openstack
/
openstack-ansible-lxc_container_create
Code Issues Proposed changes

Remove unwanted veth pair creation from lxc_container_create role 

The lxc_container_create role creates containers specified via an inventory.
Multiple network interfaces can be added to a container during creation.  These
interfaces are provided by the task 'LXC host config for container networks' in
openstack-ansible-lxc_container_create/tasks/container_create.yml

The task 'LXC host config for container networks' utilizes a template file,
openstack-ansible-lxc_container_create/templates/container-interface.ini.j2
The configuration for a specified interface is created using this template.
The template currenlty offers the ability to modify the value 'lxc.network.type'
which defaults to type 'veth' if no value is supplied.

Supplying a value other than 'veth' is currently valid for this template.
However, the creation of a veth pair device is hard coded into the template
whether or not 'lxc.network.type' resolves to a value other than 'veth'

This creates two unwanted side effects:

First, a veth pair that is not being utilized by the corresponding container is
created.  We should not create a veth pair if it will not be used.

Secondly, if the value of the variable 'lxc.network.link' defined in the same
template file is something other than a bridge, the unwanted veth creation will
fail resulting in a container that will not start.

Additionally, if the corresponding veth pair is not created, then the template
openstack-ansible-lxc_container_create/templates/veth-cleanup.sh.j2 should be
modified to filter out interfaces that are not of type 'veth'.

This change implements interface type detection in the template files
veth-cleanup.sh.j2 and container-interface.ini.j2 to prevent creation of
unwanted veth interfaces and their associated cleanup.

Change-Id: I1c0a26d07e8de0ca862d21ea7b49e02ae447f83a
Closes-Bug: #1531935
This commit is contained in:
Michael Gugino 2016-01-07 14:14:06 -05:00 committed by Michael Gugino
parent cd76bb4cd2
commit 4f1eb22919
2 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
templates/container-interface.ini.j2
View File

@ -4,11 +4,13 @@
lxc.network.type = {{ item.value.type|default('veth') }}
# Network device within the container
lxc.network.name = {{ item.value.interface }}
{% if item.value.type == 'veth' or item.value.type is none %}
# Name the veth after the container
# NOTE(major): The lxc.network.veth.pair line must appear right after
# lxc.network.name or it will be ignored.
lxc.network.veth.pair = {{ inventory_hostname[-8:].replace('-', '').replace('_', '') }}_{{ item.value.interface }}
# Host link to attach to, this should be a bridge
{% endif %}
# Host link to attach to, this should be a bridge if lxc.network.type = veth
lxc.network.link = {{ item.value.bridge }}
# Hardware Address
lxc.network.hwaddr = 00:16:3e:xx:xx:xx

3
templates/veth-cleanup.sh.j2
View File

@ -8,7 +8,8 @@ logger "LXC container {{ inventory_hostname }} removing veth {{ inventory_hostna
# Veth cleanup for items in the container_networks data structure
{% for key, value in container_networks.items() %}
{% if value.type == 'veth' or value.type is none %}
ip link del {{ inventory_hostname[-8:].replace('-', '').replace('_', '') }}_{{ value.interface }} || true
logger "LXC container {{ inventory_hostname }} removing veth {{ inventory_hostname[-8:].replace('-', '').replace('_', '') }}_{{ value.interface }}"
{% endif %}
{% endfor %}