machinectl is only used to store the image during
initial cache preparation and is unrelated to the
backing store used by LXC.
This patch removes the use of machinectl and btrfs
which makes the lxc_hosts role portable to centos-8
which does not have btrfs
Change-Id: Ib03ea09fa5b4d4b6b3d5ca38a0a6c5cf67eb1df4
The machinectl template was running with the legacy uts name option.
This change updates that option so that it uses the hash and major
version to update the config variable.
Change-Id: I85b5c92422116b139e447330214b2d6b5afbf948
Signed-off-by: Kevin Carter <kevin@cloudnull.com>
We do not have a maintainer at the moment for SELinux and hopefully
we will adopt the upstream openstack-selinux package, but for now
in order to let deploys in environments where SELinux is set to
permissive work, we'll have to remove these bits.
This change can be reverted whenever we have a maintainer that's
available to do the work required.
Change-Id: I61141da3a391a99cb111733eae22cc7c54ce48c6
The machinectl default options, while functional, could be tuned for
better overall performance. This change adds several options which will
ensure container workloads are using the lest amount of storage with the
best possible performance.
For more information on the options being used see
* https://btrfs.wiki.kernel.org/index.php/Manpage/btrfs(5)#MOUNT_OPTIONS
All of the "machines" mount procedures have been moved into a unified
volume task file. This was done to ensure a consistent experience across
our supported distros. To ensure any new options are non-disruptive, the
mount handler has been changed to use "reload-or-restart" which will first
try to reload a mount instead of restarting it mounts.
Change-Id: Ia962fd4c5bb2a73ddd884d3bb3837c47b43d6903
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This change creates a simple LXC create template for machinectl. This
will allow out container create process to use less storage and more
efficently build containers which will speed up operations and
deployments. This also begins to leverage common tools already on the
systems we support there by simplifing how cache is stored, containers
are built and the general management of images within a host.
The new lxc container create template, and the features it provides,
will only impact new containers created allowing deployers to safely
adopt this change in any existing environment.
Change-Id: I70d53cabd0888954f31def924e9f4436398cdebf
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
The systemd installation prefix is distro specific so add a new
systemd_utils_prefix variable in the distro files instead of using
a hardcoded value.
Change-Id: Idccb404696e1cf3b8d56f62782dc8afa86996517
This change modifies the LXC image cache system to use machine control,
which is part of systemd, to manage images for us. This will give us
insight into the cached images which we had not had before all through
the `machinectl` cli utility. This change also modifies the image fetch
process allowing it to be faster and more transparent to the enduser.
Part of the slowness in image fetching and caching is that it happens on
every run even if it's not needed. This change will now check the cache
expiry and state of the image within `machinectl` and only run the cache
update when needed or instructed to do so.
Documentation on what can be done with the `machinectl` CLI utility can
be found here:
* https://www.freedesktop.org/software/systemd/man/machinectl.html
Change-Id: Ic7f8bf400ec5781b4be67539bc6c1523069d0ab2
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This change updates the lxc-host setup role to build the lxc cache using the
download template based on default images found here:[0]. These images are
upsteam builds from the greater LXC/D community.
This update adds support for Ubuntu 14.04, 16.04 and RHEL/CentOS 7 container
types and the cache will be generated from the host Operating system.
[0] - https://images.linuxcontainers.org/
Change-Id: Ie13be2322d28178760481c59805101d6aeef4f36
Co-Authored-By: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
Dmitriy Rabotyagov