# @summary manage the docker service daemon # # @param tcp_bind # Which tcp port, if any, to bind the docker service to. # # @param ip_forward # This flag interacts with the IP forwarding setting on # your host system's kernel # # @param iptables # Enable Docker's addition of iptables rules # # @param ip_masq # Enable IP masquerading for bridge's IP range. # # @param socket_bind # Which local unix socket to bind the docker service to. # # @param socket_group # Which local unix socket to bind the docker service to. # # @param root_dir # Specify a non-standard root directory for docker. # # @param extra_parameters # Plain additional parameters to pass to the docker daemon # # @param shell_values # Array of shell values to pass into init script config files # # @param manage_service # Specify whether the service should be managed. # Valid values are 'true', 'false'. # Defaults to 'true'. # # @param docker_command # # @param docker_start_command # # @param service_name # # @param icc # # @param bridge # # @param fixed_cidr # # @param default_gateway # # @param ipv6 # # @param ipv6_cidr # # @param default_gateway_ipv6 # # @param log_level # # @param log_driver # # @param log_opt # # @param selinux_enabled # # @param labels # # @param dns # # @param dns_search # # @param service_state # # @param service_enable # # @param proxy # # @param no_proxy # # @param execdriver # # @param bip # # @param mtu # # @param storage_driver # # @param dm_basesize # # @param dm_fs # # @param dm_mkfsarg # # @param dm_mountopt # # @param dm_blocksize # # @param dm_loopdatasize # # @param dm_loopmetadatasize # # @param dm_datadev # # @param dm_metadatadev # # @param tmp_dir_config # # @param tmp_dir # # @param dm_thinpooldev # # @param dm_use_deferred_removal # # @param dm_use_deferred_deletion # # @param dm_blkdiscard # # @param dm_override_udev_sync_check # # @param overlay2_override_kernel_check # # @param storage_devs # # @param storage_vg # # @param storage_root_size # # @param storage_data_size # # @param storage_min_data_size # # @param storage_chunk_size # # @param storage_growpart # # @param storage_auto_extend_pool # # @param storage_pool_autoextend_threshold # # @param storage_pool_autoextend_percent # # @param storage_config # # @param storage_config_template # # @param storage_setup_file # # @param service_provider # # @param service_config # # @param service_config_template # # @param service_overrides_template # # @param socket_overrides_template # # @param socket_override # # @param service_after_override # # @param service_hasstatus # # @param service_hasrestart # # @param daemon_environment_files # # @param tls_enable # # @param tls_verify # # @param tls_cacert # # @param tls_cert # # @param tls_key # # @param registry_mirror # # @param root_dir_flag # class docker::service ( String $docker_command = $docker::docker_command, String $docker_start_command = $docker::docker_start_command, Optional[String] $service_name = $docker::service_name, Optional[Variant[String,Array[String]]] $tcp_bind = $docker::tcp_bind, Boolean $ip_forward = $docker::ip_forward, Boolean $iptables = $docker::iptables, Boolean $ip_masq = $docker::ip_masq, Optional[Boolean] $icc = $docker::icc, Optional[String] $bridge = $docker::bridge, Optional[String] $fixed_cidr = $docker::fixed_cidr, Optional[String] $default_gateway = $docker::default_gateway, Optional[Boolean] $ipv6 = $docker::ipv6, Optional[String] $ipv6_cidr = $docker::ipv6_cidr, Optional[String] $default_gateway_ipv6 = $docker::default_gateway_ipv6, String $socket_bind = $docker::socket_bind, Optional[String] $log_level = $docker::log_level, Optional[String] $log_driver = $docker::log_driver, Array $log_opt = $docker::log_opt, Optional[Boolean] $selinux_enabled = $docker::selinux_enabled, Optional[Variant[String,Boolean]] $socket_group = $docker::socket_group, Array $labels = $docker::labels, Optional[Variant[String,Array]] $dns = $docker::dns, Optional[Variant[String,Array]] $dns_search = $docker::dns_search, String $service_state = $docker::service_state, Boolean $service_enable = $docker::service_enable, Boolean $manage_service = $docker::manage_service, Optional[String] $root_dir = $docker::root_dir, Optional[Variant[String,Array]] $extra_parameters = $docker::extra_parameters, Optional[Variant[String,Array]] $shell_values = $docker::shell_values, Optional[String] $proxy = $docker::proxy, Optional[String] $no_proxy = $docker::no_proxy, Optional[String] $execdriver = $docker::execdriver, Optional[String] $bip = $docker::bip, Optional[String] $mtu = $docker::mtu, Optional[String] $storage_driver = $docker::storage_driver, Optional[String] $dm_basesize = $docker::dm_basesize, Optional[String] $dm_fs = $docker::dm_fs, Optional[String] $dm_mkfsarg = $docker::dm_mkfsarg, Optional[String] $dm_mountopt = $docker::dm_mountopt, Optional[String] $dm_blocksize = $docker::dm_blocksize, Optional[String] $dm_loopdatasize = $docker::dm_loopdatasize, Optional[String] $dm_loopmetadatasize = $docker::dm_loopmetadatasize, Optional[String] $dm_datadev = $docker::dm_datadev, Optional[String] $dm_metadatadev = $docker::dm_metadatadev, Optional[Boolean] $tmp_dir_config = $docker::tmp_dir_config, Optional[String] $tmp_dir = $docker::tmp_dir, Optional[String] $dm_thinpooldev = $docker::dm_thinpooldev, Optional[Boolean] $dm_use_deferred_removal = $docker::dm_use_deferred_removal, Optional[Boolean] $dm_use_deferred_deletion = $docker::dm_use_deferred_deletion, Optional[Boolean] $dm_blkdiscard = $docker::dm_blkdiscard, Optional[Boolean] $dm_override_udev_sync_check = $docker::dm_override_udev_sync_check, Boolean $overlay2_override_kernel_check = $docker::overlay2_override_kernel_check, Optional[String] $storage_devs = $docker::storage_devs, Optional[String] $storage_vg = $docker::storage_vg, Optional[String] $storage_root_size = $docker::storage_root_size, Optional[String] $storage_data_size = $docker::storage_data_size, Optional[String] $storage_min_data_size = $docker::storage_min_data_size, Optional[String] $storage_chunk_size = $docker::storage_chunk_size, Optional[Boolean] $storage_growpart = $docker::storage_growpart, Optional[String] $storage_auto_extend_pool = $docker::storage_auto_extend_pool, Optional[String] $storage_pool_autoextend_threshold = $docker::storage_pool_autoextend_threshold, Optional[String] $storage_pool_autoextend_percent = $docker::storage_pool_autoextend_percent, Optional[Variant[String,Boolean]] $storage_config = $docker::storage_config, Optional[String] $storage_config_template = $docker::storage_config_template, Optional[String] $storage_setup_file = $docker::storage_setup_file, Optional[String] $service_provider = $docker::service_provider, Optional[Variant[String,Boolean]] $service_config = $docker::service_config, Optional[String] $service_config_template = $docker::service_config_template, Optional[Variant[String,Boolean]] $service_overrides_template = $docker::service_overrides_template, Optional[Variant[String,Boolean]] $socket_overrides_template = $docker::socket_overrides_template, Optional[Boolean] $socket_override = $docker::socket_override, Optional[Variant[String,Boolean]] $service_after_override = $docker::service_after_override, Optional[Boolean] $service_hasstatus = $docker::service_hasstatus, Optional[Boolean] $service_hasrestart = $docker::service_hasrestart, Array $daemon_environment_files = $docker::daemon_environment_files, Boolean $tls_enable = $docker::tls_enable, Boolean $tls_verify = $docker::tls_verify, Optional[String] $tls_cacert = $docker::tls_cacert, Optional[String] $tls_cert = $docker::tls_cert, Optional[String] $tls_key = $docker::tls_key, Optional[Variant[String,Array]] $registry_mirror = $docker::registry_mirror, String $root_dir_flag = $docker::root_dir_flag, ) { unless $facts['os']['family'] =~ /(Debian|RedHat|windows)/ or $docker::acknowledge_unsupported_os { fail('The docker::service class needs a Debian, Redhat or Windows based system.') } $dns_array = any2array($dns) $dns_search_array = any2array($dns_search) $labels_array = any2array($labels) $extra_parameters_array = any2array($extra_parameters) $shell_values_array = any2array($shell_values) $tcp_bind_array = any2array($tcp_bind) if $service_config != undef { $_service_config = $service_config } else { if $facts['os']['family'] == 'Debian' { $_service_config = "/etc/default/${service_name}" } else { $_service_config = undef } } $_manage_service = $manage_service ? { true => Service['docker'], default => [], } $docker_storage_setup_parameters = { 'storage_driver' => $storage_driver, 'storage_devs' => $storage_devs, 'storage_vg' => $storage_vg, 'storage_root_size' => $storage_root_size, 'storage_data_size' => $storage_data_size, 'storage_min_data_size' => $storage_min_data_size, 'storage_chunk_size' => $storage_chunk_size, 'storage_growpart' => $storage_growpart, 'storage_auto_extend_pool' => $storage_auto_extend_pool, 'storage_pool_autoextend_threshold' => $storage_pool_autoextend_threshold, 'storage_pool_autoextend_percent' => $storage_pool_autoextend_percent, } if $facts['os']['family'] == 'RedHat' { file { $storage_setup_file: ensure => file, force => true, content => epp('docker/etc/sysconfig/docker-storage-setup.epp', $docker_storage_setup_parameters), before => $_manage_service, notify => $_manage_service, } } if $facts['os']['family'] == 'windows' { $dirs = [ "${facts['docker_program_data_path']}/docker/", "${facts['docker_program_data_path']}/docker/config/", ] $dirs.each |$dir| { file { $dir: ensure => directory, } } } $parameters_service_overrides_template = { 'service_after_override' => $service_after_override, 'docker_start_command' => $docker_start_command, 'daemon_environment_files' => $daemon_environment_files, } case $service_provider { 'systemd': { file { '/etc/systemd/system/docker.service.d': ensure => 'directory', } if $service_overrides_template { file { '/etc/systemd/system/docker.service.d/service-overrides.conf': ensure => file, content => epp($service_overrides_template, $parameters_service_overrides_template), seltype => 'container_unit_file_t', notify => Exec['docker-systemd-reload-before-service'], before => $_manage_service, } } if $socket_override { file { '/etc/systemd/system/docker.socket.d': ensure => 'directory', } file { '/etc/systemd/system/docker.socket.d/socket-overrides.conf': ensure => file, content => epp($socket_overrides_template, { 'socket_group' => $socket_group }), seltype => 'container_unit_file_t', notify => Exec['docker-systemd-reload-before-service'], before => $_manage_service, } } exec { 'docker-systemd-reload-before-service': path => ['/bin/', '/sbin/', '/usr/bin/', '/usr/sbin/',], command => 'systemctl daemon-reload > /dev/null', notify => $_manage_service, refreshonly => true, } } 'upstart': { file { '/etc/init.d/docker': ensure => 'link', target => '/lib/init/upstart-job', force => true, notify => $_manage_service, } } default: {} } #workaround for docker 1.13 on RedHat 7 if $facts['docker_server_version'] { if $facts['os']['family'] == 'RedHat' and $facts['docker_server_version'] =~ /1\.13.