| # Licensed to the Apache Software Foundation (ASF) under one or more contributor |
| # license agreements; and to You under the Apache License, Version 2.0. |
| --- |
| # This role will install a docker registry. If the registry existed, it will try to recycle its images. |
| |
| - name: "pull the {{ registry.version }} image of registry" |
| shell: "docker pull registry:{{ registry.version }}" |
| retries: "{{ docker.pull.retries }}" |
| delay: "{{ docker.pull.delay }}" |
| |
| - name: "create {{ registry.confdir }} on registry {{ ansible_host }}" |
| file: |
| path: "{{ registry.confdir }}/certs" |
| state: directory |
| when: registry.gencert |
| |
| - name: "copy cert to registry" |
| copy: |
| src: "files/whisk_docker_registry.crt" |
| dest: "{{ registry.confdir }}/certs" |
| when: registry.gencert |
| |
| - name: "copy key to registry" |
| copy: |
| src: "files/whisk_docker_registry.key" |
| dest: "{{ registry.confdir }}/certs" |
| when: registry.gencert |
| |
| - name: (re)start registry with ssl enabled |
| docker_container: |
| name: whisk_docker_registry |
| image: "registry:{{ registry.version }}" |
| state: started |
| restart_policy: "{{ docker.restart.policy }}" |
| hostname: registry |
| env: |
| "REGISTRY_HTTP_TLS_CERTIFICATE": "/certs/whisk_docker_registry.crt" |
| "REGISTRY_HTTP_TLS_KEY": "/certs/whisk_docker_registry.key" |
| ports: |
| - "{{ registry.port }}:5000" |
| volumes: |
| - "{{ registry.confdir }}/certs:/certs" |
| when: registry.gencert |
| |
| - name: (re)start registry with insecure ssl |
| docker_container: |
| name: whisk_docker_registry |
| image: "registry:{{ registry.version }}" |
| state: started |
| restart_policy: "{{ docker.restart.policy }}" |
| hostname: registry |
| ports: |
| - "{{ registry.port }}:5000" |
| when: not registry.gencert |
| |
| - name: wait until registry in this host is up and running |
| wait_for: |
| delay: 2 |
| host: "{{ ansible_host }}" |
| port: "{{ registry.port }}" |
| timeout: 60 |
| |
| - name: make cron job for registry recycle |
| template: |
| src: recycle-registry.py.j2 |
| dest: "/etc/cron.daily/recycle-registry" |
| mode: 0755 |
| become: true |