Always ensure that the local lxc cache file matches the upstream image
Ansible 1.9x only actually checks whether there's a local file - it never checks whether the local file matches the given sha256sum. We therefore need to set 'force:yes' to ensure that Ansible does the following: - download the file to a temporary location, checking its sha256sum against the given value - check the sha256sum of the existing file and the downloaded file - if the sha256sums match, then throw away the temp file - if the sha256sums do not match, replace the existing file In order to also provide the ability to forcibly delete any existing lxc cache which was previously prepared (successfully or unsuccessfully), the boolean variable 'lxc_container_base_delete' has been added. Change-Id: I988940892c89679edea887716851314fc1cf13b5 Closes-Bug: #1539236
This commit is contained in:
parent
ad8908a153
commit
45beccf508
|
@ -56,6 +56,9 @@ lxc_container_template_options: >
|
|||
--user {{ lxc_container_user_name }}
|
||||
--password {{ lxc_container_user_password }}
|
||||
|
||||
# Set this boolean value to remove any previously prepared base image
|
||||
lxc_container_base_delete: no
|
||||
|
||||
lxc_container_template_main_apt_repo: "https://mirror.rackspace.com/ubuntu"
|
||||
lxc_container_template_security_apt_repo: "https://mirror.rackspace.com/ubuntu"
|
||||
lxc_container_template_apt_components:
|
||||
|
|
|
@ -13,30 +13,57 @@
|
|||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
# TODO(odyssey4me)
|
||||
# Ansible 1.9x only actually checks whether there's a local file - it never
|
||||
# checks whether the local file matches the given sha256sum. Ansible 2.x
|
||||
# fixes this, so once we move to Ansible 2.x we can pass this a sha256sum
|
||||
# which will:
|
||||
# a) allow us to remove force: yes
|
||||
# b) allow the module to calculate the checksum of dest file which would
|
||||
# result in file being downloaded only if provided and dest sha256sum
|
||||
# checksums differ
|
||||
# Currently 'force:yes' will always download the file, then do a sha256sum
|
||||
# comparison between the downloaded file and the existing file, then replace
|
||||
# the existing file if it doesn't match.
|
||||
|
||||
- name: Download lxc cache(s)
|
||||
get_url:
|
||||
url: "{{ item.url }}"
|
||||
dest: "/var/cache/lxc_{{ item.name }}"
|
||||
mode: "0644"
|
||||
force: no
|
||||
force: yes
|
||||
sha256sum: "{{ item.sha256sum }}"
|
||||
validate_certs: "{{ lxc_cache_validate_certs }}"
|
||||
register: cache_download
|
||||
retries: 3
|
||||
delay: 10
|
||||
until: cache_download|success
|
||||
until: cache_download | success
|
||||
with_items: lxc_container_caches
|
||||
tags:
|
||||
- lxc-cache
|
||||
- lxc-cache-download
|
||||
|
||||
- name: Remove existing lxc cached images
|
||||
file:
|
||||
path: "{{ lxc_container_cache_path }}/{{ item.chroot_path }}"
|
||||
state: absent
|
||||
with_items: lxc_container_caches
|
||||
when: >
|
||||
cache_download | changed or
|
||||
lxc_container_base_delete | bool
|
||||
tags:
|
||||
- lxc-cache
|
||||
- lxc-cache-existing-remove
|
||||
|
||||
- name: Move lxc cached image into place
|
||||
unarchive:
|
||||
src: "/var/cache/lxc_{{ item.name }}"
|
||||
dest: "{{ lxc_container_cache_path }}/"
|
||||
copy: "no"
|
||||
with_items: lxc_container_caches
|
||||
when: cache_download|changed
|
||||
when: >
|
||||
cache_download | changed or
|
||||
lxc_container_base_delete | bool
|
||||
tags:
|
||||
- lxc-cache
|
||||
- lxc-cache-unarchive
|
||||
|
|
Loading…
Reference in New Issue