Changed the container interaction process

This changes the way that containers are interacted with. With this
change, container actions are deletgated to the host instead of looping
through the hacky mess that we were doing. This change will make it
so that the entire container process is faster.

This also removes the needs for the "/openstack/monitoring" directory which
was held over cruft from long ago. This should address the race condition
when delegating to a host and the monitoring directory attempts to be created
at the same time on the same host.

Closes-Bug: #1399427
Change-Id: Ifaa0fa5719f79180610b4a63d590ca8bc681f87d
(cherry picked from commit fea671ec16)

rpc_deployment/library/lxc

@@ -965,7 +965,7 @@ class LxcManagement(object):
             self.module.get_bin_path('lxc-stop', True),
             '--logfile /tmp/lxc-ansible-%s-stop.log' % name,
             '--logpriority INFO',
-            '--timeout 10',
+            '--timeout 120',
             '--name %s' % name
         ]
 

rpc_deployment/playbooks/setup/containers-setup.yml

@@ -13,16 +13,10 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-- hosts: "{{ host_group|default('hosts') }}"
+- hosts: "{{ host_group|default('all_containers') }}"
   user: root
+  gather_facts: false
   roles:
     - container_setup
   vars_files:
     - vars/config_vars/container_interfaces.yml
-  vars:
-    default_container_groups: "{{ hostvars[inventory_hostname]['container_types'] }}"
-    container_groups: "{{ groups[container_group|default(default_container_groups)] | default('') }}"
-    required_container_config_options:
-      - "lxc.mount.entry=/openstack/log/{{ hostvars[item]['container_name'] }} var/log/{{ hostvars[item]['service_name'] }} none defaults,bind,rw 0 0"
-      - "lxc.mount.entry=/openstack/backup/{{ hostvars[item]['container_name'] }} var/backup none defaults,bind,rw 0 0"
-      - "lxc.mount.entry=/openstack/monitoring monitoring none defaults,bind,rw 0 0"

rpc_deployment/playbooks/setup/destroy-containers.yml

@@ -14,10 +14,8 @@
 # limitations under the License.
 
 # This playbook destroys all known containers.
-- hosts: "{{ host_group|default('hosts') }}"
+- hosts: "{{ host_group|default('all_containers') }}"
   user: root
+  gather_facts: false
   roles:
     - container_destroy
-  vars:
-    default_container_groups: "{{ hostvars[inventory_hostname]['container_types'] }}"
-    container_groups: "{{ groups[container_group|default(default_container_groups)] }}"

rpc_deployment/roles/container_create/tasks/main.yml

@@ -14,4 +14,4 @@
 # limitations under the License.
 
 - include: container_create.yml
-  when: container_groups|length > 0
+

rpc_deployment/roles/container_destroy/tasks/main.yml

@@ -17,6 +17,7 @@
 
 - name: Destroy Containers
   lxc:
-    name: "{{ hostvars[item]['container_name'] }}"
+    name: "{{ container_name }}"
     command: "destroy"
-  with_items: container_groups
+  delegate_to: "{{ physical_host }}"
+

rpc_deployment/roles/container_restart/tasks/main.yml

@@ -14,4 +14,4 @@
 # limitations under the License.
 
 - include: container_restart.yml
-  when: container_groups|length > 0
+

rpc_deployment/roles/container_setup/tasks/container_setup.yml

@@ -16,109 +16,54 @@
 - name: Obtain the Systems SSH-Key
   set_fact:
     container_ssh_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
+  delegate_to: "{{ physical_host }}"
 
 - name: Fail when empty or non-existent SSH pub key
-  fail: >
-    msg="Failing - ~/.ssh/id_rsa.pub file doesn't exist or is empty"
+  fail: msg="Failing - ~/.ssh/id_rsa.pub file doesn't exist or is empty"
   when: container_ssh_key == ""
-
-- name: Set the SSH key in place
-  lxc: >
-    name={{ hostvars[item]['container_name'] }}
-    command=attach
-    container_command="
-      mkdir -p ~/.ssh/;
-      if [ ! -f \"~/.ssh/authorized_keys\" ];then
-        touch ~/.ssh/authorized_keys;
-      fi;
-      grep '{{ container_ssh_key }}' ~/.ssh/authorized_keys ||
-      echo '{{ container_ssh_key }}' | tee -a ~/.ssh/authorized_keys;
-    "
-  with_items: container_groups
-
-- name: Set base network interface
-  lxc: >
-    name={{ hostvars[item]['container_name'] }}
-    command=attach
-    container_command="
-      echo -e '{{ container_interface }}' | tee /etc/network/interfaces;
-    "
-  with_items: container_groups
-
-- name: Set management network interface
-  lxc: >
-    name={{ hostvars[item]['container_name'] }}
-    command=attach
-    container_command="
-      echo -e '{{ management_interface }}' | tee /etc/network/interfaces.d/management.cfg;
-    "
-  with_items: container_groups
-
-- name: Ensure SSH is avail at boot
-  lxc: >
-    name={{ hostvars[item]['container_name'] }}
-    command=attach
-    container_command="update-rc.d ssh defaults"
-  with_items: container_groups
-
-- name: Ensure SSH is available for root
-  lxc: >
-    name={{ hostvars[item]['container_name'] }}
-    command=attach
-    container_command="sed -i 's/PermitRootLogin.*/PermitRootLogin\ yes/g' /etc/ssh/sshd_config"
-  with_items: container_groups
-
-- name: Ensure SSH started
-  lxc: >
-    name={{ hostvars[item]['container_name'] }}
-    command=attach
-    container_command="service ssh restart"
-  with_items: container_groups
-
-- name: Ensure required inner directories
-  lxc: >
-    name={{ hostvars[item.1]['container_name'] }}
-    command=attach
-    container_command="mkdir -p {{ item.0 }}"
-  with_nested:
-    - [ "/monitoring", "/etc/network/interfaces.d", "/var/backup" ]
-    - container_groups
-
-- name: Create Required local log directories
-  file: >
-    path="{{ item.0 }}/{{ hostvars[item.1]['container_name'] }}"
-    state=directory
-  with_nested:
-    - [ "/openstack/backup", "/openstack/log" ]
-    - container_groups
+  delegate_to: "{{ physical_host }}"
 
