openstack/openstack-ansible-lxc_hosts
Code Issues Proposed changes

Auto-fix usage of modules via FQCN

Browse Source 
Since ansible-core 2.10 it is recommended to use modules via FQCN
In order to align with recommendation, we perform migration
by applying suggestions made by `ansible-lint --fix=fqcn`

Change-Id: Iaba6cf8e27e09d43f54f7fed66a6c19d93e5aa41
This commit is contained in:
Dmitriy Rabotyagov 2025-02-13 09:41:06 +01:00
parent 2aed220123
commit db32a0016c
11 changed files with 74 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
handlers/main.yml
View File

@ -14,48 +14,48 @@
# limitations under the License. # limitations under the License.
- name: Start apparmor - name: Start apparmor
systemd: ansible.builtin.systemd:
name: "apparmor" name: "apparmor"
enabled: true enabled: true
state: "started" state: "started"
- name: Reload apparmor - name: Reload apparmor
systemd: ansible.builtin.systemd:
name: "apparmor" name: "apparmor"
state: "restarted" state: "restarted"
- name: Restart importd - name: Restart importd
systemd: ansible.builtin.systemd:
name: "systemd-importd.service" name: "systemd-importd.service"
state: "restarted" state: "restarted"
- name: Restart irqbalance - name: Restart irqbalance
systemd: ansible.builtin.systemd:
name: "irqbalance" name: "irqbalance"
state: "restarted" state: "restarted"
enabled: "yes" enabled: "yes"
daemon_reload: true daemon_reload: true
- name: Bring bridge up - name: Bring bridge up
command: "ip link set {{ lxc_net_bridge }} up" # noqa: no-changed-when ansible.builtin.command: "ip link set {{ lxc_net_bridge }} up" # noqa: no-changed-when
- name: Reload systemd units - name: Reload systemd units
systemd: ansible.builtin.systemd:
daemon_reload: true daemon_reload: true
- name: Restart sshd - name: Restart sshd
service: ansible.builtin.service:
name: sshd name: sshd
state: "restarted" state: "restarted"
enabled: true enabled: true
- name: Remove rootfs archive - name: Remove rootfs archive
file: ansible.builtin.file:
path: "/tmp/{{ cache_basename }}" path: "/tmp/{{ cache_basename }}"
state: "absent" state: "absent"
- name: Restart dnsmasq - name: Restart dnsmasq
systemd: ansible.builtin.systemd:
name: "lxc-dnsmasq" name: "lxc-dnsmasq"
state: "restarted" state: "restarted"
enabled: "yes" enabled: "yes"

12
tasks/lxc_cache.yml
View File

@ -14,7 +14,7 @@
# limitations under the License. # limitations under the License.
- name: Set LXC cache fact(s) - name: Set LXC cache fact(s)
set_fact: ansible.builtin.set_fact:
cache_path_fact: >- cache_path_fact: >-
{{ lxc_container_cache_path ~ '/' ~ {{ lxc_container_cache_path ~ '/' ~
ansible_facts['distribution'] | lower ~ '/' ~ ansible_facts['distribution'] | lower ~ '/' ~
@ -24,7 +24,7 @@
cache_time: "{{ now().timestamp() }}" cache_time: "{{ now().timestamp() }}"
- name: Retrieve the expiry object - name: Retrieve the expiry object
slurp: ansible.builtin.slurp:
src: "{{ cache_path_fact }}/expiry" src: "{{ cache_path_fact }}/expiry"
failed_when: false failed_when: false
register: expiry register: expiry
@ -34,7 +34,7 @@
- always - always
- name: Set cache refresh fact - name: Set cache refresh fact
set_fact: ansible.builtin.set_fact:
lxc_image_cache_refresh: true lxc_image_cache_refresh: true
when: when:
- cache_time | int >= (expiry.content | default('MQo=') | b64decode | int) - cache_time | int >= (expiry.content | default('MQo=') | b64decode | int)
@ -42,21 +42,21 @@
- always - always
- name: Including lxc_cache_rootfs tasks - name: Including lxc_cache_rootfs tasks
include_tasks: lxc_cache_rootfs.yml ansible.builtin.include_tasks: lxc_cache_rootfs.yml
when: when:
- lxc_image_cache_refresh | bool - lxc_image_cache_refresh | bool
tags: tags:
- lxc_hosts-config - lxc_hosts-config
- name: Including lxc_cache_preparation tasks - name: Including lxc_cache_preparation tasks
include_tasks: lxc_cache_preparation.yml ansible.builtin.include_tasks: lxc_cache_preparation.yml
when: when:
- lxc_image_cache_refresh | bool - lxc_image_cache_refresh | bool
tags: tags:
- lxc_hosts-config - lxc_hosts-config
- name: Including lxc_cache_create tasks - name: Including lxc_cache_create tasks
include_tasks: lxc_cache_create.yml ansible.builtin.include_tasks: lxc_cache_create.yml
when: when:
- lxc_image_cache_refresh | bool - lxc_image_cache_refresh | bool
tags: tags:

