jpp/ansible-roles
1
0
Fork 0
mirror of https://git.lapiole.org/dani/ansible-roles.git synced 2025-04-16 10:13:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update to 2022-08-04 14:00

Browse Source
This commit is contained in:
Daniel Berteaud 2022-08-04 14:00:17 +02:00
parent 2f9165b2e4
commit b80061c423
2 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
roles/nomad/defaults/main.yml
View File

@ -76,6 +76,8 @@ nomad_base_conf:
docker: docker:
enabled: True enabled: True
allow_privileged: True allow_privileged: True
# You can set a list of caps allowed for containers, eg
# allow_caps: ["audit_write", "chown", "dac_override", "fowner", "fsetid", "kill", "mknod", "net_bind_service", "setfcap", "setgid", "setpcap", "setuid", "sys_chroot"]
raw_exec: raw_exec:
enabled: False enabled: False
java: java:

7
roles/nomad/templates/nomad.hcl.j2
View File

@ -86,6 +86,13 @@ client {
plugin "docker" { plugin "docker" {
config { config {
allow_privileged = {{ nomad_conf.client.task_drivers.docker.allow_privileged | ternary('true', 'false') }} allow_privileged = {{ nomad_conf.client.task_drivers.docker.allow_privileged | ternary('true', 'false') }}
{% if nomad_conf.client.task_drivers.docker.allow_caps is defined %}
allow_caps = [
{% for cap in nomad_conf.client.task_drivers.docker.allow_caps %}
"{{ cap }}",
{% endfor %}
]
{% endif %}
} }
} }
{% endif %} {% endif %}