815ece7454
Unify container network interfaces using Systemd Networkd for ubuntu, centos, and openSUSE. This change allows the role to use a single way to configure container networks. Care has been taken to ensure we're able to cleanly upgrade to the new capabilities within existing environments without breaking any feature compatibility or causing any container restarts. It's also worth noting that all of the pre/post networking up/down script options have been converted to systemd "oneshot" services. This retains the ability to run adhoc scripts post network availability while also opening up this capability, which used to be ubuntu only, to all of our supported operating systems. > Our usage of `lxc-attach` was removed in favor of `nsenter` to fix a issue where multiple `lxc-attach` commands issued to a single physical host could result in a hang. > Scripts that were being generated inline have been placed into template files. This solves a long standing memory consumption issue when creating lots of containers. The old shell tasks will now be executed from a generated script. While this should also help with debugging, the main driver is to ensure better system stability. > A lot of cleanup has been done throughout the task files and templates. In the process of updating the role to use unified networking a lot of duplicate tasks, scripts, and processes have consolidated. > Handlers have been added for network connection wait conditions and to various service restarts. > The OSA plugins have been added to this role as a dependency. We rely on the connection plugins throughout the stack however we were doing a lot of workarounds to cater to the possibility of a deployer running this role without them. This change simply adds the plugins as a known dependency which allows for a more streamlined setup. Change-Id: I5d3ddcfa11d575648a69a04f2fb30236c2c89da3 Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
65 lines
2.2 KiB
YAML
65 lines
2.2 KiB
YAML
---
|
|
# Copyright 2014, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Container service directories
|
|
file:
|
|
path: "{{ item }}"
|
|
state: "directory"
|
|
with_items:
|
|
- "/openstack/{{ inventory_hostname }}"
|
|
- "/openstack/backup/{{ inventory_hostname }}"
|
|
- "/openstack/log/{{ inventory_hostname }}"
|
|
- "{{ lxc_container_directory }}/{{ inventory_hostname }}"
|
|
delegate_to: "{{ physical_host }}"
|
|
|
|
- name: LXC autodev setup
|
|
template:
|
|
src: "autodev.j2"
|
|
dest: "/var/lib/lxc/{{ inventory_hostname }}/autodev"
|
|
owner: "root"
|
|
group: "root"
|
|
mode: "0755"
|
|
delegate_to: "{{ physical_host }}"
|
|
|
|
# Run the lxc container creation process based on the backend store type
|
|
- include_tasks: "lxc_container_create_{{ lxc_container_backing_store }}.yml"
|
|
|
|
- name: Check container state
|
|
command: "lxc-info -n {{ inventory_hostname }} --state"
|
|
changed_when: false
|
|
delegate_to: "{{ physical_host }}"
|
|
register: _lxc_container_state
|
|
until: _lxc_container_state | success
|
|
retries: 3
|
|
delay: 5
|
|
|
|
# Due to https://github.com/ansible/ansible-modules-extras/issues/2691
|
|
# this uses the LXC CLI tools to ensure that we get logging.
|
|
# TODO(odyssey4me): revisit this once the bug is fixed and released
|
|
- name: Start the container if it is not already running
|
|
command: >-
|
|
lxc-start
|
|
--daemon
|
|
--name {{ inventory_hostname }}
|
|
--logfile {{ lxc_container_log_path }}/lxc-{{ inventory_hostname }}.log
|
|
--logpriority {{ (debug | bool) | ternary('DEBUG', 'INFO') }}
|
|
delegate_to: "{{ physical_host }}"
|
|
register: _lxc_container_create
|
|
until: _lxc_container_create | success
|
|
retries: 3
|
|
delay: 5
|
|
when:
|
|
- _lxc_container_state.stdout.find('STOPPED') != -1
|