Convert lxc2 to lxc3 config keys dynamically

This change allows the role to accept either lxc2 or lxc3 config keys, plus a list of key substitutions to make when writing the lxc config file. This allows a set of config keys to remain defined as variables outside this role and generate a valid config on both lxc2 and lxc3 based hosts. Change-Id: Ifc871a9fcaf77ff36cfcc1c87b1f406862d46d22
2018-09-11 10:47:45 +01:00 · 2018-09-11 10:47:45 +01:00 · 959a56eb6b
commit 959a56eb6b
parent cbc51af0f0
4 changed files with 14 additions and 4 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -25,6 +25,14 @@ lxc_container_wait_params:
  timeout: 60


+## A list of 'legacy' lxc configuration keys and their corresponding new
+## keys. Use this map to substitute keys suitable for other/newer lxc versions
+lxc_config_key_mapping:
+  3:
+    lxc.aa_profile: lxc.apparmor.profile
+    lxc.haltsignal: lxc.signal.halt
+  2:
+
 lxc_container_config: /etc/lxc/lxc-openstack.conf
 lxc_container_config_list: []
 lxc_container_commands: ""
--- a/tasks/lxc_container_config.yml
+++ b/tasks/lxc_container_config.yml
@ -17,7 +17,7 @@
 - name: Write default container config
  lineinfile:
    dest: "/var/lib/lxc/{{ inventory_hostname }}/config"
-    line: "{{ item | replace('=', ' = ', 1) | regex_replace('\\s+', ' ') }}"
+    line: "{{ lxc_config_key_mapping[lxc_major_version|int][item.split('=', 1)[0]] | default(item.split('=', 1)[0]) }} = {{ item.split('=', 1)[-1] }}"
    backup: "true"
  with_items: "{{ lxc_container_default_config_list | union(lxc_container_config_list) }}"
  delegate_to: "{{ physical_host }}"
@ -128,7 +128,7 @@
 # NOTE(cloudnull): To dynamically set the mac address "facts" Ansible line
 #                  format is being used
 - name: Set fixed hardware address fact
-  set_fact: "{{item.item.value.interface }}_mac_address={{ item.content | b64decode }}"
+  set_fact: "{{ item.item.value.interface }}_mac_address={{ item.content | b64decode }}"
  with_items:
    - "{{ macs.results }}"

@ -182,7 +182,7 @@
  with_items:
    - "lxc.hook.pre-start = /var/lib/lxc/{{ inventory_hostname }}/veth-cleanup.sh"
    - "lxc.hook.post-stop = /var/lib/lxc/{{ inventory_hostname }}/veth-cleanup.sh"
-    - "{{ (hostvars[physical_host | default('localhost')]['ansible_distribution_version'] == '18.04') | ternary ('lxc.signal.halt', 'lxc.haltsignal') }} = SIGRTMIN+4"
+    - "{{ lxc_config_key_mapping[lxc_major_version|int]['lxc.haltsignal'] | default('lxc.haltsignal') }} = SIGRTMIN+4"
  delegate_to: "{{ physical_host }}"

 - name: Run veth wiring
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -24,6 +24,7 @@
 - name: Enable or Disable lxc three syntax
  set_fact:
    lxc_three_syntax: "{{ (lxc_version.stdout.split('.')[0] | int) >= 3 }}"
+    lxc_major_version: "{{ lxc_version.stdout.split('.')[0] }}"

 - name: Allow the usage of local facts
  file:
--- a/tests/host_vars/container2.yml
+++ b/tests/host_vars/container2.yml
@ -4,4 +4,5 @@ ansible_become: True
 ansible_user: root
 lxc_container_config_list:
  # The unconfined profile is causing problems with overlayfs. See https://bugs.launchpad.net/openstack-ansible/+bug/1612412
-  - "{{ (hostvars[physical_host | default('localhost')]['ansible_distribution_version'] == '18.04') | ternary('lxc.apparmor.profile', 'lxc.aa_profile') }}={{ (lxc_container_backing_store == 'overlayfs') | ternary('lxc-openstack', 'unconfined') }}"
+  # Use the lxc2 aa_profile key to test that it is correctly changed in-flight to the required lxc3 key on bionic
+  - "lxc.aa_profile={{ (lxc_container_backing_store == 'overlayfs') | ternary('lxc-openstack', 'unconfined') }}"