mirror of
https://github.com/ansible-collections/community.docker.git
synced 2026-03-15 19:58:28 +00:00
Add support for cgroupns_mode parameter. (#427)
This commit is contained in:
Felix Fontein
GitHub
parent
2f1d9b3ff9
commit
37c868e192
@ -0,0 +1,2 @@
|
||||
minor_changes:
|
||||
- "docker_container - add support for ``cgroupns_mode`` (https://github.com/ansible-collections/community.docker/issues/338, https://github.com/ansible-collections/community.docker/pull/427)."
|
||||
@ -746,6 +746,11 @@ OPTION_CAP_DROP = (
|
||||
.add_option('cap_drop', type='set', elements='str')
|
||||
)
|
||||
|
||||
OPTION_CGROUP_NS_MODE = (
|
||||
OptionGroup()
|
||||
.add_option('cgroupns_mode', type='str', ansible_choices=['private', 'host'])
|
||||
)
|
||||
|
||||
OPTION_CGROUP_PARENT = (
|
||||
OptionGroup()
|
||||
.add_option('cgroup_parent', type='str')
|
||||
@ -1119,6 +1124,7 @@ OPTIONS = [
|
||||
OPTION_BLKIO_WEIGHT,
|
||||
OPTION_CAPABILITIES,
|
||||
OPTION_CAP_DROP,
|
||||
OPTION_CGROUP_NS_MODE,
|
||||
OPTION_CGROUP_PARENT,
|
||||
OPTION_COMMAND,
|
||||
OPTION_CPU_PERIOD,
|
||||
|
||||
@ -21,6 +21,7 @@ from ansible_collections.community.docker.plugins.module_utils.module_container.
|
||||
OPTION_BLKIO_WEIGHT,
|
||||
OPTION_CAPABILITIES,
|
||||
OPTION_CAP_DROP,
|
||||
OPTION_CGROUP_NS_MODE,
|
||||
OPTION_CGROUP_PARENT,
|
||||
OPTION_COMMAND,
|
||||
OPTION_CPU_PERIOD,
|
||||
@ -1175,6 +1176,8 @@ OPTION_CAPABILITIES.add_engine('docker_api', DockerAPIEngine.host_config_value('
|
||||
|
||||
OPTION_CAP_DROP.add_engine('docker_api', DockerAPIEngine.host_config_value('CapDrop'))
|
||||
|
||||
OPTION_CGROUP_NS_MODE.add_engine('docker_api', DockerAPIEngine.host_config_value('CgroupnsMode', min_api_version='1.41'))
|
||||
|
||||
OPTION_CGROUP_PARENT.add_engine('docker_api', DockerAPIEngine.host_config_value('CgroupParent'))
|
||||
|
||||
OPTION_COMMAND.add_engine('docker_api', DockerAPIEngine.config_value('Cmd'))
|
||||
|
||||
@ -47,6 +47,15 @@ options:
|
||||
- List of capabilities to drop from the container.
|
||||
type: list
|
||||
elements: str
|
||||
cgroupns_mode:
|
||||
description:
|
||||
- Specify the cgroup namespace mode for the container.
|
||||
- The Docker CLI calls this simply C(cgroupns).
|
||||
type: str
|
||||
choices:
|
||||
- host
|
||||
- private
|
||||
version_added: 3.0.0
|
||||
cgroup_parent:
|
||||
description:
|
||||
- Specify the parent cgroup for the container.
|
||||
|
||||
@ -148,6 +148,60 @@
|
||||
- capabilities_3 is not changed
|
||||
- capabilities_4 is changed
|
||||
|
||||
####################################################################
|
||||
## cgroupns_mode ###################################################
|
||||
####################################################################
|
||||
|
||||
- name: cgroupns_mode
|
||||
docker_container:
|
||||
image: "{{ docker_test_image_alpine }}"
|
||||
command: '/bin/sh -c "sleep 10m"'
|
||||
name: "{{ cname }}"
|
||||
state: started
|
||||
cgroupns_mode: host
|
||||
register: cgroupns_mode_1
|
||||
ignore_errors: yes
|
||||
|
||||
- name: cgroupns_mode (idempotency)
|
||||
docker_container:
|
||||
image: "{{ docker_test_image_alpine }}"
|
||||
command: '/bin/sh -c "sleep 10m"'
|
||||
name: "{{ cname }}"
|
||||
state: started
|
||||
cgroupns_mode: host
|
||||
register: cgroupns_mode_2
|
||||
ignore_errors: yes
|
||||
|
||||
- name: cgroupns_mode (changed)
|
||||
docker_container:
|
||||
image: "{{ docker_test_image_alpine }}"
|
||||
command: '/bin/sh -c "sleep 10m"'
|
||||
name: "{{ cname }}"
|
||||
state: started
|
||||
cgroupns_mode: private
|
||||
register: cgroupns_mode_3
|
||||
ignore_errors: yes
|
||||
|
||||
- name: cleanup
|
||||
docker_container:
|
||||
name: "{{ cname }}"
|
||||
state: absent
|
||||
force_kill: yes
|
||||
diff: no
|
||||
|
||||
- assert:
|
||||
that:
|
||||
- cgroupns_mode_1 is changed
|
||||
- cgroupns_mode_2 is not changed and cgroupns_mode_2 is not failed
|
||||
- "cgroupns_mode_3 is changed or 'Docker warning: Your kernel does not support cgroup namespaces. Cgroup namespace setting discarded.' in (cgroupns_mode_3.warnings | default([]))"
|
||||
when: docker_api_version is version('1.41', '>=')
|
||||
- assert:
|
||||
that:
|
||||
- cgroupns_mode_1 is failed
|
||||
- |
|
||||
('API version is ' ~ docker_api_version ~ '.') in cgroupns_mode_1.msg and 'Minimum version required is 1.41 ' in cgroupns_mode_1.msg
|
||||
when: docker_api_version is version('1.41', '<')
|
||||
|
||||
####################################################################
|
||||
## cgroup_parent ###################################################
|
||||
####################################################################
|
||||
|
||||
Loading…
Reference in New Issue
Block a user