--- # Copyright 2017, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. lxc_container_map: distro: "{{ hostvars[physical_host]['ansible_facts']['distribution'] | lower }}" arch: "{{ lxc_architecture_mapping.get(hostvars[physical_host]['ansible_facts']['architecture'] | lower) }}" release: "{{ hostvars[physical_host]['ansible_facts']['distribution_major_version'] }}" lxc_container_default_config_list: - "lxc.start.auto=1" - "lxc.start.delay=15" - "lxc.group=onboot" - "lxc.group=openstack" - "lxc.autodev=1" - "lxc.hook.autodev=/var/lib/lxc/{{ inventory_hostname }}/autodev" # A set of container networks used within the LXC containers. This information # is sourced from the assumed "container_networks", "container_extra_networks" # and "lxc_container_networks" variables and combined into a single # immutable hash. lxc_container_networks_combined: "{{ container_networks | default({}) | combine(container_extra_networks | default({})) | combine(lxc_container_networks) }}" sysctl_path: "/sbin" _lxc_container_bind_mounts: [] _lxc_container_systemd_networks: | {% set systemd_networks = [] %} {% for network in lxc_container_networks_combined.values() %} {% set _ = systemd_networks.append({ 'filename': network.interface, 'interface': network.interface, 'address': network.address | default('dhcp'), 'netmask': network.netmask | default(), 'gateway': network.gateway | default(), 'mtu': network.mtu | default(), 'static_routes': network.static_routes | default([]), 'usedns': ('dhcp_use_dns' in network) | ternary(network.dhcp_use_dns, lxc_container_enable_resolved | bool), 'config_overrides': ('dhcp_use_routes' in network) | ternary({'DHCP': {'UseRoutes': network.dhcp_use_routes}}, {}) }) %} {% endfor %} {{ systemd_networks }} _lxc_container_systemd_services: | {% set systemd_services = [] %} {% for network in lxc_container_networks_combined.values() %} {% set postup_command = network.postup | default([]) | union(lxc_container_default_postup) %} {% set postdown_command = network.postdown | default([]) | union(lxc_container_default_postdown) %} {% set preup_command = network.preup | default([]) | union(lxc_container_default_preup) %} {% set predown_command = network.predown | default([]) | union(lxc_container_default_predown) %} {% if postup_command or postdown_command %} {% set _ = systemd_services.append({ 'service_name': 'post-up-down-' ~ network.interface, 'service_type': 'oneshot', 'state': 'started', 'enabled': True, 'execstarts': postup_command, 'execstops': postdown_command, 'after_targets': ['network.target'] }) %} {% endif %} {% if preup_command or predown_command %} {% set _ = systemd_services.append({ 'service_name': 'pre-up-down-' ~ network.interface, 'service_type': 'oneshot', 'state': 'started', 'enabled': True, 'execstarts': preup_command, 'execstops': predown_command, 'after_targets': ['local-fs.target'], 'config_overrides': {'Unit': {'Before': 'network-pre.target', 'Wants': 'network-pre.target'}} }) %} {% endif %} {% endfor %} {% set _ = systemd_services.append({ 'service_name': 'sysctl-container', 'service_type': 'oneshot', 'state': 'started', 'enabled': True, 'execstarts': sysctl_path ~ '/sysctl -p', 'after_targets': ['systemd-modules-load.service'], 'config_overrides': { 'Unit': { 'DefaultDependencies': 'no', 'Conflicts': 'shutdown.target', 'Before': 'sysinit.target shutdown.target' }, 'Service': { 'RemainAfterExit': 'yes' } } }) %} {% set _ = systemd_services.append({ 'service_name': 'systemd-hostnamed', 'state': 'started', 'enabled': True, 'systemd_overrides_only': True, 'systemd_overrides': { 'Service': { 'PrivateNetwork': 'no', 'PrivateDevices': 'no' } } }) %} {{ systemd_services }}