openstack/openstack-ansible
Code Issues Proposed changes
openstack-ansible/playbooks/roles/lxc_container_create
History
Kevin Carter f1ecad70a2 Fixed container user create issue 
This patch resolves an issue where the LXC container create user
password is being hard coded due to how the default LXC container
template is being used. The template allows for a container to be
created without specifying a password at create time however when
doing this the default LXC template will create a user and a
password based on the linux distribution's name. This means that
all users of a "ubuntu" template will have a "ubuntu" user which
will have a "ubuntu" password. While the container user must exist
the password does not need to be known to the end user/deployer
because there are other means to gain access to a container from
within the host. So to correct this issue for all deployers as
well as all future deployments this patch ensures that the container
user is created with a random password and provides for an additional
tag to allow the deployer to regenerate the password at will.

Change-Id: I81d0e8b0d8e9e431cd8eebd43ceaffab7e61b207
Closes-Bug: 1437054
2015-05-04 21:31:13 +00:00
..
defaults
Fixed container user create issue
2015-05-04 21:31:13 +00:00
handlers
Updated ansible to use the latest stable release
2015-04-08 08:29:53 +01:00
meta
Convert existing roles into galaxy roles
2015-02-18 10:56:25 +00:00
tasks
Fixed container user create issue
2015-05-04 21:31:13 +00:00
templates
Convert existing roles into galaxy roles
2015-02-18 10:56:25 +00:00
CONTRIBUTING.rst
Convert existing roles into galaxy roles
2015-02-18 10:56:25 +00:00
LICENSE
Convert existing roles into galaxy roles
2015-02-18 10:56:25 +00:00
README.rst
Convert existing roles into galaxy roles
2015-02-18 10:56:25 +00:00

README.rst

OpenStack LXC container create

tags

openstack, lxc, container, cloud, ansible

category

*nix

Role for creating LXC containers. This role has been setup for use in OpenStack. This role will create several directories on the LXC host for use in bind mounted storage within the container.

Example Play:
- name: Create container(s)
  hosts: all_containers
  gather_facts: false
  user: root
  roles:
    - { role: "lxc_container_create", tags: [ "lxc-container-create" ] }
Example Inventory:
{
    "all_containers": {
        "children": [
            "group_of_containers"
        ],
        "hosts": []
    },
    "lxc_hosts": {
        "children": [],
        "hosts": [
            "infra1"
        ]
    },
    "group_of_containers": {
        "children": [],
        "hosts": [
            "container1"
        ]
    },
    "_meta": {
        "hostvars": {
            "infra1": {
                "ansible_ssh_host": "192.168.0.1",
                "container_address": "192.168.0.1",
                "container_name": "infra1",
                "container_networks": {
                    "management_address": {
                        "bridge": "br-mgmt",
                        "interface": "eth1",
                        "netmask": "255.255.252.0",
                        "type": "veth"
                    }
                },
                "properties": {
                    "container_release": "trusty",
                    "is_metal": true
                }
            },
            "container1": {
                "ansible_ssh_host": "10.0.0.1",
                "container_address": "10.0.0.1",
                "container_name": "container1",
                "container_networks": {
                    "management_address": {
                        "address": "10.0.0.1",
                        "bridge": "br-mgmt",
                        "interface": "eth1",
                        "netmask": "255.255.252.0",
                        "type": "veth"
                    }
                },
                "physical_host": "infra1",
                "physical_host_group": "lxc_hosts",
                "properties": {
                    "container_release": "trusty",
                }
            }
        }
    }
}