diff --git a/playbooks/lxc-containers-destroy.yml b/playbooks/lxc-containers-destroy.yml
index 077167ca65..73c0cffd60 100644
--- a/playbooks/lxc-containers-destroy.yml
+++ b/playbooks/lxc-containers-destroy.yml
@@ -35,6 +35,7 @@
         - "/openstack/backup/{{ container_name }}"
         - "/openstack/log/{{ container_name }}"
         - "/var/lib/lxc/{{ container_name }}"
+        - "{{ lxc_container_directory|default('/var/lib/lxc') }}/{{ container_name }}"
       delegate_to: "{{ physical_host }}"
       tags:
         - container-directories
diff --git a/playbooks/roles/lxc_container_create/defaults/main.yml b/playbooks/roles/lxc_container_create/defaults/main.yml
index 8a7cf1c8cd..d2607b1d37 100644
--- a/playbooks/roles/lxc_container_create/defaults/main.yml
+++ b/playbooks/roles/lxc_container_create/defaults/main.yml
@@ -18,6 +18,10 @@ lxc_container_config: /etc/lxc/lxc-openstack.conf
 # Default container template to build from
 lxc_container_template: ubuntu
 
+# lxc container rootfs directory and cache path
+lxc_container_directory: "/var/lib/lxc"
+lxc_container_cache_path: "/var/cache/lxc"
+
 # container_fs.* is only used with building on an LVM backend
 lxc_container_fs_size: 5G
 lxc_container_fs_type: ext4
diff --git a/playbooks/roles/lxc_container_create/tasks/container_create.yml b/playbooks/roles/lxc_container_create/tasks/container_create.yml
index 3d84aff377..48ada5a304 100644
--- a/playbooks/roles/lxc_container_create/tasks/container_create.yml
+++ b/playbooks/roles/lxc_container_create/tasks/container_create.yml
@@ -57,6 +57,7 @@
     template: "{{ properties.container_template|default(lxc_container_template) }}"
     state: started
     backing_store: "{{ properties.container_backing_store|default(lxc_container_backing_store) }}"
+    directory: "{{ lxc_container_directory }}/{{ container_name }}"
     fs_size: "{{ properties.container_fs_size|default(lxc_container_fs_size) }}"
     fs_type: "{{ properties.container_fs_type|default(lxc_container_fs_type) }}"
     vg_name: "{{ properties.container_vg_name|default(lxc_container_vg_name) }}"
diff --git a/playbooks/roles/lxc_container_destroy/tasks/main.yml b/playbooks/roles/lxc_container_destroy/tasks/main.yml
index 5d4380bbdc..1ba50313d4 100644
--- a/playbooks/roles/lxc_container_destroy/tasks/main.yml
+++ b/playbooks/roles/lxc_container_destroy/tasks/main.yml
@@ -30,6 +30,7 @@
     - "/openstack/backup/{{ container_name }}"
     - "/openstack/log/{{ container_name }}"
     - "/var/lib/lxc/{{ container_name }}"
+    - "{{ lxc_container_directory|default('/var/lib/lxc') }}/{{ container_name }}"
   delegate_to: "{{ physical_host }}"
   tags:
     - container-directories
diff --git a/playbooks/roles/lxc_hosts/defaults/main.yml b/playbooks/roles/lxc_hosts/defaults/main.yml
index f049eeeb6f..d553ce351f 100644
--- a/playbooks/roles/lxc_hosts/defaults/main.yml
+++ b/playbooks/roles/lxc_hosts/defaults/main.yml
@@ -13,6 +13,10 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+# lxc container rootfs directory and cache path
+lxc_container_directory: "/var/lib/lxc"
+lxc_container_cache_path: "/var/cache/lxc"
+
 # lxc container net network
 lxc_net_bridge: lxcbr0
 lxc_net_bridge_port: none
diff --git a/playbooks/roles/lxc_hosts/tasks/lxc_cache.yml b/playbooks/roles/lxc_hosts/tasks/lxc_cache.yml
index 164d1ce6de..f2b9145681 100644
--- a/playbooks/roles/lxc_hosts/tasks/lxc_cache.yml
+++ b/playbooks/roles/lxc_hosts/tasks/lxc_cache.yml
@@ -29,7 +29,7 @@
 - name: Move lxc cached image into place
   unarchive:
     src: "/var/cache/lxc_{{ item.name }}"
-    dest: "/var/cache/lxc/"
+    dest: "{{ lxc_container_cache_path }}/"
     copy: "no"
   with_items: lxc_container_caches
   when: cache_download|changed
diff --git a/playbooks/roles/lxc_hosts/tasks/lxc_install.yml b/playbooks/roles/lxc_hosts/tasks/lxc_install.yml
index fc108d2937..5e44c9499e 100644
--- a/playbooks/roles/lxc_hosts/tasks/lxc_install.yml
+++ b/playbooks/roles/lxc_hosts/tasks/lxc_install.yml
@@ -26,3 +26,16 @@
   with_items: lxc_apt_packages
   tags:
     - lxc-packages
+
+# The functionality with changing the container cache has been added into the
+# upstream LXC templates with patch [ https://github.com/lxc/lxc/pull/558 ]
+# TODO: remove the below patch and pass lxc_container_cache_path to lxc
+# templates as appropriate once the lxc update goes mainstream
+- name: Patch lxc-ubuntu cache path
+  replace:
+    dest: /usr/share/lxc/templates/lxc-ubuntu
+    regexp: '\$LOCALSTATEDIR/cache/lxc'
+    replace: "{{ lxc_container_cache_path }}"
+    backup: yes
+  tags:
+    - lxc-cache-path
diff --git a/playbooks/roles/lxc_hosts/tasks/lxc_pre_install.yml b/playbooks/roles/lxc_hosts/tasks/lxc_pre_install.yml
index 711640ddb4..02ff8f73b4 100644
--- a/playbooks/roles/lxc_hosts/tasks/lxc_pre_install.yml
+++ b/playbooks/roles/lxc_hosts/tasks/lxc_pre_install.yml
@@ -27,6 +27,8 @@
     - /usr/share/lxc/templates
     - /openstack
     - /openstack/backup
+    - "{{ lxc_container_directory }}"
+    - "{{ lxc_container_cache_path }}"
   tags:
     - lxc-directories
 