+/ { $_skip_storage_config = true } else { $_skip_storage_config = false } } else { $_skip_storage_config = false } $storage_config_parameters = { 'storage_driver' => $storage_driver, 'storage_devs' => $storage_devs, 'storage_vg' => $storage_vg, 'storage_root_size' => $storage_root_size, 'storage_data_size' => $storage_data_size, 'storage_min_data_size' => $storage_min_data_size, 'storage_chunk_size' => $storage_chunk_size, 'storage_growpart' => $storage_growpart, 'storage_auto_extend_pool' => $storage_auto_extend_pool, 'storage_pool_autoextend_threshold' => $storage_pool_autoextend_threshold, 'storage_pool_autoextend_percent' => $storage_pool_autoextend_percent, 'dm_basesize' => $dm_basesize, 'dm_fs' => $dm_fs, 'dm_mkfsarg' => $dm_mkfsarg, 'dm_mountopt' => $dm_mountopt, 'dm_blocksize' => $dm_blocksize, 'dm_loopdatasize' => $dm_loopdatasize, 'dm_loopmetadatasize' => $dm_loopmetadatasize, 'dm_thinpooldev' => $dm_thinpooldev, 'dm_datadev' => $dm_datadev, 'dm_metadatadev' => $dm_metadatadev, 'dm_use_deferred_removal' => $dm_use_deferred_removal, 'dm_use_deferred_deletion' => $dm_use_deferred_deletion, 'dm_blkdiscard' => $dm_blkdiscard, 'dm_override_udev_sync_check' => $dm_override_udev_sync_check, 'overlay2_override_kernel_check' => $overlay2_override_kernel_check, } if $storage_config { unless $_skip_storage_config { file { $storage_config: ensure => file, force => true, #force rewrite storage configuration content => epp($storage_config_template, $storage_config_parameters), notify => $_manage_service, } } } $parameters = { 'docker_command' => $docker_command, 'proxy' => $proxy, 'no_proxy' => $no_proxy, 'tmp_dir' => $tmp_dir, 'root_dir' => $root_dir, 'root_dir_flag' => $root_dir_flag, 'tcp_bind' => $tcp_bind, 'tcp_bind_array' => $tcp_bind_array, 'tls_enable' => $tls_enable, 'tls_verify' => $tls_verify, 'tls_cacert' => $tls_cacert, 'tls_cert' => $tls_cert, 'tls_key' => $tls_key, 'socket_bind' => $socket_bind, 'ip_forward' => $ip_forward, 'iptables' => $iptables, 'ip_masq' => $ip_masq, 'icc' => $icc, 'fixed_cidr' => $fixed_cidr, 'bridge' => $bridge, 'default_gateway' => $default_gateway, 'log_level' => $log_level, 'log_driver' => $log_driver, 'log_opt' => $log_opt, 'selinux_enabled' => $selinux_enabled, 'socket_group' => $socket_group, 'dns' => $dns, 'dns_array' => $dns_array, 'dns_search' => $dns_search, 'dns_search_array' => $dns_search_array, 'execdriver' => $execdriver, 'bip' => $bip, 'mtu' => $mtu, 'registry_mirror' => $registry_mirror, 'storage_driver' => $storage_driver, 'dm_basesize' => $dm_basesize, 'dm_fs' => $dm_fs, 'dm_mkfsarg' => $dm_mkfsarg, 'dm_mountopt' => $dm_mountopt, 'dm_blocksize' => $dm_blocksize, 'dm_loopdatasize' => $dm_loopdatasize, 'dm_loopmetadatasize' => $dm_loopmetadatasize, 'dm_thinpooldev' => $dm_thinpooldev, 'dm_datadev' => $dm_datadev, 'dm_metadatadev' => $dm_metadatadev, 'dm_use_deferred_removal' => $dm_use_deferred_removal, 'dm_use_deferred_deletion' => $dm_use_deferred_deletion, 'dm_blkdiscard' => $dm_blkdiscard, 'dm_override_udev_sync_check' => $dm_override_udev_sync_check, 'overlay2_override_kernel_check' => $overlay2_override_kernel_check, 'labels' => $labels, 'extra_parameters' => $extra_parameters, 'extra_parameters_array' => $extra_parameters_array, 'shell_values' => $shell_values, 'shell_values_array' => $shell_values_array, 'labels_array' => $labels_array, 'ipv6' => $ipv6, 'ipv6_cidr' => $ipv6_cidr, 'default_gateway_ipv6' => $default_gateway_ipv6, 'tmp_dir_config' => $tmp_dir_config, } if $_service_config { file { $_service_config: ensure => file, force => true, content => epp($service_config_template, $parameters), notify => $_manage_service, } } if $manage_service { if $facts['os']['family'] == 'windows' { reboot { 'pending_reboot': when => 'pending', onlyif => 'component_based_servicing', timeout => 1, } } if ! defined(Service['docker']) { service { 'docker': ensure => $service_state, name => $service_name, enable => $service_enable, hasstatus => $service_hasstatus, hasrestart => $service_hasrestart, provider => $service_provider, } } } }