docker : Introduce new default settings + allow to change the docker data directory

CHANGELOG.md

@@ -19,6 +19,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
 ### Removed
 
 * docker : Removed Debian Jessie support
+* docker : Introduce new default settings + allow to change the docker data directory 
 
 ### Security
 

docker-host/defaults/main.yml

@@ -1,14 +1,14 @@
 ---
 # If docher_home sets to /home/, the partition should be mounted with exec
 # option.
-docker_home: /srv/docker
+docker_home: /var/lib/docker
 docker_tmpdir: "{{docker_home}}/tmp"
 
 docker_remote_access_enabled: True
 docker_daemon_port: 2376
 docker_daemon_listening_ip: 0.0.0.0
 
-docker_tls_enabled: True
+docker_tls_enabled: False
 docker_tls_path: "{{docker_home}}/tls"
 docker_tls_ca: ca/ca.pem
 docker_tls_ca_key: ca/ca-key.pem

docker-host/templates/daemon.json.j2

@@ -1,13 +1,22 @@
 {
-  "debug": false
+  "debug": false,
+
+  {# Docker data-dir (default to /var/lib/docker) #}
+  "data-root": "{{ docker_home }}",
+
+  {# Keep containers running while docker daemon downtime #}
+  "live-restore": true,
+
+  {# Turn on user namespace remaping #}
+  "userns-remap": "default",
+
   {% if docker_tls_enabled %}
-  ,
   "tls": true,
   "tlscert": "{{ docker_tls_path }}/{{ docker_tls_cert }}",
   "tlscacert": "{{ docker_tls_path }}/{{ docker_tls_ca }}",
-  "tlskey": "{{ docker_tls_path }}/{{ docker_tls_key }}"
+  "tlskey": "{{ docker_tls_path }}/{{ docker_tls_key }}",
   {% endif %}
-  ,
+
   {% if docker_remote_access_enabled %}
   "hosts": ["tcp://{{ docker_daemon_listening_ip }}:{{ docker_daemon_port }}", "fd://"]
   {% else %}