@@ -72,14 +74,14 @@
     - lxc-irqbalance
 
 - name: Drop lxc-openstack app armor profile
-  copy:
+  template:
     src: "{{ item.src }}"
     dest: "{{ item.dest }}"
     owner: "{{ item.owner|default('root') }}"
     group: "{{ item.group|default('root') }}"
     mode: "{{ item.mode|default('0644') }}"
   with_items:
-    - { src: lxc-openstack, dest: "/etc/apparmor.d/lxc/lxc-openstack" }
+    - { src: lxc-openstack.apparmor.j2, dest: "/etc/apparmor.d/lxc/lxc-openstack" }
   notify:
     - Load lxc-openstack apparmor profile
     - Restart apparmor
diff --git a/playbooks/roles/lxc_hosts/files/lxc-openstack b/playbooks/roles/lxc_hosts/templates/lxc-openstack.apparmor.j2
similarity index 76%
rename from playbooks/roles/lxc_hosts/files/lxc-openstack
rename to playbooks/roles/lxc_hosts/templates/lxc-openstack.apparmor.j2
index a38371369e..62b6ec78be 100644
--- a/playbooks/roles/lxc_hosts/files/lxc-openstack
+++ b/playbooks/roles/lxc_hosts/templates/lxc-openstack.apparmor.j2
@@ -17,10 +17,10 @@ profile lxc-openstack flags=(attach_disconnected,mediate_deleted) {
   mount fstype=nbd* -> /**,
   mount fstype=nfs* -> /**,
   mount fstype=devpts,
-  
+
 # allow System access.
   mount fstype=cgroup -> /sys/fs/cgroup/**,
-  mount fstype=proc -> /var/cache/lxc/**,
-  mount fstype=sysfs -> /var/cache/lxc/**,
-  mount options=(rw,bind) /var/cache/lxc/**/dev/shm/ -> /var/cache/lxc/**/run/shm/,
+  mount fstype=proc -> {{ lxc_container_cache_path }}/**,
+  mount fstype=sysfs -> {{ lxc_container_cache_path }}/**,
+  mount options=(rw,bind) {{ lxc_container_cache_path }}/**/dev/shm/ -> {{ lxc_container_cache_path }}/**/run/shm/,
 }