From 29fb2ad52f41adbea751215308e3db3d9112af9f Mon Sep 17 00:00:00 2001 From: Adam Miller Date: Fri, 24 Jun 2016 16:55:38 +0000 Subject: [PATCH] Add access to push to docker registry to compose-x86-01, Infra Ticket#5368 Signed-off-by: Adam Miller --- playbooks/groups/docker-registry.yml | 21 +++++++++++++++ playbooks/groups/osbs-master.yml | 38 ++++++++++------------------ roles/push-docker/tasks/main.yml | 23 +++++++++++++++++ 3 files changed, 58 insertions(+), 24 deletions(-) create mode 100644 roles/push-docker/tasks/main.yml diff --git a/playbooks/groups/docker-registry.yml b/playbooks/groups/docker-registry.yml index e9d33e2461..1de2af7f9c 100644 --- a/playbooks/groups/docker-registry.yml +++ b/playbooks/groups/docker-registry.yml @@ -91,3 +91,24 @@ }, when: env == "production" } + +- name: Setup compose-x86-01 push docker images to registry + hosts: compose-x86-01.phx2.fedoraproject.org + user: root + gather_facts: True + tags: + - releng-compose + + roles: + - { + role: push-docker, + docker_cert_dir: "/etc/docker/certs.d/registry.stg.fedoraproject.org", + private: {{private}}, + when: env == "staging" + } + - { + role: push-docker, + docker_cert_dir: "/etc/docker/certs.d/registry.fedoraproject.org", + private: {{private}}, + when: env == "production" + } diff --git a/playbooks/groups/osbs-master.yml b/playbooks/groups/osbs-master.yml index 4ea9392045..6127fe95d3 100644 --- a/playbooks/groups/osbs-master.yml +++ b/playbooks/groups/osbs-master.yml @@ -45,30 +45,6 @@ src: "{{files}}/osbs/docker-storage-setup" dest: "/etc/sysconfig/docker-storage-setup" - - name: install docker - action: "{{ ansible_pkg_mgr }} name=docker state=installed" - - - name: ensure docker daemon cert dir exists - file: - path: "{{docker_cert_dir}}" - state: directory - - - name: install docker client cert for registry - copy: - src: "{{private}}/files/koji/containerbuild.cert.pem" - dest: "{{docker_cert_dir}}/client.cert" - - - name: install docker client key for registry - copy: - src: "{{private}}/files/koji/containerbuild.key.pem" - dest: "{{docker_cert_dir}}/client.key" - - - name: run docker-storage-setup - shell: "docker-storage-setup" - - - name: start and enable docker - service: name=docker state=started enabled=yes - - name: create cert dir for openshift public facing REST API SSL file: path: "/etc/origin/master/named_certificates" @@ -94,6 +70,20 @@ src: "{{private}}/files/httpd/osbs.htpasswd" dest: /etc/origin/htpasswd + roles: + - { + role: push-docker, + docker_cert_dir: "/etc/docker/certs.d/registry.stg.fedoraproject.org", + private: {{private}}, + when: env == "staging" + } + - { + role: push-docker, + docker_cert_dir: "/etc/docker/certs.d/registry.fedoraproject.org", + private: {{private}}, + when: env == "production" + } + - name: setup osbs hosts: osbs:osbs-stg vars_files: diff --git a/roles/push-docker/tasks/main.yml b/roles/push-docker/tasks/main.yml new file mode 100644 index 0000000000..204c0bfd4e --- /dev/null +++ b/roles/push-docker/tasks/main.yml @@ -0,0 +1,23 @@ +--- +# tasks file for push-docker +# +- name: install docker + action: "{{ ansible_pkg_mgr }} name=docker state=installed" + +- name: ensure docker daemon cert dir exists + file: + path: "{{docker_cert_dir}}" + state: directory + +- name: install docker client cert for registry + copy: + src: "{{private}}/files/koji/containerbuild.cert.pem" + dest: "{{docker_cert_dir}}/client.cert" + +- name: install docker client key for registry + copy: + src: "{{private}}/files/koji/containerbuild.key.pem" + dest: "{{docker_cert_dir}}/client.key" + +- name: start and enable docker + service: name=docker state=started enabled=yes