Added support for --read-only Docker containers

Adds support for mounting the container's root filesystem as read only.
This commit is contained in:
Johan Haals 2015-07-21 14:24:07 +02:00 committed by Matt Clay
parent 7a7b8b913a
commit 6231a9d52f

View file

@ -270,6 +270,12 @@ options:
default: DockerHub default: DockerHub
aliases: [] aliases: []
version_added: "1.8" version_added: "1.8"
read_only:
description:
- Mount the container's root filesystem as read only
default: false
aliases: []
version_added: "1.9"
restart_policy: restart_policy:
description: description:
- Container restart policy. - Container restart policy.
@ -791,6 +797,7 @@ class DockerManager(object):
'privileged': self.module.params.get('privileged'), 'privileged': self.module.params.get('privileged'),
'links': self.links, 'links': self.links,
'network_mode': self.module.params.get('net'), 'network_mode': self.module.params.get('net'),
'read_only': self.module.params.get('read_only'),
} }
optionals = {} optionals = {}
@ -1651,6 +1658,7 @@ def main():
cpu_set = dict(default=None), cpu_set = dict(default=None),
cap_add = dict(default=None, type='list'), cap_add = dict(default=None, type='list'),
cap_drop = dict(default=None, type='list'), cap_drop = dict(default=None, type='list'),
read_only = dict(default=False, type='bool'),
), ),
required_together = ( required_together = (
['tls_client_cert', 'tls_client_key'], ['tls_client_cert', 'tls_client_key'],