From 6231a9d52f244c3d2c012d8e46866e089805aedf Mon Sep 17 00:00:00 2001 From: Johan Haals Date: Tue, 21 Jul 2015 14:24:07 +0200 Subject: [PATCH] Added support for --read-only Docker containers Adds support for mounting the container's root filesystem as read only. --- lib/ansible/modules/cloud/docker/docker.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/lib/ansible/modules/cloud/docker/docker.py b/lib/ansible/modules/cloud/docker/docker.py index 32840a913e0..555004b3514 100644 --- a/lib/ansible/modules/cloud/docker/docker.py +++ b/lib/ansible/modules/cloud/docker/docker.py @@ -270,6 +270,12 @@ options: default: DockerHub aliases: [] version_added: "1.8" + read_only: + description: + - Mount the container's root filesystem as read only + default: false + aliases: [] + version_added: "1.9" restart_policy: description: - Container restart policy. @@ -791,6 +797,7 @@ class DockerManager(object): 'privileged': self.module.params.get('privileged'), 'links': self.links, 'network_mode': self.module.params.get('net'), + 'read_only': self.module.params.get('read_only'), } optionals = {} @@ -1651,6 +1658,7 @@ def main(): cpu_set = dict(default=None), cap_add = dict(default=None, type='list'), cap_drop = dict(default=None, type='list'), + read_only = dict(default=False, type='bool'), ), required_together = ( ['tls_client_cert', 'tls_client_key'],