Fixes #44

.gitignore

@@ -3,3 +3,4 @@
 .vscode/
 *.vdi
 /.project
+tests/yaml.sh

CHANGELOG.md

@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased](../../releases/tag/X.Y.Z)
 
+### Added
+
+- Add support to add systemd configuration options to Docker service ([#44](../../issues/44))
+
 ### Fixed
 
 - Role is not idempotent for Ubuntu and Debian distributions ([#41](../../issues/41))

defaults/main.yml

@@ -10,6 +10,9 @@ docker_daemon_config:
 #  Docker daemon is configured with '-H fd://' by default in Ubuntu/Debian which cause problems.
 #  https://github.com/moby/moby/issues/25471
 docker_daemon_opts: ''
+# List of additional service configuration options for systemd
+# Important! Configuring this can cause Docker to not start at all.
+docker_systemd_service_config: []
 # To compensate for situation where Docker daemon fails because of usermod incompatibility.
 # Ensures that 'dockremap:500000:65536' is present in /etc/subuid and /etc/subgid.
 # Note! If userns-remap is set to 'default' in docker_daemon_config this config will be unnecessary.

tasks/bug-tweaks.yml

@@ -0,0 +1,42 @@
+# Configuration to avoid 'Device or resource busy'
+- block:
+  - name: Stat /proc/sys/fs/may_detach_mounts
+    stat:
+      path: /proc/sys/fs/may_detach_mounts
+    register: may_detach_mounts
+
+  - name: Ensure fs.may_detach_mounts is set to avoid 'Device or resource busy'
+    sysctl:
+      name: fs.may_detach_mounts
+      value: 1
+      sysctl_file: /etc/sysctl.d/99-docker.conf
+      reload: yes
+    become: yes
+    when: may_detach_mounts.stat.exists
+
+  # - name: Copy systemd drop-in for Docker Mount Flags slave configuration to avoid 'Device or resource busy'
+  #   copy:
+  #     src: files/etc/systemd/system/docker.service.d/mountflags-slave.conf
+  #     dest: /etc/systemd/system/docker.service.d/mountflags-slave.conf
+  #   become: yes
+  #   notify: restart docker
+  #   when: docker_enable_mount_flag_fix
+
+  # Keep for compatibility reasons of this role
+  - name: Remove systemd drop-in for Docker Mount Flags slave configuration
+    file:
+      path: /etc/systemd/system/docker.service.d/mountflags-slave.conf
+      state: absent
+    become: yes
+    notify: restart docker
+
+  - name: Set systemd service MountFlags option to "slave" to prevent "device busy" errors on CentOS/RedHat 7.3 kernels
+    set_fact:
+      docker_systemd_service_config_tweaks: "{{ docker_systemd_service_config_tweaks + _systemd_service_config_tweaks }}"
+    vars:
+      _systemd_service_config_tweaks:
+        - 'MountFlags=slave'
+
+  when: (docker_enable_mount_flag_fix | bool) and (ansible_kernel | version_compare('4', '<'))
+
+

tasks/configure-drop-ins.yml

@@ -1,3 +1,7 @@
+- name: Combine all systemd service configuration options
+  set_fact:
+    _systemd_service_config: "{{ docker_systemd_service_config_tweaks + docker_systemd_service_config }}"
+
 - name: Ensure /etc/systemd/system/docker.service.d directory exists
   file:
     path: /etc/systemd/system/docker.service.d
@@ -10,21 +14,23 @@
     src: drop-ins/default.conf.j2
     dest: /etc/systemd/system/docker.service.d/default.conf
   become: yes
-  register: systemd_docker_dropin
+  register: _systemd_docker_dropin
   vars:
     systemd_envs_dir: "{{ docker_systemd_envs_dir[_docker_os_dist] }}"
+    systemd_service_conf: "{{ _systemd_service_config }}"
 
 - name: Setup Docker environment file {{ docker_systemd_envs_dir[_docker_os_dist] }}/docker-envs
   template:
     src: docker-envs.j2
     dest: "{{ docker_systemd_envs_dir[_docker_os_dist] }}/docker-envs"
   become: yes
-  register: systemd_docker_env
+  notify: restart docker
   vars:
     docker_opts: "{{ docker_daemon_opts }}"
 
 - name: Force daemon reload of systemd
   systemd: 
     daemon_reload: yes
   become: yes
-  when: systemd_docker_dropin|changed or systemd_docker_env|changed
+  notify: restart docker
+  when: _systemd_docker_dropin|changed

tasks/main.yml

@@ -33,11 +33,10 @@
 - include_tasks: setup-audit.yml
   tags: ["configure"]
 
-- include_tasks: configure-drop-ins.yml
+- include_tasks: bug-tweaks.yml
   tags: ["configure"]
 
-- include_tasks: kernel-3-mount-fixes.yml
-  when: ansible_kernel | version_compare('4', '<')
+- include_tasks: configure-drop-ins.yml
   tags: ["configure"]
 
 - include_tasks: configure-docker.yml

templates/drop-ins/default.conf.j2

@@ -2,3 +2,6 @@
 EnvironmentFile=-{{ systemd_envs_dir }}/docker-envs
 ExecStart= 
 ExecStart=/usr/bin/dockerd $DOCKER_OPTS
+{% for option in systemd_service_conf %}
+{{ option }}
+{% endfor %}

tests/ci-test.sh

@@ -18,15 +18,54 @@ fail () {
   printf "%b\n" "${BLDRED}[FAIL]${TXTRST} $1"
 }
 
+vagrantExists() {
+  which vagrant
+  echo "$?"
+}
+
+vagrantUp() {
+  if [[ $(vagrantExists) == "0" ]]; then
+    vagrant up
+    return $?
+  fi
+}
+
+vagrantDestroy() {
+  if [[ $(vagrantExists) == "0" ]]; then
+    vagrant destroy -f
+    return $?
+  fi
+}
+
+vagrantBoxAdd() {
+  echo "Download Vagrant box $1"
+  if [[ $(vagrantExists) == "0" ]]; then
+    vagrant box add $1
+    return $?
+  fi
+  return 0
+}
+
+LIMIT="$1"
+
 echo "Starting tests..."
+boxes=$(parse_yaml vagrant_config.yml | grep _box | cut -d= -f2 | sed 's/[\(\"\)]//g' | sort | uniq)
+for box in $boxes; do
+  vagrantBoxAdd $box
+  exitCode=$?
+  if [[ $exitCode != "0" ]]; then
+    exit $exitCode
+  fi
+done
+
 configs=$(parse_yaml vagrant_config.yml | grep _box | awk '{split($0,a,"_box"); $1=a[1]; split($1,b,"configs_"); $2=b[2];  print $2}')
 exitCode=0
 for config in $configs; do
   CONFIG_KEY=$config
-  echo "Testing [$CONFIG_KEY]..."
-  vagrant up
+  echo "###### $CONFIG_KEY..."
+  vagrantUp
   exitCode=$?
-  vagrant destroy -f
+  vagrantDestroy
   if [[ $exitCode == "0" ]]; then
     pass "$CONFIG_KEY"
   else

tests/test_config_adv.yml

@@ -0,0 +1,10 @@
+---
+- hosts: test-host
+  vars:
+    # Setting proxy environment variables to Docker daemon
+    docker_systemd_service_config:
+      - 'Environment="HTTP_PROXY=http://localhost:3128/" "NO_PROXY=localhost,127.0.0.1,docker-registry.somecorporation.com"'
+    # Adding debug flag to Docker daemon
+    docker_daemon_opts: '-D'
+  roles:
+    - haxorof.docker-ce

tests/vagrant_config.yml

@@ -1,5 +1,6 @@
 configs:
   use: 'defaults_centos'
+
   # CentOS 7
   # No Docker installed
   # no_docker_centos:
@@ -16,6 +17,10 @@ configs:
     box: 'geerlingguy/centos7'
     prep_yml: prepare.yml
     test_yml: test_config.yml
+  config_adv_centos:
+    box: 'geerlingguy/centos7'
+    prep_yml: prepare.yml
+    test_yml: test_config_adv.yml
   # Older Docker test
   old_docker_centos:
     box: 'geerlingguy/centos7'
@@ -31,18 +36,30 @@ configs:
     box: 'geerlingguy/centos7'
     prep_yml: prepare.yml
     test_yml: test_issue_42.yml
+
   # Ubuntu 14.04
   # Role default tests
   defaults_ubuntu_trusty:
     box: 'geerlingguy/ubuntu1404'
     prep_yml: prepare.yml
     test_yml: test_defaults.yml
+  # Config tests
+  config_adv_ubuntu_trusty:
+    box: 'geerlingguy/ubuntu1404'
+    prep_yml: prepare.yml
+    test_yml: test_config_adv.yml    
+
   # Ubuntu 16.04
   # Role default tests
-  defaults_ubuntu_trusty:
+  defaults_ubuntu_xenial:
     box: 'geerlingguy/ubuntu1604'
     prep_yml: prepare.yml
     test_yml: test_defaults.yml
+  # Config tests
+  config_adv_ubuntu_xenial:
+    box: 'geerlingguy/ubuntu1604'
+    prep_yml: prepare.yml
+    test_yml: test_config_adv.yml    
   # Storage testing
   config_storage_ubuntu_xenial:
     box: 'geerlingguy/ubuntu1604'
@@ -53,18 +70,30 @@ configs:
     box: 'geerlingguy/ubuntu1604'
     prep_yml: prepare.yml
     test_yml: test_issue_42.yml
+
   # Debian 8
   # Role default tests
   defaults_debian_jessie:
     box: 'geerlingguy/debian8'
     prep_yml: prepare.yml
     test_yml: test_defaults.yml
+  # Config tests
+  config_adv_debian_jessie:
+    box: 'geerlingguy/debian8'
+    prep_yml: prepare.yml
+    test_yml: test_config_adv.yml    
+
   # Debian 9
   # Role default tests
-  defaults_debian_jessie:
+  defaults_debian_stretch:
     box: 'geerlingguy/debian9'
     prep_yml: prepare.yml
     test_yml: test_defaults.yml
+  # Config tests
+  config_adv_debian_stretch:
+    box: 'geerlingguy/debian9'
+    prep_yml: prepare.yml
+    test_yml: test_config_adv.yml      
   # Storage testing
   config_storage_debian_stretch:
     box: 'geerlingguy/debian9'

vars/main.yml

@@ -1,5 +1,6 @@
 ---
 # vars file for ansible-role-docker-ce
+docker_systemd_service_config_tweaks: []
 
 docker_repository_related_packages:
   CentOS: