Allow container bind mounts to be set in group/host vars

To reduce the number of times a container is restarted during the build process, this patch implements the facility to consume LXC bind mounts items from the inventory. This allows bind mounts to be set in group_vars and therefore have them applied on container creation instead of later when the service install playbook runs. Previously the container_commands option was used, but the bind mounts are a special case which are better served with its own set of tasks to ensure that everything needed is in place on the host and in the container. Needed-By: Ie2a0528fbd56c8360dd679f55fb2047e0a061c31 Change-Id: I72cdc607d7b4364d78c840bf688e43e013f40709
2016-07-28 12:05:43 +01:00 · 2016-07-28 12:05:43 +01:00 · f26d4075e8
commit f26d4075e8
parent 9e43493591
5 changed files with 54 additions and 8 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -30,6 +30,12 @@ lxc_container_default_config_list:
 lxc_container_config_list: []
 lxc_container_commands: ""

+# A list of bind mounts to configure for the container, for example:
+# lxc_container_bind_mounts:
+#   - host_directory: "/openstack/{{ inventory_hostname }}/mydirectory"
+#     container_directory: "/opt/mydirectory"
+lxc_container_bind_mounts: []
+
 # Mappings from Ansible reported architecture to distro release architecture
 lxc_architecture_mapping:
  x86_64: amd64
--- a/releasenotes/notes/container-bind-mounts-1a3a763178255841.yaml
+++ b/releasenotes/notes/container-bind-mounts-1a3a763178255841.yaml
@ -0,0 +1,12 @@
+---
+features:
+  - The ``lxc-container-create`` role now consumes the variable
+    ``lxc_container_bind_mounts`` which should contain a list
+    of bind mounts to apply to a newly created container. The
+    appropriate host and container directory will be created and
+    the configuration applied to the container config. This
+    feature is designed to be used in group_vars to ensure that
+    containers are fully prepared at the time they are created,
+    thus cutting down the number of times containers are restarted
+    during deployments and upgrades.
+
--- a/tasks/container_create.yml
+++ b/tasks/container_create.yml
@ -125,6 +125,33 @@
  tags:
    - lxc-container-config

+- name: Ensure bind mount host directories exists
+  file:
+    path: "{{ item['host_directory'] }}"
+    state: "directory"
+  with_items: "{{ lxc_container_bind_mounts }}"
+  delegate_to: "{{ physical_host }}"
+
+- name: Ensure container directories exist
+  lxc_container:
+    name: "{{ inventory_hostname }}"
+    container_command: |
+      [[ ! -d "{{ item['container_directory'] }}" ]] && mkdir -p "{{ item['container_directory'] }}"
+  with_items: "{{ lxc_container_bind_mounts }}"
+  delegate_to: "{{ physical_host }}"
+
+- name: Add bind mount configuration to container
+  lineinfile:
+    dest: "/var/lib/lxc/{{ inventory_hostname }}/config"
+    line: "lxc.mount.entry = {{ item['host_directory'] }} {{ item['container_directory'].lstrip('/') }} none bind 0 0"
+    backup: "true"
+  with_items: "{{ lxc_container_bind_mounts }}"
+  delegate_to: "{{ physical_host }}"
+  notify:
+    - Lxc container restart
+  tags:
+    - lxc-container-config
+
 - name: Container network interfaces
  lxc_container:
    name: "{{ inventory_hostname }}"
--- a/tests/host_vars/container2.yml
+++ b/tests/host_vars/container2.yml
@ -1,3 +1,8 @@
 ---
 lxc_container_config_list:
  - "lxc.aa_profile=unconfined"
+
+lxc_container_bind_mounts:
+  - host_directory: "/openstack/{{ inventory_hostname }}/test2"
+    container_directory: "/var/log/test2"
+
--- a/tests/test-containers-functional.yml
+++ b/tests/test-containers-functional.yml
@ -49,16 +49,12 @@

    - name: Check for the presence of the right bound mount for container1
      command: grep "lxc.mount.entry = /openstack/container1 opt/test1 none bind 0 0" /var/lib/lxc/container1/config
-      register: container1_bind_mount
-      failed_when: container1_bind_mount.rc != 0

-    - name: Check for the lack of presence of a bound mount for container2
-      command: grep "lxc.mount.entry = /openstack/container2 opt/test1 none bind 0 0" /var/lib/lxc/container2/config
-      register: container2_bind_mount
-      failed_when: container2_bind_mount.rc == 0
+    - name: Check for the presence of the right bound mount for container2
+      command: grep "lxc.mount.entry = /openstack/container2/test2 var/log/test2 none bind 0 0" /var/lib/lxc/container2/config

-    - name: Check for the lack of presence of a bound mount for container3
-      command: grep "lxc.mount.entry = /openstack/container3 opt/test1 none bind 0 0" /var/lib/lxc/container3/config
+    - name: Check for the lack of presence of any bound mount (except the backup bind mount) for container3
+      command: grep "lxc.mount.entry = /openstack/container" /var/lib/lxc/container3/config
      register: container1_bind_mount
      failed_when: container1_bind_mount.rc == 0