openstack
/
openstack-ansible-lxc_hosts
Code Issues Proposed changes

Fix LXC cache resolvers more appropriately 

The implementation of I3769053956b958a0ac7cab499ea90af2a40de850
was somewhat brutal in the approach based on the assumption that
systemd networking is implemented in the base cache. This may be
true for Rocky, but is not true for any of the older branches.

This patch returns the previous method, but fixes it in two ways:

1. It uses the -f file test operator, instead of the deprecated
   -a operator.
2. It also tests for the presence of a symbolic link with -L.

The downloaded image has resolvconf installed, so there is a symlink
for /etc/resolv.conf which points to /run/resolvconf/resolv.conf
in the cache. Given that in a chroot /run does not exist, the file
test operator fails. This is why we're adding the symlink check.

Instead of then removing resolv.conf at the end, we return it back
so that resolveconf works as expected. This is important for anyone
implementing their resolvers through configuration of network
interfaces.

This is only implemented for Queens and older because for master
we've moved to using a different image source, and using
systemd-resolved.

Closes-Bug: #1768592
Change-Id: I11d069e2d0cb3becad067689fa8f1e4c9391f368
This commit is contained in:
Jesse Pretorius 2018-05-09 08:25:11 +01:00
parent 359c0a7514
commit ed7270e814
3 changed files with 24 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
vars/redhat-7.yml
View File

@ -58,7 +58,9 @@ lxc_cache_map:
cache_prep_commands: |
{{ lxc_cache_prep_pre_commands }}
mkdir -p /etc/ansible/facts.d/
rm /etc/resolv.conf || true
if [ -f /etc/resolv.conf ] || [ -L /etc/resolv.conf ]; then
mv /etc/resolv.conf /etc/resolv.conf.org
fi
{% for resolver in lxc_cache_prep_dns %}
echo "nameserver {{ resolver }}" >> /etc/resolv.conf
{% endfor %}
@ -82,7 +84,11 @@ lxc_cache_map:
mkdir -p /var/backup
echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/sysconfig/network-scripts/ifcfg-eth0
chage -I -1 -d -1 -m 0 -M 99999 -E -1 root
echo "nameserver {{ lxc_net_address }}" > /etc/resolv.conf
if [ -f /etc/resolv.conf.org ] || [ -L /etc/resolv.conf.org ]; then
mv /etc/resolv.conf.org /etc/resolv.conf
else
rm -f /etc/resolv.conf
fi
{{ lxc_cache_prep_post_commands }}
_lxc_cache_distro_packages:

10
vars/suse-42.yml
View File

@ -50,7 +50,9 @@ lxc_cache_map:
cache_prep_commands: |
{{ lxc_cache_prep_pre_commands }}
mkdir -p /etc/ansible/facts.d/
rm /etc/resolv.conf || true
if [ -f /etc/resolv.conf ] || [ -L /etc/resolv.conf ]; then
mv /etc/resolv.conf /etc/resolv.conf.org
fi
{% for resolver in lxc_cache_prep_dns %}
echo "nameserver {{ resolver }}" >> /etc/resolv.conf
{% endfor %}
@ -68,7 +70,11 @@ lxc_cache_map:
mkdir -p /var/backup
echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/sysconfig/network/ifcfg-eth0
chage -I -1 -d -1 -m 0 -M 99999 -E -1 root
echo "nameserver {{ lxc_net_address }}" > /etc/resolv.conf
if [ -f /etc/resolv.conf.org ] || [ -L /etc/resolv.conf.org ]; then
mv /etc/resolv.conf.org /etc/resolv.conf
else
rm -f /etc/resolv.conf
fi
# NOTE(hwoarang): Enable sshd which has been explicitely disabled in
# https://github.com/lxc/lxc-ci/commit/8dc7105399350a59698538a12b6d5a1a880ef2ba
systemctl -q unmask sshd

10
vars/ubuntu-16.04.yml
View File

@ -64,7 +64,9 @@ lxc_cache_map:
cache_prep_commands: |
{{ lxc_cache_prep_pre_commands }}
mkdir -p /etc/ansible/facts.d/
rm /etc/resolv.conf || true
if [ -f /etc/resolv.conf ] || [ -L /etc/resolv.conf ]; then
mv /etc/resolv.conf /etc/resolv.conf.org
fi
{% for resolver in lxc_cache_prep_dns %}
echo "nameserver {{ resolver }}" >> /etc/resolv.conf
{% endfor %}
@ -89,7 +91,11 @@ lxc_cache_map:
echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/network/interfaces
mkdir -p /etc/network/interfaces.d
chage -I -1 -d -1 -m 0 -M 99999 -E -1 root
echo "nameserver {{ lxc_net_address }}" > /etc/resolv.conf
if [ -f /etc/resolv.conf.org ] || [ -L /etc/resolv.conf.org ]; then
mv /etc/resolv.conf.org /etc/resolv.conf
else
rm -f /etc/resolv.conf
fi
{{ lxc_cache_prep_post_commands }}
# This forces any modified configurations to remain, and any unmodified configs to be replaced