diff --git a/defaults/main.yml b/defaults/main.yml index 301fa92b..a456a7a0 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -64,6 +64,16 @@ lxc_container_cache_path: "/var/cache/lxc/download" # 'lvm'. # lxc_container_backing_method: copy-on-write +# The cache map is used as a basic instruction set when prep'ing the base +# container image. If the cache map is overriden, the following fields are +# required: +# lxc_cache_map: +# distro: name of the distro +# arch: "CPU architecture" +# release: version of the release +# copy_from_host: [] # List of files to copy into the container +lxc_cache_map: "{{ _lxc_cache_map }}" + # When using a base container to snapshot from for the overlayfs or LVM # copy-on-write backing stored, the base container can be set. lxc_container_base_name: "{{ lxc_cache_map.distro }}-{{ lxc_cache_map.release }}-{{ lxc_cache_map.arch }}" @@ -138,6 +148,15 @@ lxc_cache_prep_dns: lxc_cache_prep_pre_commands: '## pre command skipped ##' lxc_cache_prep_post_commands: '## post command skipped ##' +# User defined variable pointing to a specific variable file used when setting +# up the base container image. Deployers can use the provided container variable +# files by simply inputting the file name +# "{{ ansible_distribution }}-{{ ansible_distribution_version }}-container.yml" +# or by providing the full path to a local file containing all of the variables +# needed to prepare a container. built-in supported values are: +# [redhat-7.yml, suse-42.yml, ubuntu-16.04.yml] +lxc_user_defined_container: null + # Full path to the base image prep script. By default this will use the # named script for a given OS within the "templates/prep-scripts" directory. # If a deployer wishes to override this script with something else they can diff --git a/releasenotes/notes/separate-host-vars-1daed001ee6b88ae.yaml b/releasenotes/notes/separate-host-vars-1daed001ee6b88ae.yaml new file mode 100644 index 00000000..8c7d4ece --- /dev/null +++ b/releasenotes/notes/separate-host-vars-1daed001ee6b88ae.yaml @@ -0,0 +1,8 @@ +--- +features: + - The variable ``lxc_user_defined_container`` has been added to the lxc_hosts + role allowing deployers to define the variable file loaded when preparing a + base container image. This option defaults to using a base image most + closely associated with the underlying OS however should a deployer need, + this option can be used to customize the base container image for a given + host. diff --git a/tasks/lxc_post_install.yml b/tasks/lxc_post_install.yml index 10e4838a..3a0acafd 100644 --- a/tasks/lxc_post_install.yml +++ b/tasks/lxc_post_install.yml @@ -32,7 +32,7 @@ mode: "{{ item.mode|default('0644') }}" with_items: - { src: lxc-openstack.conf.j2, dest: "/etc/lxc/lxc-openstack.conf" } - - { src: lxc.default.j2, dest: "{{ system_config_dir}}/lxc-net", mode: "0644" } + - { src: lxc.default.j2, dest: "{{ system_config_dir }}/lxc-net", mode: "0644" } - { src: lxc-system-manage.j2, dest: "/usr/local/bin/lxc-system-manage", mode: "0755" } tags: - lxc-files diff --git a/tasks/main.yml b/tasks/main.yml index ff859cc3..d5dff458 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -34,6 +34,18 @@ - name: Gather variables for each operating system include_vars: "{{ item }}" with_first_found: + - "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}-host.yml" + - "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}-host.yml" + - "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}-host.yml" + - "{{ ansible_distribution | lower }}-host.yml" + - "{{ ansible_os_family | lower }}-host.yml" + tags: + - always + +- name: Gather container variables + include_vars: "{{ item }}" + with_first_found: + - "{{ lxc_user_defined_container }}" - "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml" - "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml" - "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml" diff --git a/templates/prep-scripts/opensuse_leap_42_prep.sh.j2 b/templates/prep-scripts/opensuse_leap_42_prep.sh.j2 index b83a2152..89098346 100644 --- a/templates/prep-scripts/opensuse_leap_42_prep.sh.j2 +++ b/templates/prep-scripts/opensuse_leap_42_prep.sh.j2 @@ -7,8 +7,8 @@ set -e -x # We have (tried to!) copied repo-oss and repo-update from the host so wipe everything else. find /etc/zypp/repos.d/ -type f ! -name "repo-oss.repo" -a ! -name "repo-update.repo" -delete -zypper lr | grep -q 'repo-oss' || zypper --quiet ar {{ lxc_hosts_opensuse_mirror_url }}/distribution/leap/{{ ansible_distribution_version }}/repo/oss repo-oss -zypper lr | grep -q 'repo-update' || zypper --quiet ar {{ lxc_hosts_opensuse_mirror_url }}/update/leap/{{ ansible_distribution_version }}/oss repo-update +zypper lr | grep -q 'repo-oss' || zypper --quiet ar {{ lxc_hosts_opensuse_mirror_url }}/distribution/leap/{{ lxc_cache_map.release }}/repo/oss repo-oss +zypper lr | grep -q 'repo-update' || zypper --quiet ar {{ lxc_hosts_opensuse_mirror_url }}/update/leap/{{ lxc_cache_map.release }}/oss repo-update # Disable recommended packages. Only update what's really needed if ! fgrep -qx "solver.onlyRequires = true" /etc/zypp/zypp.conf; then diff --git a/templates/prep-scripts/ubuntu_16_prep.sh.j2 b/templates/prep-scripts/ubuntu_16_prep.sh.j2 index 1d91b9b6..3d47e866 100644 --- a/templates/prep-scripts/ubuntu_16_prep.sh.j2 +++ b/templates/prep-scripts/ubuntu_16_prep.sh.j2 @@ -13,8 +13,8 @@ apt-get remove -y --purge snap* lxc* lxd* resolvconf* || true # Update base distribution apt-get update apt-get upgrade -y -apt-get install -y {{ lxc_cache_install_debconf }} {{ lxc_cache_distro_packages | join(' ') }} -apt-get upgrade -y {{ lxc_cache_install_debconf }} +apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes {{ lxc_cache_distro_packages | join(' ') }} +apt-get upgrade -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes rm -f /usr/bin/python rm /etc/machine-id || true rm /var/lib/dbus/machine-id || true diff --git a/vars/redhat-7-host.yml b/vars/redhat-7-host.yml new file mode 100644 index 00000000..b4b10a34 --- /dev/null +++ b/vars/redhat-7-host.yml @@ -0,0 +1,54 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +system_config_dir: "/etc/sysconfig" +systemd_utils_prefix: "/lib/systemd" + +# Required rpm packages. +lxc_hosts_distro_packages: + - aria2 + - bridge-utils + - btrfs-progs + - dbus + - debootstrap + - dnsmasq + - git + - libseccomp + - lxc + - lxc-devel + - lxc-libs + - lxc-templates + - unzip + - xz + +# NOTE(mhayden): This packages are required for building the SELinux policy +# for LXC on CentOS 7. They're separate from the main package list because +# they take a signficant of time to install and they can be installed while +# other tasks run. +lxc_hosts_distro_selinux_packages: + - libselinux + - libselinux-devel + - policycoreutils-python + - selinux-policy-devel + +lxc_xz_bin: xz + +lxc_cached_network_interfaces: + - src: "lxc-net-redhat-bridge.cfg.j2" + dest: "/etc/sysconfig/network-scripts/ifcfg-{{ lxc_net_bridge }}" + - src: "lxc-net-suseredhat-postdown.cfg.j2" + dest: "/etc/sysconfig/network-scripts/ifdown-post-{{ lxc_net_bridge }}" + mode: "0755" + interface: "${DEVICE}" diff --git a/vars/redhat-7.yml b/vars/redhat-7.yml index 6a7ba1b9..e860c67f 100644 --- a/vars/redhat-7.yml +++ b/vars/redhat-7.yml @@ -13,41 +13,9 @@ # See the License for the specific language governing permissions and # limitations under the License. -system_config_dir: "/etc/sysconfig" -systemd_utils_prefix: "/lib/systemd" - _lxc_hosts_container_image_url: "https://github.com/CentOS/sig-cloud-instance-images/raw/CentOS-7/docker/centos-7-docker.tar.xz" -# Required rpm packages. -lxc_hosts_distro_packages: - - aria2 - - bridge-utils - - btrfs-progs - - dbus - - debootstrap - - dnsmasq - - git - - libseccomp - - lxc - - lxc-devel - - lxc-libs - - lxc-templates - - unzip - - xz - -# NOTE(mhayden): This packages are required for building the SELinux policy -# for LXC on CentOS 7. They're separate from the main package list because -# they take a signficant of time to install and they can be installed while -# other tasks run. -lxc_hosts_distro_selinux_packages: - - libselinux - - libselinux-devel - - policycoreutils-python - - selinux-policy-devel - -lxc_xz_bin: xz - -lxc_cache_map: +_lxc_cache_map: distro: centos arch: "{{ lxc_architecture_mapping.get( ansible_architecture ) }}" release: 7 @@ -84,11 +52,3 @@ _lxc_cache_distro_packages: - yum-plugin-priorities - yum-plugin-rpm-warm-cache - yum-utils - -lxc_cached_network_interfaces: - - src: "lxc-net-redhat-bridge.cfg.j2" - dest: "/etc/sysconfig/network-scripts/ifcfg-{{ lxc_net_bridge }}" - - src: "lxc-net-suseredhat-postdown.cfg.j2" - dest: "/etc/sysconfig/network-scripts/ifdown-post-{{ lxc_net_bridge }}" - mode: "0755" - interface: "${DEVICE}" diff --git a/vars/suse-42-host.yml b/vars/suse-42-host.yml new file mode 100644 index 00000000..40f50bb9 --- /dev/null +++ b/vars/suse-42-host.yml @@ -0,0 +1,48 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# Copyright 2017, SUSE LINUX GmbH. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +lxc_hosts_external_repo: + - name: "OBS:Virtualization:containers" + uri: "{{ lxc_hosts_opensuse_mirror_obs_url }}/repositories/Virtualization:/containers/openSUSE_Leap_{{ ansible_distribution_version }}/" + +system_config_dir: "/etc/sysconfig" +systemd_utils_prefix: "/usr/lib/systemd" + +# Required rpm packages. +lxc_hosts_distro_packages: + - apparmor-parser + - apparmor-profiles + - apparmor-utils + - aria2 + - bridge-utils + - btrfsprogs + - dbus-1 + - dnsmasq + - git-core + - libseccomp2 + - lxc + - liblxc-devel + - xz + +lxc_xz_bin: xz + +lxc_cached_network_interfaces: + - src: "lxc-net-suse-bridge.cfg.j2" + dest: "/etc/sysconfig/network/ifcfg-{{ lxc_net_bridge }}" + - src: "lxc-net-suseredhat-postdown.cfg.j2" + dest: "/etc/sysconfig/network/scripts/ifdown-post-{{ lxc_net_bridge }}" + mode: "0755" + interface: "${1}" diff --git a/vars/suse-42.yml b/vars/suse-42.yml index cfb5069b..6388222a 100644 --- a/vars/suse-42.yml +++ b/vars/suse-42.yml @@ -14,34 +14,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -lxc_hosts_external_repo: - - name: "OBS:Virtualization:containers" - uri: "{{ lxc_hosts_opensuse_mirror_obs_url }}/repositories/Virtualization:/containers/openSUSE_Leap_{{ ansible_distribution_version }}/" _lxc_hosts_container_image_url: "https://github.com/openSUSE/docker-containers-build/raw/openSUSE-Leap-42.3/{{ ansible_architecture }}/openSUSE-Leap-42.3.base.