Add all docker daemon options as attributes, closes #124

sous-chefs · Apr 13, 2014 · 3694e3d · 3694e3d
1 parent 6978b83
commit 3694e3d
Show file tree

Hide file tree

Showing 8 changed files with 783 additions and 60 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -22,7 +22,9 @@ Attribute deprecations so you can be sure you can upgrade:
 Attributes now available for all docker daemon flags as well as system IP forwarding.
 
 * REMOVED: container_dns* attributes (use replacement dns* attributes on daemon for all containers or docker_container dns* attributes instead)
+* DEPRECATED: bind_* attributes to match docker terminology (use host attribute instead)
 * Enhancement: [#115][]: Add IP forwarding attributes
+* Enhancement: [#124][]: Add all docker daemon options as attributes
 * Enhancement: [#125][]: Use dns* attributes to set docker daemon options, not defaults per-container
 * Enhancement: [#128][]: Add checksum attribute for binary downloads
 * Enhancement: [#126][]: Set long option names for specified docker daemon options
@@ -443,6 +445,7 @@ Lots of community contributions this release -- thanks!
 [#112]: https://github.com/bflad/chef-docker/issues/112
 [#113]: https://github.com/bflad/chef-docker/issues/113
 [#115]: https://github.com/bflad/chef-docker/issues/115
+[#124]: https://github.com/bflad/chef-docker/issues/124
 [#125]: https://github.com/bflad/chef-docker/issues/125
 [#126]: https://github.com/bflad/chef-docker/issues/126
 [#127]: https://github.com/bflad/chef-docker/issues/127

diff --git a/README.md b/README.md
@@ -119,22 +119,39 @@ url | Repository URL for docker source | String | https://github.com/dotcloud/do
 
 ### Docker Daemon Attributes
 
+For more information: http://docs.docker.io/en/latest/reference/commandline/cli/#daemon
+
 These attributes are under the `node['docker']` namespace.
 
 Attribute | Description | Type | Default
 ----------|-------------|------|--------
-bind_socket | Socket path that docker should bind | String | unix:///var/run/docker.sock
-bind_uri | TCP URI docker should bind | String | nil
+api_enable_cors | Enable CORS headers in API | TrueClass, FalseClass | nil
+bind_socket (*DEPRECATED*) | Socket path that docker should bind | String | unix:///var/run/docker.sock
+bind_uri (*DEPRECATED*) | TCP URI docker should bind | String | nil
+bip | Use this CIDR notation address for the network bridge's IP, not compatible with `bridge` | String | nil
+bridge | Attach containers to a pre-existing network bridge; use 'none' to disable container networking | String | nil
+debug | Enable debug mode | TrueClass, FalseClass | nil (implicitly false)
 dns | DNS server(s) for containers | String, Array | nil
 dns_search | DNS search domain(s) for containers | String, Array | nil
 exec_driver | Execution driver for docker | String | nil (implicitly native as of 0.9.0)
+graph | Path to use as the root of the docker runtime | String | nil (implicitly /var/lib/docker)
 group | Group for docker socket and group_members | String | nil (implicitly docker)
+host | Socket(s) that docker should bind | String, Array | unix:///var/run/docker.sock
 http_proxy | HTTP_PROXY environment variable | String | nil
+icc | Enable inter-container communication | TrueClass, FalseClass | nil (implicitly true)
+ip | Default IP address to use when binding container ports | String | nil (implicitly 0.0.0.0)
+iptables | Enable Docker's addition of iptables rules | TrueClass, FalseClass | nil (implicitly true)
 logfile | Set custom DOCKER_LOGFILE | String | nil
+mtu | Set the containers network MTU | Fixnum | nil (implicitly default route MTU or 1500 if no default route is available)
 options | Additional options to pass to docker. These could be flags like "-api-enable-cors". | String | nil
-pidfile | Set custom DOCKER_PIDFILE | String | nil
+pidfile | Path to use for daemon PID file | String | nil (implicitly /var/run/docker.pid)
 ramdisk | Set DOCKER_RAMDISK when using RAM disk | TrueClass or FalseClass | false
 storage_driver | Storage driver for docker | String | nil
+tls | Use TLS | TrueClass, FalseClass | nil (implicitly false)
+tlscacert | Trust only remotes providing a certificate signed by the CA given here | String | nil (implicitly ~/.docker/ca.pem)
+tlscert | Path to TLS certificate file | String | nil (implicitly ~/.docker/cert.pem)
+tlskey | Path to TLS key file | String | nil (implicitly ~/.docker/key.pem)
+tlsverify | Use TLS and verify the remote (daemon: verify client, client: verify daemon) | TrueClass, FalseClass | nil (implicitly false)
 tmpdir | TMPDIR environment variable | String | nil
 
