openstack
/
openstack-ansible-lxc_hosts
Code Issues Proposed changes

Cleanup the host prep role & remove redundant tasks 

The LXC-Container-Create role now has the ability to setup all of the
network interfaces using systemd-networkd. Those changes give us a
uniform interface to consume when we create containers and free's the
roles from having to care about specific container interface config.
This change removes our now redundant tasks.

This also ensures "dbus" is available in the base contianer image
which was simply added for consistency.

Change-Id: I9278b1f73e1e0fdf98ab5fbe016a77aeb3f75be2
Depends-On: I5d3ddcfa11d575648a69a04f2fb30236c2c89da3
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This commit is contained in:
Kevin Carter 2017-11-27 14:27:26 -06:00
parent dbaab47f34
commit bf143155f4
No known key found for this signature in database
GPG Key ID: 9443251A787B9FB3
7 changed files with 25 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
defaults/main.yml
View File

@ -86,11 +86,6 @@ lxc_net6_address: null ## ie. fd05:ffb8:32b4:1212::1
lxc_net6_netmask: null ## ie. 64 lxc_net6_netmask: null ## ie. 64
lxc_net6_nat: false lxc_net6_nat: false
# lxc_container_net_link variable should be set to the lxc-net bridge.
lxc_container_net_link: "{{ lxc_net_bridge }}" ## name of the host bridge to attach to
lxc_container_net_type: veth ## lxc network interface type (veth, phys, vlan, macvlan, empty)
lxc_container_net_name: eth0 ## name of the interface inside the container.
# System control kernel tuning # System control kernel tuning
lxc_kernel_options: lxc_kernel_options:
- { key: 'fs.inotify.max_user_instances', value: 1024 } - { key: 'fs.inotify.max_user_instances', value: 1024 }

1
tasks/lxc_post_install.yml
View File

@ -32,7 +32,6 @@
mode: "{{ item.mode|default('0644') }}" mode: "{{ item.mode|default('0644') }}"
with_items: with_items:
- { src: lxc-openstack.conf.j2, dest: "/etc/lxc/lxc-openstack.conf" } - { src: lxc-openstack.conf.j2, dest: "/etc/lxc/lxc-openstack.conf" }
- { src: default.conf.j2, dest: "/etc/lxc/default.conf" }
- { src: lxc.default.j2, dest: "{{ system_config_dir}}/lxc-net", mode: "0644" } - { src: lxc.default.j2, dest: "{{ system_config_dir}}/lxc-net", mode: "0644" }
- { src: lxc-system-manage.j2, dest: "/usr/local/bin/lxc-system-manage", mode: "0755" } - { src: lxc-system-manage.j2, dest: "/usr/local/bin/lxc-system-manage", mode: "0755" }
tags: tags:

5
templates/default.conf.j2
View File

@ -1,5 +0,0 @@
lxc.network.type = {{ lxc_container_net_type }}
lxc.network.name = {{ lxc_container_net_name }}
lxc.network.link = {{ lxc_container_net_link }}
lxc.network.flags = up
lxc.network.hwaddr = 00:16:3e:xx:xx:xx

10
templates/lxc-openstack.conf.j2
View File

@ -4,13 +4,3 @@ lxc.start.auto = 1
lxc.start.delay = 15 lxc.start.delay = 15
lxc.group = onboot lxc.group = onboot
lxc.group = openstack lxc.group = openstack
# Default LXC network
lxc.network.type = {{ lxc_container_net_type }}
lxc.network.name = {{ lxc_container_net_name }}
lxc.network.link = {{ lxc_container_net_link }}
lxc.network.flags = up
{% if lxc_net_mtu is defined %}
lxc.network.mtu = {{ lxc_net_mtu }}
{% endif %}
lxc.network.hwaddr = 00:16:3e:xx:xx:xx