{{ ansible_architecture }}.tar.xz" -system_config_dir: "/etc/sysconfig" -systemd_utils_prefix: "/usr/lib/systemd" - -# Required rpm packages. -lxc_hosts_distro_packages: - - apparmor-parser - - apparmor-profiles - - apparmor-utils - - aria2 - - bridge-utils - - btrfsprogs - - dbus-1 - - dnsmasq - - git-core - - libseccomp2 - - lxc - - liblxc-devel - - xz - -lxc_xz_bin: xz - -lxc_cache_map: +_lxc_cache_map: distro: opensuse arch: "{{ lxc_architecture_mapping.get( ansible_architecture ) }}" release: "42.3" @@ -74,11 +50,3 @@ _lxc_cache_distro_packages: - tar - wget - which - -lxc_cached_network_interfaces: - - src: "lxc-net-suse-bridge.cfg.j2" - dest: "/etc/sysconfig/network/ifcfg-{{ lxc_net_bridge }}" - - src: "lxc-net-suseredhat-postdown.cfg.j2" - dest: "/etc/sysconfig/network/scripts/ifdown-post-{{ lxc_net_bridge }}" - mode: "0755" - interface: "${1}" diff --git a/vars/ubuntu-16.04-host.yml b/vars/ubuntu-16.04-host.yml new file mode 100644 index 00000000..58534b17 --- /dev/null +++ b/vars/ubuntu-16.04-host.yml @@ -0,0 +1,56 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +## APT Cache Options +cache_timeout: 600 + +# Required apt packages. +lxc_hosts_distro_packages: + - apparmor + - apparmor-profiles + - apparmor-utils + - aria2 + - bridge-utils + - btrfs-tools + - cgmanager + - cgroup-lite + - dbus + - debootstrap + - dnsmasq-base + - git + - iptables + - irqbalance + - language-pack-en + - liblxc1 + - lxc + - lxc-dev + - lxc-templates + - python-dev + - python3-lxc + - systemd-container + - pxz + +# Package to remove from the host +lxc_hosts_remove_distro_packages: + - dnsmasq + +lxc_xz_bin: pxz + +system_config_dir: "/etc/default" +systemd_utils_prefix: "/lib/systemd" + +lxc_cached_network_interfaces: + - src: "lxc-net-bridge.cfg.j2" + dest: "/etc/network/interfaces.d/lxc-net-bridge.cfg" diff --git a/vars/ubuntu-16.04.yml b/vars/ubuntu-16.04.yml index c8b174bc..ebaed795 100644 --- a/vars/ubuntu-16.04.yml +++ b/vars/ubuntu-16.04.yml @@ -13,46 +13,9 @@ # See the License for the specific language governing permissions and # limitations under the License. -## APT Cache Options -cache_timeout: 600 - _lxc_hosts_container_image_url: "http://cdimage.ubuntu.com/ubuntu-base/releases/16.04/release/ubuntu-base-16.04.4-base-{{ lxc_cache_map.arch }}.tar.gz" -# Required apt packages. -lxc_hosts_distro_packages: - - apparmor - - apparmor-profiles - - apparmor-utils - - aria2 - - bridge-utils - - btrfs-tools - - cgmanager - - cgroup-lite - - dbus - - debootstrap - - dnsmasq-base - - git - - iptables - - irqbalance - - language-pack-en - - liblxc1 - - lxc - - lxc-dev - - lxc-templates - - python-dev - - python3-lxc - - systemd-container - - pxz - -# Package to remove from the host -lxc_hosts_remove_distro_packages: - - dnsmasq - -lxc_xz_bin: pxz - -system_config_dir: "/etc/default" -systemd_utils_prefix: "/lib/systemd" -lxc_cache_map: +_lxc_cache_map: distro: ubuntu arch: "{{ lxc_architecture_mapping.get( ansible_architecture ) }}" release: xenial @@ -64,10 +27,6 @@ lxc_cache_map: - /etc/localtime - /root/repo.keys -# This forces any modified configurations to remain, and any unmodified configs to be replaced -# ref: http://serverfault.com/questions/259226/automatically-keep-current-version-of-config-files-when-apt-get-install -lxc_cache_install_debconf: '-o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes' - _lxc_cache_prep_template: "prep-scripts/ubuntu_16_prep.sh.j2" _lxc_cache_distro_packages: @@ -92,7 +51,3 @@ _lxc_cache_distro_packages: - tar - wget - debianutils # for 'which' executable - -lxc_cached_network_interfaces: - - src: "lxc-net-bridge.cfg.j2" - dest: "/etc/network/interfaces.d/lxc-net-bridge.cfg"