
This patch resolves an issue where the LXC container create user password is being hard coded due to how the default LXC container template is being used. The template allows for a container to be created without specifying a password at create time however when doing this the default LXC template will create a user and a password based on the linux distribution's name. This means that all users of a "ubuntu" template will have a "ubuntu" user which will have a "ubuntu" password. While the container user must exist the password does not need to be known to the end user/deployer because there are other means to gain access to a container from within the host. So to correct this issue for all deployers as well as all future deployments this patch ensures that the container user is created with a random password and provides for an additional tag to allow the deployer to regenerate the password at will. Change-Id: I81d0e8b0d8e9e431cd8eebd43ceaffab7e61b207 Closes-Bug: 1437054
OpenStack LXC container create
- tags
-
openstack, lxc, container, cloud, ansible
- category
-
*nix
Role for creating LXC containers. This role has been setup for use in OpenStack. This role will create several directories on the LXC host for use in bind mounted storage within the container.
- Example Play:
-
- name: Create container(s) hosts: all_containers gather_facts: false user: root roles: - { role: "lxc_container_create", tags: [ "lxc-container-create" ] }
- Example Inventory:
-
{ "all_containers": { "children": [ "group_of_containers" ], "hosts": [] }, "lxc_hosts": { "children": [], "hosts": [ "infra1" ] }, "group_of_containers": { "children": [], "hosts": [ "container1" ] }, "_meta": { "hostvars": { "infra1": { "ansible_ssh_host": "192.168.0.1", "container_address": "192.168.0.1", "container_name": "infra1", "container_networks": { "management_address": { "bridge": "br-mgmt", "interface": "eth1", "netmask": "255.255.252.0", "type": "veth" } }, "properties": { "container_release": "trusty", "is_metal": true } }, "container1": { "ansible_ssh_host": "10.0.0.1", "container_address": "10.0.0.1", "container_name": "container1", "container_networks": { "management_address": { "address": "10.0.0.1", "bridge": "br-mgmt", "interface": "eth1", "netmask": "255.255.252.0", "type": "veth" } }, "physical_host": "infra1", "physical_host_group": "lxc_hosts", "properties": { "container_release": "trusty", } } } } }