11
vars/redhat-7.yml
View File

@ -80,15 +80,16 @@ lxc_cache_map:
ln -s /usr/bin/python2.7 /usr/bin/python ln -s /usr/bin/python2.7 /usr/bin/python
rm /etc/machine-id || true rm /etc/machine-id || true
rm /var/lib/dbus/machine-id || true rm /var/lib/dbus/machine-id || true
touch /etc/machine-id
yum clean all yum clean all
mkdir -p /var/backup mkdir -p /var/backup
echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/sysconfig/network-scripts/ifcfg-eth0
chage -I -1 -d -1 -m 0 -M 99999 -E -1 root chage -I -1 -d -1 -m 0 -M 99999 -E -1 root
if [ -a /etc/resolv.conf.org ]; then if [ -a /etc/resolv.conf.org ]; then
mv /etc/resolv.conf.org /etc/resolv.conf mv /etc/resolv.conf.org /etc/resolv.conf
else else
rm -f /etc/resolv.conf rm -f /etc/resolv.conf
fi fi
systemctl enable systemd-networkd
{{ lxc_cache_prep_post_commands }} {{ lxc_cache_prep_post_commands }}
_lxc_cache_distro_packages: _lxc_cache_distro_packages:
@ -104,6 +105,7 @@ _lxc_cache_distro_packages:
- python-devel - python-devel
- rsync - rsync
- sudo - sudo
- systemd-networkd
- tar - tar
- wget - wget
- which - which
@ -118,10 +120,3 @@ lxc_cached_network_interfaces:
dest: "/etc/sysconfig/network-scripts/ifdown-post-{{ lxc_net_bridge }}" dest: "/etc/sysconfig/network-scripts/ifdown-post-{{ lxc_net_bridge }}"
mode: "0755" mode: "0755"
interface: "${DEVICE}" interface: "${DEVICE}"
lxc_container_default_interfaces: |
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
NM_CONTROLLED=no
TYPE=Ethernet

18
vars/suse-42.yml
View File

@ -29,6 +29,7 @@ lxc_hosts_distro_packages:
- aria2 - aria2
- bridge-utils - bridge-utils
- btrfsprogs - btrfsprogs
- dbus-1
- dnsmasq - dnsmasq
- git-core - git-core
- libseccomp2 - libseccomp2
@ -68,7 +69,6 @@ lxc_cache_map:
zypper --gpg-auto-import-keys -n dup --force-resolution -l zypper --gpg-auto-import-keys -n dup --force-resolution -l
zypper --gpg-auto-import-keys -n in --force-resolution -l {{ lxc_cache_distro_packages | join(' ') }} zypper --gpg-auto-import-keys -n in --force-resolution -l {{ lxc_cache_distro_packages | join(' ') }}
mkdir -p /var/backup mkdir -p /var/backup
echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/sysconfig/network/ifcfg-eth0
chage -I -1 -d -1 -m 0 -M 99999 -E -1 root chage -I -1 -d -1 -m 0 -M 99999 -E -1 root
if [ -a /etc/resolv.conf.org ]; then if [ -a /etc/resolv.conf.org ]; then
mv /etc/resolv.conf.org /etc/resolv.conf mv /etc/resolv.conf.org /etc/resolv.conf
@ -79,6 +79,18 @@ lxc_cache_map:
# https://github.com/lxc/lxc-ci/commit/8dc7105399350a59698538a12b6d5a1a880ef2ba # https://github.com/lxc/lxc-ci/commit/8dc7105399350a59698538a12b6d5a1a880ef2ba
systemctl -q unmask sshd systemctl -q unmask sshd
systemctl -q enable sshd systemctl -q enable sshd
rm /etc/machine-id || true
rm /var/lib/dbus/machine-id || true
touch /etc/machine-id
for action in disable mask; do
systemctl ${action} wicked.service || true
systemctl ${action} wickedd.service || true
systemctl ${action} wickedd-auto4.service || true
systemctl ${action} wickedd-dhcp4.service || true
systemctl ${action} wickedd-dhcp6.service || true
systemctl ${action} wickedd-nanny.service || true
done
systemctl enable systemd-networkd
{{ lxc_cache_prep_post_commands }} {{ lxc_cache_prep_post_commands }}
_lxc_cache_distro_packages: _lxc_cache_distro_packages:
@ -106,7 +118,3 @@ lxc_cached_network_interfaces:
dest: "/etc/sysconfig/network/scripts/ifdown-post-{{ lxc_net_bridge }}" dest: "/etc/sysconfig/network/scripts/ifdown-post-{{ lxc_net_bridge }}"
mode: "0755" mode: "0755"
interface: "${1}" interface: "${1}"
lxc_container_default_interfaces: |
STARTMODE=auto
BOOTPROTO=dhcp

