Kevin Carter f1ecad70a2 Fixed container user create issue
This patch resolves an issue where the LXC container create user
password is being hard coded due to how the default LXC container
template is being used. The template allows for a container to be
created without specifying a password at create time however when
doing this the default LXC template will create a user and a
password based on the linux distribution's name. This means that
all users of a "ubuntu" template will have a "ubuntu" user which
will have a "ubuntu" password. While the container user must exist
the password does not need to be known to the end user/deployer
because there are other means to gain access to a container from
within the host. So to correct this issue for all deployers as
well as all future deployments this patch ensures that the container
user is created with a random password and provides for an additional
tag to allow the deployer to regenerate the password at will.

Change-Id: I81d0e8b0d8e9e431cd8eebd43ceaffab7e61b207
Closes-Bug: 1437054
2015-05-04 21:31:13 +00:00
..
2015-05-04 21:31:13 +00:00

OpenStack LXC container create

tags

openstack, lxc, container, cloud, ansible

category

*nix

Role for creating LXC containers. This role has been setup for use in OpenStack. This role will create several directories on the LXC host for use in bind mounted storage within the container.

Example Play:
- name: Create container(s)
  hosts: all_containers
  gather_facts: false
  user: root
  roles:
    - { role: "lxc_container_create", tags: [ "lxc-container-create" ] }
Example Inventory:
{
    "all_containers": {
        "children": [
            "group_of_containers"
        ],
        "hosts": []
    },
    "lxc_hosts": {
        "children": [],
        "hosts": [
            "infra1"
        ]
    },
    "group_of_containers": {
        "children": [],
        "hosts": [
            "container1"
        ]
    },
    "_meta": {
        "hostvars": {
            "infra1": {
                "ansible_ssh_host": "192.168.0.1",
                "container_address": "192.168.0.1",
                "container_name": "infra1",
                "container_networks": {
                    "management_address": {
                        "bridge": "br-mgmt",
                        "interface": "eth1",
                        "netmask": "255.255.252.0",
                        "type": "veth"
                    }
                },
                "properties": {
                    "container_release": "trusty",
                    "is_metal": true
                }
            },
            "container1": {
                "ansible_ssh_host": "10.0.0.1",
                "container_address": "10.0.0.1",
                "container_name": "container1",
                "container_networks": {
                    "management_address": {
                        "address": "10.0.0.1",
                        "bridge": "br-mgmt",
                        "interface": "eth1",
                        "netmask": "255.255.252.0",
                        "type": "veth"
                    }
                },
                "physical_host": "infra1",
                "physical_host_group": "lxc_hosts",
                "properties": {
                    "container_release": "trusty",
                }
            }
        }
    }
}