18
tasks/lxc_cache_create.yml
View File

@ -14,20 +14,20 @@
# limitations under the License. # limitations under the License.
- name: Create LXC cache dir - name: Create LXC cache dir
file: ansible.builtin.file:
path: "{{ cache_path_fact }}" path: "{{ cache_path_fact }}"
state: "directory" state: "directory"
recurse: true recurse: true
- name: Remove existing cache archive - name: Remove existing cache archive
file: ansible.builtin.file:
path: "{{ cache_path_fact }}/rootfs.tar.xz" path: "{{ cache_path_fact }}/rootfs.tar.xz"
state: "absent" state: "absent"
# This is using a shell command because the ansible archive module does not # This is using a shell command because the ansible archive module does not
# provide for the options needed to properly create an LXC image archive. # provide for the options needed to properly create an LXC image archive.
- name: Create lxc image - name: Create lxc image
shell: | ansible.builtin.shell: |
tar -Opc -C {{ lxc_image_cache_path }} . | {{ lxc_xz_bin }} -T 0 -{{ lxc_image_compression_ratio }} -c - > rootfs.tar.xz tar -Opc -C {{ lxc_image_cache_path }} . | {{ lxc_xz_bin }} -T 0 -{{ lxc_image_compression_ratio }} -c - > rootfs.tar.xz
args: args:
chdir: "{{ cache_path_fact }}/" chdir: "{{ cache_path_fact }}/"
@ -35,7 +35,7 @@
- skip_ansible_lint - skip_ansible_lint
- name: Drop container meta-data - name: Drop container meta-data
template: ansible.builtin.template:
src: "meta-data/{{ item }}" src: "meta-data/{{ item }}"
dest: "{{ cache_path_fact }}/{{ item }}" dest: "{{ cache_path_fact }}/{{ item }}"
owner: "root" owner: "root"
@ -49,19 +49,19 @@
- templates - templates
- name: Set expiry - name: Set expiry
copy: ansible.builtin.copy:
content: "{{ cache_time | int + lxc_image_cache_expiration | community.general.to_seconds | int }}" content: "{{ cache_time | int + lxc_image_cache_expiration | community.general.to_seconds | int }}"
dest: "{{ cache_path_fact }}/expiry" dest: "{{ cache_path_fact }}/expiry"
mode: "0644" mode: "0644"
- name: Set build ID - name: Set build ID
copy: ansible.builtin.copy:
content: "{{ cache_time | int }}" content: "{{ cache_time | int }}"
dest: "{{ cache_path_fact }}/build_id" dest: "{{ cache_path_fact }}/build_id"
mode: "0644" mode: "0644"
- name: Create base container to use for containers with {{ lxc_container_backing_store }} - name: Create base container to use for containers with {{ lxc_container_backing_store }}
lxc_container: community.general.lxc_container:
name: "{{ lxc_container_base_name }}" name: "{{ lxc_container_base_name }}"
template: "download" template: "download"
state: stopped state: stopped
@ -78,7 +78,7 @@
- lxc_container_backing_store == 'btrfs' - lxc_container_backing_store == 'btrfs'
block: block:
- name: Set the qgroup size|compression limits on machines - name: Set the qgroup size|compression limits on machines
command: "btrfs qgroup limit {{ item }} /var/lib/lxc/{{ lxc_container_base_name }}" ansible.builtin.command: "btrfs qgroup limit {{ item }} /var/lib/lxc/{{ lxc_container_base_name }}"
changed_when: false changed_when: false
with_items: with_items:
- "-e {{ lxc_host_machine_qgroup_space_limit }}" - "-e {{ lxc_host_machine_qgroup_space_limit }}"
@ -87,7 +87,7 @@
- not lxc_host_machine_quota_disabled - not lxc_host_machine_quota_disabled
rescue: rescue:
- name: Notice regarding quota system - name: Notice regarding quota system
debug: ansible.builtin.debug:
msg: >- msg: >-
There was an error processing the setup of qgroups. Check the system There was an error processing the setup of qgroups. Check the system
to ensure they're available otherwise disable the quota system by to ensure they're available otherwise disable the quota system by

