From da4f62b006177d67d9f5089938b27482d70acfb0 Mon Sep 17 00:00:00 2001 From: Jonathan Rosser Date: Tue, 16 Jun 2020 07:22:58 +0100 Subject: [PATCH] Remove machinectl from LXC cache prep machinectl is only used to store the image during initial cache preparation and is unrelated to the backing store used by LXC. This patch removes the use of machinectl and btrfs which makes the lxc_hosts role portable to centos-8 which does not have btrfs Change-Id: Ib03ea09fa5b4d4b6b3d5ca38a0a6c5cf67eb1df4 --- {templates => files}/var-lib-machines.mount | 4 +- .../drop-machinectl-5053dc9833535cd9.yaml | 8 + tasks/lxc_cache.yml | 11 +- tasks/lxc_cache_create.yml | 10 +- tasks/lxc_cache_preparation.yml | 54 +---- tasks/lxc_cache_preparation_simple.yml | 71 ++++++ tasks/lxc_cache_preparation_systemd_new.yml | 58 ----- tasks/lxc_cache_preparation_systemd_old.yml | 48 ---- tasks/lxc_post_install.yml | 8 - tasks/lxc_volume.yml | 106 +++------ templates/lxc-machinectl.j2 | 215 ------------------ templates/systemd-machined.service.j2 | 23 -- zuul.d/jobs.yaml | 21 -- zuul.d/project.yaml | 3 - 14 files changed, 117 insertions(+), 523 deletions(-) rename {templates => files}/var-lib-machines.mount (74%) create mode 100644 releasenotes/notes/drop-machinectl-5053dc9833535cd9.yaml create mode 100644 tasks/lxc_cache_preparation_simple.yml delete mode 100644 tasks/lxc_cache_preparation_systemd_new.yml delete mode 100644 tasks/lxc_cache_preparation_systemd_old.yml delete mode 100644 templates/lxc-machinectl.j2 delete mode 100644 templates/systemd-machined.service.j2 diff --git a/templates/var-lib-machines.mount b/files/var-lib-machines.mount similarity index 74% rename from templates/var-lib-machines.mount rename to files/var-lib-machines.mount index ad6d349d..b2d02699 100644 --- a/templates/var-lib-machines.mount +++ b/files/var-lib-machines.mount @@ -12,8 +12,8 @@ ConditionPathExists=/var/lib/machines.raw [Mount] What=/var/lib/machines.raw Where=/var/lib/machines -Type=btrfs -Options=loop,defaults,noatime,nodiratime,compress=lzo,commit=120,{{ (ansible_kernel is version('4.5', '>=')) | ternary('space_cache=v2', 'space_cache') }} +Type=ext4 +Options=loop,defaults,noatime,nodiratime [Install] WantedBy=multi-user.target diff --git a/releasenotes/notes/drop-machinectl-5053dc9833535cd9.yaml b/releasenotes/notes/drop-machinectl-5053dc9833535cd9.yaml new file mode 100644 index 00000000..f06ec52b --- /dev/null +++ b/releasenotes/notes/drop-machinectl-5053dc9833535cd9.yaml @@ -0,0 +1,8 @@ +--- +deprecations: + - | + To provide compatibility with Centos-8 the LXC cache preparation has + been greatly simplified to remove the requirement for machinectl and + btrfs, which is a combination not available on Centos-8. This has + the side effect of machinectl no longer being a supported backing + store for LXC. diff --git a/tasks/lxc_cache.yml b/tasks/lxc_cache.yml index 81dc11c1..8145ceb1 100644 --- a/tasks/lxc_cache.yml +++ b/tasks/lxc_cache.yml @@ -13,14 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Check cached image status - command: "machinectl image-status {{ lxc_container_base_name }}" - register: cache_check - changed_when: false - failed_when: false - tags: - - always - - name: Retrieve the expiry object slurp: src: "{{ cache_path_fact }}/expiry" @@ -34,8 +26,7 @@ - name: Set cache refresh fact set_fact: lxc_image_cache_refresh: true - when: > - (cache_check.rc != 0) or + when: cache_time >= (expiry.content|default('MQo=') | b64decode) tags: - always diff --git a/tasks/lxc_cache_create.yml b/tasks/lxc_cache_create.yml index 31c60818..a089f4f5 100644 --- a/tasks/lxc_cache_create.yml +++ b/tasks/lxc_cache_create.yml @@ -27,23 +27,17 @@ file: path: "{{ cache_path_fact }}/rootfs.tar.xz" state: "absent" - when: - - container_backing_store != 'machinectl' # This is using a shell command because the ansible archive module does not # provide for the options needed to properly create an LXC image archive. # Ansible will print a warning since this task calls 'tar' directly and we -# suppress this warning with 'warn: no'. This task is not run when the backend -# is set to "machinectl" because the "machinectl" backend directly clones the -# base image instead of unpacking a container tarball. +# suppress this warning with 'warn: no'. - name: Create lxc image shell: | tar -Opc -C {{ lxc_image_cache_path }} . | {{ lxc_xz_bin }} -T 0 -{{ lxc_image_compression_ratio }} -c - > rootfs.tar.xz args: chdir: "{{ cache_path_fact }}/" warn: no - when: - - container_backing_store != 'machinectl' tags: - skip_ansible_lint @@ -77,8 +71,6 @@ copy: content: "{{ cache_time }}" dest: "{{ cache_path_fact }}/build_id" - when: - - container_backing_store != 'machinectl' - include_tasks: "{{ item }}" with_first_found: diff --git a/tasks/lxc_cache_preparation.yml b/tasks/lxc_cache_preparation.yml index 3335ff4c..841b1622 100644 --- a/tasks/lxc_cache_preparation.yml +++ b/tasks/lxc_cache_preparation.yml @@ -13,61 +13,9 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Pull systemd version - command: "systemctl --version" - changed_when: false - register: systemd_version - tags: - # Avoid ANSIBLE0006 lint issue: systemctl used in place of systemd module - - skip_ansible_lint - - always - -- block: - - name: Create machined proxy override unit directories - file: - path: "/etc/systemd/system/{{ item }}" - owner: root - group: root - mode: '0755' - state: directory - with_items: - - systemd-machined.service.d - - systemd-importd.service.d - - - name: Drop the machined proxy override units - template: - src: systemd-proxy-unit.conf.j2 - dest: /etc/systemd/system/{{ item }}/proxy.conf - owner: root - group: root - mode: '0644' - with_items: - - systemd-machined.service.d - - systemd-importd.service.d - when: - - (deployment_environment_variables | default({})).keys() | length > 0 - - include_tasks: lxc_volume.yml -- include_tasks: "lxc_cache_preparation_systemd_{{ (systemd_version.stdout_lines[0].split()[1] | int > 219) | ternary('new', 'old') }}.yml" - -- name: Set the qgroup limits - block: - - name: Set the qgroup size|compression limits on machines - command: "btrfs qgroup limit {{ item }} {{ lxc_image_cache_path }}" - changed_when: false - with_items: - - "-e {{ lxc_host_machine_qgroup_space_limit }}" - - "-c {{ lxc_host_machine_qgroup_compression_limit }}" - when: - - not lxc_host_machine_quota_disabled - rescue: - - name: Notice regarding quota system - debug: - msg: >- - There was an error processing the setup of qgroups. Check the system - to ensure they're available otherwise disable the quota system by - setting `lxc_host_machine_quota_disabled` to true. +- include_tasks: lxc_cache_preparation_simple.yml # NOTE(cloudnull): We're using rsync and an if block because we've no means # to loop over a block. Re-evaluate this task when/if this is diff --git a/tasks/lxc_cache_preparation_simple.yml b/tasks/lxc_cache_preparation_simple.yml new file mode 100644 index 00000000..279d2751 --- /dev/null +++ b/tasks/lxc_cache_preparation_simple.yml @@ -0,0 +1,71 @@ +--- +# Copyright 2020, BBC R&D +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Create sparse machines file + command: "truncate -s 11G /var/lib/machines.raw" + args: + creates: /var/lib/machines.raw + register: machines_create + +- name: Format the machines file + filesystem: + fstype: ext4 + dev: /var/lib/machines.raw + when: + - machines_create is changed + +- name: Create machines mount point + file: + path: "/var/lib/machines" + state: "directory" + recurse: true + +- name: Move machines mount into place + copy: + src: var-lib-machines.mount + dest: /lib/systemd/system/var-lib-machines.mount + register: mount_unit + +- name: Reload the System daemon + systemd: + daemon_reload: yes + when: mount_unit is changed + +- name: Mount all + shell: "mount | grep '/var/lib/machines' || (systemctl start var-lib-machines.mount && exit 3)" + register: mount_machines + changed_when: mount_machines.rc == 3 + failed_when: mount_machines.rc not in [0, 3] + tags: + - skip_ansible_lint + +- name: Remove the old image cache + file: + path: "/var/lib/machines/{{ lxc_container_base_name }}" + state: absent + when: + - lxc_image_cache_refresh | bool + +- name: Create new image cache directory + file: + path: "/var/lib/machines/{{ lxc_container_base_name }}" + state: directory + register: create_new_dir + +- name: Unpack base image + unarchive: + src: "/tmp/{{ cache_basename }}" + dest: "/var/lib/machines/{{ lxc_container_base_name }}" + when: create_new_dir is changed diff --git a/tasks/lxc_cache_preparation_systemd_new.yml b/tasks/lxc_cache_preparation_systemd_new.yml deleted file mode 100644 index f3266558..00000000 --- a/tasks/lxc_cache_preparation_systemd_new.yml +++ /dev/null @@ -1,58 +0,0 @@ ---- -# Copyright 2015, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# NOTE(cloudnull): When modern SystemD is running everywhere this can be -# collapsed back into the base preparation task file. -- name: Remove old image cache - command: "machinectl remove {{ lxc_container_base_name }}" - register: cache_refresh - changed_when: cache_refresh.rc == 0 - failed_when: cache_refresh.rc not in [0, 1] - when: - - lxc_image_cache_refresh | bool - -- name: Ensure image has been pre-staged - async_status: - jid: "{{ prestage_image.ansible_job_id }}" - register: job_result - until: job_result.finished - retries: 60 - -- name: Ensure systemd-importd is enabled - systemd: - name: "systemd-importd" - state: "started" - enabled: "yes" - daemon_reload: "yes" - notify: - - Restart importd - -- name: Retrieve base image - command: >- - machinectl - --verify=no - {{ lxc_image_cache_pull_mode }} - /tmp/{{ cache_basename }} - {{ lxc_container_base_name }} - register: pull_image - until: pull_image is success - retries: 3 - delay: 1 - changed_when: pull_image.rc == 0 - failed_when: - - pull_image.rc != 0 - - "'failed' in pull_image.stderr | lower" - notify: - - Remove rootfs archive diff --git a/tasks/lxc_cache_preparation_systemd_old.yml b/tasks/lxc_cache_preparation_systemd_old.yml deleted file mode 100644 index 009714b3..00000000 --- a/tasks/lxc_cache_preparation_systemd_old.yml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# Copyright 2015, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Because of this post and it's related bug(s) this is adding the container -# volumes the old way. The new way would simply be