diff --git a/REFERENCE.md b/REFERENCE.md index 477cc3e9..dc1cbd5d 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -5,36 +5,38 @@ **Classes** -* [`docker`](#docker): -* [`docker::compose`](#dockercompose): [*curl_ensure*] Whether or not the curl package is ensured by this module. Defaults to true -* [`docker::config`](#dockerconfig): == Class: docker::config -* [`docker::images`](#dockerimages): docker::images -* [`docker::install`](#dockerinstall): -* [`docker::machine`](#dockermachine): == Class: docker::machine Class to install Docker Machine using the recommended curl command. === Parameters [*ensure*] Whether to insta -* [`docker::networks`](#dockernetworks): docker::networks -* [`docker::params`](#dockerparams): == Class: docker::params Default parameter values for the docker module -* [`docker::plugins`](#dockerplugins): docker::plugins -* [`docker::registry_auth`](#dockerregistry_auth): docker::registry_auth -* [`docker::repos`](#dockerrepos): == Class: docker::repos -* [`docker::run_instance`](#dockerrun_instance): docker::run_instance -* [`docker::service`](#dockerservice): == Class: docker::service Class to manage the docker service daemon === Parameters [*tcp_bind*] Which tcp port, if any, to bind the docke -* [`docker::swarms`](#dockerswarms): docker::swarms -* [`docker::systemd_reload`](#dockersystemd_reload): == Class: docker::systemd_reload For systems that have systemd -* [`docker::volumes`](#dockervolumes): docker::volumes +* [`docker`](#docker): Module to install an up-to-date version of Docker from package. +* [`docker::compose`](#dockercompose): install Docker Compose using the recommended curl command. +* [`docker::config`](#dockerconfig): +* [`docker::images`](#dockerimages): +* [`docker::install`](#dockerinstall): Module to install an up-to-date version of Docker from a package repository. +Only for Debian, Red Hat and Windows +* [`docker::machine`](#dockermachine): install Docker Machine using the recommended curl command. +* [`docker::networks`](#dockernetworks): +* [`docker::params`](#dockerparams): Default parameter values for the docker module +* [`docker::plugins`](#dockerplugins): +* [`docker::registry_auth`](#dockerregistry_auth): +* [`docker::repos`](#dockerrepos): +* [`docker::run_instance`](#dockerrun_instance): +* [`docker::service`](#dockerservice): manage the docker service daemon +* [`docker::swarms`](#dockerswarms): +* [`docker::systemd_reload`](#dockersystemd_reload): For systems that have systemd +* [`docker::volumes`](#dockervolumes): **Defined types** * [`docker::exec`](#dockerexec): A define which executes a command inside a container. -* [`docker::image`](#dockerimage): == Class: docker Module to install an up-to-date version of a Docker image from the registry === Parameters [*ensure*] Whether you want t -* [`docker::plugin`](#dockerplugin): -* [`docker::registry`](#dockerregistry): == Class: docker Module to configure private docker registries from which to pull Docker images If the registry does not require authenticat -* [`docker::run`](#dockerrun): == Define: docker:run A define which manages a running docker container. == Parameters [*restart*] Sets a restart policy on the docker run -* [`docker::secrets`](#dockersecrets): == Define: docker::secrets -* [`docker::services`](#dockerservices): -* [`docker::stack`](#dockerstack): -* [`docker::swarm`](#dockerswarm): -* [`docker::system_user`](#dockersystem_user): == Define: docker::system_user Define to manage docker group users === Parameters [*create_user*] Boolean to cotrol whether the user shou -* [`docker::windows_account`](#dockerwindows_account): == Define: docker::windows_account Define the Windows account that owns the docker services +* [`docker::image`](#dockerimage): Module to install an up-to-date version of a Docker image +from the registry +* [`docker::plugin`](#dockerplugin): A define that manages a docker plugin +* [`docker::registry`](#dockerregistry): Module to configure private docker registries from which to pull Docker images +* [`docker::run`](#dockerrun): A define which manages a running docker container. +* [`docker::secrets`](#dockersecrets): +* [`docker::services`](#dockerservices): define that managers a Docker services +* [`docker::stack`](#dockerstack): deploys Docker stacks or compose v3 +* [`docker::swarm`](#dockerswarm): managers a Docker Swarm Mode cluster +* [`docker::system_user`](#dockersystem_user): manage docker group users +* [`docker::windows_account`](#dockerwindows_account): Windows account that owns the docker services **Resource types** @@ -76,7 +78,7 @@ ### docker -The docker class. +Module to install an up-to-date version of Docker from package. #### Parameters @@ -86,7 +88,7 @@ The following parameters are available in the `docker` class. Data type: `Optional[String]` - +The package version to install, used to set the package name. Default value: $docker::params::version @@ -94,7 +96,7 @@ Default value: $docker::params::version Data type: `String` - +Passed to the docker package. Default value: $docker::params::ensure @@ -102,7 +104,7 @@ Default value: $docker::params::ensure Data type: `Variant[Array[String], Hash]` - +An array of additional packages that need to be installed to support docker. Default value: $docker::params::prerequired_packages @@ -110,789 +112,894 @@ Default value: $docker::params::prerequired_packages Data type: `Array` - +An array of packages installed by the docker-ce package v 18.09 and later. +Used when uninstalling to ensure containers cannot be run on the system. Default value: $docker::params::dependent_packages -##### `docker_ce_start_command` - -Data type: `String` - +##### `tcp_bind` +Data type: `Optional[Variant[String,Array[String]]]` -Default value: $docker::params::docker_ce_start_command +The tcp socket to bind to in the format +tcp://127.0.0.1:4243 -##### `docker_ce_package_name` - -Data type: `Optional[String]` +Default value: $docker::params::tcp_bind +##### `tls_enable` +Data type: `Boolean` -Default value: $docker::params::docker_ce_package_name +Enable TLS. -##### `docker_ce_source_location` +Default value: $docker::params::tls_enable -Data type: `Optional[String]` +##### `tls_verify` +Data type: `Boolean` +Use TLS and verify the remote -Default value: $docker::params::package_ce_source_location +Default value: $docker::params::tls_verify -##### `docker_ce_key_source` +##### `tls_cacert` Data type: `Optional[String]` +Path to TLS CA certificate +Default value: $docker::params::tls_cacert -Default value: $docker::params::package_ce_key_source - -##### `docker_ce_key_id` +##### `tls_cert` Data type: `Optional[String]` +Path to TLS certificate file +Default value: $docker::params::tls_cert -Default value: $docker::params::package_ce_key_id - -##### `docker_ce_release` +##### `tls_key` Data type: `Optional[String]` +Path to TLS key file +Default value: $docker::params::tls_key -Default value: $docker::params::package_ce_release +##### `ip_forward` -##### `docker_package_location` +Data type: `Boolean` -Data type: `Optional[String]` +Enables IP forwarding on the Docker host. +Default value: $docker::params::ip_forward +##### `iptables` -Default value: $docker::params::package_source_location +Data type: `Boolean` -##### `docker_package_key_source` +Enable Docker's addition of iptables rules. -Data type: `Optional[String]` +Default value: $docker::params::iptables +##### `ip_masq` +Data type: `Boolean` -Default value: $docker::params::package_key_source +Enable IP masquerading for bridge's IP range. -##### `docker_package_key_check_source` +Default value: $docker::params::ip_masq -Data type: `Optional[Boolean]` +##### `icc` +Data type: `Optional[Boolean]` +Enable or disable Docker's unrestricted inter-container and Docker daemon host communication. +(Requires iptables=true to disable) -Default value: $docker::params::package_key_check_source +Default value: $docker::params::icc -##### `docker_package_key_id` +##### `bip` Data type: `Optional[String]` +Specify docker's network bridge IP, in CIDR notation. +Default value: $docker::params::bip -Default value: $docker::params::package_key_id - -##### `docker_package_release` +##### `mtu` Data type: `Optional[String]` +Docker network MTU. +Default value: $docker::params::mtu -Default value: $docker::params::package_release - -##### `docker_engine_start_command` - -Data type: `String` - - +##### `bridge` -Default value: $docker::params::docker_engine_start_command +Data type: `Optional[String]` -##### `docker_engine_package_name` +Attach containers to a pre-existing network bridge +use 'none' to disable container networking -Data type: `String` +Default value: $docker::params::bridge +##### `fixed_cidr` +Data type: `Optional[String]` -Default value: $docker::params::docker_engine_package_name +IPv4 subnet for fixed IPs +10.20.0.0/16 -##### `docker_ce_channel` +Default value: $docker::params::fixed_cidr -Data type: `String` +##### `default_gateway` +Data type: `Optional[String]` +IPv4 address of the container default gateway; +this address must be part of the bridge subnet +(which is defined by bridge) -Default value: $docker::params::docker_ce_channel +Default value: $docker::params::default_gateway -##### `docker_ee` +##### `ipv6` Data type: `Optional[Boolean]` +Enables ipv6 support for the docker daemon +Default value: $docker::params::ipv6 -Default value: $docker::params::docker_ee - -##### `docker_ee_package_name` +##### `ipv6_cidr` Data type: `Optional[String]` +IPv6 subnet for fixed IPs +Default value: $docker::params::ipv6_cidr -Default value: $docker::params::package_ee_package_name - -##### `docker_ee_source_location` +##### `default_gateway_ipv6` Data type: `Optional[String]` +IPv6 address of the container default gateway: +Default value: $docker::params::default_gateway_ipv6 -Default value: $docker::params::package_ee_source_location - -##### `docker_ee_key_source` - -Data type: `Optional[String]` +##### `socket_bind` +Data type: `String` +The unix socket to bind to. -Default value: $docker::params::package_ee_key_source +Default value: $docker::params::socket_bind -##### `docker_ee_key_id` +##### `log_level` Data type: `Optional[String]` +Set the logging level +Valid values: debug, info, warn, error, fatal +Default value: $docker::params::log_level -Default value: $docker::params::package_ee_key_id - -##### `docker_ee_repos` +##### `log_driver` Data type: `Optional[String]` +Set the log driver. +Docker default is json-file. +Valid values: none, json-file, syslog, journald, gelf, fluentd +Valid values description: + none : Disables any logging for the container. + docker logs won't be available with this driver. + json-file: Default logging driver for Docker. + Writes JSON messages to file. + syslog : Syslog logging driver for Docker. + Writes log messages to syslog. + journald : Journald logging driver for Docker. + Writes log messages to journald. + gelf : Graylog Extended Log Format (GELF) logging driver for Docker. + Writes log messages to a GELF endpoint: Graylog or Logstash. + fluentd : Fluentd logging driver for Docker. + Writes log messages to fluentd (forward input). + splunk : Splunk logging driver for Docker. + Writes log messages to Splunk (HTTP Event Collector). + awslogs : AWS Cloudwatch Logs logging driver for Docker. + Write log messages to Cloudwatch API +Default value: $docker::params::log_driver -Default value: $docker::params::package_ee_repos +##### `log_opt` -##### `docker_ee_release` +Data type: `Array` -Data type: `Optional[String]` +Set the log driver specific options +Valid values per log driver: + none : undef + json-file: + max-size=[0-9+][k|m|g] + max-file=[0-9+] + syslog : + syslog-address=[tcp|udp]://host:port + syslog-address=unix://path + syslog-facility=daemon|kern|user|mail|auth| + syslog|lpr|news|uucp|cron| + authpriv|ftp| + local0|local1|local2|local3| + local4|local5|local6|local7 + syslog-tag="some_tag" + journald : undef + gelf : + gelf-address=udp://host:port + gelf-tag="some_tag" + fluentd : + fluentd-address=host:port + fluentd-tag={{.ID}} - short container id (12 characters)| + {{.FullID}} - full container id + {{.Name}} - container name + splunk : + splunk-token= + splunk-url=https://your_splunk_instance:8088 + awslogs : + awslogs-group= + awslogs-stream= + awslogs-create-group=true|false + awslogs-datetime-format= - strftime expression + awslogs-multiline-pattern=multiline start pattern using a regular expression + tag={{.ID}} - short container id (12 characters)| + {{.FullID}} - full container id + {{.Name}} - container name +Default value: $docker::params::log_opt +##### `selinux_enabled` -Default value: $docker::params::package_ee_release +Data type: `Optional[Boolean]` -##### `tcp_bind` +Enable selinux support. Default is false. SELinux does not presently +support the BTRFS storage driver. -Data type: `Variant[String,Array[String],Undef]` +Default value: $docker::params::selinux_enabled +##### `use_upstream_package_source` +Data type: `Optional[Boolean]` -Default value: $docker::params::tcp_bind +Whether or not to use the upstream package source. +If you run your own package mirror, you may set this +to false. -##### `tls_enable` +Default value: $docker::params::use_upstream_package_source -Data type: `Boolean` +##### `pin_upstream_package_source` +Data type: `Optional[Boolean]` +Pin upstream package source; this option currently only has any effect on +apt-based distributions. Set to false to remove pinning on the upstream +package repository. See also "apt_source_pin_level". -Default value: $docker::params::tls_enable +Default value: $docker::params::pin_upstream_package_source -##### `tls_verify` +##### `apt_source_pin_level` -Data type: `Boolean` +Data type: `Optional[Integer]` +What level to pin our source package repository to; this only is relevent +if you're on an apt-based system (Debian, Ubuntu, etc) and +$use_upstream_package_source is set to true. Set this to false to disable +pinning, and undef to ensure the apt preferences file apt::source uses to +define pins is removed. +Default value: $docker::params::apt_source_pin_level -Default value: $docker::params::tls_verify +##### `service_state` -##### `tls_cacert` +Data type: `String` -Data type: `Optional[String]` +Whether you want to docker daemon to start up +Default value: $docker::params::service_state +##### `service_enable` -Default value: $docker::params::tls_cacert +Data type: `Boolean` -##### `tls_cert` +Whether you want to docker daemon to start up at boot -Data type: `Optional[String]` +Default value: $docker::params::service_enable +##### `manage_service` +Data type: `Boolean` -Default value: $docker::params::tls_cert +Specify whether the service should be managed. -##### `tls_key` +Default value: $docker::params::manage_service -Data type: `Optional[String]` +##### `root_dir` +Data type: `Optional[String]` +Custom root directory for containers -Default value: $docker::params::tls_key +Default value: $docker::params::root_dir -##### `ip_forward` +##### `dns` -Data type: `Boolean` +Data type: `Optional[Variant[String,Array]]` +Custom dns server address +Default value: $docker::params::dns -Default value: $docker::params::ip_forward +##### `dns_search` -##### `ip_masq` +Data type: `Optional[Variant[String,Array]]` -Data type: `Boolean` +Custom dns search domains +Default value: $docker::params::dns_search +##### `socket_group` -Default value: $docker::params::ip_masq +Data type: `Optional[Variant[String,Boolean]]` -##### `ipv6` +Group ownership of the unix control socket. -Data type: `Optional[Boolean]` +Default value: $docker::params::socket_group +##### `extra_parameters` +Data type: `Optional[Variant[String,Array]]` -Default value: $docker::params::ipv6 +Any extra parameters that should be passed to the docker daemon. -##### `ipv6_cidr` +Default value: `undef` -Data type: `Optional[String]` +##### `shell_values` +Data type: `Optional[Variant[String,Array]]` +Array of shell values to pass into init script config files -Default value: $docker::params::ipv6_cidr +Default value: `undef` -##### `default_gateway_ipv6` +##### `proxy` Data type: `Optional[String]` +Will set the http_proxy and https_proxy env variables in /etc/sysconfig/docker (redhat/centos) or /etc/default/docker (debian) +Default value: $docker::params::proxy -Default value: $docker::params::default_gateway_ipv6 - -##### `bip` +##### `no_proxy` Data type: `Optional[String]` +Will set the no_proxy variable in /etc/sysconfig/docker (redhat/centos) or /etc/default/docker (debian) +Default value: $docker::params::no_proxy -Default value: $docker::params::bip - -##### `mtu` +##### `storage_driver` Data type: `Optional[String]` +Specify a storage driver to use +Valid values: aufs, devicemapper, btrfs, overlay, overlay2, vfs, zfs +Default value: $docker::params::storage_driver -Default value: $docker::params::mtu +##### `dm_basesize` -##### `iptables` +Data type: `Optional[String]` -Data type: `Boolean` +The size to use when creating the base device, which limits the size of images and containers. +Default value: $docker::params::dm_basesize +##### `dm_fs` -Default value: $docker::params::iptables +Data type: `Optional[String]` -##### `icc` +The filesystem to use for the base image (xfs or ext4) -Data type: `Optional[Boolean]` +Default value: $docker::params::dm_fs +##### `dm_mkfsarg` +Data type: `Optional[String]` -Default value: $docker::params::icc +Specifies extra mkfs arguments to be used when creating the base device. -##### `socket_bind` +Default value: $docker::params::dm_mkfsarg -Data type: `String` +##### `dm_mountopt` +Data type: `Optional[String]` +Specifies extra mount options used when mounting the thin devices. -Default value: $docker::params::socket_bind +Default value: $docker::params::dm_mountopt -##### `fixed_cidr` +##### `dm_blocksize` Data type: `Optional[String]` +A custom blocksize to use for the thin pool. +Default blocksize is 64K. +Warning: _DO NOT_ change this parameter after the lvm devices have been initialized. +Default value: $docker::params::dm_blocksize -Default value: $docker::params::fixed_cidr - -##### `bridge` +##### `dm_loopdatasize` Data type: `Optional[String]` +Specifies the size to use when creating the loopback file for the "data" device which is used for the thin pool +Default value: $docker::params::dm_loopdatasize -Default value: $docker::params::bridge - -##### `default_gateway` +##### `dm_loopmetadatasize` Data type: `Optional[String]` +Specifies the size to use when creating the loopback file for the "metadata" device which is used for the thin pool +Default value: $docker::params::dm_loopmetadatasize -Default value: $docker::params::default_gateway - -##### `log_level` +##### `dm_datadev` Data type: `Optional[String]` +(deprecated - dm_thinpooldev should be used going forward) +A custom blockdevice to use for data for the thin pool. +Default value: $docker::params::dm_datadev -Default value: $docker::params::log_level - -##### `log_driver` +##### `dm_metadatadev` Data type: `Optional[String]` +(deprecated - dm_thinpooldev should be used going forward) +A custom blockdevice to use for metadata for the thin pool. +Default value: $docker::params::dm_metadatadev -Default value: $docker::params::log_driver - -##### `log_opt` - -Data type: `Array` +##### `dm_thinpooldev` +Data type: `Optional[String]` +Specifies a custom block storage device to use for the thin pool. -Default value: $docker::params::log_opt +Default value: $docker::params::dm_thinpooldev -##### `selinux_enabled` +##### `dm_use_deferred_removal` Data type: `Optional[Boolean]` +Enables use of deferred device removal if libdm and the kernel driver support the mechanism. +Default value: $docker::params::dm_use_deferred_removal -Default value: $docker::params::selinux_enabled - -##### `use_upstream_package_source` +##### `dm_use_deferred_deletion` Data type: `Optional[Boolean]` +Enables use of deferred device deletion if libdm and the kernel driver support the mechanism. +Default value: $docker::params::dm_use_deferred_deletion -Default value: $docker::params::use_upstream_package_source - -##### `pin_upstream_package_source` +##### `dm_blkdiscard` Data type: `Optional[Boolean]` +Enables or disables the use of blkdiscard when removing devicemapper devices. +Default value: $docker::params::dm_blkdiscard -Default value: $docker::params::pin_upstream_package_source - -##### `apt_source_pin_level` - -Data type: `Optional[Integer]` - - - -Default value: $docker::params::apt_source_pin_level - -##### `package_release` - -Data type: `Optional[String]` - - - -Default value: $docker::params::package_release - -##### `service_state` - -Data type: `String` +##### `dm_override_udev_sync_check` +Data type: `Optional[Boolean]` +By default, the devicemapper backend attempts to synchronize with the udev +device manager for the Linux kernel. This option allows disabling that +synchronization, to continue even though the configuration may be buggy. -Default value: $docker::params::service_state +Default value: $docker::params::dm_override_udev_sync_check -##### `service_enable` +##### `overlay2_override_kernel_check` Data type: `Boolean` +Overrides the Linux kernel version check allowing using overlay2 with kernel < 4.0. +Default value: $docker::params::overlay2_override_kernel_check -Default value: $docker::params::service_enable - -##### `manage_service` +##### `manage_package` Data type: `Boolean` +Won't install or define the docker package, useful if you want to use your own package +Default value: $docker::params::manage_package -Default value: $docker::params::manage_service - -##### `root_dir` +##### `service_name` Data type: `Optional[String]` +Specify custom service name +Default value: $docker::params::service_name -Default value: $docker::params::root_dir - -##### `tmp_dir_config` - -Data type: `Optional[Boolean]` - - - -Default value: $docker::params::tmp_dir_config - -##### `tmp_dir` - -Data type: `Optional[String]` - - +##### `docker_users` -Default value: $docker::params::tmp_dir +Data type: `Array` -##### `dns` +Specify an array of users to add to the docker group -Data type: `Variant[String,Array,Undef]` +Default value: [] +##### `docker_group` +Data type: `String` -Default value: $docker::params::dns +Specify a string for the docker group -##### `dns_search` +Default value: $docker::params::docker_group -Data type: `Variant[String,Array,Undef]` +##### `daemon_environment_files` +Data type: `Array` +Specify additional environment files to add to the +service-overrides.conf -Default value: $docker::params::dns_search +Default value: [] -##### `socket_group` +##### `repo_opt` -Data type: `Variant[String,Boolean,Undef]` +Data type: `Optional[Variant[String,Hash]]` +Specify a string to pass as repository options (RedHat only) +Default value: $docker::params::repo_opt -Default value: $docker::params::socket_group +##### `storage_devs` -##### `labels` +Data type: `Optional[String]` -Data type: `Array` +A quoted, space-separated list of devices to be used. +Default value: $docker::params::storage_devs +##### `storage_vg` -Default value: $docker::params::labels +Data type: `Optional[String]` -##### `extra_parameters` +The volume group to use for docker storage. -Data type: `Variant[String,Array,Undef]` +Default value: $docker::params::storage_vg +##### `storage_root_size` +Data type: `Optional[String]` -Default value: `undef` +The size to which the root filesystem should be grown. -##### `shell_values` +Default value: $docker::params::storage_root_size -Data type: `Variant[String,Array,Undef]` +##### `storage_data_size` +Data type: `Optional[String]` +The desired size for the docker data LV -Default value: `undef` +Default value: $docker::params::storage_data_size -##### `proxy` +##### `storage_min_data_size` Data type: `Optional[String]` +The minimum size of data volume otherwise pool creation fails +Default value: $docker::params::storage_min_data_size -Default value: $docker::params::proxy - -##### `no_proxy` +##### `storage_chunk_size` Data type: `Optional[String]` +Controls the chunk size/block size of thin pool. +Default value: $docker::params::storage_chunk_size -Default value: $docker::params::no_proxy - -##### `storage_driver` - -Data type: `Optional[String]` +##### `storage_growpart` +Data type: `Optional[Boolean]` +Enable resizing partition table backing root volume group. -Default value: $docker::params::storage_driver +Default value: $docker::params::storage_growpart -##### `dm_basesize` +##### `storage_auto_extend_pool` Data type: `Optional[String]` +Enable/disable automatic pool extension using lvm +Default value: $docker::params::storage_auto_extend_pool -Default value: $docker::params::dm_basesize - -##### `dm_fs` +##### `storage_pool_autoextend_threshold` Data type: `Optional[String]` +Auto pool extension threshold (in % of pool size) +Default value: $docker::params::storage_pool_autoextend_threshold -Default value: $docker::params::dm_fs - -##### `dm_mkfsarg` +##### `storage_pool_autoextend_percent` Data type: `Optional[String]` +Extend the pool by specified percentage when threshold is hit. +Default value: $docker::params::storage_pool_autoextend_percent -Default value: $docker::params::dm_mkfsarg - -##### `dm_mountopt` - -Data type: `Optional[String]` +##### `tmp_dir_config` +Data type: `Optional[Boolean]` +Whether to set the TMPDIR value in the systemd config file +Default: true (set the value); false will comment out the line. +Note: false is backwards compatible prior to PR #58 -Default value: $docker::params::dm_mountopt +Default value: $docker::params::tmp_dir_config -##### `dm_blocksize` +##### `tmp_dir` Data type: `Optional[String]` +Sets the tmp dir for Docker (path) +Default value: $docker::params::tmp_dir -Default value: $docker::params::dm_blocksize - -##### `dm_loopdatasize` +##### `registry_mirror` Data type: `Optional[String]` +Sets the prefered container registry mirror. +Default value: $docker::params::registry_mirror -Default value: $docker::params::dm_loopdatasize - -##### `dm_loopmetadatasize` +##### `nuget_package_provider_version` Data type: `Optional[String]` +The version of the NuGet Package provider +Default value: $docker::params::nuget_package_provider_version -Default value: $docker::params::dm_loopmetadatasize - -##### `dm_datadev` +##### `docker_msft_provider_version` Data type: `Optional[String]` +The version of the Microsoft Docker Provider Module +Default value: $docker::params::docker_msft_provider_version -Default value: $docker::params::dm_datadev - -##### `dm_metadatadev` +##### `docker_ce_start_command` -Data type: `Optional[String]` +Data type: `String` -Default value: $docker::params::dm_metadatadev +Default value: $docker::params::docker_ce_start_command -##### `dm_thinpooldev` +##### `docker_ce_package_name` Data type: `Optional[String]` -Default