16
tasks/lxc_cache_preparation.yml
View File

@ -17,7 +17,7 @@
# to loop over a block. Re-evaluate this task when/if this is # to loop over a block. Re-evaluate this task when/if this is
# merged https://github.com/ansible/ansible/issues/13262 # merged https://github.com/ansible/ansible/issues/13262
- name: Rsyncing files from the LXC host to the container cache - name: Rsyncing files from the LXC host to the container cache
shell: | ansible.builtin.shell: |
if [[ -e "{{ item }}" ]]; then if [[ -e "{{ item }}" ]]; then
rsync -av "{{ item }}" "{{ lxc_image_cache_path }}{{ item }}" rsync -av "{{ item }}" "{{ lxc_image_cache_path }}{{ item }}"
else else
@ -31,14 +31,14 @@
with_items: "{{ (_lxc_copy_from_host | union(lxc_container_cache_files_from_host)) | list }}" with_items: "{{ (_lxc_copy_from_host | union(lxc_container_cache_files_from_host)) | list }}"
- name: Ensure directories exist for lxc_container_cache_files - name: Ensure directories exist for lxc_container_cache_files
file: ansible.builtin.file:
dest: "{{ lxc_image_cache_path }}{{ item.dest | default(item.src) | dirname }}" dest: "{{ lxc_image_cache_path }}{{ item.dest | default(item.src) | dirname }}"
state: directory state: directory
mode: "0755" mode: "0755"
with_items: "{{ lxc_container_cache_files }}" with_items: "{{ lxc_container_cache_files }}"
- name: Copy files from deployment host to the container cache - name: Copy files from deployment host to the container cache
copy: ansible.builtin.copy:
src: "{{ item.src }}" src: "{{ item.src }}"
dest: "{{ lxc_image_cache_path }}{{ item.dest | default(item.src) }}" dest: "{{ lxc_image_cache_path }}{{ item.dest | default(item.src) }}"
owner: "{{ item.owner | default('root') }}" owner: "{{ item.owner | default('root') }}"
@ -47,13 +47,13 @@
with_items: "{{ lxc_container_cache_files }}" with_items: "{{ lxc_container_cache_files }}"
- name: Ensure opt directory exists in container - name: Ensure opt directory exists in container
file: ansible.builtin.file:
dest: "{{ lxc_image_cache_path }}/opt" dest: "{{ lxc_image_cache_path }}/opt"
state: directory state: directory
mode: "0755" mode: "0755"
- name: Cached image preparation script - name: Cached image preparation script
template: ansible.builtin.template:
src: "{{ lxc_cache_prep_template }}" src: "{{ lxc_cache_prep_template }}"
dest: "{{ lxc_image_cache_path }}/opt/cache-prep-commands.sh" dest: "{{ lxc_image_cache_path }}/opt/cache-prep-commands.sh"
mode: "0755" mode: "0755"
@ -61,7 +61,7 @@
# This task runs several commands against the cached image to speed up the # This task runs several commands against the cached image to speed up the
# lxc_container_create playbook. # lxc_container_create playbook.
- name: Prepare cached image setup commands - name: Prepare cached image setup commands
shell: "chroot {{ lxc_image_cache_path }} /opt/cache-prep-commands.sh > /var/log/lxc-cache-prep-commands.log 2>&1" ansible.builtin.shell: "chroot {{ lxc_image_cache_path }} /opt/cache-prep-commands.sh > /var/log/lxc-cache-prep-commands.log 2>&1"
changed_when: false changed_when: false
async: "{{ lxc_cache_prep_timeout | int }}" async: "{{ lxc_cache_prep_timeout | int }}"
poll: 0 poll: 0
@ -70,7 +70,7 @@
# NOTE(cloudnull): Wait for the cache preparation script has completed before # NOTE(cloudnull): Wait for the cache preparation script has completed before
# building the new RootFS # building the new RootFS
- name: Ensure that the LXC cache has been prepared - name: Ensure that the LXC cache has been prepared
async_status: ansible.builtin.async_status:
jid: "{{ _lxc_cache_prepare_commands.ansible_job_id }}" jid: "{{ _lxc_cache_prepare_commands.ansible_job_id }}"
register: _lxc_cache_prepare_commands_result register: _lxc_cache_prepare_commands_result
until: _lxc_cache_prepare_commands_result.finished until: _lxc_cache_prepare_commands_result.finished
@ -78,7 +78,7 @@
retries: "{{ lxc_cache_prep_timeout | int // 10 }}" retries: "{{ lxc_cache_prep_timeout | int // 10 }}"
- name: Remove requiretty for sudo on centos - name: Remove requiretty for sudo on centos
template: ansible.builtin.template:
dest: "{{ lxc_image_cache_path }}/etc/sudoers.d/openstack-ansible" dest: "{{ lxc_image_cache_path }}/etc/sudoers.d/openstack-ansible"
owner: root owner: root
group: root group: root