calling `machinectl`. -# * https://www.mail-archive.com/systemd-devel@lists.freedesktop.org/msg28255.html -- name: Remove old image cache - command: "btrfs subvolume delete /var/lib/machines/{{ lxc_container_base_name }}" - register: cache_refresh_del - changed_when: cache_refresh_del.rc == 0 - failed_when: cache_refresh_del.rc not in [0, 1] - when: - - lxc_image_cache_refresh | bool - -- name: Add image cache - command: "btrfs subvolume create /var/lib/machines/{{ lxc_container_base_name }}" - register: cache_refresh_add - changed_when: cache_refresh_add.rc == 0 - failed_when: cache_refresh_add.rc not in [0, 1] - when: - - lxc_image_cache_refresh | bool - -- name: Ensure image has been pre-staged - async_status: - jid: "{{ prestage_image.ansible_job_id }}" - register: job_result - until: job_result.finished - retries: 60 - -- name: Place container rootfs - unarchive: - src: "/tmp/{{ cache_basename }}" - dest: "/var/lib/machines/{{ lxc_container_base_name }}" - remote_src: True - notify: - - Remove rootfs archive diff --git a/tasks/lxc_post_install.yml b/tasks/lxc_post_install.yml index 61f053e0..a248f993 100644 --- a/tasks/lxc_post_install.yml +++ b/tasks/lxc_post_install.yml @@ -50,14 +50,6 @@ set_fact: lxc_major_version: "{{ lxc_version.stdout.split('.')[0] }}" -- name: Create machinectl base template - template: - src: "lxc-machinectl.j2" - dest: "/usr/share/lxc/templates/lxc-machinectl" - owner: "root" - group: "root" - mode: "0755" - - name: Drop lxc veth check script copy: src: "lxc-veth-check.sh" diff --git a/tasks/lxc_volume.yml b/tasks/lxc_volume.yml index fbc44237..e5b722e7 100644 --- a/tasks/lxc_volume.yml +++ b/tasks/lxc_volume.yml @@ -13,80 +13,40 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Check machinectl mount point - command: mountpoint /var/lib/machines - failed_when: false - changed_when: false - register: machinectl_mount - -# NOTE(odyssey4me): -# The size is forced to be set in Gigabytes to maintain compatibility -# with the initial implementation done in Pike-Rocky. Do not change -# this without implementing some way of converting any pre-existing -# value properly during a major upgrade. -- name: Set volume size - shell: | - machinectl set-limit {{ lxc_host_machine_volume_size | regex_replace("\D*$", "") }}G - truncate -s '>{{ lxc_host_machine_volume_size | regex_replace("\D*$", "") }}G' /var/lib/machines.raw - changed_when: false - register: machines_create +- name: Create sparse machines file + command: "truncate -s 11G /var/lib/machines.raw" args: - executable: /bin/bash - tags: - - skip_ansible_lint + creates: /var/lib/machines.raw + register: machines_create -- name: Systemd machinectl mount - block: - - name: Format the machines sparse file - filesystem: - fstype: btrfs - dev: /var/lib/machines.raw - - - name: Create machines mount point - file: - path: "/var/lib/machines" - state: "directory" - - - name: Move machines mount into place - template: - src: var-lib-machines.mount - dest: /etc/systemd/system/var-lib-machines.mount - register: mount_unit - notify: - - Reload systemd units - - Start machines mount - when: - - machinectl_mount.rc != 0 - -- meta: flush_handlers - -- name: Update quota system and group limits - block: - - name: Disable|Enable the machinectl quota system - command: "btrfs quota {{ lxc_host_machine_quota_disabled | bool | ternary('disable', 'enable') }} /var/lib/machines" - changed_when: false - - - name: Set the qgroup size|compression limits on machines - command: "btrfs qgroup limit {{ item }} /var/lib/machines" - changed_when: false - with_items: - - "-e {{ lxc_host_machine_qgroup_space_limit }}" - - "-c {{ lxc_host_machine_qgroup_compression_limit }}" - when: - - not lxc_host_machine_quota_disabled | bool - rescue: - - name: Notice regarding quota system - debug: - msg: >- - The machinectl quota system could not be setup. Check the system for - quota system availability otherwise disable it by setting - `lxc_host_machine_quota_disabled` to true. - -# NOTE(cloudnull): Because the machines mount may be a manually created sparse -# file we run an online resize to ensure the machines mount is -# the size we expect. -- name: Ensure the machines fs is sized correctly - command: "btrfs filesystem resize max /var/lib/machines" - failed_when: false +- name: Format the machines file + filesystem: + fstype: ext4 + dev: /var/lib/machines.raw when: - machines_create is changed + +- name: Create machines mount point + file: + path: "/var/lib/machines" + state: "directory" + recurse: true + +- name: Move machines mount into place + copy: + src: var-lib-machines.mount + dest: /lib/systemd/system/var-lib-machines.mount + register: mount_unit + +- name: Reload the System daemon + systemd: + daemon_reload: yes + when: mount_unit is changed + +- name: Mount all + shell: "mount | grep '/var/lib/machines' || (systemctl start var-lib-machines.mount && exit 3)" + register: mount_machines + changed_when: mount_machines.rc == 3 + failed_when: mount_machines.rc not in [0, 3] + tags: + - skip_ansible_lint diff --git a/templates/lxc-machinectl.j2 b/templates/lxc-machinectl.j2 deleted file mode 100644 index 3d64e3cb..00000000 --- a/templates/lxc-machinectl.j2 +++ /dev/null @@ -1,215 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2017, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -eu - - -## Vars ---------------------------------------------------------------------- -LXC_CACHE_BASE="/var/cache/lxc/" -LXC_CACHE_PATH="${LXC_CACHE_PATH:-$LXC_CACHE_BASE}" -LXC_HOOK_DIR="/usr/share/lxc/hooks" -LXC_TEMPLATE_CONFIG="/usr/share/lxc/config" - -# Default variables -DOWNLOAD_VARIANT= -DOWNLOAD_DIST= -DOWNLOAD_RELEASE= -DOWNLOAD_ARCH= - -# NOTE(cloudnull): These variables are created magically through the -# `lxc-create` command and must exist at the top of the file. -LXC_NAME= -LXC_PATH= -LXC_ROOTFS= - -## Functions ------------------------------------------------------------------ -usage() { - # Return usage information - cat < ]: The container name -[ -d | --dist ]: The name of the distribution -[ -r | --release ]: Release name/version -[ -a | --arch ]: Architecture of the container - -Optional arguments: -[ --variant ]: Variant of the image (default: "default") -[ -b | --base ]: Set the image base name to ANY existing machine image - -EOF - -} - -# Trap all exit signals -trap EXIT HUP INT TERM - -## Exports -------------------------------------------------------------------- -# Make sure the usual locations are in PATH -export PATH=$PATH:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/bin - - -## Main ----------------------------------------------------------------------- -if ! options=$(getopt -o d:r:a:hl -l dist:,release:,arch:,help,list,variant:,name:,path:,rootfs: -- "$@"); then - usage - exit 1 -fi -eval set -- "$options" - -while :; do - case "$1" in - -h|--help) usage && exit 1;; - -l|--list) DOWNLOAD_LIST_IMAGES="true"; shift 