--- # Copyright 2014, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # Timeout (in seconds) for the LXC cache to control how often the rootfs # cache will be updated. By default this timeout is set to 1 day. lxc_cache_timeout: 86400 # Environment to use when building LXC caches # You can set http_proxy environment variables here for example # if you would like to proxy all image downloads lxc_cache_environment: {} # Set the package install state for distribution and pip packages # Options are 'present' and 'latest' lxc_hosts_package_state: "latest" lxc_hosts_pip_package_state: "latest" # Mappings from Ansible reported architecture to distro release architecture lxc_architecture_mapping: x86_64: amd64 ppc64le: ppc64el # lxc container rootfs directory and cache path lxc_container_directory: "/var/lib/lxc" lxc_container_cache_path: "/var/cache/lxc/download" # The container backing store can be set to 'overlayfs' to use overlayfs # This should only be done for production use with a linux kernel > 3.14 # which is when overlayfs was merged into the mainline kernel # lxc_container_backing_store: overlayfs # The container backing method can be set to 'copy-on-write' to use LVM # snapshot-backed containers when the container backing store is set to # 'lvm'. # lxc_container_backing_method: copy-on-write # When using a base container to snapshot from for the overlayfs or LVM # copy-on-write backing stored, the base container can be set. lxc_container_base_name: "{{ lxc_cache_map.distro }}-{{ lxc_cache_map.release }}-{{ lxc_cache_map.arch }}" # lxc container net network lxc_net_bridge: lxcbr0 lxc_net_bridge_port: none lxc_net_address: 10.0.3.1 lxc_net_netmask: 255.255.255.0 lxc_net_gateway: null ## if null, no gateway will be on the LXC bridge. lxc_net_nat must be "false" to use a gateway. #lxc_net_mtu: 1500 ##setting this variable will add mtu configuration for the lxc config and network bridge # lxc container nat enabled lxc_net_nat: true ## If "true", nat rules will be created with the lxc network. # lxc container dhcp settings lxc_net_dhcp_range: 10.0.3.2,10.0.3.253 lxc_net_dhcp_max: 253 lxc_net_dhcp_config: '' lxc_net_dnsmasq_user: lxc-dnsmasq lxc_net_domain: '' # lxc network ipv6 settings lxc_net6_address: null ## ie. fd05:ffb8:32b4:1212::1 lxc_net6_netmask: null ## ie. 64 lxc_net6_nat: false # lxc_container_net_link variable should be set to the lxc-net bridge. lxc_container_net_link: "{{ lxc_net_bridge }}" ## name of the host bridge to attach to lxc_container_net_type: veth ## lxc network interface type (veth, phys, vlan, macvlan, empty) lxc_container_net_name: eth0 ## name of the interface inside the container. # System control kernel tuning lxc_kernel_options: - { key: 'fs.inotify.max_user_instances', value: 1024 } lxc_pip_packages: - lxc-python2 lxc_cache_sshd_configuration: - { regexp: "^PermitRootLogin", line: "PermitRootLogin yes" } - { regexp: "^TCPKeepAlive", line: "TCPKeepAlive yes" } - { regexp: "^UseDNS", line: "UseDNS no" } - { regexp: "^X11Forwarding", line: "X11Forwarding no" } - { regexp: "^PasswordAuthentication", line: "PasswordAuthentication no" } # The compression ratio used when creating the container cache rootfs archive lxc_image_compression_ratio: 0 # A list of files may be copied into the container image cache during its preparation. # Example: # lxc_container_cache_files: # - src: "/etc/openstack_deploy/files/etc/issue" # dest: "/etc/issue" lxc_container_cache_files: [] # DNS servers to use during cache preparation lxc_cache_prep_dns: - "{{ lxc_net_address }}" # Custom shell commands to run before/after the LXC cache prep process has taken # place. lxc_cache_prep_pre_commands: '## pre command skipped ##' lxc_cache_prep_post_commands: '## post command skipped ##' # The DNS name of the LXD server to source the base container cache from lxc_image_cache_server: images.linuxcontainers.org # The keyservers to use when validating GPG keys for the downloaded cache lxc_image_cache_primary_keyserver: hkp://p80.pool.sks-keyservers.net:80 lxc_image_cache_secondary_keyserver: hkp://keyserver.ubuntu.com:80 ## Default download template options ## This can be customized to use a local build server and options. ## By default these options will be fulfilled by the distro specific ## variable files found in vars/ # lxc_cache_download_template_options: > # --dist NAME_OF_DISTRO # --release DISTRO_RELEASE # --arch CONTAINER_ARCH # --force-cache # --server SERVER_TO_GET_IMAGES_FROM lxc_cache_default_variant: default lxc_cache_download_template_extra_options: "" lxc_cache_download_template_options: > --dist {{ lxc_cache_map.distro }} --release {{ lxc_cache_map.release }} --arch {{ lxc_cache_map.arch }} --force-cache --server {{ lxc_image_cache_server }} --variant {{ lxc_cache_default_variant }} {{ lxc_cache_download_template_extra_options }} # LXC must be installed from a COPR repository on CentOS 7 since the version # provided in EPEL is much too old (1.x). lxc_centos_package_baseurl: https://copr-be.cloud.fedoraproject.org/results/thm/lxc2.0/epel-7-x86_64/ lxc_centos_package_key: https://copr-be.cloud.fedoraproject.org/results/thm/lxc2.0/pubkey.gpg