value: $docker::params::dm_thinpooldev +Default value: $docker::params::docker_ce_package_name -##### `dm_use_deferred_removal` +##### `docker_ce_source_location` -Data type: `Optional[Boolean]` +Data type: `Optional[String]` -Default value: $docker::params::dm_use_deferred_removal +Default value: $docker::params::package_ce_source_location -##### `dm_use_deferred_deletion` +##### `docker_ce_key_source` -Data type: `Optional[Boolean]` +Data type: `Optional[String]` -Default value: $docker::params::dm_use_deferred_deletion +Default value: $docker::params::package_ce_key_source -##### `dm_blkdiscard` +##### `docker_ce_key_id` -Data type: `Optional[Boolean]` +Data type: `Optional[String]` -Default value: $docker::params::dm_blkdiscard +Default value: $docker::params::package_ce_key_id -##### `dm_override_udev_sync_check` +##### `docker_ce_release` -Data type: `Optional[Boolean]` +Data type: `Optional[String]` -Default value: $docker::params::dm_override_udev_sync_check +Default value: $docker::params::package_ce_release -##### `overlay2_override_kernel_check` +##### `docker_package_location` -Data type: `Boolean` +Data type: `Optional[String]` -Default value: $docker::params::overlay2_override_kernel_check +Default value: $docker::params::package_source_location -##### `execdriver` +##### `docker_package_key_source` Data type: `Optional[String]` -Default value: $docker::params::execdriver +Default value: $docker::params::package_key_source -##### `manage_package` +##### `docker_package_key_check_source` -Data type: `Boolean` +Data type: `Optional[Boolean]` -Default value: $docker::params::manage_package +Default value: $docker::params::package_key_check_source -##### `package_source` +##### `docker_package_key_id` Data type: `Optional[String]` -Default value: $docker::params::package_source +Default value: $docker::params::package_key_id -##### `service_name` +##### `docker_package_release` Data type: `Optional[String]` -Default value: $docker::params::service_name +Default value: $docker::params::package_release -##### `docker_users` +##### `docker_engine_start_command` -Data type: `Array` +Data type: `String` -Default value: [] +Default value: $docker::params::docker_engine_start_command -##### `docker_group` +##### `docker_engine_package_name` Data type: `String` -Default value: $docker::params::docker_group +Default value: $docker::params::docker_engine_package_name -##### `daemon_environment_files` +##### `docker_ce_channel` -Data type: `Array` +Data type: `String` -Default value: [] +Default value: $docker::params::docker_ce_channel -##### `repo_opt` +##### `docker_ee` -Data type: `Variant[String,Hash,Undef]` +Data type: `Optional[Boolean]` -Default value: $docker::params::repo_opt +Default value: $docker::params::docker_ee -##### `os_lc` +##### `docker_ee_package_name` Data type: `Optional[String]` -Default value: $docker::params::os_lc +Default value: $docker::params::package_ee_package_name -##### `storage_devs` +##### `docker_ee_source_location` Data type: `Optional[String]` -Default value: $docker::params::storage_devs +Default value: $docker::params::package_ee_source_location -##### `storage_vg` +##### `docker_ee_key_source` Data type: `Optional[String]` -Default value: $docker::params::storage_vg +Default value: $docker::params::package_ee_key_source -##### `storage_root_size` +##### `docker_ee_key_id` Data type: `Optional[String]` -Default value: $docker::params::storage_root_size +Default value: $docker::params::package_ee_key_id -##### `storage_data_size` +##### `docker_ee_repos` Data type: `Optional[String]` -Default value: $docker::params::storage_data_size +Default value: $docker::params::package_ee_repos -##### `storage_min_data_size` +##### `docker_ee_release` Data type: `Optional[String]` -Default value: $docker::params::storage_min_data_size +Default value: $docker::params::package_ee_release -##### `storage_chunk_size` +##### `package_release` Data type: `Optional[String]` -Default value: $docker::params::storage_chunk_size +Default value: $docker::params::package_release -##### `storage_growpart` +##### `labels` -Data type: `Optional[Boolean]` +Data type: `Array` -Default value: $docker::params::storage_growpart +Default value: $docker::params::labels -##### `storage_auto_extend_pool` +##### `execdriver` Data type: `Optional[String]` -Default value: $docker::params::storage_auto_extend_pool +Default value: $docker::params::execdriver -##### `storage_pool_autoextend_threshold` +##### `package_source` Data type: `Optional[String]` -Default value: $docker::params::storage_pool_autoextend_threshold +Default value: $docker::params::package_source -##### `storage_pool_autoextend_percent` +##### `os_lc` Data type: `Optional[String]` -Default value: $docker::params::storage_pool_autoextend_percent +Default value: $docker::params::os_lc ##### `storage_config` -Data type: `Variant[String,Boolean,Undef]` +Data type: `Optional[Variant[String,Boolean]]` @@ -924,7 +1031,7 @@ Default value: $docker::params::service_provider ##### `service_config` -Data type: `Variant[String,Boolean,Undef]` +Data type: `Optional[Variant[String,Boolean]]` @@ -940,7 +1047,7 @@ Default value: $docker::params::service_config_template ##### `service_overrides_template` -Data type: `Variant[String,Boolean,Undef]` +Data type: `Optional[Variant[String,Boolean]]` @@ -948,7 +1055,7 @@ Default value: $docker::params::service_overrides_template ##### `socket_overrides_template` -Data type: `Variant[String,Boolean,Undef]` +Data type: `Optional[Variant[String,Boolean]]` @@ -964,7 +1071,7 @@ Default value: $docker::params::socket_override ##### `service_after_override` -Data type: `Variant[String,Boolean,Undef]` +Data type: `Optional[Variant[String,Boolean]]` @@ -986,14 +1093,6 @@ Data type: `Optional[Boolean]` Default value: $docker::params::service_hasrestart -##### `registry_mirror` - -Data type: `Optional[String]` - - - -Default value: $docker::params::registry_mirror - ##### `acknowledge_unsupported_os` Data type: `Boolean` @@ -1002,27 +1101,9 @@ Data type: `Boolean` Default value: `false` -##### `docker_msft_provider_version` - -Data type: `Optional[String]` - - - -Default value: $docker::params::docker_msft_provider_version - -##### `nuget_package_provider_version` - -Data type: `Optional[String]` - - - -Default value: $docker::params::nuget_package_provider_version - ### docker::compose -[*curl_ensure*] - Whether or not the curl package is ensured by this module. - Defaults to true +install Docker Compose using the recommended curl command. #### Parameters @@ -1030,9 +1111,10 @@ The following parameters are available in the `docker::compose` class. ##### `ensure` -Data type: `Optional[Pattern[/^present$|^absent$/]]` - +Data type: `Optional[Enum[present,absent]]` +Whether to install or remove Docker Compose +Valid values are absent present Default value: 'present' @@ -1040,7 +1122,7 @@ Default value: 'present' Data type: `Optional[String]` - +The version of Docker Compose to install. Default value: $docker::params::compose_version @@ -1048,7 +1130,7 @@ Default value: $docker::params::compose_version Data type: `Optional[String]` - +The path where to install Docker Compose. Default value: $docker::params::compose_install_path @@ -1056,7 +1138,9 @@ Default value: $docker::params::compose_install_path Data type: `Optional[String]` - +The name of the symlink created pointing to the actual docker-compose binary +This allows use of own docker-compose wrapper scripts for the times it's +necessary to set certain things before running the docker-compose binary Default value: $docker::params::compose_symlink_name @@ -1064,7 +1148,7 @@ Default value: $docker::params::compose_symlink_name Data type: `Optional[String]` - +Proxy to use for downloading Docker Compose. Default value: `undef` @@ -1072,7 +1156,9 @@ Default value: `undef` Data type: `Optional[String]` - +The base url for installation +This allows use of a mirror that follows the same layout as the +official repository Default value: $docker::params::compose_base_url @@ -1080,7 +1166,10 @@ Default value: $docker::params::compose_base_url Data type: `Optional[String]` - +Override the raw URL for installation +The default is to build a URL from baseurl. If rawurl is set, the caller is +responsible for ensuring the URL points to the correct version and +architecture. Default value: `undef` @@ -1088,17 +1177,17 @@ Default value: `undef` Data type: `Optional[Boolean]` - +Whether or not the curl package is ensured by this module. Default value: $docker::params::curl_ensure ### docker::config -== Class: docker::config +The docker::config class. ### docker::images -docker::images +The docker::images class. #### Parameters @@ -1112,7 +1201,8 @@ Data type: `Any` ### docker::install -The docker::install class. +Module to install an up-to-date version of Docker from a package repository. +Only for Debian, Red Hat and Windows #### Parameters @@ -1122,7 +1212,7 @@ The following parameters are available in the `docker::install` class. Data type: `Any` - +The package version to install, used to set the package name. Default value: $docker::version @@ -1130,7 +1220,7 @@ Default value: $docker::version Data type: `Any` - +The version of the NuGet Package provider Default value: $docker::nuget_package_provider_version @@ -1138,7 +1228,7 @@ Default value: $docker::nuget_package_provider_version Data type: `Any` - +The version of the Microsoft Docker Provider Module Default value: $docker::docker_msft_provider_version @@ -1146,7 +1236,7 @@ Default value: $docker::docker_msft_provider_version Data type: `Any` - +The name of the Docker Enterprise Edition package Default value: $docker::docker_ee_package_name @@ -1168,35 +1258,7 @@ Default value: $docker::dependent_packages ### docker::machine -== Class: docker::machine - -Class to install Docker Machine using the recommended curl command. - -=== Parameters - -[*ensure*] - Whether to install or remove Docker Machine - Valid values are absent present - Defaults to present - -[*version*] - The version of Docker Machine to install. - Defaults to the value set in $docker::params::machine_version - -[*install_path*] - The path where to install Docker Machine. - Defaults to the value set in $docker::params::machine_install_path - -[*proxy*] - Proxy to use for downloading Docker Machine. - -[*url*] - The URL from which the docker machine binary should be fetched - Defaults to a auto determined value based on version, kernel and OS. - -[*curl_ensure*] - Whether or not the curl package is ensured by this module. - Defaults to true +install Docker Machine using the recommended curl command. #### Parameters @@ -1204,9 +1266,10 @@ The following parameters are available in the `docker::machine` class. ##### `ensure` -Data type: `Optional[Pattern[/^present$|^absent$/]]` - +Data type: `Optional[Enum[present,absent]]` +Whether to install or remove Docker Machine +Valid values are absent present Default value: 'present' @@ -1214,7 +1277,7 @@ Default value: 'present' Data type: `Optional[String]` - +The version of Docker Machine to install. Default value: $docker::params::machine_version @@ -1222,7 +1285,7 @@ Default value: $docker::params::machine_version Data type: `Optional[String]` - +The path where to install Docker Machine. Default value: $docker::params::machine_install_path @@ -1230,7 +1293,7 @@ Default value: $docker::params::machine_install_path Data type: `Optional[String]` - +Proxy to use for downloading Docker Machine. Default value: `undef` @@ -1238,7 +1301,7 @@ Default value: `undef` Data type: `Optional[Variant[Stdlib::HTTPUrl, Stdlib::HTTPSUrl]]` - +The URL from which the docker machine binary should be fetched Default value: `undef` @@ -1246,13 +1309,13 @@ Default value: `undef` Data type: `Optional[Boolean]` - +Whether or not the curl package is ensured by this module. Default value: $docker::params::curl_ensure ### docker::networks -docker::networks +The docker::networks class. #### Parameters @@ -1266,13 +1329,11 @@ Data type: `Any` ### docker::params -== Class: docker::params - Default parameter values for the docker module ### docker::plugins -docker::plugins +The docker::plugins class. #### Parameters @@ -1286,7 +1347,7 @@ Data type: `Any` ### docker::registry_auth -docker::registry_auth +The docker::registry_auth class. #### Parameters @@ -1300,7 +1361,7 @@ Data type: `Any` ### docker::repos -== Class: docker::repos +The docker::repos class. #### Parameters @@ -1336,11 +1397,11 @@ Data type: `Any` -Default value: $facts['architecture'] +Default value: $facts['os']['architecture'] ### docker::run_instance -docker::run_instance +The docker::run_instance class. #### Parameters @@ -1354,103 +1415,118 @@ Data type: `Any` ### docker::service -== Class: docker::service +manage the docker service daemon -Class to manage the docker service daemon +#### Parameters -=== Parameters -[*tcp_bind*] - Which tcp port, if any, to bind the docker service to. +The following parameters are available in the `docker::service` class. -[*ip_forward*] - This flag interacts with the IP forwarding setting on - your host system's kernel +##### `tcp_bind` -[*iptables*] - Enable Docker's addition of iptables rules +Data type: `Any` -[*ip_masq*] - Enable IP masquerading for bridge's IP range. +Which tcp port, if any, to bind the docker service to. -[*socket_bind*] - Which local unix socket to bind the docker service to. +Default value: $docker::tcp_bind -[*socket_group*] - Which local unix socket to bind the docker service to. +##### `ip_forward` -[*root_dir*] - Specify a non-standard root directory for docker. +Data type: `Any` -[*extra_parameters*] - Plain additional parameters to pass to the docker daemon +This flag interacts with the IP forwarding setting on +your host system's kernel -[*shell_values*] - Array of shell values to pass into init script config files +Default value: $docker::ip_forward -[*manage_service*] - Specify whether the service should be managed. - Valid values are 'true', 'false'. - Defaults to 'true'. +##### `iptables` -#### Parameters +Data type: `Any` -The following parameters are available in the `docker::service` class. +Enable Docker's addition of iptables rules -##### `docker_command` +Default value: $docker::iptables -Data type: `Any` +##### `ip_masq` +Data type: `Any` +Enable IP masquerading for bridge's IP range. -Default value: $docker::docker_command +Default value: $docker::ip_masq -##### `docker_start_command` +##### `socket_bind` Data type: `Any` +Which local unix socket to bind the docker service to. + +Default value: $docker::socket_bind +##### `socket_group` -Default value: $docker::docker_start_command +Data type: `Any` -##### `service_name` +Which local unix socket to bind the docker service to. + +Default value: $docker::socket_group + +##### `root_dir` Data type: `Any` +Specify a non-standard root directory for docker. +Default value: $docker::root_dir -Default value: $docker::service_name +##### `extra_parameters` -##### `tcp_bind` +Data type: `Any` + +Plain additional parameters to pass to the docker daemon + +Default value: $docker::extra_parameters + +##### `shell_values` Data type: `Any` +Array of shell values to pass into init script config files +Default value: $docker::shell_values -Default value: $docker::tcp_bind +##### `manage_service` -##### `ip_forward` +Data type: `Any` + +Specify whether the service should be managed. +Valid values are 'true', 'false'. +Defaults to 'true'. + +Default value: $docker::manage_service + +##### `docker_command` Data type: `Any` -Default value: $docker::ip_forward +Default value: $docker::docker_command -##### `iptables` +##### `docker_start_command` Data type: `Any` -Default value: $docker::iptables +Default value: $docker::docker_start_command -##### `ip_masq` +##### `service_name` Data type: `Any` -Default value: $docker::ip_masq +Default value: $docker::service_name ##### `icc` @@ -1508,14 +1584,6 @@ Data type: `Any` Default value: $docker::default_gateway_ipv6 -##### `socket_bind` - -Data type: `Any` - - - -Default value: $docker::socket_bind - ##### `log_level` Data type: `Any` @@ -1548,14 +1616,6 @@ Data type: `Any` Default value: $docker::selinux_enabled -##### `socket_group` - -Data type: `Any` - - - -Default value: $docker::socket_group - ##### `labels` Data type: `Any` @@ -1578,55 +1638,23 @@ Data type: `Any` -Default value: $docker::dns_search - -##### `service_state` - -Data type: `Any` - - - -Default value: $docker::service_state - -##### `service_enable` - -Data type: `Any` - - - -Default value: $docker::service_enable - -##### `manage_service` - -Data type: `Any` - - - -Default value: $docker::manage_service - -##### `root_dir` - -Data type: `Any` - - - -Default value: $docker::root_dir +Default value: $docker::dns_search -##### `extra_parameters` +##### `service_state` Data type: `Any` -Default value: $docker::extra_parameters +Default value: $docker::service_state -##### `shell_values` +##### `service_enable` Data type: `Any` -Default value: $docker::shell_values +Default value: $docker::service_enable ##### `proxy` @@ -2054,7 +2082,7 @@ Default value: $docker::root_dir_flag ### docker::swarms -docker::swarms +The docker::swarms class. #### Parameters @@ -2068,13 +2096,11 @@ Data type: `Any` ### docker::systemd_reload -== Class: docker::systemd_reload - For systems that have systemd ### docker::volumes -docker::volumes +The docker::volumes class. #### Parameters @@ -2178,40 +2204,18 @@ Default value: `undef` ### docker::image -== Class: docker - Module to install an up-to-date version of a Docker image from the registry -=== Parameters -[*ensure*] - Whether you want the image present or absent. - -[*image*] - If you want the name of the image to be different from the - name of the puppet resource you can pass a value here. - -[*image_tag*] - If you want a specific tag of the image to be installed - -[*image_digest*] - If you want a specific content digest of the image to be installed - -[*docker_file*] - If you want to add a docker image from specific docker file - -[*docker_tar*] - If you want to load a docker image from specific docker tar - #### Parameters The following parameters are available in the `docker::image` defined type. ##### `ensure` -Data type: `Optional[Pattern[/^(present|absent|latest)$/]]` - +Data type: `Optional[Enum[present,absent,latest]]` +Whether you want the image present or absent. Default value: 'present' @@ -2219,7 +2223,8 @@ Default value: 'present' Data type: `Optional[Pattern[/^[\S]*$/]]` - +If you want the name of the image to be different from the +name of the puppet resource you can pass a value here. Default value: $title @@ -2227,7 +2232,7 @@ Default value: $title Data type: `Optional[String]` - +If you want a specific tag of the image to be installed Default value: `undef` @@ -2235,35 +2240,35 @@ Default value: `undef` Data type: `Optional[String]` - +If you want a specific content digest of the image to be installed Default value: `undef` -##### `force` - -Data type: `Optional[Boolean]` +##### `docker_file` +Data type: `Optional[String]` +If you want to add a docker image from specific docker file -Default value: `false` +Default value: `undef` -##### `docker_file` +##### `docker_tar` Data type: `Optional[String]` - +If you want to load a docker image from specific docker tar Default value: `undef` -##### `docker_dir` +##### `force` -Data type: `Optional[String]` +Data type: `Optional[Boolean]` -Default value: `undef` +Default value: `false` -##### `docker_tar` +##### `docker_dir` Data type: `Optional[String]` @@ -2273,25 +2278,25 @@ Default value: `undef` ### docker::plugin -The docker::plugin class. +A define that manages a docker plugin #### Parameters The following parameters are available in the `docker::plugin` defined type. -##### `ensure` - -Data type: `Optional[Pattern[/^present$|^absent$/]]` +##### `plugin_name` +Data type: `String` +This ensures whether the plugin is installed or not. +Note that the default behaviour of docker plugin +requires a plugin be disabled before it can be removed -Default value: 'present' +Default value: $title ##### `plugin_name` -Data type: `String` - - +The name of the docker plugin Default value: $title @@ -2299,7 +2304,7 @@ Default value: $title Data type: `Optional[Boolean]` - +A setting to enable or disable an installed plugin. Default value: `true` @@ -2307,7 +2312,7 @@ Default value: `true` Data type: `Optional[String]` - +The number of seconds to wait when enabling a plugin Default value: `undef` @@ -2315,7 +2320,7 @@ Default value: `undef` Data type: `Optional[String]` - +An alternative name to use for an installed plugin Default value: `undef` @@ -2323,7 +2328,7 @@ Default value: `undef` Data type: `Optional[Boolean]` - +Alters the default behaviour of enabling a plugin upon install Default value: `false` @@ -2331,7 +2336,7 @@ Default value: `false` Data type: `Optional[Boolean]` - +Skip image verification Default value: `true` @@ -2339,7 +2344,7 @@ Default value: `true` Data type: `Optional[Boolean]` - +Grant all permissions necessary to run the plugin Default value: `true` @@ -2347,7 +2352,7 @@ Default value: `true` Data type: `Optional[Boolean]` - +Force the removal of an active plugin Default value: `true` @@ -2355,45 +2360,27 @@ Default value: `true` Data type: `Optional[Array]` - +Any additional settings to pass to the plugin during install Default value: [] -### docker::registry +##### `ensure` -== Class: docker +Data type: `Optional[Enum[present,absent]]` -Module to configure private docker registries from which to pull Docker images -If the registry does not require authentication, this module is not required. -=== Parameters -[*server*] - The hostname and port of the private Docker registry. Ex: dockerreg:5000 -[*ensure*] - Whether or not you want to login or logout of a repository +Default value: 'present' -[*username*] - Username for authentication to private Docker registry. - auth is not required. +##### `grant_all_permissions` -[*password*] - Password for authentication to private Docker registry. Leave undef if - auth is not required. -[*pass_hash*] - The hash to be used for receipt. If left as undef, a hash will be generated -[*email*] - Email for registration to private Docker registry. Leave undef if - auth is not required. +Default value: `true` -[*local_user*] - The local user to log in as. Docker will store credentials in this - users home directory +### docker::registry -[*receipt*] - Required to be true for idempotency +Module to configure private docker registries from which to pull Docker images #### Parameters @@ -2403,15 +2390,15 @@ The following parameters are available in the `docker::registry` defined type. Data type: `Optional[String]` - +The hostname and port of the private Docker registry. Ex: dockerreg:5000 Default value: $title ##### `ensure` -Data type: `Optional[Pattern[/^present$|^absent$/]]` - +Data type: `Optional[Enum[present,absent]]` +Whether or not you want to login or logout of a repository Default value: 'present' @@ -2419,7 +2406,8 @@ Default value: 'present' Data type: `Optional[String]` - +Username for authentication to private Docker registry. +auth is not required. Default value: `undef` @@ -2427,7 +2415,8 @@ Default value: `undef` Data type: `Optional[String]` - +Password for authentication to private Docker registry. Leave undef if +auth is not required. Default value: `undef` @@ -2435,7 +2424,7 @@ Default value: `undef` Data type: `Optional[String]` - +The hash to be used for receipt. If left as undef, a hash will be generated Default value: `undef` @@ -2443,7 +2432,8 @@ Default value: `undef` Data type: `Optional[String]` - +Email for registration to private Docker registry. Leave undef if +auth is not required. Default value: `undef` @@ -2451,35 +2441,29 @@ Default value: `undef` Data type: `Optional[String]` - +The local user to log in as. Docker will store credentials in this +users home directory Default value: 'root' -##### `version` - -Data type: `Optional[String]` - - - -Default value: $docker::version - ##### `receipt` Data type: `Optional[Boolean]` - +Required to be true for idempotency Default value: `true` -### docker::run +##### `version` + +Data type: `Optional[String]` -== Define: docker:run -A define which manages a running docker container. -== Parameters +Default value: $docker::version + +### docker::run -[*restart*] Sets a restart policy on the docker run. Note: If set, puppet will NOT setup an init script to manage, instead it will do a raw docker run command using a CID file to track the container @@ -2498,70 +2482,35 @@ systemd_restart option to specify the policy you want. This will allow the docker container to be restarted if it dies, without puppet help. -[*service_prefix*] - (optional) The name to prefix the startup script with and the Puppet - service resource title with. Default: 'docker-' - -[*restart_service*] - (optional) Whether or not to restart the service if the the generated init - script changes. Default: true - -[*restart_service_on_docker_refresh*] - Whether or not to restart the service if the docker service is restarted. - Only has effect if the docker_service parameter is set. - Default: true - -[*manage_service*] - (optional) Whether or not to create a puppet Service resource for the init - script. Disabling this may be useful if integrating with existing modules. - Default: true - -[*docker_service*] - (optional) If (and how) the Docker service itself is managed by Puppet - true -> Service['docker'] - false -> no Service dependency - anything else -> Service[docker_service] - Default: false - -[*health_check_cmd*] (optional) Specifies the command to execute to check that the container is healthy using the docker health check functionality. Default: undef -[*health_check_interval*] (optional) Specifies the interval that the health check command will execute in seconds. Default: undef -[*restart_on_unhealthy*] (optional) Checks the health status of Docker container and if it is unhealthy the service will be restarted. The health_check_cmd parameter must be set to true to use this functionality. Default: undef -[*net*] - The docker network to attach to a container. Can be a String or Array (if using multiple networks) Default: bridge -[*extra_parameters*] An array of additional command line arguments to pass to the `docker run` command. Useful for adding additional new or experimental options that the module does not yet support. -[*systemd_restart*] (optional) If the container is to be managed by a systemd unit file set the Restart option on the unit file. Can be any valid value for this systemd configuration. Most commonly used are on-failure or always. Default: on-failure -[*custom_unless*] (optional) Specify an additional unless for the Docker run command when using restart. Default: undef -[*after_create*] (optional) Specifies the command to execute after container is created but before it is started. Default: undef -[*remain_after_exit*] (optional) If the container is to be managed by a systemd unit file set the RemainAfterExit option on the unit file. Can be any valid value for this systemd configuration. @@ -2571,21 +2520,65 @@ Default: Not included in unit file The following parameters are available in the `docker::run` defined type. -##### `image` +##### `restart` -Data type: `Optional[Pattern[/^[\S]*$/]]` +Data type: `Optional[String]` -##### `ensure` +Default value: `undef` -Data type: `Optional[Pattern[/^present$|^absent$/]]` +##### `service_prefix` +Data type: `Optional[String]` +(optional) The name to prefix the startup script with and the Puppet +service resource title with. Default: 'docker-' -Default value: 'present' +Default value: 'docker-' -##### `command` +##### `restart_service` + +Data type: `Optional[Boolean]` + +(optional) Whether or not to restart the service if the the generated init +script changes. Default: true + +Default value: `true` + +##### `restart_service_on_docker_refresh` + +Data type: `Optional[Boolean]` + +Whether or not to restart the service if the docker service is restarted. +Only has effect if the docker_service parameter is set. +Default: true + +Default value: `true` + +##### `manage_service` + +Data type: `Optional[Boolean]` + +(optional) Whether or not to create a puppet Service resource for the init +script. Disabling this may be useful if integrating with existing modules. +Default: true + +Default value: `true` + +##### `docker_service` + +Data type: `Variant[String,Boolean]` + +(optional) If (and how) the Docker service itself is managed by Puppet +true -> Service['docker'] +false -> no Service dependency +anything else -> Service[docker_service] +Default: false + +Default value: `false` + +##### `health_check_cmd` Data type: `Optional[String]` @@ -2593,111 +2586,109 @@ Data type: `Optional[String]` Default value: `undef` -##### `memory_limit` +##### `health_check_interval` -Data type: `Optional[Pattern[/^[\d]*(b|k|m|g)$/]]` +Data type: `Optional[Integer]` -Default value: '0b' +Default value: `undef` -##### `cpuset` +##### `restart_on_unhealthy` -Data type: `Variant[String,Array,Undef]` +Data type: `Optional[Boolean]` -Default value: [] +Default value: `false` -##### `ports` +##### `net` -Data type: `Variant[String,Array,Undef]` +Data type: `Variant[String,Array]` -Default value: [] +Default value: 'bridge' -##### `labels` +##### `extra_parameters` -Data type: `Variant[String,Array,Undef]` +Data type: `Optional[Variant[String,Array[String]]]` -Default value: [] +Default value: `undef` -##### `expose` +##### `systemd_restart` -Data type: `Variant[String,Array,Undef]` +Data type: `Optional[String]` -Default value: [] +Default value: 'on-failure' -##### `volumes` +##### `custom_unless` -Data type: `Variant[String,Array,Undef]` +Data type: `Optional[Variant[String,Array]]` Default value: [] -##### `links` - -Data type: `Variant[String,Array,Undef]` +##### `after_create` +Data type: `Optional[String]` -Default value: [] -##### `use_name` +Default value: `undef` -Data type: `Optional[Boolean]` +##### `remain_after_exit` +Data type: `Optional[String]` -Default value: `false` -##### `running` +Default value: `undef` -Data type: `Optional[Boolean]` +##### `image` +Data type: `Optional[Pattern[/^[\S]*$/]]` -Default value: `true` -##### `volumes_from` +##### `ensure` -Data type: `Variant[String,Array,Undef]` +Data type: `Optional[Enum[present,absent]]` -Default value: [] +Default value: 'present' -##### `net` +##### `command` -Data type: `Variant[String,Array]` +Data type: `Optional[String]` -Default value: 'bridge' +Default value: `undef` -##### `username` +##### `memory_limit` -Data type: `Variant[String,Boolean]` +Data type: `Optional[Pattern[/^[\d]*(b|k|m|g)$/]]` -Default value: `false` +Default value: '0b' -##### `hostname` +##### `cpuset` -Data type: `Variant[String,Boolean]` +Data type: `Variant[String,Array,Undef]` -Default value: `false` +Default value: [] -##### `env` +##### `ports` Data type: `Variant[String,Array,Undef]` @@ -2705,7 +2696,7 @@ Data type: `Variant[String,Array,Undef]` Default value: [] -##### `env_file` +##### `labels` Data type: `Variant[String,Array,Undef]` @@ -2713,7 +2704,7 @@ Data type: `Variant[String,Array,Undef]` Default value: [] -##### `dns` +##### `expose` Data type: `Variant[String,Array,Undef]` @@ -2721,7 +2712,7 @@ Data type: `Variant[String,Array,Undef]` Default value: [] -##### `dns_search` +##### `volumes` Data type: `Variant[String,Array,Undef]` @@ -2729,7 +2720,7 @@ Data type: `Variant[String,Array,Undef]` Default value: [] -##### `lxc_conf` +##### `links` Data type: `Variant[String,Array,Undef]` @@ -2737,53 +2728,93 @@ Data type: `Variant[String,Array,Undef]` Default value: [] -##### `service_prefix` +##### `use_name` + +Data type: `Optional[Boolean]` + + + +Default value: `false` + +##### `running` + +Data type: `Optional[Boolean]` + + + +Default value: `true` + +##### `volumes_from` + +Data type: `Optional[Variant[String,Array]]` + + + +Default value: [] + +##### `username` + +Data type: `Variant[String,Boolean]` + + + +Default value: `false` + +##### `hostname` + +Data type: `Variant[String,Boolean]` + + + +Default value: `false` + +##### `env` -Data type: `Optional[String]` +Data type: `Optional[Variant[String,Array]]` -Default value: 'docker-' +Default value: [] -##### `service_provider` +##### `env_file` -Data type: `Optional[String]` +Data type: `Optional[Variant[String,Array]]` -Default value: `undef` +Default value: [] -##### `restart_service` +##### `dns` -Data type: `Optional[Boolean]` +Data type: `Optional[Variant[String,Array]]` -Default value: `true` +Default value: [] -##### `restart_service_on_docker_refresh` +##### `dns_search` -Data type: `Optional[Boolean]` +Data type: `Optional[Variant[String,Array]]` -Default value: `true` +Default value: [] -##### `manage_service` +##### `lxc_conf` -Data type: `Optional[Boolean]` +Data type: `Optional[Variant[String,Array]]` -Default value: `true` +Default value: [] -##### `docker_service` +##### `service_provider` -Data type: `Variant[String,Boolean]` +Data type: `Optional[String]` -Default value: `false` +Default value: `undef` ##### `disable_network` @@ -2809,25 +2840,9 @@ Data type: `Optional[Boolean]` Default value: `undef` -##### `extra_parameters` - -Data type: `Variant[String,Array[String],Undef]` - - - -Default value: `undef` - -##### `systemd_restart` - -Data type: `Optional[String]` - - - -Default value: 'on-failure' - ##### `extra_systemd_parameters` -Data type: `Variant[String,Hash,Undef]` +Data type: `Optional[Variant[String,Hash]]` @@ -2843,7 +2858,7 @@ Default value: `false` ##### `after` -Data type: `Variant[String,Array,Undef]` +Data type: `Optional[Variant[String,Array]]` @@ -2851,7 +2866,7 @@ Default value: [] ##### `after_service` -Data type: `Variant[String,Array,Undef]` +Data type: `Optional[Variant[String,Array]]` @@ -2859,7 +2874,7 @@ Default value: [] ##### `depends` -Data type: `Variant[String,Array,Undef]` +Data type: `Optional[Variant[String,Array]]` @@ -2867,7 +2882,7 @@ Default value: [] ##### `depend_services` -Data type: `Variant[String,Array,Undef]` +Data type: `Optional[Variant[String,Array]]` @@ -2883,7 +2898,7 @@ Default value: `false` ##### `socket_connect` -Data type: `Variant[String,Array,Undef]` +Data type: `Optional[Variant[String,Array]]` @@ -2891,20 +2906,12 @@ Default value: [] ##### `hostentries` -Data type: `Variant[String,Array,Undef]` +Data type: `Optional[Variant[String,Array]]` Default value: [] -##### `restart` - -Data type: `Optional[String]` - - - -Default value: `undef` - ##### `before_start` Data type: `Variant[String,Boolean]` @@ -2937,14 +2944,6 @@ Data type: `Variant[String,Boolean]` Default value: `false` -##### `after_create` - -Data type: `Optional[String]` - - - -Default value: `undef` - ##### `remove_container_on_start` Data type: `Optional[Boolean]` @@ -3001,49 +3000,9 @@ Data type: `Optional[Boolean]` Default value: `false` -##### `health_check_cmd` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `restart_on_unhealthy` - -Data type: `Optional[Boolean]` - - - -Default value: `false` - -##### `health_check_interval` - -Data type: `Optional[Integer]` - - - -Default value: `undef` - -##### `custom_unless` - -Data type: `Variant[String,Array,Undef]` - - - -Default value: [] - -##### `remain_after_exit` - -Data type: `Optional[String]` - - - -Default value: `undef` - ### docker::secrets -== Define: docker::secrets +The docker::secrets class. #### Parameters @@ -3051,7 +3010,7 @@ The following parameters are available in the `docker::secrets` defined type. ##### `ensure` -Data type: `Optional[Pattern[/^present$|^absent$/]]` +Data type: `Optional[Enum[present,absent]]` @@ -3059,7 +3018,7 @@ Default value: 'present' ##### `label` -Data type: `Variant[String,Array,Undef]` +Data type: `Optional[Variant[String,Array]]` @@ -3083,7 +3042,7 @@ Default value: `undef` ### docker::services -The docker::services class. +define that managers a Docker services #### Parameters @@ -3091,57 +3050,33 @@ The following parameters are available in the `docker::services` defined type. ##### `ensure` -Data type: `Optional[Pattern[/^present$|^absent$/]]` - +Data type: `Optional[Enum[present,absent]]` +This ensures that the service is present or not. Default value: 'present' -##### `create` - -Data type: `Optional[Boolean]` - - - -Default value: `true` - -##### `update` - -Data type: `Optional[Boolean]` - - - -Default value: `false` - -##### `scale` - -Data type: `Optional[Boolean]` +##### `image` +Data type: `Optional[Variant[String,Array]]` +The Docker image to spwan the service from. -Default value: `false` +Default value: `undef` ##### `detach` Data type: `Optional[Boolean]` - +Exit immediately instead of waiting for the service to converge (default true) Default value: `true` -##### `tty` - -Data type: `Optional[Boolean]` - - - -Default value: `false` - ##### `env` Data type: `Optional[Array]` - +Set environment variables Default value: [] @@ -3149,101 +3084,130 @@ Default value: [] Data type: `Optional[Array]` - +Service labels. +This used as metdata to configure constraints etc. Default value: [] -##### `extra_params` - -Data type: `Optional[Array]` - +##### `publish` +Data type: `Optional[Variant[String,Array]]` -Default value: [] +Publish port(s) as node ports. -##### `image` +Default value: `undef` -Data type: `Variant[String,Array,Undef]` +##### `replicas` +Data type: `Optional[Variant[String,Array]]` +Number of tasks (containers per service) Default value: `undef` -##### `service_name` - -Data type: `Variant[String,Array,Undef]` - +##### `tty` +Data type: `Optional[Boolean]` -Default value: `undef` +Allocate a pseudo-TTY -##### `publish` +Default value: `false` -Data type: `Variant[String,Array,Undef]` +##### `user` +Data type: `Optional[Variant[String,Array]]` +Username or UID (format: [:]) Default value: `undef` -##### `replicas` - -Data type: `Variant[String,Array,Undef]` +##### `workdir` +Data type: `Optional[Variant[String,Array]]` +Working directory inside the container Default value: `undef` -##### `user` +##### `extra_params` -Data type: `Variant[String,Array,Undef]` +Data type: `Optional[Array]` + +Allows you to pass any other flag that the Docker service create supports. +This must be passed as an array. See docker service create --help for all options +Default value: [] +##### `update` -Default value: `undef` +Data type: `Optional[Boolean]` -##### `workdir` +This changes the docker command to +docker service update, you must pass a service name with this option -Data type: `Variant[String,Array,Undef]` +Default value: `false` + +##### `scale` +Data type: `Optional[Boolean]` +This changes the docker command to +docker service scale, this can only be used with service name and +replicas -Default value: `undef` +Default value: `false` ##### `host_socket` -Data type: `Variant[String,Array,Undef]` - +Data type: `Optional[Variant[String,Array]]` +This will allow the service to connect to the host linux socket. Default value: `undef` ##### `registry_mirror` -Data type: `Variant[String,Array,Undef]` - +Data type: `Optional[Variant[String,Array]]` +This will allow the service to set a registry mirror. Default value: `undef` ##### `mounts` -Data type: `Variant[String,Array,Undef]` - +Data type: `Optional[Variant[String,Array]]` +Allows attaching filesystem mounts to the service (specified as an array) Default value: `undef` ##### `networks` -Data type: `Variant[Array,Undef]` - +Data type: `Optional[Array]` +Allows attaching the service to networks (specified as an array) Default value: `undef` ##### `command` -Data type: `Variant[String,Array,Undef]` +Data type: `Optional[Variant[String,Array]]` + +Command to run on the container + +Default value: `undef` + +##### `create` + +Data type: `Optional[Boolean]` + + + +Default value: `true` + +##### `service_name` + +Data type: `Optional[Variant[String,Array]]` @@ -3251,7 +3215,7 @@ Default value: `undef` ### docker::stack -The docker::stack class. +deploys Docker stacks or compose v3 #### Parameters @@ -3259,9 +3223,9 @@ The following parameters are available in the `docker::stack` defined type. ##### `ensure` -Data type: `Optional[Pattern[/^present$|^absent$/]]` - +Data type: `Optional[Enum[present,absent]]` +This ensures that the stack is present or not. Default value: 'present' @@ -3269,7 +3233,7 @@ Default value: 'present' Data type: `Optional[String]` - +The name of the stack that you are deploying Default value: `undef` @@ -3277,37 +3241,39 @@ Default value: `undef` Data type: `Optional[String]` - +Path to a Distributed Application Bundle file +Please note this is experimental Default value: `undef` -##### `compose_files` - -Data type: `Optional[Array]` - +##### `prune` +Data type: `Optional[Boolean]` -Default value: `undef` +Prune services that are no longer referenced -##### `prune` +Default value: `false` -Data type: `Optional[Boolean]` +##### `resolve_image` +Data type: `Optional[Enum['always','changed','never']]` +Query the registry to resolve image digest and supported platforms +Only accepts ("always"|"changed"|"never") -Default value: `false` +Default value: `undef` ##### `with_registry_auth` Data type: `Optional[Boolean]` - +Send registry authentication details to Swarm agents Default value: `false` -##### `resolve_image` +##### `compose_files` -Data type: `Optional[Pattern[/^always$|^changed$|^never$/]]` +Data type: `Optional[Array]` @@ -3315,7 +3281,7 @@ Default value: `undef` ### docker::swarm -The docker::swarm class. +managers a Docker Swarm Mode cluster #### Parameters @@ -3323,9 +3289,11 @@ The following parameters are available in the `docker::swarm` defined type. ##### `ensure` -Data type: `Optional[Pattern[/^present$|^absent$/]]` - +Data type: `Optional[Enum[present,absent]]` +This ensures that the cluster is present or not. +Note this forcefully removes a node from the cluster. Make sure all worker nodes +have been removed before managers Default value: 'present' @@ -3333,7 +3301,8 @@ Default value: 'present' Data type: `Optional[Boolean]` - +This creates the first worker node for a new cluster. +Set init to true to create a new cluster Default value: `false` @@ -3341,7 +3310,9 @@ Default value: `false` Data type: `Optional[Boolean]` - +This adds either a worker or manger node to the cluster. +The role of the node is defined by the join token. +Set to true to join the cluster Default value: `false` @@ -3349,7 +3320,8 @@ Default value: `false` Data type: `Optional[String]` - +The address that your node will advertise to the cluster for raft. +On multihomed servers this flag must be passed Default value: `undef` @@ -3357,7 +3329,7 @@ Default value: `undef` Data type: `Optional[Boolean]` - +Enable manager autolocking (requiring an unlock key to start a stopped manager) Default value: `false` @@ -3365,7 +3337,7 @@ Default value: `false` Data type: `Optional[String]` - +Validity period for node certificates (ns|us|ms|s|m|h) (default 2160h0m0s) Default value: `undef` @@ -3373,7 +3345,7 @@ Default value: `undef` Data type: `Optional[Array]` - +Array of default subnet pools for global scope networks (['30.30.0.0/16','40.40.0.0/16']) Default value: `undef` @@ -3381,7 +3353,7 @@ Default value: `undef` Data type: `Optional[String]` - +Default subnet pools mask length for default-addr-pools (CIDR block number) Default value: `undef` @@ -3389,7 +3361,7 @@ Default value: `undef` Data type: `Optional[String]` - +Dispatcher heartbeat period (ns|us|ms|s|m|h) (default 5s) Default value: `undef` @@ -3397,7 +3369,7 @@ Default value: `undef` Data type: `Optional[String]` - +Specifications of one or more certificate signing endpoints Default value: `undef` @@ -3405,7 +3377,7 @@ Default value: `undef` Data type: `Optional[Boolean]` - +Force create a new cluster from current state Default value: `false` @@ -3413,7 +3385,8 @@ Default value: `false` Data type: `Optional[String]` - +The address that your node will listen to the cluster for raft. +On multihomed servers this flag must be passed Default value: `undef` @@ -3421,7 +3394,7 @@ Default value: `undef` Data type: `Optional[String]` - +Number of additional Raft snapshots to retain Default value: `undef` @@ -3429,7 +3402,7 @@ Default value: `undef` Data type: `Optional[String]` - +Number of log entries between Raft snapshots (default 10000) Default value: `undef` @@ -3437,7 +3410,8 @@ Default value: `undef` Data type: `Optional[String]` - +The authentication token to join the cluster. The token also defines the type of +node (worker or manager) Default value: `undef` @@ -3445,19 +3419,13 @@ Default value: `undef` Data type: `Optional[String]` - +The ip address of a manager node to join the cluster. Default value: `undef` ### docker::system_user -== Define: docker::system_user - -Define to manage docker group users - -=== Parameters -[*create_user*] - Boolean to cotrol whether the user should be created +manage docker group users #### Parameters @@ -3467,15 +3435,13 @@ The following parameters are available in the `docker::system_user` defined type Data type: `Any` - +Boolean to cotrol whether the user should be created Default value: `true` ### docker::windows_account -== Define: docker::windows_account - -Define the Windows account that owns the docker services +Windows account that owns the docker services ## Resource types diff --git a/manifests/compose.pp b/manifests/compose.pp index 78c1f0ed..d9d123e8 100644 --- a/manifests/compose.pp +++ b/manifests/compose.pp @@ -1,74 +1,63 @@ -# == Class: docker::compose +# @summary install Docker Compose using the recommended curl command. # -# Class to install Docker Compose using the recommended curl command. -# -# === Parameters -# -# [*ensure*] +# @param ensure # Whether to install or remove Docker Compose # Valid values are absent present -# Defaults to present # -# [*version*] +# @param version # The version of Docker Compose to install. -# Defaults to the value set in $docker::params::compose_version # -# [*install_path*] +# @param install_path # The path where to install Docker Compose. -# Defaults to the value set in $docker::params::compose_install_path # -# [*symlink_name*] +# @param symlink_name # The name of the symlink created pointing to the actual docker-compose binary # This allows use of own docker-compose wrapper scripts for the times it's # necessary to set certain things before running the docker-compose binary -# Defaults to the value set in $docker::params::compose_symlink_name # -# [*proxy*] +# @param proxy # Proxy to use for downloading Docker Compose. # -# [*base_url*] +# @param base_url # The base url for installation -# This allows use of a mirror that follows the same layout as the +# This allows use of a mirror that follows the same layout as the # official repository # -# [*raw_url*] +# @param raw_url # Override the raw URL for installation # The default is to build a URL from baseurl. If rawurl is set, the caller is # responsible for ensuring the URL points to the correct version and # architecture. - -# [*curl_ensure*] +# +# @param curl_ensure # Whether or not the curl package is ensured by this module. -# Defaults to true # class docker::compose( - Optional[Pattern[/^present$|^absent$/]] $ensure = 'present', - Optional[String] $version = $docker::params::compose_version, - Optional[String] $install_path = $docker::params::compose_install_path, - Optional[String] $symlink_name = $docker::params::compose_symlink_name, - Optional[String] $proxy = undef, - Optional[String] $base_url = $docker::params::compose_base_url, - Optional[String] $raw_url = undef, - Optional[Boolean] $curl_ensure = $docker::params::curl_ensure, + Optional[Enum[present,absent]] $ensure = 'present', + Optional[String] $version = $docker::params::compose_version, + Optional[String] $install_path = $docker::params::compose_install_path, + Optional[String] $symlink_name = $docker::params::compose_symlink_name, + Optional[String] $proxy = undef, + Optional[String] $base_url = $docker::params::compose_base_url, + Optional[String] $raw_url = undef, + Optional[Boolean] $curl_ensure = $docker::params::curl_ensure, ) inherits docker::params { - if $proxy != undef { validate_re($proxy, '^((http[s]?)?:\/\/)?([^:^@]+:[^:^@]+@|)([\da-z\.-]+)\.([\da-z\.]{2,6})(:[\d])?([\/\w \.-]*)*\/?$') } - if $::osfamily == 'windows' { + if $facts['os']['family'] == 'windows' { $file_extension = '.exe' - $file_owner = 'Administrator' + $file_owner = 'Administrator' } else { $file_extension = '' - $file_owner = 'root' + $file_owner = 'root' } - $docker_compose_location = "${install_path}/${symlink_name}${file_extension}" + $docker_compose_location = "${install_path}/${symlink_name}${file_extension}" $docker_compose_location_versioned = "${install_path}/docker-compose-${version}${file_extension}" if $ensure == 'present' { - if $raw_url != undef { $docker_compose_url = $raw_url } else { @@ -81,10 +70,8 @@ $proxy_opt = '' } - if $::osfamily == 'windows' { -# lint:ignore:140chars - $docker_download_command = "if (Invoke-WebRequest ${docker_compose_url} ${proxy_opt} -UseBasicParsing -OutFile \"${docker_compose_location_versioned}\") { exit 0 } else { exit 1}" -# lint:endignore + if $facts['os']['family'] == 'windows' { + $docker_download_command = "if (Invoke-WebRequest ${docker_compose_url} ${proxy_opt} -UseBasicParsing -OutFile \"${docker_compose_location_versioned}\") { exit 0 } else { exit 1}" # lint:ignore:140chars exec { "Install Docker Compose ${version}": command => template('docker/windows/download_docker_compose.ps1.erb'), @@ -95,12 +82,13 @@ file { $docker_compose_location: ensure => 'link', target => $docker_compose_location_versioned, - require => Exec["Install Docker Compose ${version}"] + require => Exec["Install Docker Compose ${version}"], } } else { if $curl_ensure { ensure_packages(['curl']) } + exec { "Install Docker Compose ${version}": path => '/usr/bin/', cwd => '/tmp', @@ -112,20 +100,21 @@ file { $docker_compose_location_versioned: owner => $file_owner, mode => '0755', - require => Exec["Install Docker Compose ${version}"] + require => Exec["Install Docker Compose ${version}"], } file { $docker_compose_location: ensure => 'link', target => $docker_compose_location_versioned, - require => File[$docker_compose_location_versioned] + require => File[$docker_compose_location_versioned], } } } else { - file { [ - $docker_compose_location_versioned, - $docker_compose_location - ]: + file { $docker_compose_location_versioned: + ensure => absent, + } + + file { $docker_compose_location: ensure => absent, } } diff --git a/manifests/config.pp b/manifests/config.pp index ba47fd0c..f6d99f69 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -1,7 +1,7 @@ -# == Class: docker::config +# @summary # class docker::config { - if $::osfamily != 'windows' { + if $facts['os']['family'] != 'windows' { docker::system_user { $docker::docker_users: } } else { docker::windows_account { $docker::docker_users: } diff --git a/manifests/exec.pp b/manifests/exec.pp index 97d2eafd..8f217fa1 100644 --- a/manifests/exec.pp +++ b/manifests/exec.pp @@ -1,41 +1,53 @@ - +# @summary +# A define which executes a command inside a container. # -# A define which executes a command inside a container. +# @param detach +# @param interactive +# @param env +# @param tty +# @param container +# @param command +# @param unless +# @param sanitise_name +# @param refreshonly +# @param onlyif # define docker::exec( Optional[Boolean] $detach = false, Optional[Boolean] $interactive = false, - Optional[Array] $env = [], + Optional[Array] $env = [], Optional[Boolean] $tty = false, - Optional[String] $container = undef, - Optional[String] $command = undef, - Optional[String] $unless = undef, + Optional[String] $container = undef, + Optional[String] $command = undef, + Optional[String] $unless = undef, Optional[Boolean] $sanitise_name = true, Optional[Boolean] $refreshonly = false, - Optional[String] $onlyif = undef, + Optional[String] $onlyif = undef, ) { include docker::params $docker_command = $docker::params::docker_command - if $::osfamily == 'windows' { + if $facts['os']['family'] == 'windows' { $exec_environment = "PATH=${::docker_program_files_path}/Docker/" - $exec_timeout = 3000 - $exec_path = ["${::docker_program_files_path}/Docker/"] - $exec_provider = 'powershell' + $exec_timeout = 3000 + $exec_path = [ "${::docker_program_files_path}/Docker/", ] + $exec_provider = 'powershell' } else { $exec_environment = 'HOME=/root' - $exec_path = ['/bin', '/usr/bin'] - $exec_timeout = 0 - $exec_provider = undef + $exec_path = [ '/bin', '/usr/bin', ] + $exec_timeout = 0 + $exec_provider = undef } - $docker_exec_flags = docker_exec_flags({ - detach => $detach, - interactive => $interactive, - tty => $tty, - env => any2array($env), - }) + $docker_exec_flags = docker_exec_flags( + { + detach => $detach, + interactive => $interactive, + tty => $tty, + env => any2array($env), + } + ) if $sanitise_name { @@ -43,12 +55,15 @@ } else { $sanitised_container = $container } + $exec = "${docker_command} exec ${docker_exec_flags} ${sanitised_container} ${command}" + $unless_command = $unless ? { undef => undef, '' => undef, default => "${docker_command} exec ${docker_exec_flags} ${sanitised_container} ${$unless}", } + $onlyif_command = $onlyif ? { undef => undef, '' => undef, diff --git a/manifests/image.pp b/manifests/image.pp index 65896db0..15f8d954 100644 --- a/manifests/image.pp +++ b/manifests/image.pp @@ -1,57 +1,60 @@ -# == Class: docker +# @summary +# Module to install an up-to-date version of a Docker image +# from the registry # -# Module to install an up-to-date version of a Docker image -# from the registry -# -# === Parameters -# [*ensure*] +# @param ensure # Whether you want the image present or absent. # -# [*image*] +# @param image # If you want the name of the image to be different from the # name of the puppet resource you can pass a value here. # -# [*image_tag*] +# @param image_tag # If you want a specific tag of the image to be installed # -# [*image_digest*] +# @param image_digest # If you want a specific content digest of the image to be installed # -# [*docker_file*] +# @param docker_file # If you want to add a docker image from specific docker file # -# [*docker_tar*] +# @param docker_tar # If you want to load a docker image from specific docker tar # +# @param force +# +# @param docker_dir +# define docker::image( - Optional[Pattern[/^(present|absent|latest)$/]] $ensure = 'present', - Optional[Pattern[/^[\S]*$/]] $image = $title, - Optional[String] $image_tag = undef, - Optional[String] $image_digest = undef, - Optional[Boolean] $force = false, - Optional[String] $docker_file = undef, - Optional[String] $docker_dir = undef, - Optional[String] $docker_tar = undef, + Optional[Enum[present,absent,latest]] $ensure = 'present', + Optional[Pattern[/^[\S]*$/]] $image = $title, + Optional[String] $image_tag = undef, + Optional[String] $image_digest = undef, + Optional[Boolean] $force = false, + Optional[String] $docker_file = undef, + Optional[String] $docker_dir = undef, + Optional[String] $docker_tar = undef, ) { include docker::params + $docker_command = $docker::params::docker_command - if $::osfamily == 'windows' { + if $facts['os']['family'] == 'windows' { $update_docker_image_template = 'docker/windows/update_docker_image.ps1.erb' - $update_docker_image_path = "${::docker_user_temp_path}/update_docker_image.ps1" - $exec_environment = "PATH=${::docker_program_files_path}/Docker/" - $exec_timeout = 3000 - $update_docker_image_owner = undef - $exec_path = ["${::docker_program_files_path}/Docker/"] - $exec_provider = 'powershell' + $update_docker_image_path = "${::docker_user_temp_path}/update_docker_image.ps1" + $exec_environment = "PATH=${::docker_program_files_path}/Docker/" + $exec_timeout = 3000 + $update_docker_image_owner = undef + $exec_path = [ "${::docker_program_files_path}/Docker/", ] + $exec_provider = 'powershell' } else { $update_docker_image_template = 'docker/update_docker_image.sh.erb' - $update_docker_image_path = '/usr/local/bin/update_docker_image.sh' - $update_docker_image_owner = 'root' - $exec_environment = 'HOME=/root' - $exec_path = ['/bin', '/usr/bin'] - $exec_timeout = 0 - $exec_provider = undef + $update_docker_image_path = '/usr/local/bin/update_docker_image.sh' + $update_docker_image_owner = 'root' + $exec_environment = 'HOME=/root' + $exec_path = [ '/bin', '/usr/bin', ] + $exec_timeout = 0 + $exec_provider = undef } # Wrapper used to ensure images are up to date @@ -66,29 +69,29 @@ ) if ($docker_file) and ($docker_tar) { - fail translate('docker::image must not have both $docker_file and $docker_tar set') + fail(translate('docker::image must not have both $docker_file and $docker_tar set')) } if ($docker_dir) and ($docker_tar) { - fail translate('docker::image must not have both $docker_dir and $docker_tar set') + fail(translate('docker::image must not have both $docker_dir and $docker_tar set')) } if ($image_digest) and ($docker_file) { - fail translate('docker::image must not have both $image_digest and $docker_file set') + fail(translate('docker::image must not have both $image_digest and $docker_file set')) } if ($image_digest) and ($docker_dir) { - fail translate('docker::image must not have both $image_digest and $docker_dir set') + fail(translate('docker::image must not have both $image_digest and $docker_dir set')) } if ($image_digest) and ($docker_tar) { - fail translate('docker::image must not have both $image_digest and $docker_tar set') + fail(translate('docker::image must not have both $image_digest and $docker_tar set')) } if $force { - $image_force = '-f ' + $image_force = '-f ' } else { - $image_force = '' + $image_force = '' } if $image_tag { @@ -99,13 +102,13 @@ $image_arg = "${image}@${image_digest}" $image_remove = "${docker_command} rmi ${image_force}${image}:${image_digest}" $image_find = "${docker_command} images -q ${image}@${image_digest}" - } else { $image_arg = $image $image_remove = "${docker_command} rmi ${image_force}${image}" $image_find = "${docker_command} images -q ${image}" } - if $::osfamily == 'windows' { + + if $facts['os']['family'] == 'windows' { $_image_find = "If (-not (${image_find}) ) { Exit 1 }" } else { $_image_find = "${image_find} | grep ." @@ -116,7 +119,7 @@ } elsif $docker_dir { $image_install = "${docker_command} build -t ${image_arg} ${docker_dir}" } elsif $docker_file { - if $::osfamily == windows { + if $facts['os']['family'] == windows { $image_install = "Get-Content ${docker_file} -Raw | ${docker_command} build -t ${image_arg} -" } else { $image_install = "${docker_command} build -t ${image_arg} - < ${docker_file}" @@ -124,7 +127,7 @@ } elsif $docker_tar { $image_install = "${docker_command} load -i ${docker_tar}" } else { - if $::osfamily == 'windows' { + if $facts['os']['family'] == 'windows' { $image_install = "& ${update_docker_image_path} -DockerImage ${image_arg}" } else { $image_install = "${update_docker_image_path} ${image_arg}" @@ -142,7 +145,7 @@ } } elsif $ensure == 'latest' or $image_tag == 'latest' { notify { "Check if image ${image_arg} is in-sync": - noop => false, + noop => false, } ~> exec { $image_install: environment => $exec_environment, diff --git a/manifests/images.pp b/manifests/images.pp index 940620de..0cba79df 100644 --- a/manifests/images.pp +++ b/manifests/images.pp @@ -1,4 +1,9 @@ -# docker::images -class docker::images($images) { +# @summary +# +# @param images +# +class docker::images( + $images +) { create_resources(docker::image, $images) } diff --git a/manifests/init.pp b/manifests/init.pp index b912fa26..2a4d1329 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,115 +1,88 @@ -# == Class: docker +# @summary +# Module to install an up-to-date version of Docker from package. # -# Module to install an up-to-date version of Docker from package. -# -# === Parameters -# -# [*version*] +# @param version # The package version to install, used to set the package name. -# Defaults to undefined # -# [*ensure*] +# @param ensure # Passed to the docker package. -# Defaults to present # -# [*prerequired_packages*] -# An array of additional packages that need to be installed to support -# docker. Defaults change depending on the operating system. +# @param prerequired_packages +# An array of additional packages that need to be installed to support docker. # -# [*dependent_packages*] +# @param dependent_packages # An array of packages installed by the docker-ce package v 18.09 and later. # Used when uninstalling to ensure containers cannot be run on the system. -# Defaults change depending on the operating system. # -# [*tcp_bind*] +# @param tcp_bind # The tcp socket to bind to in the format # tcp://127.0.0.1:4243 -# Defaults to undefined # -# [*tls_enable*] +# @param tls_enable # Enable TLS. -# Defaults to false # -# [*tls_verify*] +# @param tls_verify # Use TLS and verify the remote -# Defaults to true # -# [*tls_cacert*] +# @param tls_cacert # Path to TLS CA certificate -# Defaults to '/etc/docker/tls/ca.pem on linux and C:/ProgramData/docker/certs.d/ca.pem on Windows' # -# [*tls_cert*] +# @param tls_cert # Path to TLS certificate file -# Defaults to '/etc/docker/tls/cert.pem on linux and C:/ProgramData/docker/certs.d/server-cert.pem on Windows' # -# [*tls_key*] +# @param tls_key # Path to TLS key file -# Defaults to '/etc/docker/tls/key.pem' on linux and C:/ProgramData/docker/certs.d/server-key.pem on Windows # -# [*ip_forward*] +# @param ip_forward # Enables IP forwarding on the Docker host. -# The default is true. # -# [*iptables*] +# @param iptables # Enable Docker's addition of iptables rules. -# Default is true. # -# [*ip_masq*] +# @param ip_masq # Enable IP masquerading for bridge's IP range. -# The default is true. # -# [*icc*] +# @param icc # Enable or disable Docker's unrestricted inter-container and Docker daemon host communication. # (Requires iptables=true to disable) -# Default is undef. (Docker daemon's default is true) # -# [*bip*] +# @param bip # Specify docker's network bridge IP, in CIDR notation. -# Defaults to undefined. # -# [*mtu*] +# @param mtu # Docker network MTU. -# Defaults to undefined. # -# [*bridge*] +# @param bridge # Attach containers to a pre-existing network bridge # use 'none' to disable container networking -# Defaults to undefined. # -# [*fixed_cidr*] +# @param fixed_cidr # IPv4 subnet for fixed IPs # 10.20.0.0/16 -# Defaults to undefined # -# [*default_gateway*] +# @param default_gateway # IPv4 address of the container default gateway; # this address must be part of the bridge subnet # (which is defined by bridge) -# Defaults to undefined # -# [*ipv6*] +# @param ipv6 # Enables ipv6 support for the docker daemon -# Defaults to false # -# [*ipv6_cidr*] +# @param ipv6_cidr # IPv6 subnet for fixed IPs # -# [*default_gateway_ipv6*] +# @param default_gateway_ipv6 # IPv6 address of the container default gateway: -# Defaults to undefined # -# [*socket_bind*] -# The unix socket to bind to. Defaults to -# unix:///var/run/docker.sock. +# @param socket_bind +# The unix socket to bind to. # -# [*log_level*] +# @param log_level # Set the logging level -# Defaults to undef: docker defaults to info if no value specified # Valid values: debug, info, warn, error, fatal # -# [*log_driver*] +# @param log_driver # Set the log driver. -# Defaults to undef. # Docker default is json-file. # Valid values: none, json-file, syslog, journald, gelf, fluentd # Valid values description: @@ -130,9 +103,8 @@ # awslogs : AWS Cloudwatch Logs logging driver for Docker. # Write log messages to Cloudwatch API # -# [*log_opt*] +# @param log_opt # Set the log driver specific options -# Defaults to undef # Valid values per log driver: # none : undef # json-file: @@ -169,353 +141,349 @@ # {{.FullID}} - full container id # {{.Name}} - container name # -# [*selinux_enabled*] +# @param selinux_enabled # Enable selinux support. Default is false. SELinux does not presently # support the BTRFS storage driver. -# Valid values: true, false # -# [*use_upstream_package_source*] +# @param use_upstream_package_source # Whether or not to use the upstream package source. # If you run your own package mirror, you may set this # to false. # -# [*pin_upstream_package_source*] +# @param pin_upstream_package_source # Pin upstream package source; this option currently only has any effect on # apt-based distributions. Set to false to remove pinning on the upstream # package repository. See also "apt_source_pin_level". -# Defaults to true # -# [*apt_source_pin_level*] +# @param apt_source_pin_level # What level to pin our source package repository to; this only is relevent # if you're on an apt-based system (Debian, Ubuntu, etc) and # $use_upstream_package_source is set to true. Set this to false to disable # pinning, and undef to ensure the apt preferences file apt::source uses to # define pins is removed. -# Defaults to 10 # -# [*package_source_location*] -# If you're using an upstream package source, what is it's -# location. Defaults to http://get.docker.com/ubuntu on Debian -# -# [*service_state*] +# @param service_state # Whether you want to docker daemon to start up -# Defaults to running # -# [*service_enable*] +# @param service_enable # Whether you want to docker daemon to start up at boot -# Defaults to true # -# [*manage_service*] +# @param manage_service # Specify whether the service should be managed. -# Valid values are 'true', 'false'. -# Defaults to 'true'. # -# [*root_dir*] +# @param root_dir # Custom root directory for containers -# Defaults to undefined # -# [*dns*] +# @param dns # Custom dns server address -# Defaults to undefined # -# [*dns_search*] +# @param dns_search # Custom dns search domains -# Defaults to undefined # -# [*socket_group*] +# @param socket_group # Group ownership of the unix control socket. -# Default is based on OS (docker, dockerroot, undef) # -# [*extra_parameters*] +# @param extra_parameters # Any extra parameters that should be passed to the docker daemon. -# Defaults to undefined # -# [*shell_values*] +# @param shell_values # Array of shell values to pass into init script config files # -# [*proxy*] +# @param proxy # Will set the http_proxy and https_proxy env variables in /etc/sysconfig/docker (redhat/centos) or /etc/default/docker (debian) # -# [*no_proxy*] +# @param no_proxy # Will set the no_proxy variable in /etc/sysconfig/docker (redhat/centos) or /etc/default/docker (debian) # -# [*storage_driver*] +# @param storage_driver # Specify a storage driver to use -# Default is undef: let docker choose the correct one # Valid values: aufs, devicemapper, btrfs, overlay, overlay2, vfs, zfs # -# [*dm_basesize*] +# @param dm_basesize # The size to use when creating the base device, which limits the size of images and containers. -# Default value is 10G # -# [*dm_fs*] +# @param dm_fs # The filesystem to use for the base image (xfs or ext4) -# Defaults to ext4 # -# [*dm_mkfsarg*] +# @param dm_mkfsarg # Specifies extra mkfs arguments to be used when creating the base device. # -# [*dm_mountopt*] +# @param dm_mountopt # Specifies extra mount options used when mounting the thin devices. # -# [*dm_blocksize*] +# @param dm_blocksize # A custom blocksize to use for the thin pool. # Default blocksize is 64K. # Warning: _DO NOT_ change this parameter after the lvm devices have been initialized. # -# [*dm_loopdatasize*] +# @param dm_loopdatasize # Specifies the size to use when creating the loopback file for the "data" device which is used for the thin pool -# Default size is 100G # -# [*dm_loopmetadatasize*] +# @param dm_loopmetadatasize # Specifies the size to use when creating the loopback file for the "metadata" device which is used for the thin pool -# Default size is 2G # -# [*dm_datadev*] +# @param dm_datadev # (deprecated - dm_thinpooldev should be used going forward) # A custom blockdevice to use for data for the thin pool. # -# [*dm_metadatadev*] +# @param dm_metadatadev # (deprecated - dm_thinpooldev should be used going forward) # A custom blockdevice to use for metadata for the thin pool. # -# [*dm_thinpooldev*] +# @param dm_thinpooldev # Specifies a custom block storage device to use for the thin pool. # -# [*dm_use_deferred_removal*] +# @param dm_use_deferred_removal # Enables use of deferred device removal if libdm and the kernel driver support the mechanism. # -# [*dm_use_deferred_deletion*] +# @param dm_use_deferred_deletion # Enables use of deferred device deletion if libdm and the kernel driver support the mechanism. # -# [*dm_blkdiscard*] +# @param dm_blkdiscard # Enables or disables the use of blkdiscard when removing devicemapper devices. -# Defaults to false # -# [*dm_override_udev_sync_check*] +# @param dm_override_udev_sync_check # By default, the devicemapper backend attempts to synchronize with the udev # device manager for the Linux kernel. This option allows disabling that # synchronization, to continue even though the configuration may be buggy. -# Defaults to true # -# [*overlay2_override_kernel_check*] +# @param overlay2_override_kernel_check # Overrides the Linux kernel version check allowing using overlay2 with kernel < 4.0. -# Default value is false # -# [*manage_package*] +# @param manage_package # Won't install or define the docker package, useful if you want to use your own package -# Defaults to true -# -# [*package_name*] -# Specify custom package name -# Default is set on a per system basis in docker::params # -# [*service_name*] +# @param service_name # Specify custom service name -# Default is set on a per system basis in docker::params # -# [*docker_command*] -# Specify a custom docker command name -# Default is set on a per system basis in docker::params -# -# [*daemon_subcommand*] -# Specify a subcommand/flag for running docker as daemon -# Default is set on a per system basis in docker::params -# -# [*docker_users*] +# @param docker_users # Specify an array of users to add to the docker group -# Default is empty # -# [*docker_group*] +# @param docker_group # Specify a string for the docker group -# Default is OS and package specific # -# [*daemon_environment_files*] +# @param daemon_environment_files # Specify additional environment files to add to the # service-overrides.conf # -# [*repo_opt*] +# @param repo_opt # Specify a string to pass as repository options (RedHat only) # -# [*storage_devs*] +# @param storage_devs # A quoted, space-separated list of devices to be used. # -# [*storage_vg*] +# @param storage_vg # The volume group to use for docker storage. # -# [*storage_root_size*] +# @param storage_root_size # The size to which the root filesystem should be grown. # -# [*storage_data_size*] +# @param storage_data_size # The desired size for the docker data LV # -# [*storage_min_data_size*] +# @param storage_min_data_size # The minimum size of data volume otherwise pool creation fails # -# [*storage_chunk_size*] +# @param storage_chunk_size # Controls the chunk size/block size of thin pool. # -# [*storage_growpart*] +# @param storage_growpart # Enable resizing partition table backing root volume group. # -# [*storage_auto_extend_pool*] +# @param storage_auto_extend_pool # Enable/disable automatic pool extension using lvm # -# [*storage_pool_autoextend_threshold*] +# @param storage_pool_autoextend_threshold # Auto pool extension threshold (in % of pool size) # -# [*storage_pool_autoextend_percent*] +# @param storage_pool_autoextend_percent # Extend the pool by specified percentage when threshold is hit. # -# [*tmp_dir_config*] +# @param tmp_dir_config # Whether to set the TMPDIR value in the systemd config file # Default: true (set the value); false will comment out the line. # Note: false is backwards compatible prior to PR #58 # -# [*tmp_dir*] +# @param tmp_dir # Sets the tmp dir for Docker (path) # -# [*registry_mirror*] +# @param registry_mirror # Sets the prefered container registry mirror. -# Default: undef # -# [*nuget_package_provider_version*] +# @param nuget_package_provider_version # The version of the NuGet Package provider -# Default: undef # -# [*docker_msft_provider_version*] +# @param docker_msft_provider_version # The version of the Microsoft Docker Provider Module -# Default: undef - +# +# @param docker_ce_start_command +# @param docker_ce_package_name +# @param docker_ce_source_location +# @param docker_ce_key_source +# @param docker_ce_key_id +# @param docker_ce_release +# @param docker_package_location +# @param docker_package_key_source +# @param docker_package_key_check_source +# @param docker_package_key_id +# @param docker_package_release +# @param docker_engine_start_command +# @param docker_engine_package_name +# @param docker_ce_channel +# @param docker_ee +# @param docker_ee_package_name +# @param docker_ee_source_location +# @param docker_ee_key_source +# @param docker_ee_key_id +# @param docker_ee_repos +# @param docker_ee_release +# @param package_release +# @param labels +# @param execdriver +# @param package_source +# @param os_lc +# @param storage_config +# @param storage_config_template +# @param storage_setup_file +# @param service_provider +# @param service_config +# @param service_config_template +# @param service_overrides_template +# @param socket_overrides_template +# @param socket_override +# @param service_after_override +# @param service_hasstatus +# @param service_hasrestart +# @param acknowledge_unsupported_os +# class docker( - Optional[String] $version = $docker::params::version, - String $ensure = $docker::params::ensure, - Variant[Array[String], Hash] $prerequired_packages = $docker::params::prerequired_packages, - Array $dependent_packages = $docker::params::dependent_packages, - String $docker_ce_start_command = $docker::params::docker_ce_start_command, - Optional[String] $docker_ce_package_name = $docker::params::docker_ce_package_name, - Optional[String] $docker_ce_source_location = $docker::params::package_ce_source_location, - Optional[String] $docker_ce_key_source = $docker::params::package_ce_key_source, - Optional[String] $docker_ce_key_id = $docker::params::package_ce_key_id, - Optional[String] $docker_ce_release = $docker::params::package_ce_release, - Optional[String] $docker_package_location = $docker::params::package_source_location, - Optional[String] $docker_package_key_source = $docker::params::package_key_source, - Optional[Boolean] $docker_package_key_check_source = $docker::params::package_key_check_source, - Optional[String] $docker_package_key_id = $docker::params::package_key_id, - Optional[String] $docker_package_release = $docker::params::package_release, - String $docker_engine_start_command = $docker::params::docker_engine_start_command, - String $docker_engine_package_name = $docker::params::docker_engine_package_name, - String $docker_ce_channel = $docker::params::docker_ce_channel, - Optional[Boolean] $docker_ee = $docker::params::docker_ee, - Optional[String] $docker_ee_package_name = $docker::params::package_ee_package_name, - Optional[String] $docker_ee_source_location = $docker::params::package_ee_source_location, - Optional[String] $docker_ee_key_source = $docker::params::package_ee_key_source, - Optional[String] $docker_ee_key_id = $docker::params::package_ee_key_id, - Optional[String] $docker_ee_repos = $docker::params::package_ee_repos, - Optional[String] $docker_ee_release = $docker::params::package_ee_release, - Variant[String,Array[String],Undef] $tcp_bind = $docker::params::tcp_bind, - Boolean $tls_enable = $docker::params::tls_enable, - Boolean $tls_verify = $docker::params::tls_verify, - Optional[String] $tls_cacert = $docker::params::tls_cacert, - Optional[String] $tls_cert = $docker::params::tls_cert, - Optional[String] $tls_key = $docker::params::tls_key, - Boolean $ip_forward = $docker::params::ip_forward, - Boolean $ip_masq = $docker::params::ip_masq, - Optional[Boolean]$ipv6 = $docker::params::ipv6, - Optional[String]$ipv6_cidr = $docker::params::ipv6_cidr, - Optional[String]$default_gateway_ipv6 = $docker::params::default_gateway_ipv6, - Optional[String] $bip = $docker::params::bip, - Optional[String] $mtu = $docker::params::mtu, - Boolean $iptables = $docker::params::iptables, - Optional[Boolean] $icc = $docker::params::icc, - String $socket_bind = $docker::params::socket_bind, - Optional[String] $fixed_cidr = $docker::params::fixed_cidr, - Optional[String] $bridge = $docker::params::bridge, - Optional[String] $default_gateway = $docker::params::default_gateway, - Optional[String] $log_level = $docker::params::log_level, - Optional[String] $log_driver = $docker::params::log_driver, - Array $log_opt = $docker::params::log_opt, - Optional[Boolean] $selinux_enabled = $docker::params::selinux_enabled, - Optional[Boolean] $use_upstream_package_source = $docker::params::use_upstream_package_source, - Optional[Boolean] $pin_upstream_package_source = $docker::params::pin_upstream_package_source, - Optional[Integer] $apt_source_pin_level = $docker::params::apt_source_pin_level, - Optional[String] $package_release = $docker::params::package_release, - String $service_state = $docker::params::service_state, - Boolean $service_enable = $docker::params::service_enable, - Boolean $manage_service = $docker::params::manage_service, - Optional[String] $root_dir = $docker::params::root_dir, - Optional[Boolean] $tmp_dir_config = $docker::params::tmp_dir_config, - Optional[String] $tmp_dir = $docker::params::tmp_dir, - Variant[String,Array,Undef] $dns = $docker::params::dns, - Variant[String,Array,Undef] $dns_search = $docker::params::dns_search, - Variant[String,Boolean,Undef] $socket_group = $docker::params::socket_group, - Array $labels = $docker::params::labels, - Variant[String,Array,Undef] $extra_parameters = undef, - Variant[String,Array,Undef] $shell_values = undef, - Optional[String] $proxy = $docker::params::proxy, - Optional[String] $no_proxy = $docker::params::no_proxy, - Optional[String] $storage_driver = $docker::params::storage_driver, - Optional[String] $dm_basesize = $docker::params::dm_basesize, - Optional[String] $dm_fs = $docker::params::dm_fs, - Optional[String] $dm_mkfsarg = $docker::params::dm_mkfsarg, - Optional[String] $dm_mountopt = $docker::params::dm_mountopt, - Optional[String] $dm_blocksize = $docker::params::dm_blocksize, - Optional[String] $dm_loopdatasize = $docker::params::dm_loopdatasize, - Optional[String] $dm_loopmetadatasize = $docker::params::dm_loopmetadatasize, - Optional[String] $dm_datadev = $docker::params::dm_datadev, - Optional[String] $dm_metadatadev = $docker::params::dm_metadatadev, - Optional[String] $dm_thinpooldev = $docker::params::dm_thinpooldev, - Optional[Boolean] $dm_use_deferred_removal = $docker::params::dm_use_deferred_removal, - Optional[Boolean] $dm_use_deferred_deletion = $docker::params::dm_use_deferred_deletion, - Optional[Boolean] $dm_blkdiscard = $docker::params::dm_blkdiscard, - Optional[Boolean] $dm_override_udev_sync_check = $docker::params::dm_override_udev_sync_check, - Boolean $overlay2_override_kernel_check = $docker::params::overlay2_override_kernel_check, - Optional[String] $execdriver = $docker::params::execdriver, - Boolean $manage_package = $docker::params::manage_package, - Optional[String] $package_source = $docker::params::package_source, - Optional[String] $service_name = $docker::params::service_name, - Array $docker_users = [], - String $docker_group = $docker::params::docker_group, - Array $daemon_environment_files = [], - Variant[String,Hash,Undef] $repo_opt = $docker::params::repo_opt, - Optional[String] $os_lc = $docker::params::os_lc, - Optional[String] $storage_devs = $docker::params::storage_devs, - Optional[String] $storage_vg = $docker::params::storage_vg, - Optional[String] $storage_root_size = $docker::params::storage_root_size, - Optional[String] $storage_data_size = $docker::params::storage_data_size, - Optional[String] $storage_min_data_size = $docker::params::storage_min_data_size, - Optional[String] $storage_chunk_size = $docker::params::storage_chunk_size, - Optional[Boolean] $storage_growpart = $docker::params::storage_growpart, - Optional[String] $storage_auto_extend_pool = $docker::params::storage_auto_extend_pool, - Optional[String] $storage_pool_autoextend_threshold = $docker::params::storage_pool_autoextend_threshold, - Optional[String] $storage_pool_autoextend_percent = $docker::params::storage_pool_autoextend_percent, - Variant[String,Boolean,Undef] $storage_config = $docker::params::storage_config, - Optional[String] $storage_config_template = $docker::params::storage_config_template, - Optional[String] $storage_setup_file = $docker::params::storage_setup_file, - Optional[String] $service_provider = $docker::params::service_provider, - Variant[String,Boolean,Undef] $service_config = $docker::params::service_config, - Optional[String] $service_config_template = $docker::params::service_config_template, - Variant[String,Boolean,Undef] $service_overrides_template = $docker::params::service_overrides_template, - Variant[String,Boolean,Undef] $socket_overrides_template = $docker::params::socket_overrides_template, - Optional[Boolean] $socket_override = $docker::params::socket_override, - Variant[String,Boolean,Undef] $service_after_override = $docker::params::service_after_override, - Optional[Boolean] $service_hasstatus = $docker::params::service_hasstatus, - Optional[Boolean] $service_hasrestart = $docker::params::service_hasrestart, - Optional[String] $registry_mirror = $docker::params::registry_mirror, - Boolean $acknowledge_unsupported_os = false, + Optional[String] $version = $docker::params::version, + String $ensure = $docker::params::ensure, + Variant[Array[String], Hash] $prerequired_packages = $docker::params::prerequired_packages, + Array $dependent_packages = $docker::params::dependent_packages, + String $docker_ce_start_command = $docker::params::docker_ce_start_command, + Optional[String] $docker_ce_package_name = $docker::params::docker_ce_package_name, + Optional[String] $docker_ce_source_location = $docker::params::package_ce_source_location, + Optional[String] $docker_ce_key_source = $docker::params::package_ce_key_source, + Optional[String] $docker_ce_key_id = $docker::params::package_ce_key_id, + Optional[String] $docker_ce_release = $docker::params::package_ce_release, + Optional[String] $docker_package_location = $docker::params::package_source_location, + Optional[String] $docker_package_key_source = $docker::params::package_key_source, + Optional[Boolean] $docker_package_key_check_source = $docker::params::package_key_check_source, + Optional[String] $docker_package_key_id = $docker::params::package_key_id, + Optional[String] $docker_package_release = $docker::params::package_release, + String $docker_engine_start_command = $docker::params::docker_engine_start_command, + String $docker_engine_package_name = $docker::params::docker_engine_package_name, + String $docker_ce_channel = $docker::params::docker_ce_channel, + Optional[Boolean] $docker_ee = $docker::params::docker_ee, + Optional[String] $docker_ee_package_name = $docker::params::package_ee_package_name, + Optional[String] $docker_ee_source_location = $docker::params::package_ee_source_location, + Optional[String] $docker_ee_key_source = $docker::params::package_ee_key_source, + Optional[String] $docker_ee_key_id = $docker::params::package_ee_key_id, + Optional[String] $docker_ee_repos = $docker::params::package_ee_repos, + Optional[String] $docker_ee_release = $docker::params::package_ee_release, + Optional[Variant[String,Array[String]]] $tcp_bind = $docker::params::tcp_bind, + Boolean $tls_enable = $docker::params::tls_enable, + Boolean $tls_verify = $docker::params::tls_verify, + Optional[String] $tls_cacert = $docker::params::tls_cacert, + Optional[String] $tls_cert = $docker::params::tls_cert, + Optional[String] $tls_key = $docker::params::tls_key, + Boolean $ip_forward = $docker::params::ip_forward, + Boolean $ip_masq = $docker::params::ip_masq, + Optional[Boolean] $ipv6 = $docker::params::ipv6, + Optional[String] $ipv6_cidr = $docker::params::ipv6_cidr, + Optional[String] $default_gateway_ipv6 = $docker::params::default_gateway_ipv6, + Optional[String] $bip = $docker::params::bip, + Optional[String] $mtu = $docker::params::mtu, + Boolean $iptables = $docker::params::iptables, + Optional[Boolean] $icc = $docker::params::icc, + String $socket_bind = $docker::params::socket_bind, + Optional[String] $fixed_cidr = $docker::params::fixed_cidr, + Optional[String] $bridge = $docker::params::bridge, + Optional[String] $default_gateway = $docker::params::default_gateway, + Optional[String] $log_level = $docker::params::log_level, + Optional[String] $log_driver = $docker::params::log_driver, + Array $log_opt = $docker::params::log_opt, + Optional[Boolean] $selinux_enabled = $docker::params::selinux_enabled, + Optional[Boolean] $use_upstream_package_source = $docker::params::use_upstream_package_source, + Optional[Boolean] $pin_upstream_package_source = $docker::params::pin_upstream_package_source, + Optional[Integer] $apt_source_pin_level = $docker::params::apt_source_pin_level, + Optional[String] $package_release = $docker::params::package_release, + String $service_state = $docker::params::service_state, + Boolean $service_enable = $docker::params::service_enable, + Boolean $manage_service = $docker::params::manage_service, + Optional[String] $root_dir = $docker::params::root_dir, + Optional[Boolean] $tmp_dir_config = $docker::params::tmp_dir_config, + Optional[String] $tmp_dir = $docker::params::tmp_dir, + Optional[Variant[String,Array]] $dns = $docker::params::dns, + Optional[Variant[String,Array]] $dns_search = $docker::params::dns_search, + Optional[Variant[String,Boolean]] $socket_group = $docker::params::socket_group, + Array $labels = $docker::params::labels, + Optional[Variant[String,Array]] $extra_parameters = undef, + Optional[Variant[String,Array]] $shell_values = undef, + Optional[String] $proxy = $docker::params::proxy, + Optional[String] $no_proxy = $docker::params::no_proxy, + Optional[String] $storage_driver = $docker::params::storage_driver, + Optional[String] $dm_basesize = $docker::params::dm_basesize, + Optional[String] $dm_fs = $docker::params::dm_fs, + Optional[String] $dm_mkfsarg = $docker::params::dm_mkfsarg, + Optional[String] $dm_mountopt = $docker::params::dm_mountopt, + Optional[String] $dm_blocksize = $docker::params::dm_blocksize, + Optional[String] $dm_loopdatasize = $docker::params::dm_loopdatasize, + Optional[String] $dm_loopmetadatasize = $docker::params::dm_loopmetadatasize, + Optional[String] $dm_datadev = $docker::params::dm_datadev, + Optional[String] $dm_metadatadev = $docker::params::dm_metadatadev, + Optional[String] $dm_thinpooldev = $docker::params::dm_thinpooldev, + Optional[Boolean] $dm_use_deferred_removal = $docker::params::dm_use_deferred_removal, + Optional[Boolean] $dm_use_deferred_deletion = $docker::params::dm_use_deferred_deletion, + Optional[Boolean] $dm_blkdiscard = $docker::params::dm_blkdiscard, + Optional[Boolean] $dm_override_udev_sync_check = $docker::params::dm_override_udev_sync_check, + Boolean $overlay2_override_kernel_check = $docker::params::overlay2_override_kernel_check, + Optional[String] $execdriver = $docker::params::execdriver, + Boolean $manage_package = $docker::params::manage_package, + Optional[String] $package_source = $docker::params::package_source, + Optional[String] $service_name = $docker::params::service_name, + Array $docker_users = [], + String $docker_group = $docker::params::docker_group, + Array $daemon_environment_files = [], + Optional[Variant[String,Hash]] $repo_opt = $docker::params::repo_opt, + Optional[String] $os_lc = $docker::params::os_lc, + Optional[String] $storage_devs = $docker::params::storage_devs, + Optional[String] $storage_vg = $docker::params::storage_vg, + Optional[String] $storage_root_size = $docker::params::storage_root_size, + Optional[String] $storage_data_size = $docker::params::storage_data_size, + Optional[String] $storage_min_data_size = $docker::params::storage_min_data_size, + Optional[String] $storage_chunk_size = $docker::params::storage_chunk_size, + Optional[Boolean] $storage_growpart = $docker::params::storage_growpart, + Optional[String] $storage_auto_extend_pool = $docker::params::storage_auto_extend_pool, + Optional[String] $storage_pool_autoextend_threshold = $docker::params::storage_pool_autoextend_threshold, + Optional[String] $storage_pool_autoextend_percent = $docker::params::storage_pool_autoextend_percent, + Optional[Variant[String,Boolean]] $storage_config = $docker::params::storage_config, + Optional[String] $storage_config_template = $docker::params::storage_config_template, + Optional[String] $storage_setup_file = $docker::params::storage_setup_file, + Optional[String] $service_provider = $docker::params::service_provider, + Optional[Variant[String,Boolean]] $service_config = $docker::params::service_config, + Optional[String] $service_config_template = $docker::params::service_config_template, + Optional[Variant[String,Boolean]] $service_overrides_template = $docker::params::service_overrides_template, + Optional[Variant[String,Boolean]] $socket_overrides_template = $docker::params::socket_overrides_template, + Optional[Boolean] $socket_override = $docker::params::socket_override, + Optional[Variant[String,Boolean]] $service_after_override = $docker::params::service_after_override, + Optional[Boolean] $service_hasstatus = $docker::params::service_hasstatus, + Optional[Boolean] $service_hasrestart = $docker::params::service_hasrestart, + Optional[String] $registry_mirror = $docker::params::registry_mirror, + Boolean $acknowledge_unsupported_os = false, + # Windows specific parameters - Optional[String] $docker_msft_provider_version = $docker::params::docker_msft_provider_version, - Optional[String] $nuget_package_provider_version = $docker::params::nuget_package_provider_version, + Optional[String] $docker_msft_provider_version = $docker::params::docker_msft_provider_version, + Optional[String] $nuget_package_provider_version = $docker::params::nuget_package_provider_version, ) inherits docker::params { - - - if $facts['osfamily'] and !$acknowledge_unsupported_os { - assert_type(Pattern[/^(Debian|RedHat|windows)$/], $facts['osfamily']) |$a, $b| { + if $facts['os']['family'] and ! $acknowledge_unsupported_os { + assert_type(Pattern[/^(Debian|RedHat|windows)$/], $facts['os']['family']) |$a, $b| { fail(translate('This module only works on Debian, Red Hat or Windows based systems.')) } } - if ($facts['operatingsystem'] == 'CentOS') and (versioncmp($facts['operatingsystemmajrelease'], '7') < 0) { + if ($facts['os']['name'] == 'CentOS') and (versioncmp($facts['os']['release']['full'], '7') < 0) { fail(translate('This module only works on CentOS version 7 and higher based systems.')) } @@ -530,7 +498,7 @@ } if $log_driver { - if $facts['osfamily'] == 'windows' { + if $facts['os']['family'] == 'windows' { assert_type(Pattern[/^(none|json-file|syslog|gelf|fluentd|splunk|awslogs|etwlogs)$/], $log_driver) |$a, $b| { fail(translate('log_driver must be one of none, json-file, syslog, gelf, fluentd, splunk, awslogs or etwlogs')) } @@ -542,7 +510,7 @@ } if $storage_driver { - if $facts['osfamily'] == 'windows' { + if $facts['os']['family'] == 'windows' { assert_type(Pattern[/^(windowsfilter)$/], $storage_driver) |$a, $b| { fail(translate('Valid values for storage_driver on windows are windowsfilter')) } @@ -553,7 +521,7 @@ } } - if ($bridge) and ($facts['osfamily'] == 'windows') { + if ($bridge) and ($facts['os']['family'] == 'windows') { assert_type(Pattern[/^(none|nat|transparent|overlay|l2bridge|l2tunnel)$/], $bridge) |$a, $b| { fail(translate('bridge must be one of none, nat, transparent, overlay, l2bridge or l2tunnel on Windows.')) } @@ -569,11 +537,9 @@ fail(translate('You should provide parameters only for loop lvm or direct lvm, not both.')) } -# lint:ignore:140chars if ($dm_datadev or $dm_metadatadev) and $dm_thinpooldev { - fail(translate('You can use the $dm_thinpooldev parameter, or the $dm_datadev and $dm_metadatadev parameter pair, but you cannot use both.')) + fail(translate('You can use the $dm_thinpooldev parameter, or the $dm_datadev and $dm_metadatadev parameter pair, but you cannot use both.')) # lint:ignore:140chars } -# lint:endignore if ($dm_datadev or $dm_metadatadev) { notice('The $dm_datadev and $dm_metadatadev parameter pair are deprecated. The $dm_thinpooldev parameter should be used instead.') @@ -583,79 +549,79 @@ fail(translate('You need to provide both $dm_datadev and $dm_metadatadev parameters for direct lvm.')) } - if ($dm_basesize or $dm_fs or $dm_mkfsarg or $dm_mountopt or $dm_blocksize or $dm_loopdatasize or - $dm_loopmetadatasize or $dm_datadev or $dm_metadatadev) and ($storage_driver != 'devicemapper') { + if ($dm_basesize or $dm_fs or $dm_mkfsarg or $dm_mountopt or $dm_blocksize or $dm_loopdatasize or $dm_loopmetadatasize or $dm_datadev or $dm_metadatadev) and ($storage_driver != 'devicemapper') { fail(translate('Values for dm_ variables will be ignored unless storage_driver is set to devicemapper.')) } if($tls_enable) { - if(!$tcp_bind) { + if(! $tcp_bind) { fail(translate('You need to provide tcp bind parameter for TLS.')) } } - if ( $version == undef ) or ( $version !~ /^(17[.][0-1][0-9][.][0-1](~|-|\.)ce|1.\d+)/ ) { - if ( $docker_ee) { - $package_location = $docker::docker_ee_source_location - $package_key_source = $docker::docker_ee_key_source + if ($version == undef) or ($version !~ /^(17[.][0-1][0-9][.][0-1](~|-|\.)ce|1.\d+)/) { + if ($docker_ee) { + $package_location = $docker::docker_ee_source_location + $package_key_source = $docker::docker_ee_key_source $package_key_check_source = true - $package_key = $docker::docker_ee_key_id - $package_repos = $docker::docker_ee_repos - $release = $docker::docker_ee_release - $docker_start_command = $docker::docker_ee_start_command - $docker_package_name = $docker::docker_ee_package_name + $package_key = $docker::docker_ee_key_id + $package_repos = $docker::docker_ee_repos + $release = $docker::docker_ee_release + $docker_start_command = $docker::docker_ee_start_command + $docker_package_name = $docker::docker_ee_package_name } else { - case $facts['osfamily'] { + case $facts['os']['family'] { 'Debian' : { - $package_location = $docker_ce_source_location + $package_location = $docker_ce_source_location $package_key_source = $docker_ce_key_source - $package_key = $docker_ce_key_id - $package_repos = $docker_ce_channel - $release = $docker_ce_release + $package_key = $docker_ce_key_id + $package_repos = $docker_ce_channel + $release = $docker_ce_release } 'Redhat' : { - $package_location = $docker_ce_source_location - $package_key_source = $docker_ce_key_source + $package_location = $docker_ce_source_location + $package_key_source = $docker_ce_key_source $package_key_check_source = true } 'windows': { fail(translate('This module only work for Docker Enterprise Edition on Windows.')) } default: { - $package_location = $docker_package_location - $package_key_source = $docker_package_key_source + $package_location = $docker_package_location + $package_key_source = $docker_package_key_source $package_key_check_source = $docker_package_key_check_source } } + $docker_start_command = $docker_ce_start_command - $docker_package_name = $docker_ce_package_name + $docker_package_name = $docker_ce_package_name } } else { - case $facts['osfamily'] { + case $facts['os']['family'] { 'Debian' : { - $package_location = $docker_package_location - $package_key_source = $docker_package_key_source + $package_location = $docker_package_location + $package_key_source = $docker_package_key_source $package_key_check_source = $docker_package_key_check_source - $package_key = $docker_package_key_id - $package_repos = 'main' - $release = $docker_package_release + $package_key = $docker_package_key_id + $package_repos = 'main' + $release = $docker_package_release } 'Redhat' : { - $package_location = $docker_package_location - $package_key_source = $docker_package_key_source + $package_location = $docker_package_location + $package_key_source = $docker_package_key_source $package_key_check_source = $docker_package_key_check_source } default : { - $package_location = $docker_package_location - $package_key_source = $docker_package_key_source + $package_location = $docker_package_location + $package_key_source = $docker_package_key_source $package_key_check_source = $docker_package_key_check_source } } $docker_start_command = $docker_engine_start_command - $docker_package_name = $docker_engine_package_name + $docker_package_name = $docker_engine_package_name } - if ( $version != undef ) and ( $version =~ /^(17[.]0[0-4]|1.\d+)/ ) { + if ($version != undef) and ($version =~ /^(17[.]0[0-4]|1.\d+)/) { $root_dir_flag = '-g' } else { $root_dir_flag = '--data-root' @@ -663,10 +629,10 @@ if $ensure != 'absent' { - contain 'docker::repos' - contain 'docker::install' - contain 'docker::config' - contain 'docker::service' + contain docker::repos + contain docker::install + contain docker::config + contain docker::service create_resources( 'docker::registry', diff --git a/manifests/install.pp b/manifests/install.pp index eb26b86b..d0e849dc 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -1,37 +1,35 @@ -# == Class: docker +# @summary +# Module to install an up-to-date version of Docker from a package repository. +# Only for Debian, Red Hat and Windows # -# Module to install an up-to-date version of Docker from a package repository. -# This module works only on Debian Red Hat and Windows based distributions. -# -# === Parameters -# [*version*] +# @param version # The package version to install, used to set the package name. # -# [*nuget_package_provider_version*] +# @param nuget_package_provider_version # The version of the NuGet Package provider -# Default: undef # -# [*docker_msft_provider_version*] +# @param docker_msft_provider_version # The version of the Microsoft Docker Provider Module -# Default: undef # -# [*docker_ee_package_name*] +# @param docker_ee_package_name # The name of the Docker Enterprise Edition package -# Default: Docker - - -class docker::install ( +# +# @param docker_download_url +# +# @param dependent_packages +# +class docker::install( $version = $docker::version, $nuget_package_provider_version = $docker::nuget_package_provider_version, $docker_msft_provider_version = $docker::docker_msft_provider_version, $docker_ee_package_name = $docker::docker_ee_package_name, $docker_download_url = $docker::package_location, $dependent_packages = $docker::dependent_packages, - ) { $docker_start_command = $docker::docker_start_command - if $::osfamily and !::docker::acknowledge_unsupported_os { - assert_type(Pattern[/^(Debian|RedHat|windows)$/], $::osfamily) |$a, $b| { + + if $facts['os']['family'] and ! $docker::acknowledge_unsupported_os { + assert_type(Pattern[/^(Debian|RedHat|windows)$/], $facts['os']['family']) |$a, $b| { fail(translate('This module only works on Debian, RedHat or Windows.')) } } @@ -49,7 +47,7 @@ } if $docker::package_source { - case $::osfamily { + case $facts['os']['family'] { 'Debian' : { $pk_provider = 'dpkg' } @@ -85,11 +83,12 @@ } else { - if $::osfamily != 'windows' { + if $facts['os']['family'] != 'windows' { ensure_resource('package', 'docker', merge($docker_hash, { ensure => $ensure, name => $docker::docker_package_name, })) + if $ensure == 'absent' { ensure_resource('package', $dependent_packages, { ensure => $ensure, @@ -121,6 +120,7 @@ notify => Exec['service-restart-on-failure'], } } + exec { 'service-restart-on-failure': command => 'SC.exe failure Docker reset= 432000 actions= restart/30000/restart/60000/restart/60000', refreshonly => true, diff --git a/manifests/machine.pp b/manifests/machine.pp index ac0f680a..cf2c2bba 100644 --- a/manifests/machine.pp +++ b/manifests/machine.pp @@ -1,54 +1,46 @@ -# == Class: docker::machine +# @summary +# install Docker Machine using the recommended curl command. # -# Class to install Docker Machine using the recommended curl command. -# -# === Parameters -# -# [*ensure*] +# @param ensure # Whether to install or remove Docker Machine # Valid values are absent present -# Defaults to present # -# [*version*] +# @param version # The version of Docker Machine to install. -# Defaults to the value set in $docker::params::machine_version # -# [*install_path*] +# @param install_path # The path where to install Docker Machine. -# Defaults to the value set in $docker::params::machine_install_path # -# [*proxy*] +# @param proxy # Proxy to use for downloading Docker Machine. # -# [*url*] +# @param url # The URL from which the docker machine binary should be fetched -# Defaults to a auto determined value based on version, kernel and OS. -# -# [*curl_ensure*] +# +# @param curl_ensure # Whether or not the curl package is ensured by this module. -# Defaults to true +# class docker::machine( - Optional[Pattern[/^present$|^absent$/]] $ensure = 'present', + Optional[Enum[present,absent]] $ensure = 'present', Optional[String] $version = $docker::params::machine_version, Optional[String] $install_path = $docker::params::machine_install_path, Optional[String] $proxy = undef, Optional[Variant[Stdlib::HTTPUrl, Stdlib::HTTPSUrl]] $url = undef, Optional[Boolean] $curl_ensure = $docker::params::curl_ensure, ) inherits docker::params { - if $proxy != undef { validate_re($proxy, '^((http[s]?)?:\/\/)?([^:^@]+:[^:^@]+@|)([\da-z\.-]+)\.([\da-z\.]{2,6})(:[\d])?([\/\w \.-]*)*\/?$') } - if $::osfamily == 'windows' { + if $facts['os']['family'] == 'windows' { $file_extension = '.exe' - $file_owner = 'Administrator' + $file_owner = 'Administrator' } else { $file_extension = '' - $file_owner = 'root' + $file_owner = 'root' } - $docker_machine_location = "${install_path}/docker-machine${file_extension}" + $docker_machine_location = "${install_path}/docker-machine${file_extension}" $docker_machine_location_versioned = "${install_path}/docker-machine-${version}${file_extension}" if $ensure == 'present' { @@ -63,10 +55,8 @@ $proxy_opt = '' } - if $::osfamily == 'windows' { -# lint:ignore:140chars - $docker_download_command = "if (Invoke-WebRequest ${docker_machine_url} ${proxy_opt} -UseBasicParsing -OutFile \"${docker_machine_location_versioned}\") { exit 0 } else { exit 1}" -# lint:endignore + if $facts['os']['family'] == 'windows' { + $docker_download_command = "if (Invoke-WebRequest ${docker_machine_url} ${proxy_opt} -UseBasicParsing -OutFile \"${docker_machine_location_versioned}\") { exit 0 } else { exit 1}" # lint:ignore:140chars exec { "Install Docker Machine ${version}": command => template('docker/windows/download_docker_machine.ps1.erb'), @@ -77,12 +67,13 @@ file { $docker_machine_location: ensure => 'link', target => $docker_machine_location_versioned, - require => Exec["Install Docker Machine ${version}"] + require => Exec["Install Docker Machine ${version}"], } } else { if $curl_ensure { ensure_packages(['curl']) } + exec { "Install Docker Machine ${version}": path => '/usr/bin/', cwd => '/tmp', @@ -94,20 +85,21 @@ file { $docker_machine_location_versioned: owner => $file_owner, mode => '0755', - require => Exec["Install Docker Machine ${version}"] + require => Exec["Install Docker Machine ${version}"], } file { $docker_machine_location: ensure => 'link', target => $docker_machine_location_versioned, - require => File[$docker_machine_location_versioned] + require => File[$docker_machine_location_versioned], } } } else { - file { [ - $docker_machine_location_versioned, - $docker_machine_location - ]: + file { $docker_machine_location_versioned: + ensure => absent, + } + + file { $docker_machine_location: ensure => absent, } } diff --git a/manifests/networks.pp b/manifests/networks.pp index 3b99f14b..353673c5 100644 --- a/manifests/networks.pp +++ b/manifests/networks.pp @@ -1,4 +1,9 @@ -# docker::networks -class docker::networks($networks) { +# @summary +# +# @param networks +# +class docker::networks( + $networks +) { create_resources(docker_network, $networks) } diff --git a/manifests/params.pp b/manifests/params.pp index 51fe4a68..40cdeaae 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,6 +1,4 @@ -# == Class: docker::params -# -# Default parameter values for the docker module +# @summary Default parameter values for the docker module # class docker::params { $version = undef @@ -12,11 +10,6 @@ $docker_ce_channel = stable $docker_ee = false $docker_ee_start_command = 'dockerd' - if ($::osfamily == 'windows') { - $docker_ee_package_name = 'Docker' - } else { - $docker_ee_package_name = 'docker-ee' - } $docker_ee_source_location = undef $docker_ee_key_source = undef $docker_ee_key_id = undef @@ -24,21 +17,6 @@ $tcp_bind = undef $tls_enable = false $tls_verify = true - if ($::osfamily == 'windows') { - $tls_cacert = "${::docker_program_data_path}/docker/certs.d/ca.pem" - $tls_cert = "${::docker_program_data_path}/docker/certs.d/server-cert.pem" - $tls_key = "${::docker_program_data_path}/docker/certs.d/server-key.pem" - $compose_version = '1.21.2' - $compose_install_path = "${::docker_program_files_path}/Docker" - $machine_install_path = "${::docker_program_files_path}/Docker" - } else { - $tls_cacert = '/etc/docker/tls/ca.pem' - $tls_cert = '/etc/docker/tls/cert.pem' - $tls_key = '/etc/docker/tls/key.pem' - $compose_version = '1.9.0' - $compose_install_path = '/usr/local/bin' - $machine_install_path = '/usr/local/bin' - } $machine_version = '0.16.1' $ip_forward = true $iptables = true @@ -90,11 +68,6 @@ $overlay2_override_kernel_check = false $manage_package = true $package_source = undef - if ($::osfamily == 'windows') { - $docker_command = 'docker' - } else { - $docker_command = 'docker' - } $service_name_default = 'docker' $docker_group_default = 'docker' $storage_devs = undef @@ -110,16 +83,37 @@ $storage_config_template = 'docker/etc/sysconfig/docker-storage.erb' $registry_mirror = undef $curl_ensure = true - $os_lc = downcase($::operatingsystem) + $os_lc = downcase($facts['os']['name']) $docker_msft_provider_version = undef $nuget_package_provider_version = undef - case $::osfamily { + if ($facts['os']['family'] == 'windows') { + $docker_ee_package_name = 'Docker' + $tls_cacert = "${::docker_program_data_path}/docker/certs.d/ca.pem" + $tls_cert = "${::docker_program_data_path}/docker/certs.d/server-cert.pem" + $tls_key = "${::docker_program_data_path}/docker/certs.d/server-key.pem" + $compose_version = '1.21.2' + $compose_install_path = "${::docker_program_files_path}/Docker" + $machine_install_path = "${::docker_program_files_path}/Docker" + $docker_command = 'docker' + } else { + $docker_ee_package_name = 'docker-ee' + $tls_cacert = '/etc/docker/tls/ca.pem' + $tls_cert = '/etc/docker/tls/cert.pem' + $tls_key = '/etc/docker/tls/key.pem' + $compose_version = '1.9.0' + $compose_install_path = '/usr/local/bin' + $machine_install_path = '/usr/local/bin' + $docker_command = 'docker' + } + + case $facts['os']['family'] { 'Debian' : { - case $::operatingsystem { + case $facts['os']['name'] { 'Ubuntu' : { - $package_release = "ubuntu-${::lsbdistcodename}" - if (versioncmp($::operatingsystemrelease, '15.04') >= 0) { + $package_release = "ubuntu-${facts['os']['distro']['codename']}" + + if (versioncmp($facts['os']['release']['full'], '15.04') >= 0) { $service_provider = 