6285b6c638
This change adds the ability to effectively use the PrivateNetwork functionality systemd provides for services. Now, if enabled, services can be created in a network namespace which isolates it from the reset of the host. Additional options have been added allowing access into the network namespace over ephemeral devices as needed. Highlights: * Isolated private networking for services will sandbox using a stand alone namespace which has no access to anything via the network. * Access into a private namespace can be provided over a single network interface which can be IP'd via local DHCP + NAT or using an upstream DHCP server. * Tests have been added to exercise the new functionality. All of the funcality has been documented in the defaults of this role. Change-Id: I6751765131f32393a1605eb2100bec46199d980a Signed-off-by: Kevin Carter <kevin@cloudnull.com> |
||
---|---|---|
defaults | ||
doc | ||
examples | ||
handlers | ||
html-docs | ||
meta | ||
releasenotes | ||
tasks | ||
templates | ||
tests | ||
zuul.d | ||
.gitignore | ||
.gitreview | ||
CONTRIBUTING.rst | ||
LICENSE | ||
README.md | ||
Vagrantfile | ||
ansible-role-requirements.yaml | ||
bindep.txt | ||
manual-test.rc | ||
run_tests.sh | ||
setup.cfg | ||
setup.py | ||
tox.ini |
README.md
Ansible systemd_service
This Ansible role that installs and configures systemd unit files and all of its
corresponding services. This role requires the openstack-ansible-plugins
repository to be available on your local system. The Ansible galaxy resolver
will not retrieve this role for you. To get this role in place clone the
plugins repository before installing this role.
# git clone https://github.com/openstack/openstack-ansible-plugins /etc/ansible/roles/plugins
Release notes for the project can be found at: https://docs.openstack.org/releasenotes/ansible-role-systemd_service
You can also use the ansible-galaxy
command on the ansible-role-requirements.yml
file.
# ansible-galaxy install -r ansible-role-requirements.yml
Example playbook
- name: Create a systemd unit file for ServiceX
hosts: localhost
become: true
roles:
- role: "systemd_service"
systemd_services:
# Normal Service
- service_name: ServiceX
execstarts:
- /path/ServiceX --flag1
# Timer Service (AKA CRON)
- service_name: TimerServiceX
execstarts:
- /path/TimerServiceX --flag1
timer:
state: "started"
options:
OnBootSec: 30min
OnUnitActiveSec: 1h
Persistent: true
tags:
- servicex-init