 ### LWRP Attributes

diff --git a/attributes/default.rb b/attributes/default.rb
@@ -1,37 +1,15 @@
 include_attribute 'golang'
 
+# Installation/System attributes
+
 default['docker']['arch'] =
   case node['kernel']['machine']
   when 'x86_64' then 'x86_64'
   # If Docker ever supports 32-bit or other architectures
   # when %r{i[3-6]86} then 'i386'
   else 'x86_64'
   end
-
-default['docker']['bind_socket'] = 'unix:///var/run/docker.sock'
-default['docker']['bind_uri'] = nil
-default['docker']['container_cmd_timeout'] = 60
-default['docker']['dns'] = nil
-default['docker']['dns_search'] = nil
-default['docker']['docker_daemon_timeout'] = 10
-default['docker']['exec_driver'] = nil
-
-# DEPRECATED: will be removed in chef-docker 1.0
-default['docker']['virtualization_type'] = node['docker']['exec_driver']
-
-default['docker']['group'] = nil
 default['docker']['group_members'] = []
-default['docker']['http_proxy'] = nil
-default['docker']['image_cmd_timeout'] = 300
-default['docker']['ipv4_forward'] = true
-default['docker']['ipv6_forward'] = true
-default['docker']['logfile'] = nil
-default['docker']['options'] = nil
-default['docker']['pidfile'] = nil
-default['docker']['ramdisk'] = false
-default['docker']['registry_cmd_timeout'] = 60
-default['docker']['tmpdir'] = nil
-
 default['docker']['init_type'] = value_for_platform(
   %w(centos debian oracle redhat) => {
     'default' => 'sysv'
@@ -44,38 +22,25 @@
   },
   'default' => 'upstart'
 )
-
-default['docker']['container_init_type'] = node['docker']['init_type']
-
 default['docker']['install_type'] = value_for_platform(
   %w(centos debian fedora redhat ubuntu) => {
     'default' => 'package'
   },
   'default' => 'binary'
 )
-
 default['docker']['install_dir'] =
   case node['docker']['install_type']
   when 'binary' then '/usr/local/bin'
   when 'source' then node['go']['gobin']
   else '/usr/bin'
   end
-
-default['docker']['storage_driver'] = value_for_platform(
-  %w(centos fedora oracle redhat) => {
-    'default' => 'devicemapper'
-  },
-  %w(debian ubuntu) => {
-    'default' => 'aufs'
-  },
-  'default' => nil
-)
-# DEPRECATED: will be removed in chef-docker 1.0
-default['docker']['storage_type'] = node['docker']['storage_driver']
-
+default['docker']['ipv4_forward'] = true
+default['docker']['ipv6_forward'] = true
+default['docker']['logfile'] = nil
 default['docker']['version'] = nil
 
-# Binary attributes
+## Binary installation attributes
+
 default['docker']['binary']['version'] = node['docker']['version'] || 'latest'
 default['docker']['binary']['checksum'] =
 case node['kernel']['name']
@@ -90,16 +55,90 @@
 end
 default['docker']['binary']['url'] = "http://get.docker.io/builds/#{node['kernel']['name']}/#{node['docker']['arch']}/docker-#{node['docker']['binary']['version']}"
 
-# Package attributes
+## Package installation attributes
+
+default['docker']['package']['action'] = 'install'
 case node['platform']
 when 'debian', 'ubuntu'
   default['docker']['package']['distribution'] = 'docker'
   default['docker']['package']['repo_url'] = 'https://get.docker.io/ubuntu'
   default['docker']['package']['repo_key'] = 'https://get.docker.io/gpg'
 end
 
-default['docker']['package']['action'] = 'install'
+## Source installation attributes
 
