133 lines
4.7 KiB
YAML
133 lines
4.7 KiB
YAML
---
|
|
# Copyright 2016, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# Usage:
|
|
# This common task will update lxc containers to use the lxc-openstack
|
|
# app-armor profile by default however this profile can be changed as needed.
|
|
|
|
# This will also load in a list of bind mounts for a given container. To load
|
|
# in a list of bind mounts the variable, "list_of_bind_mounts" must be used
|
|
# containing at least one dictionary with the keys "bind_dir_path",
|
|
# "relative_bind_dir_path", and "mount_path".
|
|
# * bind_dir_path = Container path used in a bind mount
|
|
# * mount_path = Local path on the physical host used for a bind mount
|
|
|
|
# If extra container configurations are desirable set the
|
|
# "extra_container_config" list to strings containing the options needed.
|
|
|
|
- name: Set default bind mounts
|
|
set_fact:
|
|
lxc_default_bind_mounts:
|
|
- bind_dir_path: "/var/log"
|
|
mount_path: "/openstack/log/{{ inventory_hostname }}"
|
|
when: lxc_default_bind_mounts is undefined
|
|
|
|
- name: Ensure mount directories exists
|
|
file:
|
|
path: "{{ item['mount_path'] }}"
|
|
state: "directory"
|
|
with_items:
|
|
- "{{ list_of_bind_mounts | default([]) }}"
|
|
- "{{ lxc_default_bind_mounts }}"
|
|
delegate_to: "{{ physical_host }}"
|
|
when:
|
|
- list_of_bind_mounts is defined
|
|
- not is_metal | bool
|
|
|
|
- name: LXC bind mount directories
|
|
lxc_container:
|
|
name: "{{ inventory_hostname }}"
|
|
container_command: |
|
|
[[ ! -d "{{ item['bind_dir_path'] }}" ]] && mkdir -p "{{ item['bind_dir_path'] }}"
|
|
with_items:
|
|
- "{{ list_of_bind_mounts | default([]) }}"
|
|
- "{{ lxc_default_bind_mounts }}"
|
|
delegate_to: "{{ physical_host }}"
|
|
register: _bm
|
|
when:
|
|
- list_of_bind_mounts is defined
|
|
- not is_metal | bool
|
|
|
|
- name: Add bind mount configuration to container
|
|
lineinfile:
|
|
dest: "/var/lib/lxc/{{ inventory_hostname }}/config"
|
|
line: "lxc.mount.entry = {{ item['mount_path'] }} {{ item['bind_dir_path'].lstrip('/') }} none bind 0 0"
|
|
backup: "true"
|
|
with_items:
|
|
- "{{ list_of_bind_mounts | default([]) }}"
|
|
- "{{ lxc_default_bind_mounts }}"
|
|
delegate_to: "{{ physical_host }}"
|
|
when:
|
|
- list_of_bind_mounts is defined
|
|
- not is_metal | bool
|
|
register: _mc
|
|
|
|
- name: Extra lxc config
|
|
lineinfile:
|
|
dest: "/var/lib/lxc/{{ inventory_hostname }}/config"
|
|
line: "{{ item.split('=')[0] }} = {{ item.split('=', 1)[1] }}"
|
|
insertafter: "^{{ item.split('=')[0] }}"
|
|
backup: "true"
|
|
with_items: "{{ extra_container_config | default([]) }}"
|
|
delegate_to: "{{ physical_host }}"
|
|
register: _ec
|
|
when: not is_metal | bool
|
|
|
|
# Due to https://github.com/ansible/ansible-modules-extras/issues/2691
|
|
# this uses the LXC CLI tools to ensure that we get logging.
|
|
# TODO(odyssey4me): revisit this once the bug is fixed and released
|
|
- name: Lxc container restart
|
|
command: >
|
|
lxc-stop --name {{ inventory_hostname }}
|
|
--logfile {{ lxc_container_log_path }}/lxc-{{ inventory_hostname }}.log
|
|
--logpriority {{ (debug | bool) | ternary('DEBUG', 'INFO') }}
|
|
delegate_to: "{{ physical_host }}"
|
|
register: container_stop
|
|
until: container_stop | success
|
|
retries: 3
|
|
when:
|
|
- not is_metal | bool
|
|
- (_mc is defined and _mc | changed) or (_ec is defined and _ec | changed)
|
|
|
|
# Due to https://github.com/ansible/ansible-modules-extras/issues/2691
|
|
# this uses the LXC CLI tools to ensure that we get logging.
|
|
# TODO(odyssey4me): revisit this once the bug is fixed and released
|
|
- name: Start Container
|
|
command: >
|
|
lxc-start --daemon --name {{ inventory_hostname }}
|
|
--logfile {{ lxc_container_log_path }}/lxc-{{ inventory_hostname }}.log
|
|
--logpriority {{ (debug | bool) | ternary('DEBUG', 'INFO') }}
|
|
delegate_to: "{{ physical_host }}"
|
|
register: container_start
|
|
until: container_start | success
|
|
retries: 3
|
|
when:
|
|
- not is_metal | bool
|
|
- (_mc is defined and _mc | changed) or (_ec is defined and _ec | changed)
|
|
|
|
- name: Wait for container ssh
|
|
wait_for:
|
|
port: "22"
|
|
delay: "{{ ssh_delay }}"
|
|
search_regex: "OpenSSH"
|
|
host: "{{ ansible_ssh_host }}"
|
|
delegate_to: "{{ physical_host }}"
|
|
register: ssh_wait_check
|
|
until: ssh_wait_check | success
|
|
retries: 3
|
|
when:
|
|
- (_bm is defined and _bm | changed) or (_ec is defined and _ec | changed)
|
|
- not is_metal | bool
|