1;; - -d|--dist) DOWNLOAD_DIST="$2"; shift 2;; - -r|--release) DOWNLOAD_RELEASE="$2"; shift 2;; - -a|--arch) DOWNLOAD_ARCH="$2"; shift 2;; - --variant) DOWNLOAD_VARIANT="$2"; shift 2;; - --name) LXC_NAME="$2"; shift 2;; - --path) LXC_PATH="$2"; shift 2;; - --rootfs) LXC_ROOTFS="$2"; shift 2;; - *) break;; - esac -done - -# Setup the basic information used for machine images -if [ -z "${LXC_MACHINE_IMAGE:-}" ]; then - export LXC_MACHINE_IMAGE="${DOWNLOAD_DIST}-${DOWNLOAD_RELEASE}-${DOWNLOAD_ARCH}" -fi - -# NOTE(cloudnull): If a variant name has not been defined, set it as "default". -# If a variant is set, amend the machine image name -if [ -z "${DOWNLOAD_VARIANT:-}" ]; then - export DOWNLOAD_VARIANT="default" -fi - -# Setup the basic pathing pointing at the known LXC cache -LXC_CACHE_PATH="${LXC_CACHE_PATH}/download/${DOWNLOAD_DIST}" -LXC_CACHE_PATH="${LXC_CACHE_PATH}/${DOWNLOAD_RELEASE}/${DOWNLOAD_ARCH}/" -export LXC_CACHE_PATH="${LXC_CACHE_PATH}/${DOWNLOAD_VARIANT}" - -# Check for required binaries -for bin in machinectl; do - if ! command -V "${bin}" >/dev/null 2>&1; then - echo "ERROR: Missing required tool: ${bin}" 1>&2 - exit 1 - fi -done - -# Check for the lxc base image -if ! btrfs subvolume show "/var/lib/machines/${LXC_MACHINE_IMAGE}" 2>&1 > /dev/null; then - echo "[FAILURE] Base image does not exist." - exit 99 -fi - -if btrfs subvolume show "/var/lib/machines/${LXC_NAME}" 2>&1 > /dev/null; then - echo "[NOTICE] Contianer volume already exists" -else - btrfs subvolume snapshot \ - "/var/lib/machines/${LXC_MACHINE_IMAGE}" \ - "/var/lib/machines/${LXC_NAME}" - echo "[NOTICE] New machine volume created" -fi - -# Set the LXC_ROOTFS to the machines path -export LXC_ROOTFS="/var/lib/machines/${LXC_NAME}" - -# Ensuing the container path exists -mkdir -p "${LXC_ROOTFS}/${LXC_NAME}/dev/pts/" -mkdir -p "${LXC_PATH}/rootfs" - -cat <&2 - exit 1 -fi - -# Build container specific configurations -echo -e "\n# Distribution configuration" >> "${LXC_PATH}/config" -cat "${LXC_CACHE_PATH}/config" >> "${LXC_PATH}/config" - -echo -e "\n# Container specific configuration" >> "${LXC_PATH}/config" - -# If an older fstab file exists in the template, extend the lxc config. -if [ -e "${LXC_CACHE_PATH}/fstab" ]; then - echo "{{ lxc_template_config_key_mapping[lxc_major_version|int]['fstab'] }} = ${LXC_PATH}/fstab" >> "${LXC_PATH}/config" -fi - -# Set the uts name -echo "{{ lxc_template_config_key_mapping[lxc_major_version|int]['uts_name'] }} = ${LXC_NAME}" >> "${LXC_PATH}/config" - -# Look for extra templates -TEMPLATE_FILES="${LXC_PATH}/config" -if [ -e "${LXC_CACHE_PATH}/templates" ]; then - while read -r line; do - fullpath="${LXC_ROOTFS}/${line}" - [ ! -e "${fullpath}" ] && continue - TEMPLATE_FILES="${TEMPLATE_FILES};${fullpath}" - done < "${LXC_CACHE_PATH}/templates" -fi - -# Replace variables in all templates -OLD_IFS=${IFS} -IFS=";" -for file in ${TEMPLATE_FILES}; do - [ ! -f "${file}" ] && continue - sed -i "s#LXC_NAME#${LXC_NAME}#g" "${file}" - sed -i "s#LXC_PATH#${LXC_PATH}#g" "${file}" - sed -i "s#LXC_ROOTFS#${LXC_ROOTFS}#g" "${file}" - sed -i "s#LXC_TEMPLATE_CONFIG#${LXC_TEMPLATE_CONFIG}#g" "${file}" - sed -i "s#LXC_HOOK_DIR#${LXC_HOOK_DIR}#g" "${file}" -done -IFS=${OLD_IFS} - -# Add the machinectl backend store for the new container -if grep -q '^{{ lxc_template_config_key_mapping[lxc_major_version|int]['rootfs'] }} =' "${LXC_PATH}/config"; then - sed -i "s|^{{ lxc_template_config_key_mapping[lxc_major_version|int]['rootfs'] }} =.