openstack/tripleo-image-elements
Code Issues Proposed changes
f500b7c107
tripleo-image-elements/elements/overcloud-secure/block-device-default.yaml
Yolanda Robla 23de84ffcd Use volumes for security hardened images 
Instead of relying on fixed partitions, start using volumes
now that diskimage-builder is supporting it. It will give more
flexibility in terms of resizing to use the disk fully.

Change-Id: I88049da2179e2ea984e05648abb60c804a521b70
2017-10-23 10:56:48 +00:00

91 lines
1.7 KiB
YAML
Raw Blame History

- local_loop:
name: image0
- partitioning:
base: image0
label: mbr
partitions:
- name: root
flags: [ boot,primary ]
size: 20G
- lvm:
name: lvm
base: [ root ]
pvs:
- name: pv
base: root
options: [ "--force" ]
vgs:
- name: vg
base: [ "pv" ]
options: [ "--force" ]
lvs:
- name: lv_root
base: vg
extents: 30%VG
- name: lv_tmp
base: vg
extents: 5%VG
- name: lv_var
base: vg
extents: 35%VG
- name: lv_log
base: vg
extents: 25%VG
- name: lv_audit
base: vg
extents: 4%VG
- name: lv_home
base: vg
extents: 1%VG
- mkfs:
name: fs_root
base: lv_root
type: xfs
label: "img-rootfs"
mount:
mount_point: /
fstab:
options: "rw,relatime"
fck-passno: 1
- mkfs:
name: fs_tmp
base: lv_tmp
type: xfs
mount:
mount_point: /tmp
fstab:
options: "rw,nosuid,nodev,noexec,relatime"
- mkfs:
name: fs_var
base: lv_var
type: xfs
mount:
mount_point: /var
fstab:
options: "rw,relatime"
- mkfs:
name: fs_log
base: lv_log
type: xfs
mount:
mount_point: /var/log
fstab:
options: "rw,relatime"
- mkfs:
name: fs_audit
base: lv_audit
type: xfs
mount:
mount_point: /var/log/audit
fstab:
options: "rw,relatime"
- mkfs:
name: fs_home
base: lv_home
type: xfs
mount:
mount_point: /home
fstab:
options: "rw,nodev,relatime"
View Git Blame Copy Permalink