'systemd' $storage_config = '/etc/default/docker-storage' $service_config_template = 'docker/etc/sysconfig/docker.systemd.erb' @@ -129,6 +123,7 @@ $service_after_override = undef $service_hasstatus = true $service_hasrestart = true + include docker::systemd_reload } else { $service_config_template = 'docker/etc/default/docker.erb' @@ -143,7 +138,7 @@ } } default: { - $package_release = "debian-${::lsbdistcodename}" + $package_release = "debian-${facts['os']['distro']['codename']}" $service_provider = 'systemd' $storage_config = '/etc/default/docker-storage' $service_config_template = 'docker/etc/sysconfig/docker.systemd.erb' @@ -153,6 +148,7 @@ $service_after_override = undef $service_hasstatus = true $service_hasrestart = true + include docker::systemd_reload } } @@ -170,7 +166,7 @@ $package_ce_source_location = "https://download.docker.com/linux/${os_lc}" $package_ce_key_source = "https://download.docker.com/linux/${os_lc}/gpg" $package_ce_key_id = '9DC858229FC7DD38854AE2D88D81803C0EBFCD88' - $package_ce_release = $::lsbdistcodename + $package_ce_release = $facts['os']['distro']['codename'] $package_source_location = 'http://apt.dockerproject.org/repo' $package_key_source = 'https://apt.dockerproject.org/gpg' $package_key_check_source = undef @@ -178,11 +174,10 @@ $package_ee_source_location = $docker_ee_source_location $package_ee_key_source = $docker_ee_key_source $package_ee_key_id = $docker_ee_key_id - $package_ee_release = $::lsbdistcodename + $package_ee_release = $facts['os']['distro']['codename'] $package_ee_repos = $docker_ee_repos $package_ee_package_name = $docker_ee_package_name - if ($service_provider == 'systemd') { $detach_service_in_init = false } else { @@ -190,11 +185,11 @@ } } 'RedHat' : { - $service_config = '/etc/sysconfig/docker' - $storage_config = '/etc/sysconfig/docker-storage' - $storage_setup_file = '/etc/sysconfig/docker-storage-setup' - $service_hasstatus = true - $service_hasrestart = true + $service_config = '/etc/sysconfig/docker' + $storage_config = '/etc/sysconfig/docker-storage' + $storage_setup_file = '/etc/sysconfig/docker-storage-setup' + $service_hasstatus = true + $service_hasrestart = true $service_provider = 'systemd' $service_config_template = 'docker/etc/sysconfig/docker.systemd.erb' @@ -204,13 +199,13 @@ $service_after_override = undef $use_upstream_package_source = true - $package_ce_source_location = "https://download.docker.com/linux/centos/${::operatingsystemmajrelease}/${::architecture}/${docker_ce_channel}" + $package_ce_source_location = "https://download.docker.com/linux/centos/${facts['os']['release']['full']}/${facts['os']['architecture']}/${docker_ce_channel}" $package_ce_key_source = 'https://download.docker.com/linux/centos/gpg' $package_ce_key_id = undef $package_ce_release = undef $package_key_id = undef $package_release = undef - $package_source_location = "https://yum.dockerproject.org/repo/main/centos/${::operatingsystemmajrelease}" + $package_source_location = "https://yum.dockerproject.org/repo/main/centos/${facts['os']['release']['full']}" $package_key_source = 'https://yum.dockerproject.org/gpg' $package_key_check_source = true $package_ee_source_location = $docker_ee_source_location @@ -233,7 +228,7 @@ } # repo_opt to specify install_options for docker package - if $::operatingsystem == 'RedHat' { + if $facts['os']['name'] == 'RedHat' { $repo_opt = '--enablerepo=rhel-7-server-extras-rpms' } else { $repo_opt = undef @@ -364,15 +359,15 @@ # Special extra packages are required on some OSes. # Specifically apparmor is needed for Ubuntu: # https://github.com/docker/docker/issues/4734 - $prerequired_packages = $::osfamily ? { - 'Debian' => $::operatingsystem ? { - 'Debian' => ['cgroupfs-mount'], - 'Ubuntu' => ['cgroup-lite', 'apparmor'], + $prerequired_packages = $facts['os']['family'] ? { + 'Debian' => $facts['os']['name'] ? { + 'Debian' => [ 'cgroupfs-mount', ], + 'Ubuntu' => [ 'cgroup-lite', 'apparmor', ], default => [], }, 'RedHat' => ['device-mapper'], default => [], } - $dependent_packages = ['docker-ce-cli','containerd.io'] + $dependent_packages = [ 'docker-ce-cli', 'containerd.io', ] } diff --git a/manifests/plugin.pp b/manifests/plugin.pp index 08b94bd9..3b55bf03 100644 --- a/manifests/plugin.pp +++ b/manifests/plugin.pp @@ -1,84 +1,75 @@ -# == Define: docker::plugin +# @summary +# A define that manages a docker plugin # -# A define that manages a docker plugin -# -# == Parameters -# -# [*plugin_name*] +# @param plugin_name # This ensures whether the plugin is installed or not. -# Defaults to present # Note that the default behaviour of docker plugin # requires a plugin be disabled before it can be removed # -# [*plugin_name*] +# @param plugin_name # The name of the docker plugin -# Defaults to the $title used in the define. # -# [*enabled*] +# @param enabled # A setting to enable or disable an installed plugin. -# Defaults to true # -# [*timeout*] +# @param timeout # The number of seconds to wait when enabling a plugin -# Defaults to undef # -# [*plugin_alias*] +# @param plugin_alias # An alternative name to use for an installed plugin -# Defaults to undef # -# [*disable_on_install*] +# @param disable_on_install # Alters the default behaviour of enabling a plugin upon install -# Defaults to false # -# [*disable_content_trust*] +# @param disable_content_trust # Skip image verification -# Defaults to true # -# [*grant_all_permissions] +# @param grant_all_permissions # Grant all permissions necessary to run the plugin -# Defaults to true # -# [*force_remove*] +# @param force_remove # Force the removal of an active plugin -# Defaults to true # -# [*settings*] +# @param settings # Any additional settings to pass to the plugin during install -# Defaults to undef # - +# @param ensure +# +# @param grant_all_permissions +# define docker::plugin( - Optional[Pattern[/^present$|^absent$/]] $ensure = 'present', - String $plugin_name = $title, - Optional[Boolean] $enabled = true, - Optional[String] $timeout = undef, - Optional[String] $plugin_alias = undef, - Optional[Boolean] $disable_on_install = false, - Optional[Boolean] $disable_content_trust = true, - Optional[Boolean] $grant_all_permissions = true, - Optional[Boolean] $force_remove = true, - Optional[Array] $settings = [], - ){ - + Optional[Enum[present,absent]] $ensure = 'present', + String $plugin_name = $title, + Optional[Boolean] $enabled = true, + Optional[String] $timeout = undef, + Optional[String] $plugin_alias = undef, + Optional[Boolean] $disable_on_install = false, + Optional[Boolean] $disable_content_trust = true, + Optional[Boolean] $grant_all_permissions = true, + Optional[Boolean] $force_remove = true, + Optional[Array] $settings = [], +) { include docker::params $docker_command = "${docker::params::docker_command} plugin" - if ($::osfamily == 'windows') { + if ($facts['os']['family'] == 'windows') { fail(translate('Feature not implemented on windows.')) } if $ensure == 'present' { - $docker_plugin_install_flags = docker_plugin_install_flags({ - plugin_name => $plugin_name, - plugin_alias => $plugin_alias, - disable_on_install => $disable_on_install, - disable_content_trust => $disable_content_trust, - grant_all_permissions => $grant_all_permissions, - settings => $settings, - }) + $docker_plugin_install_flags = docker_plugin_install_flags( + { + plugin_name => $plugin_name, + plugin_alias => $plugin_alias, + disable_on_install => $disable_on_install, + disable_content_trust => $disable_content_trust, + grant_all_permissions => $grant_all_permissions, + settings => $settings, + } + ) - $exec_install = "${docker_command} install ${docker_plugin_install_flags}" + $exec_install = "${docker_command} install ${docker_plugin_install_flags}" $unless_install = "${docker_command} ls --format='{{.PluginReference}}' | grep -w ${plugin_name}" exec { "plugin install ${plugin_name}": @@ -89,12 +80,14 @@ unless => $unless_install, } } elsif $ensure == 'absent' { - $docker_plugin_remove_flags = docker_plugin_remove_flags({ - plugin_name => $plugin_name, - force_remove => $force_remove, - }) + $docker_plugin_remove_flags = docker_plugin_remove_flags( + { + plugin_name => $plugin_name, + force_remove => $force_remove, + } + ) - $exec_rm = "${docker_command} rm ${docker_plugin_remove_flags}" + $exec_rm = "${docker_command} rm ${docker_plugin_remove_flags}" $onlyif_rm = "${docker_command} ls --format='{{.PluginReference}}' | grep -w ${plugin_name}" exec { "plugin remove ${plugin_name}": @@ -107,13 +100,15 @@ } if $enabled { - $docker_plugin_enable_flags = docker_plugin_enable_flags({ - plugin_name => $plugin_name, - plugin_alias => $plugin_alias, - timeout => $timeout, - }) + $docker_plugin_enable_flags = docker_plugin_enable_flags( + { + plugin_name => $plugin_name, + plugin_alias => $plugin_alias, + timeout => $timeout, + } + ) - $exec_enable = "${docker_command} enable ${docker_plugin_enable_flags}" + $exec_enable = "${docker_command} enable ${docker_plugin_enable_flags}" $onlyif_enable = "${docker_command} ls -f enabled=false --format='{{.PluginReference}}' | grep -w ${plugin_name}" exec { "plugin enable ${plugin_name}": @@ -128,7 +123,7 @@ exec { "disable ${plugin_name}": command => "${docker_command} disable ${plugin_name}", environment => 'HOME=/root', - path => ['/bin', '/usr/bin'], + path => [ '/bin', '/usr/bin', ], timeout => 0, unless => "${docker_command} ls -f enabled=false --format='{{.PluginReference}}' | grep -w ${plugin_name}", } diff --git a/manifests/plugins.pp b/manifests/plugins.pp index 95fc7a8b..c359717e 100644 --- a/manifests/plugins.pp +++ b/manifests/plugins.pp @@ -1,4 +1,9 @@ -# docker::plugins -class docker::plugins($plugins) { +# @summary +# +# @param plugins +# +class docker::plugins( + $plugins +) { create_resources(docker::plugin, $plugins) } diff --git a/manifests/registry.pp b/manifests/registry.pp index 21c40b91..c2c893b3 100644 --- a/manifests/registry.pp +++ b/manifests/registry.pp @@ -1,84 +1,80 @@ -# == Class: docker +# @summary +# Module to configure private docker registries from which to pull Docker images # -# Module to configure private docker registries from which to pull Docker images -# If the registry does not require authentication, this module is not required. -# -# === Parameters -# [*server*] +# @param server # The hostname and port of the private Docker registry. Ex: dockerreg:5000 # -# [*ensure*] +# @param ensure # Whether or not you want to login or logout of a repository # -# [*username*] +# @param username # Username for authentication to private Docker registry. # auth is not required. # -# [*password*] +# @param password # Password for authentication to private Docker registry. Leave undef if # auth is not required. # -# [*pass_hash*] +# @param pass_hash # The hash to be used for receipt. If left as undef, a hash will be generated # -# [*email*] +# @param email # Email for registration to private Docker registry. Leave undef if # auth is not required. # -# [*local_user*] +# @param local_user # The local user to log in as. Docker will store credentials in this # users home directory # -# [*receipt*] +# @param receipt # Required to be true for idempotency # +# @param version +# define docker::registry( - Optional[String] $server = $title, - Optional[Pattern[/^present$|^absent$/]] $ensure = 'present', - Optional[String] $username = undef, - Optional[String] $password = undef, - Optional[String] $pass_hash = undef, - Optional[String] $email = undef, - Optional[String] $local_user = 'root', - Optional[String] $version = $docker::version, - Optional[Boolean] $receipt = true, + Optional[String] $server = $title, + Optional[Enum[present,absent]] $ensure = 'present', + Optional[String] $username = undef, + Optional[String] $password = undef, + Optional[String] $pass_hash = undef, + Optional[String] $email = undef, + Optional[String] $local_user = 'root', + Optional[String] $version = $docker::version, + Optional[Boolean] $receipt = true, ) { include docker::params $docker_command = $docker::params::docker_command - if $::osfamily == 'windows' { + if $facts['os']['family'] == 'windows' { $exec_environment = ["PATH=${::docker_program_files_path}/Docker/"] - $exec_timeout = 3000 - $exec_path = ["${::docker_program_files_path}/Docker/"] - $exec_provider = 'powershell' - $password_env = '$env:password' - $exec_user = undef + $exec_timeout = 3000 + $exec_path = ["${::docker_program_files_path}/Docker/"] + $exec_provider = 'powershell' + $password_env = '$env:password' + $exec_user = undef } else { $exec_environment = [] - $exec_path = ['/bin', '/usr/bin'] - $exec_timeout = 0 - $exec_provider = undef - $password_env = "\${password}" - $exec_user = $local_user - $local_user_home = $facts['docker_home_dirs'][$local_user] + $exec_path = ['/bin', '/usr/bin'] + $exec_timeout = 0 + $exec_provider = undef + $password_env = "\${password}" + $exec_user = $local_user + $local_user_home = $facts['docker_home_dirs'][$local_user] } if $ensure == 'present' { if $username != undef and $password != undef and $email != undef and $version != undef and $version =~ /1[.][1-9]0?/ { - $auth_cmd = "${docker_command} login -u '${username}' -p \"${password_env}\" -e '${email}' ${server}" + $auth_cmd = "${docker_command} login -u '${username}' -p \"${password_env}\" -e '${email}' ${server}" $auth_environment = "password=${password}" - } - elsif $username != undef and $password != undef { - $auth_cmd = "${docker_command} login -u '${username}' -p \"${password_env}\" ${server}" + } elsif $username != undef and $password != undef { + $auth_cmd = "${docker_command} login -u '${username}' -p \"${password_env}\" ${server}" $auth_environment = "password=${password}" - } - else { + } else { $auth_cmd = "${docker_command} login ${server}" $auth_environment = '' } - } - else { + } else { $auth_cmd = "${docker_command} logout ${server}" $auth_environment = '' } @@ -92,8 +88,7 @@ } if $receipt { - - if $::osfamily != 'windows' { + if $facts['os']['family'] != 'windows' { # server may be an URI, which can contain / $server_strip = regsubst($server, '/', '_', 'G') @@ -104,6 +99,7 @@ Undef => pw_hash($docker_auth, 'SHA-512', $local_user_strip), default => $pass_hash } + $_auth_command = "${auth_cmd} || rm -f \"/${local_user_home}/registry-auth-puppet_receipt_${server_strip}_${local_user}\"" file { "/${local_user_home}/registry-auth-puppet_receipt_${server_strip}_${local_user}": @@ -115,11 +111,9 @@ } } else { # server may be an URI, which can contain / - $server_strip = regsubst($server, '[/:]', '_', 'G') - $passfile = "${::docker_user_temp_path}/registry-auth-puppet_receipt_${server_strip}_${local_user}" -# lint:ignore:140chars - $_auth_command = "if (-not (${auth_cmd})) { Remove-Item -Path ${passfile} -Force -Recurse -EA SilentlyContinue; exit 0 } else { exit 0 }" -# lint:endignore + $server_strip = regsubst($server, '[/:]', '_', 'G') + $passfile = "${::docker_user_temp_path}/registry-auth-puppet_receipt_${server_strip}_${local_user}" + $_auth_command = "if (-not (${auth_cmd})) { Remove-Item -Path ${passfile} -Force -Recurse -EA SilentlyContinue; exit 0 } else { exit 0 }" # lint:ignore:140chars if $ensure == 'absent' { file { $passfile: @@ -137,8 +131,7 @@ } } } - } - else { + } else { $_auth_command = $auth_cmd } diff --git a/manifests/registry_auth.pp b/manifests/registry_auth.pp index af9a3b19..ab7319bf 100644 --- a/manifests/registry_auth.pp +++ b/manifests/registry_auth.pp @@ -1,4 +1,9 @@ -# docker::registry_auth -class docker::registry_auth($registries) { +# @summary +# +# @param registries +# +class docker::registry_auth( + $registries +) { create_resources(docker::registry, $registries) } diff --git a/manifests/repos.pp b/manifests/repos.pp index de042447..cda6470a 100644 --- a/manifests/repos.pp +++ b/manifests/repos.pp @@ -1,22 +1,28 @@ -# == Class: docker::repos +# @summary # +# @param location +# +# @param key_source +# +# @param key_check_source +# +# @param architecture # class docker::repos ( $location = $docker::package_location, $key_source = $docker::package_key_source, $key_check_source = $docker::package_key_check_source, - $architecture = $facts['architecture'], - ) { - + $architecture = $facts['os']['architecture'], +) { ensure_packages($docker::prerequired_packages) - case $::osfamily { + case $facts['os']['family'] { 'Debian': { - $release = $docker::release - $package_key = $docker::package_key + $release = $docker::release + $package_key = $docker::package_key $package_repos = $docker::package_repos - if ($docker::use_upstream_package_source) { + if ($docker::use_upstream_package_source) { apt::source { 'docker': location => $location, architecture => $architecture, @@ -30,34 +36,39 @@ src => false, }, } - $url_split = split($location, '/') - $repo_host = $url_split[2] + + $url_split = split($location, '/') + $repo_host = $url_split[2] $pin_ensure = $docker::pin_upstream_package_source ? { true => 'present', default => 'absent', } + apt::pin { 'docker': ensure => $pin_ensure, origin => $repo_host, priority => $docker::apt_source_pin_level, } + if $docker::manage_package { include apt - if $::operatingsystem == 'Debian' and $::lsbdistcodename == 'wheezy' { + + if $facts['os']['name'] == 'Debian' and $facts['os']['distro']['codename'] == 'wheezy' { include apt::backports } - Exec['apt_update'] -> Package[$docker::prerequired_packages] + + Exec['apt_update'] -> Package[$docker::prerequired_packages] Apt::Source['docker'] -> Package['docker'] } } } 'RedHat': { - if ($docker::manage_package) { - $baseurl = $location - $gpgkey = $key_source + $baseurl = $location + $gpgkey = $key_source $gpgkey_check = $key_check_source + if ($docker::use_upstream_package_source) { yumrepo { 'docker': descr => 'Docker', @@ -65,6 +76,7 @@ gpgkey => $gpgkey, gpgcheck => $gpgkey_check, } + Yumrepo['docker'] -> Package['docker'] } } diff --git a/manifests/run.pp b/manifests/run.pp index f714644a..2c9ac32d 100644 --- a/manifests/run.pp +++ b/manifests/run.pp @@ -1,10 +1,7 @@ -# == Define: docker:run +# @summary +# A define which manages a running docker container. # -# A define which manages a running docker container. -# -# == Parameters -# -# [*restart*] +# @param restart # Sets a restart policy on the docker run. # Note: If set, puppet will NOT setup an init script to manage, instead # it will do a raw docker run command using a CID file to track the container @@ -23,143 +20,233 @@ # This will allow the docker container to be restarted if it dies, without # puppet help. # -# [*service_prefix*] +# @param service_prefix # (optional) The name to prefix the startup script with and the Puppet # service resource title with. Default: 'docker-' # -# [*restart_service*] +# @param restart_service # (optional) Whether or not to restart the service if the the generated init # script changes. Default: true # -# [*restart_service_on_docker_refresh*] +# @param restart_service_on_docker_refresh # Whether or not to restart the service if the docker service is restarted. # Only has effect if the docker_service parameter is set. # Default: true # -# [*manage_service*] +# @param manage_service # (optional) Whether or not to create a puppet Service resource for the init # script. Disabling this may be useful if integrating with existing modules. # Default: true # -# [*docker_service*] +# @param docker_service # (optional) If (and how) the Docker service itself is managed by Puppet # true -> Service['docker'] # false -> no Service dependency # anything else -> Service[docker_service] # Default: false # -# [*health_check_cmd*] +# @param health_check_cmd # (optional) Specifies the command to execute to check that the container is healthy using the docker health check functionality. # Default: undef # -# [*health_check_interval*] +# @param health_check_interval # (optional) Specifies the interval that the health check command will execute in seconds. # Default: undef # -# [*restart_on_unhealthy*] +# @param restart_on_unhealthy # (optional) Checks the health status of Docker container and if it is unhealthy the service will be restarted. # The health_check_cmd parameter must be set to true to use this functionality. # Default: undef # -# [*net*] +# @param net # # The docker network to attach to a container. # Can be a String or Array (if using multiple networks) # Default: bridge # -# [*extra_parameters*] +# @param extra_parameters # An array of additional command line arguments to pass to the `docker run` # command. Useful for adding additional new or experimental options that the # module does not yet support. # -# [*systemd_restart*] +# @param systemd_restart # (optional) If the container is to be managed by a systemd unit file set the # Restart option on the unit file. Can be any valid value for this systemd # configuration. Most commonly used are on-failure or always. # Default: on-failure # -# [*custom_unless*] +# @param custom_unless # (optional) Specify an additional unless for the Docker run command when using restart. # Default: undef # -# [*after_create*] +# @param after_create # (optional) Specifies the command to execute after container is created but before it is started. # Default: undef # -# [*remain_after_exit*] +# @param remain_after_exit # (optional) If the container is to be managed by a systemd unit file set the # RemainAfterExit option on the unit file. Can be any valid value for this systemd # configuration. # Default: Not included in unit file # +# @param image +# +# @param ensure +# +# @param command +# +# @param memory_limit +# +# @param cpuset +# +# @param ports +# +# @param labels +# +# @param expose +# +# @param volumes +# +# @param links +# +# @param use_name +# +# @param running +# +# @param volumes_from +# +# @param username +# +# @param hostname +# +# @param env +# +# @param env_file +# +# @param dns +# +# @param dns_search +# +# @param lxc_conf +# +# @param service_provider +# +# @param disable_network +# +# @param privileged +# +# @param detach +# +# @param extra_systemd_parameters +# +# @param pull_on_start +# +# @param after +# +# @param after_service +# +# @param depends +# +# @param depend_services +# +# @param tty +# +# @param socket_connect +# +# @param hostentries +# +# @param before_start +# +# @param before_stop +# +# @param after_start +# +# @param after_stop +# +# @param remove_container_on_start +# +# @param remove_container_on_stop +# +# @param remove_volume_on_start +# +# @param remove_volume_on_stop +# +# @param stop_wait_time +# +# @param syslog_identifier +# +# @param read_only +# define docker::run( - Optional[Pattern[/^[\S]*$/]] $image, - Optional[Pattern[/^present$|^absent$/]] $ensure = 'present', - Optional[String] $command = undef, - Optional[Pattern[/^[\d]*(b|k|m|g)$/]] $memory_limit = '0b', - Variant[String,Array,Undef] $cpuset = [], - Variant[String,Array,Undef] $ports = [], - Variant[String,Array,Undef] $labels = [], - Variant[String,Array,Undef] $expose = [], - Variant[String,Array,Undef] $volumes = [], - Variant[String,Array,Undef] $links = [], - Optional[Boolean] $use_name = false, - Optional[Boolean] $running = true, - Variant[String,Array,Undef] $volumes_from = [], - Variant[String,Array] $net = 'bridge', - Variant[String,Boolean] $username = false, - Variant[String,Boolean] $hostname = false, - Variant[String,Array,Undef] $env = [], - Variant[String,Array,Undef] $env_file = [], - Variant[String,Array,Undef] $dns = [], - Variant[String,Array,Undef] $dns_search = [], - Variant[String,Array,Undef] $lxc_conf = [], - Optional[String] $service_prefix = 'docker-', - Optional[String] $service_provider = undef, - Optional[Boolean] $restart_service = true, - Optional[Boolean] $restart_service_on_docker_refresh = true, - Optional[Boolean] $manage_service = true, - Variant[String,Boolean] $docker_service = false, - Optional[Boolean] $disable_network = false, - Optional[Boolean] $privileged = false, - Optional[Boolean] $detach = undef, - Variant[String,Array[String],Undef] $extra_parameters = undef, - Optional[String] $systemd_restart = 'on-failure', - Variant[String,Hash,Undef] $extra_systemd_parameters = {}, - Optional[Boolean] $pull_on_start = false, - Variant[String,Array,Undef] $after = [], - Variant[String,Array,Undef] $after_service = [], - Variant[String,Array,Undef] $depends = [], - Variant[String,Array,Undef] $depend_services = ['docker.service'], - Optional[Boolean] $tty = false, - Variant[String,Array,Undef] $socket_connect = [], - Variant[String,Array,Undef] $hostentries = [], - Optional[String] $restart = undef, - Variant[String,Boolean] $before_start = false, - Variant[String,Boolean] $before_stop = false, - Variant[String,Boolean] $after_start = false, - Variant[String,Boolean] $after_stop = false, - Optional[String] $after_create = undef, - Optional[Boolean] $remove_container_on_start = true, - Optional[Boolean] $remove_container_on_stop = true, - Optional[Boolean] $remove_volume_on_start = false, - Optional[Boolean] $remove_volume_on_stop = false, - Optional[Integer] $stop_wait_time = 0, - Optional[String] $syslog_identifier = undef, - Optional[Boolean] $read_only = false, - Optional[String] $health_check_cmd = undef, - Optional[Boolean] $restart_on_unhealthy = false, - Optional[Integer] $health_check_interval = undef, - Variant[String,Array,Undef] $custom_unless = [], - Optional[String] $remain_after_exit = undef, + Optional[Pattern[/^[\S]*$/]] $image, + Optional[Enum[present,absent]] $ensure = 'present', + Optional[String] $command = undef, + Optional[Pattern[/^[\d]*(b|k|m|g)$/]] $memory_limit = '0b', + Variant[String,Array,Undef] $cpuset = [], + Variant[String,Array,Undef] $ports = [], + Variant[String,Array,Undef] $labels = [], + Variant[String,Array,Undef] $expose = [], + Variant[String,Array,Undef] $volumes = [], + Variant[String,Array,Undef] $links = [], + Optional[Boolean] $use_name = false, + Optional[Boolean] $running = true, + Optional[Variant[String,Array]] $volumes_from = [], + Variant[String,Array] $net = 'bridge', + Variant[String,Boolean] $username = false, + Variant[String,Boolean] $hostname = false, + Optional[Variant[String,Array]] $env = [], + Optional[Variant[String,Array]] $env_file = [], + Optional[Variant[String,Array]] $dns = [], + Optional[Variant[String,Array]] $dns_search = [], + Optional[Variant[String,Array]] $lxc_conf = [], + Optional[String] $service_prefix = 'docker-', + Optional[String] $service_provider = undef, + Optional[Boolean] $restart_service = true, + Optional[Boolean] $restart_service_on_docker_refresh = true, + Optional[Boolean] $manage_service = true, + Variant[String,Boolean] $docker_service = false, + Optional[Boolean] $disable_network = false, + Optional[Boolean] $privileged = false, + Optional[Boolean] $detach = undef, + Optional[Variant[String,Array[String]]] $extra_parameters = undef, + Optional[String] $systemd_restart = 'on-failure', + Optional[Variant[String,Hash]] $extra_systemd_parameters = {}, + Optional[Boolean] $pull_on_start = false, + Optional[Variant[String,Array]] $after = [], + Optional[Variant[String,Array]] $after_service = [], + Optional[Variant[String,Array]] $depends = [], + Optional[Variant[String,Array]] $depend_services = ['docker.service'], + Optional[Boolean] $tty = false, + Optional[Variant[String,Array]] $socket_connect = [], + Optional[Variant[String,Array]] $hostentries = [], + Optional[String] $restart = undef, + Variant[String,Boolean] $before_start = false, + Variant[String,Boolean] $before_stop = false, + Variant[String,Boolean] $after_start = false, + Variant[String,Boolean] $after_stop = false, + Optional[String] $after_create = undef, + Optional[Boolean] $remove_container_on_start = true, + Optional[Boolean] $remove_container_on_stop = true, + Optional[Boolean] $remove_volume_on_start = false, + Optional[Boolean] $remove_volume_on_stop = false, + Optional[Integer] $stop_wait_time = 0, + Optional[String] $syslog_identifier = undef, + Optional[Boolean] $read_only = false, + Optional[String] $health_check_cmd = undef, + Optional[Boolean] $restart_on_unhealthy = false, + Optional[Integer] $health_check_interval = undef, + Optional[Variant[String,Array]] $custom_unless = [], + Optional[String] $remain_after_exit = undef, ) { include docker::params + if ($socket_connect != []) { $sockopts = join(any2array($socket_connect), ',') $docker_command = "${docker::params::docker_command} -H ${sockopts}" - }else { + } else { $docker_command = $docker::params::docker_command } + $service_name = $docker::service_name $docker_group = $docker::docker_group @@ -201,75 +288,72 @@ } $extra_parameters_array = any2array($extra_parameters) - $after_array = any2array($after) - $depends_array = any2array($depends) - $depend_services_array = any2array($depend_services) - - $docker_run_flags = docker_run_flags({ - cpuset => any2array($cpuset), - disable_network => $disable_network, - dns => any2array($dns), - dns_search => any2array($dns_search), - env => any2array($env), - env_file => any2array($env_file), - expose => any2array($expose), - extra_params => any2array($extra_parameters), - hostentries => any2array($hostentries), - hostname => $hostname, - links => any2array($links), - lxc_conf => any2array($lxc_conf), - memory_limit => $memory_limit, - net => $net, - ports => any2array($ports), - labels => any2array($labels), - privileged => $privileged, - socket_connect => any2array($socket_connect), - tty => $tty, - username => $username, - volumes => any2array($volumes), - volumes_from => any2array($volumes_from), - read_only => $read_only, - health_check_cmd => $health_check_cmd, - restart_on_unhealthy => $restart_on_unhealthy, - health_check_interval => $health_check_interval, - osfamily => $::osfamily, - }) + $after_array = any2array($after) + $depends_array = any2array($depends) + $depend_services_array = any2array($depend_services) + + $docker_run_flags = docker_run_flags( + { + cpuset => any2array($cpuset), + disable_network => $disable_network, + dns => any2array($dns), + dns_search => any2array($dns_search), + env => any2array($env), + env_file => any2array($env_file), + expose => any2array($expose), + extra_params => any2array($extra_parameters), + hostentries => any2array($hostentries), + hostname => $hostname, + links => any2array($links), + lxc_conf => any2array($lxc_conf), + memory_limit => $memory_limit, + net => $net, + ports => any2array($ports), + labels => any2array($labels), + privileged => $privileged, + socket_connect => any2array($socket_connect), + tty => $tty, + username => $username, + volumes => any2array($volumes), + volumes_from => any2array($volumes_from), + read_only => $read_only, + health_check_cmd => $health_check_cmd, + restart_on_unhealthy => $restart_on_unhealthy, + health_check_interval => $health_check_interval, + osfamily => $facts['os']['family'], + } + ) $sanitised_title = docker::sanitised_name($title) + if empty($depends_array) { $sanitised_depends_array = [] - } - else { + } else { $sanitised_depends_array = docker::sanitised_name($depends_array) } if empty($after_array) { $sanitised_after_array = [] - } - else { + } else { $sanitised_after_array = docker::sanitised_name($after_array) } - if $::osfamily == 'windows' { - $exec_environment = "PATH=${::docker_program_files_path}/Docker/;${::docker_systemroot}/System32/" - $exec_timeout = 3000 - $exec_path = ["${::docker_program_files_path}/Docker/"] - $exec_provider = 'powershell' - $cidfile = "${::docker_user_temp_path}/${service_prefix}${sanitised_title}.cid" -# lint:ignore:140chars - $restart_check = "${docker_command} inspect ${sanitised_title} -f '{{ if eq \\\"unhealthy\\\" .State.Health.Status }} {{ .Name }}{{ end }}' | findstr ${sanitised_title}" - $container_running_check = "\$state = ${docker_command} inspect ${sanitised_title} -f \"{{ .State.Running }}\"; if (\$state -ieq \"true\") { Exit 0 } else { Exit 1 }" -# lint:endignore + if $facts['os']['family'] == 'windows' { + $exec_environment = "PATH=${::docker_program_files_path}/Docker/;${::docker_systemroot}/System32/" + $exec_timeout = 3000 + $exec_path = ["${::docker_program_files_path}/Docker/"] + $exec_provider = 'powershell' + $cidfile = "${::docker_user_temp_path}/${service_prefix}${sanitised_title}.cid" + $restart_check = "${docker_command} inspect ${sanitised_title} -f '{{ if eq \\\"unhealthy\\\" .State.Health.Status }} {{ .Name }}{{ end }}' | findstr ${sanitised_title}" # lint:ignore:140chars + $container_running_check = "\$state = ${docker_command} inspect ${sanitised_title} -f \"{{ .State.Running }}\"; if (\$state -ieq \"true\") { Exit 0 } else { Exit 1 }" # lint:ignore:140chars } else { - $exec_environment = 'HOME=/root' - $exec_path = ['/bin', '/usr/bin'] - $exec_timeout = 0 - $exec_provider = undef - $cidfile = "/var/run/${service_prefix}${sanitised_title}.cid" -# lint:ignore:140chars - $restart_check = "${docker_command} inspect ${sanitised_title} -f '{{ if eq \"unhealthy\" .State.Health.Status }} {{ .Name }}{{ end }}' | grep ${sanitised_title}" - $container_running_check = "${docker_command} inspect ${sanitised_title} -f \"{{ .State.Running }}\" | grep true" -# lint:endignore + $exec_environment = 'HOME=/root' + $exec_path = ['/bin', '/usr/bin'] + $exec_timeout = 0 + $exec_provider = undef + $cidfile = "/var/run/${service_prefix}${sanitised_title}.cid" + $restart_check = "${docker_command} inspect ${sanitised_title} -f '{{ if eq \"unhealthy\" .State.Health.Status }} {{ .Name }}{{ end }}' | grep ${sanitised_title}" # lint:ignore:140chars + $container_running_check = "${docker_command} inspect ${sanitised_title} -f \"{{ .State.Running }}\" | grep true" # lint:ignore:140chars } if $restart_on_unhealthy { @@ -279,7 +363,7 @@ environment => $exec_environment, path => $exec_path, provider => $exec_provider, - timeout => $exec_timeout + timeout => $exec_timeout, } } @@ -291,7 +375,7 @@ environment => $exec_environment, path => $exec_path, provider => $exec_provider, - timeout => $exec_timeout + timeout => $exec_timeout, } exec { "remove ${title} with docker": @@ -300,32 +384,34 @@ environment => $exec_environment, path => $exec_path, provider => $exec_provider, - timeout => $exec_timeout + timeout => $exec_timeout, } file { $cidfile: ensure => absent, } - } - else { + } else { $run_with_docker_command = [ "${docker_command} run -d ${docker_run_flags}", "--name ${sanitised_title} --cidfile=${cidfile}", "--restart=\"${restart}\" ${image} ${command}", ] - $inspect = ["${docker_command} inspect ${sanitised_title}"] + + $inspect = [ "${docker_command} inspect ${sanitised_title}", ] + if $custom_unless { $exec_unless = concat($custom_unless, $inspect) } else { $exec_unless = $inspect } + exec { "run ${title} with docker": command => join($run_with_docker_command, ' '), unless => $exec_unless, environment => $exec_environment, path => $exec_path, provider => $exec_provider, - timeout => $exec_timeout + timeout => $exec_timeout, } if $running == false { @@ -335,7 +421,7 @@ environment => $exec_environment, path => $exec_path, provider => $exec_provider, - timeout => $exec_timeout + timeout => $exec_timeout, } } else { exec { "start ${title} with docker": @@ -344,36 +430,35 @@ environment => $exec_environment, path => $exec_path, provider => $exec_provider, - timeout => $exec_timeout + timeout => $exec_timeout, } } } } else { - $docker_run_inline_start = template('docker/docker-run-start.erb') - $docker_run_inline_stop = template('docker/docker-run-stop.erb') + $docker_run_inline_stop = template('docker/docker-run-stop.erb') case $service_provider_real { 'systemd': { - $initscript = "/etc/systemd/system/${service_prefix}${sanitised_title}.service" - $startscript = "/usr/local/bin/docker-run-${sanitised_title}-start.sh" - $stopscript = "/usr/local/bin/docker-run-${sanitised_title}-stop.sh" + $initscript = "/etc/systemd/system/${service_prefix}${sanitised_title}.service" + $startscript = "/usr/local/bin/docker-run-${sanitised_title}-start.sh" + $stopscript = "/usr/local/bin/docker-run-${sanitised_title}-stop.sh" $startstop_template = 'docker/usr/local/bin/docker-run.sh.epp' - $init_template = 'docker/etc/systemd/system/docker-run.erb' - $mode = '0644' - $hasstatus = true + $init_template = 'docker/etc/systemd/system/docker-run.erb' + $mode = '0644' + $hasstatus = true } 'upstart': { - $initscript = "/etc/init.d/${service_prefix}${sanitised_title}" - $init_template = 'docker/etc/init.d/docker-run.erb' - $mode = '0750' - $startscript = undef - $stopscript = undef + $initscript = "/etc/init.d/${service_prefix}${sanitised_title}" + $init_template = 'docker/etc/init.d/docker-run.erb' + $mode = '0750' + $startscript = undef + $stopscript = undef $startstop_template = undef - $hasstatus = true + $hasstatus = true } default: { - if $::osfamily != 'windows' { + if $facts['os']['family'] != 'windows' { fail(translate('Docker needs a Debian or RedHat based system.')) } elsif $ensure == 'present' { @@ -391,16 +476,15 @@ } if $ensure == 'absent' { - if $::osfamily == 'windows'{ - exec { - "stop container ${service_prefix}${sanitised_title}": + if $facts['os']['family'] == 'windows'{ + exec { "stop container ${service_prefix}${sanitised_title}": command => "${docker_command} stop --time=${stop_wait_time} ${sanitised_title}", onlyif => "${docker_command} inspect ${sanitised_title}", environment => $exec_environment, path => $exec_path, provider => $exec_provider, timeout => $exec_timeout, - notify => Exec["remove container ${service_prefix}${sanitised_title}"] + notify => Exec["remove container ${service_prefix}${sanitised_title}"], } } else { @@ -411,60 +495,59 @@ provider => $service_provider_real, } } - exec { - "remove container ${service_prefix}${sanitised_title}": + exec { "remove container ${service_prefix}${sanitised_title}": command => "${docker_command} rm -v ${sanitised_title}", onlyif => "${docker_command} inspect ${sanitised_title}", environment => $exec_environment, path => $exec_path, refreshonly => true, provider => $exec_provider, - timeout => $exec_timeout + timeout => $exec_timeout, } - if $::osfamily != 'windows' { + + if $facts['os']['family'] != 'windows' { file { "/etc/systemd/system/${service_prefix}${sanitised_title}.service": ensure => absent, - path => "/etc/systemd/system/${service_prefix}${sanitised_title}.service", } + if ($startscript) { file { $startscript: - ensure => absent + ensure => absent, } } + if ($stopscript) { file { $stopscript: - ensure => absent + ensure => absent, } } - } - else { + } else { file { $cidfile: ensure => absent, } } - } - else { + } else { if ($startscript) { file { $startscript: - ensure => present, + ensure => file, content => epp($startstop_template, {'script' => $docker_run_inline_start}), owner => 'root', group => $docker_group, - mode => '0770' + mode => '0770', } } if ($stopscript) { file { $stopscript: - ensure => present, + ensure => file, content => epp($startstop_template, {'script' => $docker_run_inline_stop}), owner => 'root', group => $docker_group, - mode => '0770' + mode => '0770', } } file { $initscript: - ensure => present, + ensure => file, content => template($init_template), owner => 'root', group => $docker_group, @@ -479,8 +562,7 @@ hasstatus => $hasstatus, require => File[$initscript], } - } - else { + } else { # Transition help from moving from CID based container detection to # Name-based container detection. See #222 for context. # This code should be considered temporary until most people have @@ -492,6 +574,7 @@ "/usr/bin/test -f /var/run/docker-${sanitised_title}.cid &&", "/usr/bin/test -f /etc/init.d/${service_prefix}${sanitised_title}", ] + exec { "/bin/sh /etc/init.d/${service_prefix}${sanitised_title} stop": onlyif => join($transition_onlyif, ' '), require => [], @@ -514,11 +597,13 @@ if $docker_service { if $docker_service == true { Service['docker'] -> Service["${service_prefix}${sanitised_title}"] + if $restart_service_on_docker_refresh == true { Service['docker'] ~> Service["${service_prefix}${sanitised_title}"] } } else { Service[$docker_service] -> Service["${service_prefix}${sanitised_title}"] + if $restart_service_on_docker_refresh == true { Service[$docker_service] ~> Service["${service_prefix}${sanitised_title}"] } @@ -530,26 +615,35 @@ path => ['/bin/', '/sbin/', '/usr/bin/', '/usr/sbin/'], command => 'systemctl daemon-reload', refreshonly => true, - require => [File[$initscript],File[$startscript],File[$stopscript]], - subscribe => [File[$initscript],File[$startscript],File[$stopscript]] + require => [ + File[$initscript], + File[$startscript], + File[$stopscript], + ], + subscribe => [ + File[$initscript], + File[$startscript], + File[$stopscript], + ], } - Exec["docker-${sanitised_title}-systemd-reload"] -> Service<| title == "${service_prefix}${sanitised_title}" |> + + Exec["docker-${sanitised_title}-systemd-reload"] -> Service <| title == "${service_prefix}${sanitised_title}" |> } if $restart_service { if $startscript or $stopscript { - [File[$initscript],File[$startscript],File[$stopscript]] ~> Service<| title == "${service_prefix}${sanitised_title}" |> + [ File[$initscript], File[$startscript], File[$stopscript], ] ~> Service <| title == "${service_prefix}${sanitised_title}" |> } else { - [File[$initscript]] ~> Service<| title == "${service_prefix}${sanitised_title}" |> + [ File[$initscript], ] ~> Service <| title == "${service_prefix}${sanitised_title}" |> } } else { if $startscript or $stopscript { - [File[$initscript],File[$startscript],File[$stopscript]] -> Service<| title == "${service_prefix}${sanitised_title}" |> + [ File[$initscript], File[$startscript], File[$stopscript], ] -> Service <| title == "${service_prefix}${sanitised_title}" |> } else { - [File[$initscript]] -> Service<| title == "${service_prefix}${sanitised_title}" |> + [ File[$initscript], ] -> Service <| title == "${service_prefix}${sanitised_title}" |> } } } diff --git a/manifests/run_instance.pp b/manifests/run_instance.pp index c4aa1a73..5f1b8314 100644 --- a/manifests/run_instance.pp +++ b/manifests/run_instance.pp @@ -1,4 +1,9 @@ -# docker::run_instance -class docker::run_instance($instance) { +# @summary +# +# @param instance +# +class docker::run_instance( + $instance +) { create_resources(docker::run, $instance) } diff --git a/manifests/secrets.pp b/manifests/secrets.pp index c4655744..34495ae8 100644 --- a/manifests/secrets.pp +++ b/manifests/secrets.pp @@ -1,38 +1,48 @@ - # == Define: docker::secrets +# @summary +# +# @param ensure +# +# @param label +# +# @param secret_name +# +# @param secret_path +# define docker::secrets ( - - Optional[Pattern[/^present$|^absent$/]] $ensure = 'present', - Variant[String,Array,Undef] $label = [], - Optional[String] $secret_name = undef, - Optional[String] $secret_path = undef, -){ + Optional[Enum[present,absent]] $ensure = 'present', + Optional[Variant[String,Array]] $label = [], + Optional[String] $secret_name = undef, + Optional[String] $secret_path = undef, +) { include docker::params $docker_command = "${docker::params::docker_command} secret" + if $ensure == 'present'{ - $docker_secrets_flags = docker_secrets_flags ({ - ensure => $ensure, - label => $label, - secret_name => $secret_name, - secret_path => $secret_path, - }) + $docker_secrets_flags = docker_secrets_flags( + { + ensure => $ensure, + label => $label, + secret_name => $secret_name, + secret_path => $secret_path, + } + ) - $exec_secret = "${docker_command} ${docker_secrets_flags}" + $exec_secret = "${docker_command} ${docker_secrets_flags}" $unless_secret = "${docker_command} inspect ${secret_name}" exec { "${title} docker secret create": command => $exec_secret, unless => $unless_secret, - path => ['/bin', '/usr/bin'], + path => [ '/bin', '/usr/bin', ], } } - if $ensure == 'absent'{ - + if $ensure == 'absent' { exec { "${title} docker secret rm": command => "${docker_command} rm ${secret_name}", onlyif => "${docker_command} inspect ${secret_name}", - path => ['/bin', '/usr/bin'], + path => [ '/bin', '/usr/bin', ], } } } diff --git a/manifests/service.pp b/manifests/service.pp index 0e2f4467..0cee85c1 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -1,41 +1,182 @@ -# == Class: docker::service +# @summary manage the docker service daemon # -# Class to manage the docker service daemon -# -# === Parameters -# [*tcp_bind*] +# @param tcp_bind # Which tcp port, if any, to bind the docker service to. # -# [*ip_forward*] +# @param ip_forward # This flag interacts with the IP forwarding setting on # your host system's kernel # -# [*iptables*] +# @param iptables # Enable Docker's addition of iptables rules # -# [*ip_masq*] +# @param ip_masq # Enable IP masquerading for bridge's IP range. # -# [*socket_bind*] +# @param socket_bind # Which local unix socket to bind the docker service to. # -# [*socket_group*] +# @param socket_group # Which local unix socket to bind the docker service to. # -# [*root_dir*] +# @param root_dir # Specify a non-standard root directory for docker. # -# [*extra_parameters*] +# @param extra_parameters # Plain additional parameters to pass to the docker daemon # -# [*shell_values*] +# @param shell_values # Array of shell values to pass into init script config files # -# [*manage_service*] +# @param manage_service # Specify whether the service should be managed. # Valid values are 'true', 'false'. # Defaults to 'true'. # +# @param docker_command +# +# @param docker_start_command +# +# @param service_name +# +# @param icc +# +# @param bridge +# +# @param fixed_cidr +# +# @param default_gateway +# +# @param ipv6 +# +# @param ipv6_cidr +# +# @param default_gateway_ipv6 +# +# @param log_level +# +# @param log_driver +# +# @param log_opt +# +# @param selinux_enabled +# +# @param labels +# +# @param dns +# +# @param dns_search +# +# @param service_state +# +# @param service_enable +# +# @param proxy +# +# @param no_proxy +# +# @param execdriver +# +# @param bip +# +# @param mtu +# +# @param storage_driver +# +# @param dm_basesize +# +# @param dm_fs +# +# @param dm_mkfsarg +# +# @param dm_mountopt +# +# @param dm_blocksize +# +# @param dm_loopdatasize +# +# @param dm_loopmetadatasize +# +# @param dm_datadev +# +# @param dm_metadatadev +# +# @param tmp_dir_config +# +# @param tmp_dir +# +# @param dm_thinpooldev +# +# @param dm_use_deferred_removal +# +# @param dm_use_deferred_deletion +# +# @param dm_blkdiscard +# +# @param dm_override_udev_sync_check +# +# @param overlay2_override_kernel_check +# +# @param storage_devs +# +# @param storage_vg +# +# @param storage_root_size +# +# @param storage_data_size +# +# @param storage_min_data_size +# +# @param storage_chunk_size +# +# @param storage_growpart +# +# @param storage_auto_extend_pool +# +# @param storage_pool_autoextend_threshold +# +# @param storage_pool_autoextend_percent +# +# @param storage_config +# +# @param storage_config_template +# +# @param storage_setup_file +# +# @param service_provider +# +# @param service_config +# +# @param service_config_template +# +# @param service_overrides_template +# +# @param socket_overrides_template +# +# @param socket_override +# +# @param service_after_override +# +# @param service_hasstatus +# +# @param service_hasrestart +# +# @param daemon_environment_files +# +# @param tls_enable +# +# @param tls_verify +# +# @param tls_cacert +# +# @param tls_cert +# +# @param tls_key +# +# @param registry_mirror +# +# @param root_dir_flag +# class docker::service ( $docker_command = $docker::docker_command, $docker_start_command = $docker::docker_start_command, @@ -120,22 +261,21 @@ $registry_mirror = $docker::registry_mirror, $root_dir_flag = $docker::root_dir_flag, ) { - - unless $::osfamily =~ /(Debian|RedHat|windows)/ or $::docker::acknowledge_unsupported_os { + unless $facts['os']['family'] =~ /(Debian|RedHat|windows)/ or $::docker::acknowledge_unsupported_os { fail(translate('The docker::service class needs a Debian, Redhat or Windows based system.')) } - $dns_array = any2array($dns) - $dns_search_array = any2array($dns_search) - $labels_array = any2array($labels) + $dns_array = any2array($dns) + $dns_search_array = any2array($dns_search) + $labels_array = any2array($labels) $extra_parameters_array = any2array($extra_parameters) - $shell_values_array = any2array($shell_values) - $tcp_bind_array = any2array($tcp_bind) + $shell_values_array = any2array($shell_values) + $tcp_bind_array = any2array($tcp_bind) if $service_config != undef { $_service_config = $service_config } else { - if $::osfamily == 'Debian' { + if $facts['os']['family'] == 'Debian' { $_service_config = "/etc/default/${service_name}" } else { $_service_config = undef @@ -147,18 +287,26 @@ default => [], } - if $::osfamily == 'RedHat' { + if $facts['os']['family'] == 'RedHat' { file { $storage_setup_file: - ensure => present, + ensure => file, force => true, content => template('docker/etc/sysconfig/docker-storage-setup.erb'), before => $_manage_service, notify => $_manage_service, } } - if $::osfamily == 'windows' { - file { ["${::docker_program_data_path}/docker/", "${::docker_program_data_path}/docker/config/"]: - ensure => directory, + + if $facts['os']['family'] == 'windows' { + $dirs = [ + "${::docker_program_data_path}/docker/", + "${::docker_program_data_path}/docker/config/", + ] + + $dirs.each |$dir| { + file { $dir: + ensure => directory, + } } } @@ -170,7 +318,7 @@ if $service_overrides_template { file { '/etc/systemd/system/docker.service.d/service-overrides.conf': - ensure => 'present', + ensure => file, content => template($service_overrides_template), notify => Exec['docker-systemd-reload-before-service'], before => $_manage_service, @@ -183,7 +331,7 @@ } file { '/etc/systemd/system/docker.socket.d/socket-overrides.conf': - ensure => 'present', + ensure => file, content => template($socket_overrides_template), notify => Exec['docker-systemd-reload-before-service'], before => $_manage_service, @@ -191,7 +339,7 @@ } exec { 'docker-systemd-reload-before-service': - path => ['/bin/', '/sbin/', '/usr/bin/', '/usr/sbin/'], + path => [ '/bin/', '/sbin/', '/usr/bin/', '/usr/sbin/', ], command => 'systemctl daemon-reload > /dev/null', notify => $_manage_service, refreshonly => true, @@ -210,7 +358,7 @@ if $storage_config { file { $storage_config: - ensure => present, + ensure => file, force => true, content => template($storage_config_template), notify => $_manage_service, @@ -219,7 +367,7 @@ if $_service_config { file { $_service_config: - ensure => present, + ensure => file, force => true, content => template($service_config_template), notify => $_manage_service, @@ -227,7 +375,7 @@ } if $manage_service { - if $::osfamily == 'windows' { + if $facts['os']['family'] == 'windows' { reboot { 'pending_reboot': when => 'pending', onlyif => 'component_based_servicing', diff --git a/manifests/services.pp b/manifests/services.pp index b6ea3c3c..5d8f7515 100644 --- a/manifests/services.pp +++ b/manifests/services.pp @@ -1,107 +1,90 @@ -# == Define: docker::services +# @summary define that managers a Docker services # -# A define that managers a Docker services -# -# == Paramaters -# -# [*ensure*] +# @param ensure # This ensures that the service is present or not. -# Defaults to present # -# [*image*] +# @param image # The Docker image to spwan the service from. -# Defualts to undef # -# [*detach*] +# @param detach # Exit immediately instead of waiting for the service to converge (default true) -# Defaults to true # -# [*env*] +# @param env # Set environment variables -# Defaults to [] # -# [*label*] +# @param label # Service labels. # This used as metdata to configure constraints etc. -# Defaults to [] # -# [*publish*] +# @param publish # Publish port(s) as node ports. -# Defaults to undef # -# [*replicas*] +# @param replicas # Number of tasks (containers per service) -# defaults to undef # -# [*tty*] +# @param tty # Allocate a pseudo-TTY -# Defaults to false # -# [*user*] +# @param user # Username or UID (format: [:]) -# Defaults to undef # -# [*workdir*] +# @param workdir # Working directory inside the container -# Defaults to false # -# [*extra_params*] +# @param extra_params # Allows you to pass any other flag that the Docker service create supports. # This must be passed as an array. See docker service create --help for all options -# defaults to [] # -# [*update*] +# @param update # This changes the docker command to # docker service update, you must pass a service name with this option # -# [*scale*] +# @param scale # This changes the docker command to # docker service scale, this can only be used with service name and # replicas # -# [*host_socket*] +# @param host_socket # This will allow the service to connect to the host linux socket. -# defaults to undef # -# [*registry_mirror*] +# @param registry_mirror # This will allow the service to set a registry mirror. -# defaults to undef # -# [*mounts*] +# @param mounts # Allows attaching filesystem mounts to the service (specified as an array) -# defaults to [] # -# [*networks*] +# @param networks # Allows attaching the service to networks (specified as an array) -# defaults to [] # -# [*command*] +# @param command # Command to run on the container # - +# @param create +# +# @param service_name +# define docker::services( - Optional[Pattern[/^present$|^absent$/]] $ensure = 'present', - Optional[Boolean] $create = true, - Optional[Boolean] $update = false, - Optional[Boolean] $scale = false, - Optional[Boolean] $detach = true, - Optional[Boolean] $tty = false, - Optional[Array] $env = [], - Optional[Array] $label = [], - Optional[Array] $extra_params = [], - Variant[String,Array,Undef] $image = undef, - Variant[String,Array,Undef] $service_name = undef, - Variant[String,Array,Undef] $publish = undef, - Variant[String,Array,Undef] $replicas = undef, - Variant[String,Array,Undef] $user = undef, - Variant[String,Array,Undef] $workdir = undef, - Variant[String,Array,Undef] $host_socket = undef, - Variant[String,Array,Undef] $registry_mirror = undef, - Variant[String,Array,Undef] $mounts = undef, - Variant[Array,Undef] $networks = undef, - Variant[String,Array,Undef] $command = undef, -){ - + Optional[Enum[present,absent]] $ensure = 'present', + Optional[Boolean] $create = true, + Optional[Boolean] $update = false, + Optional[Boolean] $scale = false, + Optional[Boolean] $detach = true, + Optional[Boolean] $tty = false, + Optional[Array] $env = [], + Optional[Array] $label = [], + Optional[Array] $extra_params = [], + Optional[Variant[String,Array]] $image = undef, + Optional[Variant[String,Array]] $service_name = undef, + Optional[Variant[String,Array]] $publish = undef, + Optional[Variant[String,Array]] $replicas = undef, + Optional[Variant[String,Array]] $user = undef, + Optional[Variant[String,Array]] $workdir = undef, + Optional[Variant[String,Array]] $host_socket = undef, + Optional[Variant[String,Array]] $registry_mirror = undef, + Optional[Variant[String,Array]] $mounts = undef, + Optional[Array] $networks = undef, + Optional[Variant[String,Array]] $command = undef, +) { include docker::params $docker_command = "${docker::params::docker_command} service" @@ -110,44 +93,46 @@ if $update { fail(translate('When removing a service you can not update it.')) } + if $scale { fail(translate('When removing a service you can not update it.')) } } - if $::osfamily == 'windows' { - $exec_timeout = 3000 - $exec_path = ["${::docker_program_files_path}/Docker/"] + if $facts['os']['family'] == 'windows' { + $exec_timeout = 3000 + $exec_path = [ "${::docker_program_files_path}/Docker/", ] $exec_provider = 'powershell' } else { $exec_environment = 'HOME=/root' - $exec_path = ['/bin', '/usr/bin'] - $exec_timeout = 0 - $exec_provider = undef + $exec_path = [ '/bin', '/usr/bin', ] + $exec_timeout = 0 + $exec_provider = undef } - if $create { - $docker_service_create_flags = docker_service_flags({ - detach => $detach, - env => any2array($env), - service_name => $service_name, - label => any2array($label), - publish => $publish, - replicas => $replicas, - tty => $tty, - user => $user, - workdir => $workdir, - extra_params => any2array($extra_params), - image => $image, - host_socket => $host_socket, - registry_mirror => $registry_mirror, - mounts => $mounts, - networks => $networks, - command => $command, - }) - - $exec_create = "${docker_command} create --name ${docker_service_create_flags}" + $docker_service_create_flags = docker_service_flags( + { + detach => $detach, + env => any2array($env), + service_name => $service_name, + label => any2array($label), + publish => $publish, + replicas => $replicas, + tty => $tty, + user => $user, + workdir => $workdir, + extra_params => any2array($extra_params), + image => $image, + host_socket => $host_socket, + registry_mirror => $registry_mirror, + mounts => $mounts, + networks => $networks, + command => $command, + } + ) + + $exec_create = "${docker_command} create --name ${docker_service_create_flags}" $unless_create = "docker service ps ${service_name}" exec { "${title} docker service create": @@ -161,21 +146,23 @@ } if $update { - $docker_service_flags = docker_service_flags({ - detach => $detach, - env => any2array($env), - service_name => $service_name, - label => any2array($label), - publish => $publish, - replicas => $replicas, - tty => $tty, - user => $user, - workdir => $workdir, - extra_params => any2array($extra_params), - image => $image, - host_socket => $host_socket, - registry_mirror => $registry_mirror, - }) + $docker_service_flags = docker_service_flags( + { + detach => $detach, + env => any2array($env), + service_name => $service_name, + label => any2array($label), + publish => $publish, + replicas => $replicas, + tty => $tty, + user => $user, + workdir => $workdir, + extra_params => any2array($extra_params), + image => $image, + host_socket => $host_socket, + registry_mirror => $registry_mirror, + } + ) $exec_update = "${docker_command} update ${docker_service_flags}" @@ -189,11 +176,13 @@ } if $scale { - $docker_service_flags = docker_service_flags({ - service_name => $service_name, - replicas => $replicas, - extra_params => any2array($extra_params), - }) + $docker_service_flags = docker_service_flags( + { + service_name => $service_name, + replicas => $replicas, + extra_params => any2array($extra_params), + } + ) $exec_scale = "${docker_command} scale ${service_name}=${replicas}" diff --git a/manifests/stack.pp b/manifests/stack.pp index cdcfbfe6..3c5fdee9 100644 --- a/manifests/stack.pp +++ b/manifests/stack.pp @@ -1,77 +1,64 @@ -# == Define: docker::stack +# @summary +# deploys Docker stacks or compose v3 # -# A define that deploys Docker stacks or compose v3 -# -# == Paramaters -# -# [*ensure*] +# @param ensure # This ensures that the stack is present or not. -# Defaults to present # -# [*stack_name*] +# @param stack_name # The name of the stack that you are deploying -# Defaults to undef # -# [*bundle_file*] +# @param bundle_file # Path to a Distributed Application Bundle file # Please note this is experimental -# Defaults to undef -# -# [*compose_file*] -# Path to a Compose file -# Defaults to undef # -# [*prune*] +# @param prune # Prune services that are no longer referenced -# Defaults to undef # -# [*resolve_image*] +# @param resolve_image # Query the registry to resolve image digest and supported platforms # Only accepts ("always"|"changed"|"never") -# Defaults to undef # -# [*with_registry_auth*] +# @param with_registry_auth # Send registry authentication details to Swarm agents -# Defaults to undef - +# +# @param compose_files define docker::stack( - - Optional[Pattern[/^present$|^absent$/]] $ensure = 'present', - Optional[String] $stack_name = undef, - Optional[String] $bundle_file = undef, - Optional[Array] $compose_files = undef, - Optional[Boolean] $prune = false, - Optional[Boolean] $with_registry_auth = false, - Optional[Pattern[/^always$|^changed$|^never$/]] $resolve_image = undef, -){ - + Optional[Enum[present,absent]] $ensure = 'present', + Optional[String] $stack_name = undef, + Optional[String] $bundle_file = undef, + Optional[Array] $compose_files = undef, + Optional[Boolean] $prune = false, + Optional[Boolean] $with_registry_auth = false, + Optional[Enum['always','changed','never']] $resolve_image = undef, +) { include docker::params deprecation('docker::stack','The docker stack define type will be deprecated in a future release. Please migrate to the docker_stack type/provider.') - $docker_command = "${docker::params::docker_command} stack" - if $::osfamily == 'windows' { - $exec_path = ['C:/Program Files/Docker/'] + if $facts['os']['family'] == 'windows' { + $exec_path = [ 'C:/Program Files/Docker/', ] $check_stack = '$info = docker stack ls | select-string -pattern web if ($info -eq $null) { Exit 1 } else { Exit 0 }' - $provider = 'powershell' + $provider = 'powershell' } else { - $exec_path = ['/bin', '/usr/bin'] + $exec_path = [ '/bin', '/usr/bin', ] $check_stack = "${docker_command} ls | grep ${stack_name}" - $provider = undef + $provider = undef } - if $ensure == 'present'{ - $docker_stack_flags = docker_stack_flags ({ - stack_name => $stack_name, - bundle_file => $bundle_file, - compose_files => $compose_files, - prune => $prune, - with_registry_auth => $with_registry_auth, - resolve_image => $resolve_image, - }) + if $ensure == 'present' { + $docker_stack_flags = docker_stack_flags ( + { + stack_name => $stack_name, + bundle_file => $bundle_file, + compose_files => $compose_files, + prune => $prune, + with_registry_auth => $with_registry_auth, + resolve_image => $resolve_image, + } + ) $exec_stack = "${docker_command} deploy ${docker_stack_flags} ${stack_name}" @@ -83,8 +70,7 @@ } } - if $ensure == 'absent'{ - + if $ensure == 'absent' { exec { "docker stack destroy ${stack_name}": command => "${docker_command} rm ${stack_name}", onlyif => $check_stack, diff --git a/manifests/swarm.pp b/manifests/swarm.pp index 26ddf3d4..3681b5b8 100644 --- a/manifests/swarm.pp +++ b/manifests/swarm.pp @@ -1,143 +1,122 @@ -# == Define: docker::swarm +# @summary +# managers a Docker Swarm Mode cluster # -# A define that managers a Docker Swarm Mode cluster -# -# == Paramaters -# -# [*ensure*] +# @param ensure # This ensures that the cluster is present or not. -# Defaults to present # Note this forcefully removes a node from the cluster. Make sure all worker nodes # have been removed before managers # -# [*init*] +# @param init # This creates the first worker node for a new cluster. # Set init to true to create a new cluster -# Defaults to false # -# [*join*] +# @param join # This adds either a worker or manger node to the cluster. # The role of the node is defined by the join token. # Set to true to join the cluster -# Defaults to false # -# [*advertise_addr*] +# @param advertise_addr # The address that your node will advertise to the cluster for raft. # On multihomed servers this flag must be passed -# Defaults to undef # -# [*autolock*] +# @param autolock # Enable manager autolocking (requiring an unlock key to start a stopped manager) -# Defaults to undef # -# [*cert_expiry*] +# @param cert_expiry # Validity period for node certificates (ns|us|ms|s|m|h) (default 2160h0m0s) -# defaults to undef # -# [*default_addr_pool*] +# @param default_addr_pool # Array of default subnet pools for global scope networks (['30.30.0.0/16','40.40.0.0/16']) -# defaults to undef # -# [*default_addr_pool_mask_length*] +# @param default_addr_pool_mask_length # Default subnet pools mask length for default-addr-pools (CIDR block number) -# defaults to undef # -# [*dispatcher_heartbeat*] +# @param dispatcher_heartbeat # Dispatcher heartbeat period (ns|us|ms|s|m|h) (default 5s) -# Defaults to undef # -# [*external_ca*] +# @param external_ca # Specifications of one or more certificate signing endpoints -# Defaults to undef # -# [*force_new_cluster*] +# @param force_new_cluster # Force create a new cluster from current state -# Defaults to false # -# [*listen_addr*] +# @param listen_addr # The address that your node will listen to the cluster for raft. # On multihomed servers this flag must be passed -# Defaults to undef # -# [*max_snapshots*] +# @param max_snapshots # Number of additional Raft snapshots to retain -# Defaults to undef # -# [*snapshot_interval*] +# @param snapshot_interval # Number of log entries between Raft snapshots (default 10000) -# Defaults to undef # -# [*token*] +# @param token # The authentication token to join the cluster. The token also defines the type of # node (worker or manager) -# Defaults to undef # -# [*manager_ip*] +# @param manager_ip # The ip address of a manager node to join the cluster. -# Defaults to undef # - - define docker::swarm( - - Optional[Pattern[/^present$|^absent$/]] $ensure = 'present', - Optional[Boolean] $init = false, - Optional[Boolean] $join = false, - Optional[String] $advertise_addr = undef, - Optional[Boolean] $autolock = false, - Optional[String] $cert_expiry = undef, - Optional[Array] $default_addr_pool = undef, - Optional[String] $default_addr_pool_mask_length = undef, - Optional[String] $dispatcher_heartbeat = undef, - Optional[String] $external_ca = undef, - Optional[Boolean] $force_new_cluster = false, - Optional[String] $listen_addr = undef, - Optional[String] $max_snapshots = undef, - Optional[String] $snapshot_interval = undef, - Optional[String] $token = undef, - Optional[String] $manager_ip = undef, - ){ - + Optional[Enum[present,absent]] $ensure = 'present', + Optional[Boolean] $init = false, + Optional[Boolean] $join = false, + Optional[String] $advertise_addr = undef, + Optional[Boolean] $autolock = false, + Optional[String] $cert_expiry = undef, + Optional[Array] $default_addr_pool = undef, + Optional[String] $default_addr_pool_mask_length = undef, + Optional[String] $dispatcher_heartbeat = undef, + Optional[String] $external_ca = undef, + Optional[Boolean] $force_new_cluster = false, + Optional[String] $listen_addr = undef, + Optional[String] $max_snapshots = undef, + Optional[String] $snapshot_interval = undef, + Optional[String] $token = undef, + Optional[String] $manager_ip = undef, +) { include docker::params - if $::osfamily == 'windows' { + if $facts['os']['family'] == 'windows' { $exec_environment = "PATH=${::docker_program_files_path}/Docker/" - $exec_path = ["${::docker_program_files_path}/Docker/"] - $exec_timeout = 3000 - $exec_provider = 'powershell' - $unless_init = '$info = docker info | select-string -pattern "Swarm: active" - if ($info -eq $null) { Exit 1 } else { Exit 0 }' - $unless_join = '$info = docker info | select-string -pattern "Swarm: active" - if ($info -eq $null) { Exit 1 } else { Exit 0 }' - $onlyif_leave = '$info = docker info | select-string -pattern "Swarm: active" - if ($info -eq $null) { Exit 1 } else { Exit 0 }' + $exec_path = [ "${::docker_program_files_path}/Docker/", ] + $exec_timeout = 3000 + $exec_provider = 'powershell' + $unless_init = '$info = docker info | select-string -pattern "Swarm: active" + if ($info -eq $null) { Exit 1 } else { Exit 0 }' + $unless_join = '$info = docker info | select-string -pattern "Swarm: active" + if ($info -eq $null) { Exit 1 } else { Exit 0 }' + $onlyif_leave = '$info = docker info | select-string -pattern "Swarm: active" + if ($info -eq $null) { Exit 1 } else { Exit 0 }' } else { $exec_environment = 'HOME=/root' - $exec_path = ['/bin', '/usr/bin'] - $exec_timeout = 0 - $exec_provider = undef - $unless_init = 'docker info | grep -w "Swarm: active"' - $unless_join = 'docker info | grep -w "Swarm: active"' - $onlyif_leave = 'docker info | grep -w "Swarm: active"' + $exec_path = [ '/bin', '/usr/bin', ] + $exec_timeout = 0 + $exec_provider = undef + $unless_init = 'docker info | grep -w "Swarm: active"' + $unless_join = 'docker info | grep -w "Swarm: active"' + $onlyif_leave = 'docker info | grep -w "Swarm: active"' } $docker_command = "${docker::params::docker_command} swarm" if $init { - $docker_swarm_init_flags = docker_swarm_init_flags({ - init => $init, - advertise_addr => $advertise_addr, - autolock => $autolock, - cert_expiry => $cert_expiry, - dispatcher_heartbeat => $dispatcher_heartbeat, - default_addr_pool => $default_addr_pool, - default_addr_pool_mask_length => $default_addr_pool_mask_length, - external_ca => $external_ca, - force_new_cluster => $force_new_cluster, - listen_addr => $listen_addr, - max_snapshots => $max_snapshots, - snapshot_interval => $snapshot_interval, - }) + $docker_swarm_init_flags = docker_swarm_init_flags( + { + init => $init, + advertise_addr => $advertise_addr, + autolock => $autolock, + cert_expiry => $cert_expiry, + dispatcher_heartbeat => $dispatcher_heartbeat, + default_addr_pool => $default_addr_pool, + default_addr_pool_mask_length => $default_addr_pool_mask_length, + external_ca => $external_ca, + force_new_cluster => $force_new_cluster, + listen_addr => $listen_addr, + max_snapshots => $max_snapshots, + snapshot_interval => $snapshot_interval, + } + ) $exec_init = "${docker_command} ${docker_swarm_init_flags}" @@ -152,12 +131,14 @@ } if $join { - $docker_swarm_join_flags = docker_swarm_join_flags({ - join => $join, - advertise_addr => $advertise_addr, - listen_addr => $listen_addr, - token => $token, - }) + $docker_swarm_join_flags = docker_swarm_join_flags( + { + join => $join, + advertise_addr => $advertise_addr, + listen_addr => $listen_addr, + token => $token, + } + ) $exec_join = "${docker_command} ${docker_swarm_join_flags} ${manager_ip}" diff --git a/manifests/swarms.pp b/manifests/swarms.pp index 6ee63d5b..d0950144 100644 --- a/manifests/swarms.pp +++ b/manifests/swarms.pp @@ -1,4 +1,9 @@ -# docker::swarms -class docker::swarms($swarms) { +# @summary +# +# @param swarms +# +class docker::swarms( + $swarms +) { create_resources(docker::swarm, $swarms) } diff --git a/manifests/system_user.pp b/manifests/system_user.pp index 6cf9fbfa..f3bb7e6b 100644 --- a/manifests/system_user.pp +++ b/manifests/system_user.pp @@ -1,19 +1,18 @@ -# == Define: docker::system_user +# @summary manage docker group users # -# Define to manage docker group users -# -# === Parameters -# [*create_user*] +# @param create_user # Boolean to cotrol whether the user should be created # -define docker::system_user ( - $create_user = true) { - +define docker::system_user( + $create_user = true +) { include docker + $docker_group = $docker::docker_group if $create_user { ensure_resource('user', $name, {'ensure' => 'present' }) + User[$name] -> Exec["docker-system-user-${name}"] } diff --git a/manifests/systemd_reload.pp b/manifests/systemd_reload.pp index e47d0838..ad760378 100644 --- a/manifests/systemd_reload.pp +++ b/manifests/systemd_reload.pp @@ -1,10 +1,9 @@ -# == Class: docker::systemd_reload -# -# For systems that have systemd +# @summary +# For systems that have systemd # class docker::systemd_reload { exec { 'docker-systemd-reload': - path => ['/bin/', '/sbin/', '/usr/bin/', '/usr/sbin/'], + path => [ '/bin/', '/sbin/', '/usr/bin/', '/usr/sbin/', ], command => 'systemctl daemon-reload', refreshonly => true, } diff --git a/manifests/volumes.pp b/manifests/volumes.pp index 443e85d4..213a4a17 100644 --- a/manifests/volumes.pp +++ b/manifests/volumes.pp @@ -1,4 +1,9 @@ -# docker::volumes -class docker::volumes($volumes) { +# @summary +# +# @param volumes +# +class docker::volumes( + $volumes +) { create_resources(docker_volume, $volumes) } diff --git a/manifests/windows_account.pp b/manifests/windows_account.pp index 0b8db81f..e4860d4d 100644 --- a/manifests/windows_account.pp +++ b/manifests/windows_account.pp @@ -1,7 +1,7 @@ -# == Define: docker::windows_account +# @summary +# Windows account that owns the docker services # -# Define the Windows account that owns the docker services -# -define docker::windows_account () { - notice('Not implemented') +define docker::windows_account( +) { + notice('Not implemented') } diff --git a/spec/classes/compose_spec.rb b/spec/classes/compose_spec.rb index 6788f9e8..4ecfa53c 100644 --- a/spec/classes/compose_spec.rb +++ b/spec/classes/compose_spec.rb @@ -11,6 +11,7 @@ kernelrelease: '3.8.0-29-generic', operatingsystemrelease: '10.04', operatingsystemmajrelease: '10', + os: { distro: { codename: 'maverick' }, family: 'Debian', name: 'Ubuntu', release: { major: '10', full: '10.04' } }, } end diff --git a/spec/classes/docker_spec.rb b/spec/classes/docker_spec.rb index fa3678de..e9b99271 100755 --- a/spec/classes/docker_spec.rb +++ b/spec/classes/docker_spec.rb @@ -14,7 +14,7 @@ kernelrelease: '4.9.0-3-amd64', operatingsystemrelease: '9.0', operatingsystemmajrelease: '9', - os: { distro: { codename: 'wheezy' }, family: 'Debian', name: 'Debian', release: { major: '7', full: '7.0' } }, + os: { architecture: 'amd64', distro: { codename: 'wheezy' }, family: 'Debian', name: 'Debian', release: { major: '9', full: '9.0' } }, } end @@ -37,7 +37,7 @@ kernelrelease: '4.4.0-21-generic', operatingsystemrelease: '16.04', operatingsystemmajrelease: '16.04', - os: { distro: { codename: 'wheezy' }, family: 'Debian', name: 'Debian', release: { major: '7', full: '7.0' } }, + os: { architecture: 'amd64', distro: { codename: 'xenial' }, family: 'Debian', name: 'Ubuntu', release: { major: '16.04', full: '16.04' } }, } end @@ -256,6 +256,7 @@ operatingsystemrelease: '7.2', operatingsystemmajrelease: '7', kernelversion: '3.10.0', + os: { architecture: 'x86_64', distro: { codename: 'RedHat' }, family: 'RedHat', name: 'RedHat', release: { major: '7', full: '7.2' } }, } end @@ -898,7 +899,7 @@ operatingsystemrelease: '7.0', operatingsystemmajrelease: '7', kernelversion: '3.10.0', - os: { distro: { codename: 'wheezy' }, family: 'Debian', name: 'Debian', release: { major: '7', full: '7.0' } }, + os: { architecture: 'x86_64', distro: { codename: 'wheezy' }, family: 'RedHat', name: operatingsystem, release: { major: '7', full: '7.0' } }, } end @@ -988,7 +989,7 @@ lsbdistcodename: 'trusty', operatingsystemrelease: '14.04', kernelrelease: '3.8.0-29-generic', - os: { distro: { codename: 'wheezy' }, family: 'Debian', name: 'Debian', release: { major: '7', full: '7.0' } }, + os: { architecture: 'amd64', distro: { codename: 'trusty' }, family: 'Debian', name: 'Ubuntu', release: { major: '14.04', full: '14.04' } }, } end @@ -1005,10 +1006,10 @@ osfamily: 'Debian', lsbdistid: 'Ubuntu', operatingsystem: 'Ubuntu', - lsbdistcodename: 'trusty', - operatingsystemrelease: '15.04', + lsbdistcodename: 'xenial', + operatingsystemrelease: '16.04', kernelrelease: '3.8.0-29-generic', - os: { distro: { codename: 'wheezy' }, family: 'Debian', name: 'Debian', release: { major: '7', full: '7.0' } }, + os: { architecture: 'amd64', distro: { codename: 'xenial' }, family: 'Debian', name: 'Ubuntu', release: { major: '16.04', full: '16.04' } }, } end @@ -1025,7 +1026,7 @@ lsbdistcodename: 'jessie', kernelrelease: '3.2.0-4-amd64', operatingsystemmajrelease: '8', - os: { distro: { codename: 'wheezy' }, family: 'Debian', name: 'Debian', release: { major: '7', full: '7.0' } }, + os: { architecture: 'amd64', distro: { codename: 'wheezy' }, family: 'Debian', name: 'Debian', release: { major: '7', full: '7.0' } }, } end @@ -1043,7 +1044,7 @@ lsbdistcodename: 'Whatever', kernelrelease: 'Whatever', operatingsystemmajrelease: 'Whatever', - os: { distro: { codename: 'Whatever' }, family: 'Whatever', name: 'Whatever', release: { major: 'Whatever', full: 'Whatever' } }, + os: { architecture: 'Whatever', distro: { codename: 'Whatever' }, family: 'Whatever', name: 'Whatever', release: { major: 'Whatever', full: 'Whatever' } }, } end @@ -1062,7 +1063,7 @@ operatingsystem: 'CentOS', kernelversion: '3.10.0', operatingsystemmajrelease: '6', - os: { family: 'RedHat', name: 'CentOS', release: { major: '6', full: '6.0' } }, + os: { architecture: 'x86_64', family: 'RedHat', name: 'CentOS', release: { major: '6', full: '6.0' } }, } end diff --git a/spec/classes/machine_spec.rb b/spec/classes/machine_spec.rb index 573324ed..04a11bc6 100644 --- a/spec/classes/machine_spec.rb +++ b/spec/classes/machine_spec.rb @@ -11,6 +11,7 @@ kernelrelease: '3.8.0-29-generic', operatingsystemrelease: '10.04', operatingsystemmajrelease: '10', + os: { distro: { codename: 'maverick' }, family: 'Debian', name: 'Ubuntu', release: { major: '10', full: '10.04' } }, } end diff --git a/spec/classes/system_reload_spec.rb b/spec/classes/system_reload_spec.rb index a17620b0..be44c8ae 100644 --- a/spec/classes/system_reload_spec.rb +++ b/spec/classes/system_reload_spec.rb @@ -10,6 +10,7 @@ kernelrelease: '9.3.0-amd64', operatingsystemrelease: '9.3', operatingsystemmajrelease: '9', + os: { distro: { codename: 'stretch' }, family: 'Debian', name: 'Debian', release: { major: '9', full: '9.3' } }, } end diff --git a/spec/defines/exec_spec.rb b/spec/defines/exec_spec.rb index 56bf54b2..4f84b393 100644 --- a/spec/defines/exec_spec.rb +++ b/spec/defines/exec_spec.rb @@ -10,6 +10,7 @@ lsbdistcodename: 'jessie', kernelrelease: '3.2.0-4-amd64', operatingsystemmajrelease: '8', + os: { distro: { codename: 'jessie' }, family: 'Debian', name: 'Debian', release: { major: '8', full: '8.2' } }, } end diff --git a/spec/defines/image_spec.rb b/spec/defines/image_spec.rb index a7edee39..bc3178de 100644 --- a/spec/defines/image_spec.rb +++ b/spec/defines/image_spec.rb @@ -10,6 +10,7 @@ lsbdistcodename: 'jessie', kernelrelease: '3.2.0-4-amd64', operatingsystemmajrelease: '8', + os: { distro: { codename: 'jessie' }, family: 'Debian', name: 'Debian', release: { major: '8', full: '8.2' } }, } end diff --git a/spec/defines/plugin_spec.rb b/spec/defines/plugin_spec.rb index 31327161..7ef33512 100644 --- a/spec/defines/plugin_spec.rb +++ b/spec/defines/plugin_spec.rb @@ -10,6 +10,7 @@ lsbdistcodename: 'jessie', kernelrelease: '3.2.0-4-amd64', operatingsystemmajrelease: '8', + os: { distro: { codename: 'jessie' }, family: 'Debian', name: 'Debian', release: { major: '8', full: '8.2' } }, } end diff --git a/spec/defines/registry_spec.rb b/spec/defines/registry_spec.rb index ffb71705..d0d141ef 100644 --- a/spec/defines/registry_spec.rb +++ b/spec/defines/registry_spec.rb @@ -13,6 +13,7 @@ docker_home_dirs: { root: '/root', }, + os: { distro: { codename: 'jessie' }, family: 'Debian', name: 'Debian', release: { major: '8', full: '8.2' } }, } end let(:params) { { 'version' => '17.06', 'pass_hash' => 'test1234', 'receipt' => false } } diff --git a/spec/defines/run_spec.rb b/spec/defines/run_spec.rb index 9d31124d..1e1e5659 100755 --- a/spec/defines/run_spec.rb +++ b/spec/defines/run_spec.rb @@ -53,6 +53,7 @@ { osfamily: 'Gentoo', operatingsystem: 'Generic', + os: { distro: { codename: 'Generic' }, family: 'Gentoo', name: 'Generic', release: { major: '8', full: '8.2' } }, } end diff --git a/spec/defines/secrets_spec.rb b/spec/defines/secrets_spec.rb index cdb52ccd..9238c182 100644 --- a/spec/defines/secrets_spec.rb +++ b/spec/defines/secrets_spec.rb @@ -10,6 +10,7 @@ lsbdistcodename: 'jessie', kernelrelease: '3.2.0-4-amd64', operatingsystemmajrelease: '8', + os: { distro: { codename: 'jessie' }, family: 'Debian', name: 'Debian', release: { major: '8', full: '8.0' } }, } end diff --git a/spec/defines/services_spec.rb b/spec/defines/services_spec.rb index a5f80c50..335a0837 100644 --- a/spec/defines/services_spec.rb +++ b/spec/defines/services_spec.rb @@ -10,6 +10,7 @@ lsbdistcodename: 'jessie', kernelrelease: '3.2.0-4-amd64', operatingsystemmajrelease: '8', + os: { distro: { codename: 'jessie' }, family: 'Debian', name: 'Debian', release: { major: '8', full: '8.0' } }, } end diff --git a/spec/defines/stack_spec.rb b/spec/defines/stack_spec.rb index ffde8086..0f754014 100644 --- a/spec/defines/stack_spec.rb +++ b/spec/defines/stack_spec.rb @@ -13,6 +13,7 @@ lsbdistcodename: 'jessie', kernelrelease: '3.2.0-4-amd64', operatingsystemmajrelease: '8', + os: { distro: { codename: 'jessie' }, family: 'Debian', name: 'Debian', release: { major: '8', full: '8.0' } }, } end @@ -27,6 +28,7 @@ docker_program_files_path: 'C:/Program Files', docker_systemroot: 'C:/Windows', docker_user_temp_path: 'C:/Users/Administrator/AppData/Local/Temp', + os: { family: 'windows', name: 'windows', release: { major: '2016', full: '2016' } }, } end diff --git a/spec/defines/swarm_spec.rb b/spec/defines/swarm_spec.rb index 2892647a..a5099a20 100644 --- a/spec/defines/swarm_spec.rb +++ b/spec/defines/swarm_spec.rb @@ -14,6 +14,7 @@ lsbdistcodename: 'jessie', kernelrelease: '3.2.0-4-amd64', operatingsystemmajrelease: '8', + os: { distro: { codename: 'jessie' }, family: 'Debian', name: 'Debian', release: { major: '8', full: '8.0' } }, } end @@ -28,6 +29,7 @@ docker_program_files_path: 'C:/Program Files', docker_systemroot: 'C:/Windows', docker_user_temp_path: 'C:/Users/Administrator/AppData/Local/Temp', + os: { distro: { codename: 'Windows' }, family: 'Windows', name: 'Windows', release: { major: '2016', full: '2016' } }, } end