Puppet Class: dockerinstall::profile::daemon

Inherits:
dockerinstall::params
Defined in:
manifests/profile/daemon.pp

Summary

Docker configuration setup and daemon start

Overview

Docker configuration setup and daemon start

Examples:

include dockerinstall::profile::daemon

Parameters:

  • network_bridge_ip (Optional[String]) (defaults to: undef)
  • mtu (Optional[Integer]) (defaults to: undef)
  • selinux (Optional[Boolean]) (defaults to: undef)
  • storage_driver (Optional[String]) (defaults to: undef)
  • storage_opts (Optional[Array[String]]) (defaults to: undef)
  • cgroup_driver (Optional[String]) (defaults to: undef)
  • log_driver (Optional[String]) (defaults to: undef)
  • log_opts (Optional[Hash]) (defaults to: undef)
  • docker0_bind (Boolean) (defaults to: false)
  • tls_enable (Boolean) (defaults to: false)
  • docker_tlsdir (Stdlib::Unixpath) (defaults to: $dockerinstall::params::docker_tlsdir) 


7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
 
# File 'manifests/profile/daemon.pp', line 7

class dockerinstall::profile::daemon (
  Optional[String]
          $network_bridge_ip = undef,
  Optional[Integer]
          $mtu               = undef,
  Optional[Boolean]
          $selinux           = undef,
  Optional[String]
          $storage_driver    = undef,
  Optional[Array[String]]
          $storage_opts      = undef,
  Optional[String]
          $cgroup_driver     = undef,
  Optional[String]
          $log_driver        = undef,
  Optional[Hash]
          $log_opts          = undef,
  Boolean $docker0_bind      = false,
  Boolean $tls_enable        = false,
  Stdlib::Unixpath
          $docker_tlsdir   = $dockerinstall::params::docker_tlsdir,
) inherits dockerinstall::params
{
    include dockerinstall::profile::install

    class { 'dockerinstall::tls':
      docker_tlsdir => $docker_tlsdir,
    }

    class { 'dockerinstall::config':
      bip            => $network_bridge_ip,
      mtu            => $mtu,
      selinux        => $selinux,
      storage_driver => $storage_driver,
      storage_opts   => $storage_opts,
      cgroup_driver  => $cgroup_driver,
      log_driver     => $log_driver,
      log_opts       => $log_opts,
    }

    # Daemon options
    # TLS settings
    if $tls_enable {
        $tls_settings = {
            'tls_enable' => true,
            # use Puppet CA signed certificate which does not support IP SANs
            # but uses Common Name field for FQDN
            'tls_verify' => true,
            'tls_cacert' => "${docker_tlsdir}/ca.pem",
            'tls_cert'   => "${docker_tlsdir}/cert.pem",
            'tls_key'    => "${docker_tlsdir}/key.pem",
        }

        $tcp_bind = [ 'tcp://0.0.0.0:2376' ]
        $tcp_bind_insecure = []
    }
    else {
        $tls_settings = {
            'tls_enable' => false,
        }

        $tcp_bind = []
        if $docker0_bind and 'docker0' in $::networking['interfaces'] {
          $tcp_bind_insecure = [ "${::networking['interfaces']['docker0']['ip']}:2375" ]
        }
        else {
          $tcp_bind_insecure = []
        }
    }

    $tcp_settings = {
        'tcp_bind' => $tcp_bind + $tcp_bind_insecure
    }

    class { 'dockerinstall::service':
        * =>  $tls_settings +
              $tcp_settings,
    }
    contain dockerinstall::service

    class { 'dockerinstall::compose': }

    Class['dockerinstall::profile::install'] ~> Class['dockerinstall::service']
    Class['dockerinstall::profile::install'] -> Class['dockerinstall::compose']
}