 - name: Create Required local monitoring directories
-  file: >
-    path={{ item }}
-    state=directory
+  file:
+    path: "{{ item }}"
+    state: "directory"
   with_items:
-    - "/openstack/monitoring"
+    - "/openstack/backup/{{ container_name }}"
+    - "/openstack/log/{{ container_name }}"
+  delegate_to: "{{ physical_host }}"
 
-- name: Ensure required inner service directories
-  lxc: >
-    name={{ hostvars[item.1]['container_name'] }}
-    command=attach
-    container_command="mkdir -p {{ item.0 }}/{{ hostvars[item.1]['service_name'] }}"
-  with_nested:
-    - [ "/etc", "/var/log" ]
-    - container_groups
-
-- name: Ensure python2.7 installed
-  lxc: >
-    name={{ hostvars[item]['container_name'] }}
-    command=attach
-    container_command="apt-get -y install python2.7; rm /usr/bin/python; ln -s /usr/bin/python2.7 /usr/bin/python"
-  with_items: container_groups
+- name: Basic Inner Container Setup
+  lxc:
+    name: "{{ container_name }}"
+    command: "attach"
+    container_command: |
+      mkdir -p ~/.ssh/
+      if [ ! -f "~/.ssh/authorized_keys" ];then
+        touch ~/.ssh/authorized_keys
+      fi
+      grep '{{ container_ssh_key }}' ~/.ssh/authorized_keys || echo '{{ container_ssh_key }}' | tee -a ~/.ssh/authorized_keys
+      # Create internal directories
+      mkdir -p /monitoring
+      mkdir -p /etc/network/interfaces.d
+      mkdir -p /var/backup
+      mkdir -p '/var/log/{{ service_name }}'
+      mkdir -p '/etc/{{ service_name }}'
+      sed -i 's/PermitRootLogin.*/PermitRootLogin\ yes/g' /etc/ssh/sshd_config
+      service ssh restart
+      apt-get update
+      apt-get -y install python2.7
+      rm /usr/bin/python
+      ln -s /usr/bin/python2.7 /usr/bin/python
+      echo -e '{{ default_interfaces }}' | tee /etc/network/interfaces
+      echo -e '{{ management_interface }}' | tee /etc/network/interfaces.d/management.cfg
+  delegate_to: "{{ physical_host }}"
 
 - name: Ensure Required container config options
-  lxc: >
-    name={{ hostvars[item]['container_name'] }}
-    command=config
-    options="{{ required_container_config_options }}"
-    state=running
-  with_items: container_groups
+  lxc:
+    name: "{{ container_name }}"
+    command: config
+    options:
+      - "lxc.mount.entry=/openstack/log/{{ container_name }} var/log/{{ service_name }} none defaults,bind,rw 0 0"
+      - "lxc.mount.entry=/openstack/backup/{{ container_name }} var/backup none defaults,bind,rw 0 0"
+    state: running
+  delegate_to: "{{ physical_host }}"

rpc_deployment/roles/container_setup/tasks/main.yml

@@ -14,4 +14,4 @@
 # limitations under the License.
 
 - include: container_setup.yml
-  when: container_groups|length > 0
+

rpc_deployment/vars/config_vars/container_interfaces.yml

@@ -13,19 +13,18 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-container_interface: |
+default_interfaces: |
   # The loopback network interface
   auto lo
   iface lo inet loopback
-
+  # LXC interface
   auto eth0
   iface eth0 inet dhcp
-
+  # Load any additional configs
   source /etc/network/interfaces.d/*.cfg
 
-
 management_interface: |
-  auto {{ hostvars[item]['container_network']['container_interface'] }}
-  iface {{ hostvars[item]['container_network']['container_interface'] }} inet static
-      address {{ hostvars[item]['container_address'] }}
-      netmask {{ hostvars[item]['container_network']['container_netmask']|default(hostvars[item]['container_netmask']) }}
+  auto {{ container_network['container_interface'] }}
+  iface {{ container_network['container_interface'] }} inet static
+      address {{ container_address }}
+      netmask {{ container_network['container_netmask']|default(container_netmask) }}