From 38f01b52e83f8a91c9e036a096d4413f0a39386d Mon Sep 17 00:00:00 2001 From: Johan Haals Date: Tue, 21 Jul 2015 14:24:07 +0200 Subject: [PATCH] Added support for --read-only Docker containers Adds support for mounting the container's root filesystem as read only. --- cloud/docker/docker.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/cloud/docker/docker.py b/cloud/docker/docker.py index e77951abf49..6308bd94efe 100644 --- a/cloud/docker/docker.py +++ b/cloud/docker/docker.py @@ -265,6 +265,12 @@ options: default: DockerHub aliases: [] version_added: "1.8" + read_only: + description: + - Mount the container's root filesystem as read only + default: false + aliases: [] + version_added: "1.9" restart_policy: description: - Container restart policy. @@ -772,6 +778,7 @@ class DockerManager(object): 'privileged': self.module.params.get('privileged'), 'links': self.links, 'network_mode': self.module.params.get('net'), + 'read_only': self.module.params.get('read_only'), } optionals = {} @@ -1609,6 +1616,7 @@ def main(): insecure_registry = dict(default=False, type='bool'), log_driver = dict(default=None, choices=['json-file', 'none', 'syslog']), cpu_set = dict(default=None), + read_only = dict(default=False, type='bool'), ), required_together = ( ['tls_client_cert', 'tls_client_key'],