a98387101f
Change-Id: I49849cb379ed93abf044ea507b16342685b178e4
119 lines
3.4 KiB
YAML
119 lines
3.4 KiB
YAML
---
|
|
# Copyright 2015, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Generate apt keys from LXC host for the container cache
|
|
shell: apt-key exportall > /root/repo.keys
|
|
changed_when: False
|
|
when:
|
|
- ansible_pkg_mgr == 'apt'
|
|
tags:
|
|
- lxc-cache
|
|
- lxc-cache-apt-keys
|
|
|
|
# TODO(evrardjp): replace this with a copy with remote_src: True
|
|
# when ansible2.0 will be supported
|
|
- name: Rsyncing files from the LXC host to the container cache
|
|
shell: |
|
|
if [[ -e "{{ item }}" ]]; then
|
|
rsync -av "{{ item }}" "/var/lib/lxc/LXC_NAME/rootfs{{ item }}"
|
|
fi
|
|
args:
|
|
executable: "/bin/bash"
|
|
with_items: "{{ lxc_cache_map.copy_from_host }}"
|
|
tags:
|
|
- lxc-cache
|
|
- skip_ansible_lint
|
|
|
|
- name: Copy files from deployment host to the container cache
|
|
copy:
|
|
src: "{{ item.src }}"
|
|
dest: "/var/lib/lxc/LXC_NAME/rootfs{{ item.dest | default(item.src) }}"
|
|
owner: "{{ item.owner | default('root') }}"
|
|
group: "{{ item.group | default('root') }}"
|
|
mode: "{{ item.mode | default('0644') }}"
|
|
with_items: "{{ lxc_container_cache_files }}"
|
|
tags:
|
|
- lxc-cache
|
|
- lxc-cache-copy-files
|
|
|
|
- name: Cached image preparation script
|
|
copy:
|
|
content: |
|
|
#!/usr/bin/env bash
|
|
set -e -x
|
|
{{ lxc_cache_map.cache_prep_commands }}
|
|
dest: "/var/lib/lxc/LXC_NAME/rootfs/usr/local/bin/cache-prep-commands.sh"
|
|
mode: "0755"
|
|
tags:
|
|
- lxc-cache
|
|
- lxc-cache-update
|
|
|
|
# This task runs several commands against the cached image to speed up the
|
|
# lxc_container_create playbook.
|
|
- name: Prepare cached image setup commands
|
|
command: "chroot /var/lib/lxc/LXC_NAME/rootfs /usr/local/bin/cache-prep-commands.sh"
|
|
tags:
|
|
- lxc-cache
|
|
- lxc-cache-update
|
|
|
|
- name: Adjust sshd configuration in container
|
|
lineinfile:
|
|
dest: "/var/lib/lxc/LXC_NAME/rootfs/etc/ssh/sshd_config"
|
|
regexp: "{{ item.regexp }}"
|
|
line: "{{ item.line }}"
|
|
state: present
|
|
with_items: "{{ lxc_cache_sshd_configuration }}"
|
|
tags:
|
|
- lxc-cache
|
|
- lxc-cache-update
|
|
|
|
- name: Obtain the deploy system's ssh public key
|
|
set_fact:
|
|
lxc_container_ssh_key: "{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
|
|
when: lxc_container_ssh_key is not defined
|
|
tags:
|
|
- lxc-cache
|
|
- lxc-cache-update
|
|
|
|
- name: Deploy ssh public key into the cached image
|
|
lineinfile:
|
|
dest: "/var/lib/lxc/LXC_NAME/rootfs/root/.ssh/authorized_keys"
|
|
line: "{{ lxc_container_ssh_key }}"
|
|
create: true
|
|
tags:
|
|
- lxc-cache
|
|
- lxc-cache-update
|
|
|
|
- name: Remove generated apt keys from LXC host
|
|
file:
|
|
path: /root/repo.keys
|
|
state: absent
|
|
when:
|
|
- ansible_pkg_mgr == 'apt'
|
|
changed_when: False
|
|
tags:
|
|
- lxc-cache
|
|
- lxc-cache-apt-keys
|
|
|
|
- name: Remove requiretty for sudo on centos
|
|
template:
|
|
dest: "/var/lib/lxc/LXC_NAME/rootfs/etc/sudoers.d/openstack-ansible"
|
|
owner: root
|
|
group: root
|
|
mode: "0440"
|
|
src: sudoers.j2
|
|
when:
|
|
- ansible_pkg_mgr == 'yum'
|