*|{{ lxc_template_config_key_mapping[lxc_major_version|int]['rootfs'] }} = ${LXC_ROOTFS}|" "${LXC_PATH}/config" -else - echo "{{ lxc_template_config_key_mapping[lxc_major_version|int]['rootfs'] }} = ${LXC_ROOTFS}" >> "${LXC_PATH}/config" -fi - -{% if (lxc_major_version | int) < 3 %} -if grep -q '^{{ lxc_template_config_key_mapping[lxc_major_version|int]['rootfs_backend'] }} =' "${LXC_PATH}/config"; then - sed -i "s|^{{ lxc_template_config_key_mapping[lxc_major_version|int]['rootfs_backend'] }} =.*|{{ lxc_template_config_key_mapping[lxc_major_version|int]['rootfs_backend'] }} = btrfs|" "${LXC_PATH}/config" -else - echo "{{ lxc_template_config_key_mapping[lxc_major_version|int]['rootfs_backend'] }} = btrfs" >> "${LXC_PATH}/config" -fi -{% endif %} - -# Prevent mingetty from calling vhangup(2) -if [ -f "${LXC_ROOTFS}/etc/init/tty.conf" ]; then - sed -i 's|mingetty|mingetty --nohangup|' "${LXC_ROOTFS}/etc/init/tty.conf" -fi - -# Display exit message -if [ -e "${LXC_CACHE_PATH}/create-message" ]; then - echo -e "\n---" - cat "${LXC_CACHE_PATH}/create-message" -fi - -exit 0 diff --git a/templates/systemd-machined.service.j2 b/templates/systemd-machined.service.j2 deleted file mode 100644 index e948d350..00000000 --- a/templates/systemd-machined.service.j2 +++ /dev/null @@ -1,23 +0,0 @@ -# This file is part of systemd. -# -# systemd is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published by -# the Free Software Foundation; either version 2.1 of the License, or -# (at your option) any later version. - -[Unit] -Description=Virtual Machine and Container Registration Service -Documentation=man:systemd-machined.service(8) -Documentation=http://www.freedesktop.org/wiki/Software/systemd/machined -Wants=machine.slice -After=machine.slice - -[Service] -ExecStart={{ systemd_utils_prefix }}/systemd-machined -BusName=org.freedesktop.machine1 -CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID -WatchdogSec=3min - -# Note that machined cannot be placed in a mount namespace, since it -# needs access to the host's mount namespace in order to implement the -# "machinectl bind" operation. diff --git a/zuul.d/jobs.yaml b/zuul.d/jobs.yaml index e7319158..6b30ad32 100644 --- a/zuul.d/jobs.yaml +++ b/zuul.d/jobs.yaml @@ -54,27 +54,6 @@ vars: tox_env: btrfs -- job: - name: openstack-ansible-lxc-machinectl-ubuntu-bionic - parent: openstack-ansible-lxc-container-create - nodeset: ubuntu-bionic - vars: - tox_env: mnctl - -- job: - name: openstack-ansible-lxc-machinectl-ubuntu-focal - parent: openstack-ansible-lxc-container-create - nodeset: ubuntu-focal - vars: - tox_env: mnctl - -- job: - name: openstack-ansible-lxc-machinectl-centos-7 - parent: openstack-ansible-lxc-container-create - nodeset: centos-7 - vars: - tox_env: mnctl - - job: name: openstack-ansible-lxc-overlayfs-ubuntu-bionic parent: openstack-ansible-lxc-container-create diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml index b9c4efc3..0c5df709 100644 --- a/zuul.d/project.yaml +++ b/zuul.d/project.yaml @@ -26,9 +26,6 @@ - openstack-ansible-lxc-dir-ubuntu-focal - openstack-ansible-lxc-btrfs-ubuntu-bionic - openstack-ansible-lxc-btrfs-ubuntu-focal - - openstack-ansible-lxc-machinectl-ubuntu-bionic - - openstack-ansible-lxc-machinectl-ubuntu-focal - - openstack-ansible-lxc-machinectl-centos-7 - openstack-ansible-lxc-overlayfs-ubuntu-bionic - openstack-ansible-lxc-overlayfs-ubuntu-focal - openstack-ansible-lxc-zfs-ubuntu-bionic