-# Source attributes
 default['docker']['source']['ref'] = 'master'
 default['docker']['source']['url'] = 'https://github.com/dotcloud/docker.git'
+
+# Docker Daemon attributes
+
+default['docker']['api_enable_cors'] = nil
+
+# DEPRECATED: will be removed in chef-docker 1.0
+default['docker']['bind_socket'] = nil
+# DEPRECATED: will be removed in chef-docker 1.0
+default['docker']['bind_uri'] = nil
+
+default['docker']['bip'] = nil
+default['docker']['bridge'] = nil
+default['docker']['debug'] = nil
+default['docker']['dns'] = nil
+default['docker']['dns_search'] = nil
+default['docker']['exec_driver'] = nil
+
+# DEPRECATED: will be removed in chef-docker 1.0
+default['docker']['virtualization_type'] = node['docker']['exec_driver']
+
+default['docker']['graph'] = nil
+default['docker']['group'] = nil
+
+# DEPRECATED: Support for bind_socket/bind_uri
+default['docker']['host'] =
+  if node['docker']['bind_socket'] || node['docker']['bind_uri']
+    Array(node['docker']['bind_socket']) + Array(node['docker']['bind_uri'])
+  else
+    'unix:///var/run/docker.sock'
+  end
+default['docker']['http_proxy'] = nil
+default['docker']['icc'] = nil
+default['docker']['ip'] = nil
+default['docker']['iptables'] = nil
+default['docker']['mtu'] = nil
+default['docker']['options'] = nil
+default['docker']['pidfile'] = nil
+default['docker']['ramdisk'] = false
+default['docker']['tls'] = nil
+default['docker']['tlscacert'] = nil
+default['docker']['tlscert'] = nil
+default['docker']['tlskey'] = nil
+default['docker']['tlsverify'] = nil
+default['docker']['tmpdir'] = nil
+
+default['docker']['storage_driver'] = value_for_platform(
+  %w(centos fedora oracle redhat) => {
+    'default' => 'devicemapper'
+  },
+  %w(debian ubuntu) => {
+    'default' => 'aufs'
+  },
+  'default' => nil
+)
+# DEPRECATED: will be removed in chef-docker 1.0
+default['docker']['storage_type'] = node['docker']['storage_driver']
+
+# LWRP attributes
+
+default['docker']['docker_daemon_timeout'] = 10
+
+## docker_container attributes
+
+default['docker']['container_cmd_timeout'] = 60
+default['docker']['container_init_type'] = node['docker']['init_type']
+
+## docker_image attributes
+
+default['docker']['image_cmd_timeout'] = 300
+
+## docker_registry attributes
+
+default['docker']['registry_cmd_timeout'] = 60
diff --git a/libraries/helpers.rb b/libraries/helpers.rb
@@ -27,14 +27,28 @@ class CommandTimeout < RuntimeError; end
 
     def self.daemon_cli_args(node)
       daemon_options = Helpers::Docker.cli_args(
+        'api-enable-cors' => node['docker']['api_enable_cors'],
+        'bip' => node['docker']['bip'],
+        'bridge' => node['docker']['bridge'],
+        'debug' => node['docker']['debug'],
         'dns' => Array(node['docker']['dns']),
         'dns-search' => Array(node['docker']['dns_search']),
         'exec-driver' => node['docker']['exec_driver'],
-        'host' => Array(node['docker']['bind_socket']) +
-          Array(node['docker']['bind_uri']),
+        'host' => Array(node['docker']['host']),
+        'graph' => node['docker']['graph'],
         'group' => node['docker']['group'],
+        'icc' => node['docker']['icc'],
+        'ip' => node['docker']['ip'],
+        'iptables' => node['docker']['iptables'],
+        'mtu' => node['docker']['mtu'],
+        'pidfile' => node['docker']['pidfile'],
         'restart' => node['docker']['container_init_type'] ? false : nil,
-        'storage-driver' => node['docker']['storage_driver']
+        'storage-driver' => node['docker']['storage_driver'],
+        'tls' => node['docker']['tls'],
+        'tlscacert' => node['docker']['tlscacert'],
+        'tlscert' => node['docker']['tlscert'],
+        'tlskey' => node['docker']['tlskey'],
+        'tlsverify' => node['docker']['tlsverify']
       )
       daemon_options += " #{node['docker']['options']}" if node['docker']['options']
       daemon_options