53a6cce9ed
These changes further optimise the lxc_host role so that it's using more of the built in modules and making better use of handlers. Moving the dnsmasq process to a unit file gives operators the ability to restart the dnsmasq process if there's an issue with the service. It also ensures the service stays running as systemd will take better care of the service by isolating it within a specific cgroup, ensuring good reporting and memory management, and providing the ability to recover from failures in an automated way. Closes-Bug: #1518485 Change-Id: I42d0caa3b12e70a3601c30051eefc067e81a71bb Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
89 lines
2.0 KiB
YAML
89 lines
2.0 KiB
YAML
---
|
|
# Copyright 2014, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Start apparmor
|
|
service:
|
|
name: "apparmor"
|
|
enabled: yes
|
|
state: "started"
|
|
|
|
- name: Reload apparmor
|
|
service:
|
|
name: "apparmor"
|
|
state: "reloaded"
|
|
|
|
- name: Init reload
|
|
command: "initctl reload-configuration"
|
|
|
|
- name: Restart dbus
|
|
service:
|
|
name: "dbus"
|
|
state: "reloaded"
|
|
|
|
- name: Restart machined
|
|
command: "systemctl restart systemd-machined.service"
|
|
|
|
- name: Restart irqbalance
|
|
service:
|
|
name: "irqbalance"
|
|
state: "restarted"
|
|
enabled: "yes"
|
|
daemon_reload: yes
|
|
|
|
- name: Restart bridge
|
|
shell: "ifdown {{ lxc_net_bridge }} || true"
|
|
notify:
|
|
- Bring bridge up
|
|
- Veth check
|
|
|
|
- name: Bring bridge up
|
|
command: "ifup {{ lxc_net_bridge }}"
|
|
|
|
- name: Veth check
|
|
command: "/usr/local/bin/lxc-veth-check"
|
|
|
|
- name: Reload systemd units
|
|
systemd:
|
|
# TODO(hwoarang): We only want to reload the units so the 'name'
|
|
# parameter can be removed when we move to Ansible 2.4
|
|
name: it_does_not_matter
|
|
daemon_reload: yes
|
|
|
|
- name: Remove generated apt keys from LXC host
|
|
file:
|
|
path: /root/repo.keys
|
|
state: absent
|
|
|
|
- name: Remove rootfs archive
|
|
file:
|
|
path: "/tmp/rootfs.tar.xz"
|
|
state: "absent"
|
|
|
|
- name: Remove metadata archive
|
|
file:
|
|
path: "/tmp/meta.tar.xz"
|
|
state: "absent"
|
|
|
|
- name: Restart dnsmasq
|
|
service:
|
|
name: "lxc-dnsmasq"
|
|
state: "restarted"
|
|
enabled: "yes"
|
|
daemon_reload: yes
|
|
register: _lxc_dnsmasq_service
|
|
until: _lxc_dnsmasq_service | success
|
|
retries: 5
|
|
delay: 5
|