BLOCK_REGISTRY='--block-registry'
+
+# If you have a registry secured with https but do not have proper certs
+# distributed, you can tell docker to not look for full authorization by
+# adding the registry to the INSECURE_REGISTRY line and uncommenting it.
+# INSECURE_REGISTRY='--insecure-registry'
+
+# On an SELinux system, if you remove the --selinux-enabled option, you
+# also need to turn on the docker_transition_unconfined boolean.
+# setsebool -P docker_transition_unconfined 1
+
+# Location used for temporary files, such as those created by
+# docker load and build operations. Default is /var/lib/docker/tmp
+# Can be overriden by setting the following environment variable.
+# DOCKER_TMPDIR=/var/tmp
+
+# Controls the /etc/cron.daily/docker-logrotate cron job status.
+# To disable, uncomment the line below.
+# LOGROTATE=false
+#
+
+# docker-latest daemon can be used by starting the docker-latest unitfile.
+# To use docker-latest client, uncomment below lines
+#DOCKERBINARY=/usr/bin/docker-latest
+#DOCKER_CONTAINERD_BINARY=/usr/bin/docker-containerd-latest
+#DOCKER_CONTAINERD_SHIM_BINARY=/usr/bin/docker-containerd-shim-latest
end
extra_options = node['docker-grid']['engine']['daemon_extra_options']
+# for docker-engine package on RHEL: remove '-H fd://'
+# https://github.com/docker/docker/issues/22847
+if node['platform_family'] == 'rhel' \
+ && Gem::Version.create(node['docker-grid']['engine']['version']) >= Gem::Version.create('1.12')
+ extra_options.gsub!(%r{-H\sfd://}, '')
+end
+
if !extra_options.nil? && !extra_options.empty?
options.push(extra_options)
end
override_attributes(
'docker-grid' => {
+ 'install_flavor' => 'dockerproject',
+ #'install_flavor' => 'os-repository',
'engine' => {
- 'version_on_centos' => '1.11.2-1',
- 'version_on_ubuntu' => '1.11.2-0',
+ #'version_on_centos' => '1.13.0-1', # docker-engine package
+ #'version_on_centos' => '1.12.6-1', # docker-engine package
+ #'version_on_centos' => '1.12.5-14', # docker package
+ 'version_on_centos' => '1.11.2-1', # docker-engine package
+ #'version_on_ubuntu' => '1.13.0-0', # docker-engine package
+ #'version_on_ubuntu' => '1.12.3-0', # docker-engine package
+ #'version_on_ubuntu' => '1.12.3-0ubuntu4~16.04.2', # docker.io package
+ 'version_on_ubuntu' => '1.11.2-0', # docker-engine package
'storage-driver_on_centos' => 'overlay',
'storage-driver_on_ubuntu' => 'overlay', # default: aufs
+ #'userns-remap' => 'default',
'daemon_extra_options' => '-H fd://',
+ # for docker, docker-engine package >= 1.12 (on rhel family): '-H fd://' option automatically removed by this cookbook.
+ # See https://github.com/docker/docker/issues/22847
},
},
)