tests: Set lxc-openstack apparmor profile when overlayfs is used

The overlayfs backing store doesn't play well with the unconfined
profile and many tools (eg ping, traceroute) are failing to work
with the following error:

ping: error while loading shared libraries: libcap.so.2: cannot stat
shared object: Permission denied

As such, lets switch to the lxc-openstack profile is overlayfs is used
as the backing store.

Change-Id: Ibe1149ee4fedd2b3d487887e504c500c96165467
Related-Bug: #1612412

tests/host_vars/container2.yml

@@ -3,7 +3,8 @@ ansible_host: 10.100.100.3
 ansible_become: True
 ansible_user: root
 lxc_container_config_list:
-  - "lxc.aa_profile=unconfined"
+  # The unconfined profile is causing problems with overlayfs. See https://bugs.launchpad.net/openstack-ansible/+bug/1612412
+  - "lxc.aa_profile={{ (lxc_container_backing_store == 'overlayfs') | ternary('lxc-openstack', 'unconfined') }}"
 
 # TEST FOR FIXED MAC ADDRESS
 lxc_container_fixed_mac: true

tests/test-containers-functional.yml

@@ -44,7 +44,7 @@
         - skip_ansible_lint
 
     - name: Check for the presence of the right aa_profile for container2
-      command: grep "^lxc.aa_profile = unconfined$" /var/lib/lxc/container2/config
+      command: "grep -E '^lxc.aa_profile = {{ (lxc_container_backing_store == 'overlayfs') | ternary('lxc-openstack', 'unconfined') }}$' /var/lib/lxc/container2/config"
       register: container2_profile
       failed_when: container2_profile.rc != 0
       tags: