The list of auto mounts is currently hardcoded so there is
no opportunity to adjust the mounts or change the permissions
if necessary.
This patch converts the mounts to a list which can be overridden
as required via host or group vars.
The auto mount configuration is assumed to only be present once
in the LXC config file and any existing statements are replaced.
Change-Id: I62deed28287dae8b289bf882ca0b1a24b207c92d
This is currently using a redirect from ansible.builtin.lxc_container
to community.general.lxc_container, so be explicit about which
module we are using.
Change-Id: I9cdde57a10c7249687ee47fe91a3e84160b46ce1
With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.
With that we also update metdata to reflect current state.
Change-Id: I6a9986cd948dbeaf2847ea4dd04deed974f80d20
Inside jinja block variables should not be inside start/end block.
This used to work due to the workaround placed in config_template
that was removed within [1]. So we fix our usage of jinja to make
variable resolved properly.
[1] https://review.opendev.org/c/openstack/ansible-config_template/+/881887
Change-Id: I1c3178e5694b08ace9364f6da397837049ca2d49
With tox release of 4.0, some parameters were deprecated and are ignored now
which causes tox failures. One of the most spread issues we have is using
`whitelist_externals` isntead of `allowlist_externals`
Change-Id: I2c6fc60cda0151fc6cd23951c4c976b9cef6a543
Add file to the reno documentation build to show release notes for
stable/zed.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/zed.
Sem-Ver: feature
Change-Id: I52a2ac12df98edbeba79eb1c39f23bf1b113255b
For consistency reasons we try to leverage our systemd_service role as
much as we can. Instead of maintaining separate systemd unit templates
the role can be leveraged for same purposes and reduce complexity in
this role.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/865952
Change-Id: I59e6504240eafdb5f0d010ff8a051078e25b1281
For consistency reasons instead of placing a template for
systemd-networkd we better use systemd_networkd role that is present
for a while.
Change-Id: I1e9deaa2892a8fa7eb171acaf75441d7efeac297
The main problem this commit is resolving is that with openvswitch,
the ports were not get cleaned up, and after restart (hard restart or even with soft restart
lxc.service gets time-out) containers couldn't start properly, due to existing port on the bridges.
Change-Id: I707dbfc6878095f7593abe3fca3a5e5b310063e5
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/837742
With sphinx release of 5.0.0, they changed default for language variable
to 'en' from None. With that current None valuable is not valid and should
not be used.
Change-Id: I3f0403e3d74f105ea567ee411349791eae3a470c
Refactoring of the lxc_hosts role means that there is no need for
differences in variables between operating systems.
This patch makes the ubuntu focal CI jobs non voting as it must
merge at the same time as a corresponding patch to lxc_hosts.
Change-Id: I29e91320baebb9a3a649533a0e1d3a433dd04ad9
Systemd has a limit of 5 service restart in 10 seconds. If a service is
restarted more often it fails. The lxc-vet-wiring.sh script can trigger
this if more than 5 interfaces are configured in a container. To avoid
this failure wait for 2s after each service restart.
Change-Id: I4ca394314b1fa9c5f3ac5918e98a497ca5b55471
With previous commit we accidentally removed upgrade jobs, since
they're not explicitly included into deploy template
Change-Id: I5a0d18744d0f9102fb4f8866043bcd8e2d4cc0d8
We've created integrated linters check job a while back and it's successfully
working for several releases. At the moment we experience difficulties
with future maintenance of the linters check from the openstack-ansible-tests
repo. So instead of fixing current one, we replace it with modern version of
the test.
We also replace regular functional tests with integrated scenario.
Change-Id: I4638a72507642a4a70aa09a9c9243c16d2bba376
Switching to proc:mixed improves container isolation and is not required
for Bullseye.
But cgroup:mixed is required for container to start, as it provides
ability for the container to manage own cgroups (but not parents).
Change-Id: Ifce5b9673319d077e57cdf8a28b182b57b7d4507
Directory /openstack/{{ inventory_hostname }} can be bind mounted
inside container. So we should keep it clean without any third party
scripts.
Change-Id: I79a55cad21333553bd4f59ffb145faf96c283c9e
All references to Gentoo, SUSE, Debian stretch and Centos-7 are removed.
Conditional tasks, ternary operators and variables are simplified where possible
OS specific variables files are generalised where possible
Change-Id: I2defac928ff0081b262ba31bdb9981274f13b32b
Spacing changes were inadvertently introduced in
https://review.opendev.org/742121 which result in duplicate entries
in LXC config files.
This commit reverts to the original formatting with spaces either
side of the '=', although it makes no attempt to fix files which
may already include duplicate entries.
Change-Id: Ia95bbc959b54f494b5861afcb4e84d4c227e7b31
Since we copy all release notes to the integrated repo there is not need
in publishing release notes for each repository. We should only verify their
validity and linting.
Change-Id: Ibfedbf5cd264eac572fc51ec8a39974ce99d65d1
You could perhaps have something that overrides a container network
like this;
---
container_extra_networks:
dns_address:
...
dhcp_use_dns: false
and would take precedence over lxc_container_enable_resolved
Also documentations says UseDNS takes true/false
https://www.freedesktop.org/software/systemd/man/systemd.network.html#UseDNS=
Change-Id: I91f25eaf0782a6b4febfc95d9ee7c33f1f965224
You could perhaps have a group_vars/designate_all.yml looking like
this;
---
lxc_container_networks:
lxcbr0_address:
...
dhcp_use_routes: false
Change-Id: Id61fdb5a3b52a01a49242fc01cc01bf2dede09af