28c88bb5a8
The container images that we downloaded from the remote location may or may not be up to date. It may be beneficial to retrieve the latest fixes which do not always get pulled in as part of the base package installation. Change-Id: I1ae618f23014639e83a12fc02cbbf320bd178476
94 lines
2.7 KiB
YAML
94 lines
2.7 KiB
YAML
---
|
|
# Copyright 2016, Rackspace US, Inc.
|
|
# Copyright 2017, SUSE LINUX GmbH.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
system_config_dir: "/etc/sysconfig"
|
|
systemd_utils_prefix: "/usr/lib/systemd"
|
|
|
|
# Required rpm packages.
|
|
lxc_hosts_distro_packages:
|
|
- apparmor-parser
|
|
- apparmor-profiles
|
|
- apparmor-utils
|
|
- bridge-utils
|
|
- dnsmasq
|
|
- git-core
|
|
- libseccomp2
|
|
- lxc
|
|
- lxc-devel
|
|
- xz
|
|
|
|
lxc_xz_bin: xz
|
|
|
|
lxc_cache_map:
|
|
distro: opensuse
|
|
arch: amd64
|
|
# NOTE(hwoarang): Ideally we would like to match the container version with
|
|
# that of the running host but images.linuxcontainers.org does not have a
|
|
# 42.1 images so our only option is to always use 42.2 for LXCs. As such we
|
|
# can't share many files with the host.
|
|
release: "42.2"
|
|
copy_from_host:
|
|
- /etc/environment
|
|
- /etc/localtime
|
|
cache_prep_commands: |
|
|
{{ lxc_cache_prep_pre_commands }}
|
|
mkdir -p /etc/ansible/facts.d/
|
|
if [ -a /etc/resolv.conf ]; then
|
|
mv /etc/resolv.conf /etc/resolv.conf.org
|
|
fi
|
|
{% for resolver in lxc_cache_prep_dns %}
|
|
echo "nameserver {{ resolver }}" >> /etc/resolv.conf
|
|
{% endfor %}
|
|
# Do a complete refresh and fetch the keys without asking
|
|
zypper --gpg-auto-import-keys -n ref -f
|
|
# Update base distribution
|
|
zypper -n dup -l
|
|
zypper -n in -l {{ lxc_cache_distro_packages | join(' ') }}
|
|
mkdir -p /var/backup
|
|
echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/sysconfig/network/ifcfg-eth0
|
|
chage -I -1 -d -1 -m 0 -M 99999 -E -1 root
|
|
if [ -a /etc/resolv.conf.org ]; then
|
|
mv /etc/resolv.conf.org /etc/resolv.conf
|
|
else
|
|
rm -f /etc/resolv.conf
|
|
fi
|
|
# NOTE(hwoarang): Enable sshd which has been explicitely disabled in
|
|
# https://github.com/lxc/lxc-ci/commit/8dc7105399350a59698538a12b6d5a1a880ef2ba
|
|
systemctl -q unmask sshd
|
|
systemctl -q enable sshd
|
|
{{ lxc_cache_prep_post_commands }}
|
|
|
|
lxc_cache_distro_packages:
|
|
- ca-certificates
|
|
- git-core
|
|
- openssh
|
|
- python-devel
|
|
- python
|
|
- python-xml
|
|
- rsync
|
|
- sudo
|
|
- wget
|
|
- tar
|
|
- which
|
|
|
|
lxc_cached_network_interfaces:
|
|
- src: "lxc-net-suse-bridge.cfg.j2"
|
|
dest: "/etc/sysconfig/network/ifcfg-{{ lxc_net_bridge }}"
|
|
|
|
lxc_container_default_interfaces: |
|
|
STARTMODE=auto
|
|
BOOTPROTO=dhcp
|