From 959a56eb6b9aa522e00c24ecd1b1861d8eec3107 Mon Sep 17 00:00:00 2001 From: Jonathan Rosser Date: Tue, 11 Sep 2018 10:47:45 +0100 Subject: [PATCH] Convert lxc2 to lxc3 config keys dynamically This change allows the role to accept either lxc2 or lxc3 config keys, plus a list of key substitutions to make when writing the lxc config file. This allows a set of config keys to remain defined as variables outside this role and generate a valid config on both lxc2 and lxc3 based hosts. Change-Id: Ifc871a9fcaf77ff36cfcc1c87b1f406862d46d22 --- defaults/main.yml | 8 ++++++++ tasks/lxc_container_config.yml | 6 +++--- tasks/main.yml | 1 + tests/host_vars/container2.yml | 3 ++- 4 files changed, 14 insertions(+), 4 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 5e10ac6..7b66093 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -25,6 +25,14 @@ lxc_container_wait_params: timeout: 60 +## A list of 'legacy' lxc configuration keys and their corresponding new +## keys. Use this map to substitute keys suitable for other/newer lxc versions +lxc_config_key_mapping: + 3: + lxc.aa_profile: lxc.apparmor.profile + lxc.haltsignal: lxc.signal.halt + 2: + lxc_container_config: /etc/lxc/lxc-openstack.conf lxc_container_config_list: [] lxc_container_commands: "" diff --git a/tasks/lxc_container_config.yml b/tasks/lxc_container_config.yml index 34cf28d..8575af8 100644 --- a/tasks/lxc_container_config.yml +++ b/tasks/lxc_container_config.yml @@ -17,7 +17,7 @@ - name: Write default container config lineinfile: dest: "/var/lib/lxc/{{ inventory_hostname }}/config" - line: "{{ item | replace('=', ' = ', 1) | regex_replace('\\s+', ' ') }}" + line: "{{ lxc_config_key_mapping[lxc_major_version|int][item.split('=', 1)[0]] | default(item.split('=', 1)[0]) }} = {{ item.split('=', 1)[-1] }}" backup: "true" with_items: "{{ lxc_container_default_config_list | union(lxc_container_config_list) }}" delegate_to: "{{ physical_host }}" @@ -128,7 +128,7 @@ # NOTE(cloudnull): To dynamically set the mac address "facts" Ansible line # format is being used - name: Set fixed hardware address fact - set_fact: "{{item.item.value.interface }}_mac_address={{ item.content | b64decode }}" + set_fact: "{{ item.item.value.interface }}_mac_address={{ item.content | b64decode }}" with_items: - "{{ macs.results }}" @@ -182,7 +182,7 @@ with_items: - "lxc.hook.pre-start = /var/lib/lxc/{{ inventory_hostname }}/veth-cleanup.sh" - "lxc.hook.post-stop = /var/lib/lxc/{{ inventory_hostname }}/veth-cleanup.sh" - - "{{ (hostvars[physical_host | default('localhost')]['ansible_distribution_version'] == '18.04') | ternary ('lxc.signal.halt', 'lxc.haltsignal') }} = SIGRTMIN+4" + - "{{ lxc_config_key_mapping[lxc_major_version|int]['lxc.haltsignal'] | default('lxc.haltsignal') }} = SIGRTMIN+4" delegate_to: "{{ physical_host }}" - name: Run veth wiring diff --git a/tasks/main.yml b/tasks/main.yml index f5a7b5d..6bae5da 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -24,6 +24,7 @@ - name: Enable or Disable lxc three syntax set_fact: lxc_three_syntax: "{{ (lxc_version.stdout.split('.')[0] | int) >= 3 }}" + lxc_major_version: "{{ lxc_version.stdout.split('.')[0] }}" - name: Allow the usage of local facts file: diff --git a/tests/host_vars/container2.yml b/tests/host_vars/container2.yml index 3505733..f7e53f3 100644 --- a/tests/host_vars/container2.yml +++ b/tests/host_vars/container2.yml @@ -4,4 +4,5 @@ ansible_become: True ansible_user: root lxc_container_config_list: # The unconfined profile is causing problems with overlayfs. See https://bugs.launchpad.net/openstack-ansible/+bug/1612412 - - "{{ (hostvars[physical_host | default('localhost')]['ansible_distribution_version'] == '18.04') | ternary('lxc.apparmor.profile', 'lxc.aa_profile') }}={{ (lxc_container_backing_store == 'overlayfs') | ternary('lxc-openstack', 'unconfined') }}" + # Use the lxc2 aa_profile key to test that it is correctly changed in-flight to the required lxc3 key on bionic + - "lxc.aa_profile={{ (lxc_container_backing_store == 'overlayfs') | ternary('lxc-openstack', 'unconfined') }}"