2 # Cookbook Name:: docker-grid
5 # Copyright 2016-2017, whitestar
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
11 # http://www.apache.org/licenses/LICENSE-2.0
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
20 # https://dcos.io/docs/1.8/administration/installing/custom/system-requirements/
22 platform = node['platform']
23 platform_family = node['platform_family']
24 platform_version = node['platform_version']
26 install_flavor = node['docker-grid']['install_flavor']
27 override_apt_line = node['docker-grid']['apt_repo']['override_apt_line']
28 if !override_apt_line.nil? && !override_apt_line.empty? \
29 && override_apt_line.include?(node['docker-grid']['dockerproject']['apt_new_repo_url'])
30 Chef::Log.warn('This docker-grid::engine recipe uses the Docker new repository by the `override_apt_line` attribute.')
31 node.force_override['docker-grid']['dockerproject']['enable_new_repo'] = true
33 enable_new_repo = node['docker-grid']['dockerproject']['enable_new_repo']
34 docker_ver = node['docker-grid']['engine']['version']
35 docker_ver = '' if docker_ver.nil? || docker_ver == 'latest'
36 storage_driver = node['docker-grid']['engine']['storage-driver']
37 userns_remap = node['docker-grid']['engine']['userns-remap']
39 if node['docker-grid']['engine']['skip_setup']
40 log 'Skip the Docker Engine setup.'
44 ::Chef::Recipe.send(:include, PlatformUtils::Helper)
45 ::Chef::Recipe.send(:include, PlatformUtils::VirtUtils)
50 resources(package: pkg) rescue package pkg do
55 bash 'systemctl_daemon-reload' do
57 systemctl daemon-reload
62 # https://docs.docker.com/engine/userguide/storagedriver/selectadriver/
63 if shell_out("cat /etc/mtab | grep -E '\s+/\s+zfs\s+'").exitstatus.zero?
64 if container_guest_node?
65 Chef::Log.warn('This node is running in the Linux container with ZFS, set the storage-driver to vfs as a fallback.')
66 node.override['docker-grid']['engine']['storage-driver'] = 'vfs'
68 Chef::Log.warn('This node is running on ZFS, set the storage-driver to zfs.')
69 node.override['docker-grid']['engine']['storage-driver'] = 'zfs'
73 if storage_driver == 'overlay2'
74 if !docker_ver.empty? && Gem::Version.create(docker_ver.tr('~', '-')) < Gem::Version.create('1.12')
75 # tr('~', '-') for Ubuntu.
76 Chef::Application.fatal!('Docker version must be 1.12 or later for overlay2 storage driver.') # and exit.
79 load_kernel_module('overlay') if storage_driver =~ /overlay2?/
81 if !userns_remap.nil? && !userns_remap.empty?
82 if !docker_ver.empty? && Gem::Version.create(docker_ver.tr('~', '-')) < Gem::Version.create('1.10')
83 # tr('~', '-') for Ubuntu.
84 Chef::Application.fatal!('Docker version must be 1.10 or later for userns-remap.') # and exit.
87 include_recipe 'platform_utils::kernel_user_namespace'
89 remap_user = userns_remap == 'default' ? 'dockremap' : userns_remap
92 'resource' => 'service[docker]',
95 ::Chef::Recipe.send(:include, PlatformUtils::Helper)
96 append_subusers([remap_user], notifies_conf)
99 file '/etc/systemd/system/docker.service.d/override.conf' do
103 bash 'clean_up_docker0_bridge' do
105 if brctl show | grep docker0; then
106 ip link set docker0 down
109 # https://github.com/docker/docker/issues/23630
110 if [ -d /var/lib/docker/network ]; then
111 rm -rf /var/lib/docker/network
119 ex_enablerepo = node['docker-grid']['dockerproject']['yum_new_repo_extra_enablerepo']
121 if storage_driver == 'devicemapper'
124 'device-mapper-persistent-data',
127 resources(package: pkg) rescue package pkg do
133 if install_flavor == 'dockerproject'
134 # https://dcos.io/docs/1.8/administration/installing/custom/system-requirements/install-docker-centos/
135 old_repo_action = nil
136 new_repo_action = nil
139 old_repo_action = :delete
140 new_repo_action = :create
145 old_repo_action = :create
146 new_repo_action = :delete
148 'docker-engine-selinux',
157 template "/etc/yum.repos.d/#{repo_file}" do
158 source "etc/yum.repos.d/#{repo_file}"
162 action repo_file == 'docker.repo' ? old_repo_action : new_repo_action
169 #'container-selinux',
172 resources(package: pkg) rescue package pkg do
173 action platform_family == 'debian' ? :purge : :remove
174 notifies :delete, 'file[/etc/systemd/system/docker.service.d/override.conf]', :immediately
175 notifies :run, 'bash[clean_up_docker0_bridge]', :immediately
180 resources(yum_package: pkg) rescue yum_package pkg do
183 version docker_ver unless docker_ver.empty?
184 # for the new repository
185 options "--enablerepo=#{ex_enablerepo}" if enable_new_repo && !ex_enablerepo.nil? && !ex_enablerepo.empty?
186 # old dockerrepo is disabled by default to prevent automatic update.
187 options '--enablerepo=dockerrepo' unless enable_new_repo
188 notifies :run, 'bash[clean_up_docker0_bridge]', :before if pkg == 'docker-engine' || pkg == 'docker-ce'
194 'docker-engine-selinux',
197 resources(package: pkg) rescue package pkg do
198 action platform_family == 'debian' ? :purge : :remove
199 notifies :delete, 'file[/etc/systemd/system/docker.service.d/override.conf]', :immediately
200 notifies :run, 'bash[clean_up_docker0_bridge]', :immediately
207 resources(yum_package: pkg) rescue yum_package pkg do
210 version docker_ver unless docker_ver.empty?
211 notifies :run, 'bash[clean_up_docker0_bridge]', :before
215 template '/etc/sysconfig/docker' do
216 source 'etc/sysconfig/docker'
220 notifies :restart, 'service[docker]'
224 # https://docs.docker.com/engine/installation/linux/debian/
225 # https://docs.docker.com/engine/installation/linux/ubuntulinux/
227 'apt-transport-https',
231 'software-properties-common',
234 if storage_driver == 'aufs' \
235 && !container_guest_node?
236 if platform == 'debian'
240 elsif platform == 'ubuntu'
242 "linux-image-extra-#{node['os_version']}",
243 'linux-image-extra-virtual',
249 resources(package: pkg) rescue package pkg do
254 apt_get_update = 'apt-get_update'
255 resources(execute: apt_get_update) rescue execute apt_get_update do
256 command 'apt-get update'
260 if install_flavor == 'dockerproject'
261 pkg_name_removed = 'docker.io'
262 pkg_name = node['docker-grid']['dockerproject']['package_name']
264 apt_repo_config = node['docker-grid']['apt_repo']
265 apt_key_add_cmd = nil
268 apt_key_add_cmd = "curl -fsSL https://download.docker.com/linux/#{platform}/gpg | apt-key add -"
269 apt_key_name = 'Docker Release (CE deb)'
271 apt_key_add_cmd = "apt-key adv --keyserver #{apt_repo_config['keyserver']} --recv-keys #{apt_repo_config['recv-keys']}"
272 apt_key_name = 'Docker Release Tool (releasedocker)'
274 bash 'apt-key_adv_docker_tools_key' do
279 not_if "apt-key list 2>&1 | grep '#{apt_key_name}'"
282 template '/etc/apt/sources.list.d/docker.list' do
283 source 'etc/apt/sources.list.d/docker.list'
287 notifies :run, 'bash[apt-key_adv_docker_tools_key]', :before
288 notifies :run, "execute[#{apt_get_update}]", :immediately
292 pkg_name_removed = node['docker-grid']['dockerproject']['package_name']
293 pkg_name = 'docker.io'
296 # Pinning Docker version
297 template '/etc/apt/preferences.d/docker.pref' do
298 source 'etc/apt/preferences.d/docker.pref'
302 action :delete if docker_ver.empty?
308 resources(package: pkg_name_removed) rescue package pkg_name_removed do
309 action platform_family == 'debian' ? :purge : :remove
310 notifies :delete, 'file[/etc/systemd/system/docker.service.d/override.conf]', :immediately
311 notifies :run, 'bash[clean_up_docker0_bridge]', :immediately
314 resources(package: pkg_name) rescue package pkg_name do
316 options "-o Dpkg::Options::='--force-confnew'" if platform_family == 'debian'
317 options '--allow-downgrades' if platform == 'debian' || platform_version >= '16.04' # LTS (xenial)
318 options '--force-yes' if platform_version == '14.04' # LTS (trusty)
319 version docker_ver unless docker_ver.empty?
320 notifies :run, 'bash[clean_up_docker0_bridge]', :before
321 notifies :run, 'bash[apt-key_adv_docker_tools_key]', :before
322 notifies :run, "execute[#{apt_get_update}]", :before
327 docker_opts.push("--storage-driver=#{storage_driver}") if !storage_driver.nil? && !storage_driver.empty?
328 docker_opts.push("--userns-remap=#{userns_remap}") if !userns_remap.nil? && !userns_remap.empty?
330 extra_options = node['docker-grid']['engine']['daemon_extra_options']
331 # for docker-engine package on RHEL: remove '-H fd://'
332 # https://github.com/docker/docker/issues/22847
333 if platform_family == 'rhel' || platform == 'debian' || (platform == 'ubuntu' && platform_version == '14.04')
334 # Note: docker_ver.empty? -> the latest version
335 if docker_ver.empty? \
336 || Gem::Version.create(docker_ver.tr('~', '-')) >= Gem::Version.create('1.12')
337 extra_options = extra_options.gsub(%r{-H\sfd://}, '') # for frozen string.
341 docker_opts.push(extra_options) if !extra_options.nil? && !extra_options.empty?
343 init_package = node['init_package']
344 if init_package == 'systemd'
345 directory '/etc/systemd/system/docker.service.d' do
352 template '/etc/systemd/system/docker.service.d/override.conf' do
353 source 'etc/systemd/system/docker.service.d/override.conf'
358 docker_opts: docker_opts
360 not_if { install_flavor == 'os-repository' && platform_family == 'rhel' }
361 notifies :run, 'bash[systemctl_daemon-reload]', :immediately
362 notifies :restart, 'service[docker]'
364 elsif init_package == 'init' # for Ubuntu 14.04,...
365 template '/etc/default/docker' do
366 source 'etc/default/docker'
371 docker_opts: docker_opts
373 notifies :restart, 'service[docker]'
378 provider Chef::Provider::Service::Upstart if platform == 'ubuntu' && platform_version < '15.04'
379 action [:start, :enable]
380 subscribes :restart, 'execute[update-ca-certificates]', :delayed
383 users = node['docker-grid']['engine']['users_allow']
385 members users unless users.empty?
392 'docker_containers_cleanup',
393 'docker_images_cleanup',
394 'docker_volumes_cleanup',
396 template "/usr/local/bin/#{script}" do
397 source "usr/local/bin/#{script}"