21
vars/ubuntu-16.04.yml
View File

@ -73,7 +73,7 @@ lxc_cache_map:
apt-key add /root/repo.keys apt-key add /root/repo.keys
rm /root/repo.keys rm /root/repo.keys
export DEBIAN_FRONTEND=noninteractive export DEBIAN_FRONTEND=noninteractive
apt-get remove -y --purge snap* lxc* lxd* || true apt-get remove -y --purge snap* lxc* lxd* resolvconf* || true
# Update base distribution # Update base distribution
apt-get update apt-get update
apt-get upgrade -y apt-get upgrade -y
@ -82,13 +82,13 @@ lxc_cache_map:
rm -f /usr/bin/python rm -f /usr/bin/python
rm /etc/machine-id || true rm /etc/machine-id || true
rm /var/lib/dbus/machine-id || true rm /var/lib/dbus/machine-id || true
touch /etc/machine-id
ln -s /usr/bin/python2.7 /usr/bin/python ln -s /usr/bin/python2.7 /usr/bin/python
mkdir -p /root/.ssh mkdir -p /root/.ssh
chmod 700 /root/.ssh chmod 700 /root/.ssh
userdel --force --remove ubuntu || true userdel --force --remove ubuntu || true
apt-get clean apt-get clean
mkdir -p /var/backup mkdir -p /var/backup
echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/network/interfaces
mkdir -p /etc/network/interfaces.d mkdir -p /etc/network/interfaces.d
chage -I -1 -d -1 -m 0 -M 99999 -E -1 root chage -I -1 -d -1 -m 0 -M 99999 -E -1 root
if [ -a /etc/resolv.conf.org ]; then if [ -a /etc/resolv.conf.org ]; then
@ -96,6 +96,12 @@ lxc_cache_map:
else else
rm -f /etc/resolv.conf rm -f /etc/resolv.conf
fi fi
for action in disable mask; do
systemctl ${action} resolvconf.service || true
systemctl ${action} systemd-networkd-resolvconf-update.path || true
systemctl ${action} systemd-networkd-resolvconf-update.service || true
done
systemctl enable systemd-networkd
{{ lxc_cache_prep_post_commands }} {{ lxc_cache_prep_post_commands }}
# This forces any modified configurations to remain, and any unmodified configs to be replaced # This forces any modified configurations to remain, and any unmodified configs to be replaced
@ -106,6 +112,7 @@ _lxc_cache_distro_packages:
- apt-transport-https - apt-transport-https
- ca-certificates - ca-certificates
- cron # xenial doesn't have cronie - cron # xenial doesn't have cronie
- dbus
- gcc - gcc
- libffi-dev - libffi-dev
- libssl-dev - libssl-dev
@ -123,13 +130,3 @@ _lxc_cache_distro_packages:
lxc_cached_network_interfaces: lxc_cached_network_interfaces:
- src: "lxc-net-bridge.cfg.j2" - src: "lxc-net-bridge.cfg.j2"
dest: "/etc/network/interfaces.d/lxc-net-bridge.cfg" dest: "/etc/network/interfaces.d/lxc-net-bridge.cfg"
lxc_container_default_interfaces: |
# The loopback network interface
auto lo
iface lo inet loopback
# LXC interface, this is ALWAYS assumed to be DHCP.
auto eth0
iface eth0 inet dhcp
# Load any additional configs
source /etc/network/interfaces.d/*.cfg