OpenStack-Ansible LXC hosts

Ansible role that configures a host for running LXC containers.

Default variables

# Timeout (in seconds) for the LXC cache to control how often the rootfs
# cache will be updated. By default this timeout is set to 1 day.
lxc_cache_timeout: 86400

# Set the package install state for distribution packages
# Options are 'present' and 'latest'
lxc_hosts_package_state: "latest"

# Optionally set the URL for the Ubuntu Trusty backports repository
# lxc_package_repo_url: http://archive.ubuntu.com/ubuntu/
lxc_package_repo_filename: "/etc/apt/sources.list.d/trusty-backports.list"
lxc_package_repo_add: yes

# Mappings from Ansible reported architecture to distro release architecture
lxc_architecture_mapping:
  x86_64: amd64
  ppc64le: ppc64el

# lxc container rootfs directory and cache path
lxc_container_directory: "/var/lib/lxc"
lxc_container_cache_path: "/var/cache/lxc/download"

# The container backing store can be set to 'overlayfs' to use overlayfs
# This should only be done for production use with a linux kernel > 3.14
# which is when overlayfs was merged into the mainline kernel
# lxc_container_backing_store: overlayfs

# The container backing method can be set to 'copy-on-write' to use LVM
# snapshot-backed containers when the container backing store is set to
# 'lvm'.
# lxc_container_backing_method: copy-on-write

# When using a base container to snapshot from for the overlayfs or LVM
# copy-on-write backing stored, the base container can be set.
lxc_container_base_name: "{{ lxc_cache_map.distro }}-{{ lxc_cache_map.release }}-{{ lxc_cache_map.arch }}"

# lxc container net network
lxc_net_bridge: lxcbr0
lxc_net_bridge_port: none
lxc_net_address: 10.0.3.1
lxc_net_netmask: 255.255.255.0
lxc_net_gateway: null  ## if null, no gateway will be on the LXC bridge. lxc_net_nat must be "false" to use a gateway.
#lxc_net_mtu: 1500 ##setting this variable will add mtu configuration for the lxc config and network bridge

# lxc container nat enabled
lxc_net_nat: true  ## If "true", nat rules will be created with the lxc network.

# lxc container dhcp settings
lxc_net_dhcp_range: 10.0.3.2,10.0.3.253
lxc_net_dhcp_max: 253
lxc_net_dhcp_config: ''
lxc_net_dnsmasq_user: lxc-dnsmasq
lxc_net_domain: ''

# lxc network ipv6 settings
lxc_net6_address: null ## ie. fd05:ffb8:32b4:1212::1
lxc_net6_netmask: null ## ie. 64
lxc_net6_nat: false

# lxc_container_net_link variable should be set to the lxc-net bridge.
lxc_container_net_link: "{{ lxc_net_bridge }}"  ## name of the host bridge to attach to
lxc_container_net_type: veth  ## lxc network interface type (veth, phys, vlan, macvlan, empty)
lxc_container_net_name: eth0  ## name of the interface inside the container.

# System control kernel tuning
lxc_kernel_options:
  - { key: 'fs.inotify.max_user_instances', value: 1024 }

lxc_pip_packages:
  - lxc-python2

lxc_cache_sshd_configuration:
    - { regexp: "^PermitRootLogin",         line: "PermitRootLogin yes" }
    - { regexp: "^TCPKeepAlive",            line: "TCPKeepAlive yes" }
    - { regexp: "^UseDNS",                  line: "UseDNS no" }
    - { regexp: "^X11Forwarding",           line: "X11Forwarding no" }
    - { regexp: "^PasswordAuthentication",  line: "PasswordAuthentication no" }

# The compression ratio used when creating the container cache rootfs archive
lxc_image_compression_ratio: 0

# A list of files may be copied into the container image cache from the
# deployment host during its preparation.
# Example:
#   lxc_container_cache_files:
#     - src: "/etc/openstack_deploy/files/etc/issue"
#       dest: "/etc/issue"
lxc_container_cache_files: []

# A list of files may be copied into the container image cache from the
# LXC host during its preparation.
# Example:
#   lxc_container_cache_files_from_host:
#     - "/etc/apt/sources.list.d/myrepo.list"
lxc_container_cache_files_from_host: []

# DNS servers to use during cache preparation
lxc_cache_prep_dns:
  - "{{ lxc_net_address }}"

# Custom shell commands to run before/after the LXC cache prep process has taken
# place.
lxc_cache_prep_pre_commands: '## pre command skipped ##'
lxc_cache_prep_post_commands: '## post command skipped ##'

# The DNS name of the LXD server to source the base container cache from
lxc_image_cache_server: images.linuxcontainers.org

# The keyservers to use when validating GPG keys for the downloaded cache
lxc_image_cache_primary_keyserver: hkp://p80.pool.sks-keyservers.net:80
lxc_image_cache_secondary_keyserver: hkp://keyserver.ubuntu.com:80

## Default download template options
##  This can be customized to use a local build server and options.
##  By default these options will be fulfilled by the distro specific
##  variable files found in vars/
# lxc_cache_download_template_options: >
#   --dist NAME_OF_DISTRO
#   --release DISTRO_RELEASE
#   --arch CONTAINER_ARCH
#   --force-cache
#   --server SERVER_TO_GET_IMAGES_FROM
lxc_cache_default_variant: default
lxc_cache_download_template_extra_options: ""
lxc_cache_download_template_options: >-
  --dist {{ lxc_cache_map.distro }}
  --release {{ lxc_cache_map.release }}
  --arch {{ lxc_cache_map.arch }}
  --force-cache
  --server {{ lxc_image_cache_server }}
  --variant {{ lxc_cache_default_variant }}
  {{ lxc_cache_download_template_extra_options }}

Required variables

None

Example playbook

- name: Basic LXC host setup
  hosts: "hosts"
  user: root
  roles:
    - { role: "lxc_hosts" }

Table Of Contents

Project Source

This Page