Browse Source

Tuneup prep and local routing when running w/out bridges

When running without bridges the local routing needs to be scoped to the
host. This change ensures that is the care.

When re-preping an environment the GPG setup will require aceess to fd's
which may not exist at the time the base cache is re-prep'd.

nspawn mtu settings will now follow the primary interface.

Change-Id: I74e9301a98cf92161feb31e6808e9e02a07f662c
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
Kevin Carter 8 months ago
parent
commit
caf28c7663
No account linked to committer's email address

+ 14
- 12
tasks/nspawn_networking.yml View File

@@ -86,23 +86,25 @@
86 86
           {%-     if interface_data['type'] == 'bridge' %}
87 87
           {%-       set _ = start_commands.append('-/sbin/ip link add dev veth-' + interface + '1 type veth peer name veth-' + interface + '2') %}
88 88
           {%-       set _ = start_commands.append('-/sbin/ip link set dev veth-' + interface + '1 up') %}
89
-          {%-       set _ = start_commands.append('-/sbin/ip link set dev veth-' + interface + '1 mtu ' + (interface_data['mtu'] | default(1500)) | string) %}
89
+          {%-       set _ = start_commands.append('-/sbin/ip link set dev veth-' + interface + '1 mtu ' ~ (interface_data["mtu"] | default(1500))) %}
90 90
           {%-       set _ = start_commands.append('-/sbin/ip link set dev veth-' + interface + '2 up') %}
91
-          {%-       set _ = start_commands.append('-/sbin/ip link set dev veth-' + interface + '2 mtu ' + (interface_data['mtu'] | default(1500)) | string) %}
91
+          {%-       set _ = start_commands.append('-/sbin/ip link set dev veth-' + interface + '2 mtu ' ~ (interface_data["mtu"] | default(1500))) %}
92 92
           {%-       set _ = start_commands.append('-/sbin/ip link set dev veth-' + interface + '1 master ' + value.bridge) %}
93
-          {%-       set _ = start_commands.append('-/sbin/ip link add ' + mv_interface + ' link veth-' + interface + '2 type macvlan mode ' + value.macvlan_mode | default(nspawn_macvlan_mode)) %}
93
+          {%-       set _ = start_commands.append('-/sbin/ip link add ' + mv_interface + ' link veth-' + interface + '2 mtu ' ~ (interface_data["mtu"] | default(1500)) ~ ' type macvlan mode ' + value.macvlan_mode | default(nspawn_macvlan_mode)) %}
94 94
           {%-       set _ = start_commands.append('-/sbin/ip link set dev ' + mv_interface + ' up') %}
95 95
           {%-     else %}
96
-          {%-       set _ = start_commands.append('-/sbin/ip link add ' + mv_interface + ' link ' + value.bridge + ' type macvlan mode ' + value.macvlan_mode | default(nspawn_macvlan_mode)) %}
96
+          {%-       set _ = start_commands.append('-/sbin/ip link add ' + mv_interface + ' link ' + value.bridge + ' mtu ' ~ (interface_data["mtu"] | default(1500)) ~ ' type macvlan mode ' + value.macvlan_mode | default(nspawn_macvlan_mode)) %}
97 97
           {%-       set _ = start_commands.append('-/sbin/ip link set dev ' + mv_interface + ' up') %}
98
-          {%        if hostvars[inventory_hostname][key.split('_')[0] + '_cidr'] is defined %}
99
-          {%          set net_cidr = hostvars[inventory_hostname]['container_cidr'] %}
100
-          {%-         set _ = start_commands.append('-/sbin/ip route add ' + net_cidr + ' dev ' + mv_interface + ' metric 100 proto kernel scope link table local') %}
101
-          {%        elif (value.address is defined) and (value.netmask is defined) %}
102
-          {%          set prefix = (value.address ~ '/' ~ value.netmask) | ipaddr('prefix') %}
103
-          {%          set _network = (value.address ~ '/' ~ prefix) | ipaddr('network') %}
104
-          {%          set _net_addr_network = (_network ~ '/' ~ prefix) %}
105
-          {%-         set _ = start_commands.append('-/sbin/ip route add ' + _net_addr_network + ' dev ' + mv_interface + ' metric 100 proto kernel scope link table local') %}
98
+          {%        if not (value.enable_dhcp | default(false)) | bool %}
99
+          {%          if hostvars[inventory_hostname][key.split('_')[0] + '_cidr'] is defined %}
100
+          {%            set net_cidr = hostvars[inventory_hostname]['container_cidr'] %}
101
+          {%-           set _ = start_commands.append('-/sbin/ip route add local ' + net_cidr + ' dev ' + mv_interface + ' metric 100 proto kernel scope host table local') %}
102
+          {%          elif (value.address is defined) and (value.netmask is defined) %}
103
+          {%            set prefix = (value.address ~ '/' ~ value.netmask) | ipaddr('prefix') %}
104
+          {%            set _network = (value.address ~ '/' ~ prefix) | ipaddr('network') %}
105
+          {%            set _net_addr_network = (_network ~ '/' ~ prefix) %}
106
+          {%-           set _ = start_commands.append('-/sbin/ip route add local ' + _net_addr_network + ' dev ' + mv_interface + ' metric 100 proto kernel scope host table local') %}
107
+          {%-         endif %}
106 108
           {%-       endif %}
107 109
           {%-     endif %}
108 110
           {%-   endif %}

+ 9
- 3
templates/prep-scripts/_container_sys_setup.sh.j2 View File

@@ -4,9 +4,7 @@ mkdir -p /dev
4 4
 mkdir -p /proc
5 5
 mkdir -p /sys/fs/cgroup
6 6
 mkdir -p /dev/pts
7
-
8
-#gnupg requires this
9
-mkdir -p /root/.gnupg
7
+mkdir -p /proc/self/fd
10 8
 
11 9
 # In order for the package manager to function /dev/null, /dev/random and
12 10
 # /dev/urandom must exist. This is is being run here because some images do not
@@ -20,6 +18,14 @@ for i in {0..5}; do
20 18
 done
21 19
 [ ! -e /dev/pts/ptmx ] && mknod -m 0666 /dev/pts/ptmx c 5 2
22 20
 
21
+[ ! -e /dev/fd ] && ln -s /proc/self/fd /dev/fd
22
+for i in {0..2}; do
23
+  ln -sf /dev/pts/0 /dev/fd/$i
24
+done
25
+
26
+#gnupg requires this
27
+mkdir -p /root/.gnupg
28
+
23 29
 # Create the directory where local facts will be stored
24 30
 mkdir -p /etc/ansible/facts.d
25 31
 

+ 3
- 3
templates/prep-scripts/nspawn_ubuntu_prep.sh.j2 View File

@@ -27,13 +27,13 @@ export DEBIAN_FRONTEND=noninteractive
27 27
 
28 28
 apt-get remove -y --purge snap* nspawn* lxd* resolvconf || true
29 29
 apt-get update
30
-apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes gnupg
30
+
31
+apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes {{ nspawn_container_distro_required_packages | join(' ') }}
31 32
 
32 33
 #start gpg-agent if is is not already running
34
+<(gpg-agent) || true
33 35
 gpg-connect-agent /bye || true
34 36
 
35
-apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes {{ nspawn_container_distro_required_packages | join(' ') }}
36
-
37 37
 if [[ -f "/root/repo.keys" ]]; then
38 38
   apt-key add /root/repo.keys
39 39
 fi

Loading…
Cancel
Save