12
tasks/lxc_cache_rootfs.yml
View File

@ -14,20 +14,20 @@
# limitations under the License. # limitations under the License.
- name: Create sparse machines file - name: Create sparse machines file
command: "truncate -s 11G /var/lib/machines.raw" ansible.builtin.command: "truncate -s 11G /var/lib/machines.raw"
args: args:
creates: /var/lib/machines.raw creates: /var/lib/machines.raw
register: machines_create register: machines_create
- name: Format the machines file - name: Format the machines file
filesystem: community.general.filesystem:
fstype: ext4 fstype: ext4
dev: /var/lib/machines.raw dev: /var/lib/machines.raw
when: when:
- machines_create is changed - machines_create is changed
- name: Create systemd mount - name: Create systemd mount
import_role: ansible.builtin.import_role:
name: systemd_mount name: systemd_mount
vars: vars:
systemd_mounts: systemd_mounts:
@ -42,21 +42,21 @@
enabled: true enabled: true
- name: Remove the old image cache - name: Remove the old image cache
file: ansible.builtin.file:
path: "/var/lib/machines/{{ lxc_container_base_name }}" path: "/var/lib/machines/{{ lxc_container_base_name }}"
state: absent state: absent
when: when:
- lxc_image_cache_refresh | bool - lxc_image_cache_refresh | bool
- name: Create new image cache directory - name: Create new image cache directory
file: ansible.builtin.file:
path: "/var/lib/machines/{{ lxc_container_base_name }}" path: "/var/lib/machines/{{ lxc_container_base_name }}"
state: directory state: directory
mode: "0755" mode: "0755"
register: create_new_dir register: create_new_dir
- name: Build the base image using a CLI tool - name: Build the base image using a CLI tool
command: "{{ lxc_hosts_container_build_command }}" ansible.builtin.command: "{{ lxc_hosts_container_build_command }}"
when: lxc_hosts_container_build_command | length > 0 when: lxc_hosts_container_build_command | length > 0
changed_when: false changed_when: false
register: _build_container_base_image register: _build_container_base_image

10
tasks/lxc_install_apt.yml
View File

@ -14,7 +14,7 @@
# limitations under the License. # limitations under the License.
- name: Remove conflicting packages - name: Remove conflicting packages
apt: ansible.builtin.apt:
pkg: "{{ lxc_hosts_remove_distro_packages }}" pkg: "{{ lxc_hosts_remove_distro_packages }}"
state: absent state: absent
purge: true purge: true
@ -22,7 +22,7 @@
- lxc-apt-packages - lxc-apt-packages
- name: Install apt packages - name: Install apt packages
apt: ansible.builtin.apt:
pkg: "{{ lxc_hosts_distro_packages }}" pkg: "{{ lxc_hosts_distro_packages }}"
state: "{{ lxc_hosts_package_state }}" state: "{{ lxc_hosts_package_state }}"
default_release: "{{ lxc_default_release | default(omit) }}" default_release: "{{ lxc_default_release | default(omit) }}"
@ -37,7 +37,7 @@
- lxc-apt-packages - lxc-apt-packages
- name: Drop irqbalance config - name: Drop irqbalance config
template: ansible.builtin.template:
src: "irqbalance.j2" src: "irqbalance.j2"
dest: "{{ system_config_dir }}/irqbalance" dest: "{{ system_config_dir }}/irqbalance"
owner: "root" owner: "root"
@ -51,7 +51,7 @@
- lxc_hosts-config - lxc_hosts-config
- name: Drop lxc-openstack apparmor profile - name: Drop lxc-openstack apparmor profile
template: ansible.builtin.template:
src: "lxc-openstack.apparmor.j2" src: "lxc-openstack.apparmor.j2"
dest: "/etc/apparmor.d/lxc/lxc-openstack" dest: "/etc/apparmor.d/lxc/lxc-openstack"
owner: "root" owner: "root"
@ -66,4 +66,4 @@
- lxc_hosts-config - lxc_hosts-config
- name: Flush handler to reload apparmor profiles - name: Flush handler to reload apparmor profiles
meta: flush_handlers ansible.builtin.meta: flush_handlers

18
tasks/lxc_install_dnf.yml
View File

@ -14,12 +14,12 @@
# limitations under the License. # limitations under the License.
- name: Ensure createrepo package is installed - name: Ensure createrepo package is installed
yum: ansible.builtin.dnf:
name: createrepo name: createrepo
state: present state: present
- name: Deploy upstream COPR yum repo for lxc 3 - name: Deploy upstream COPR yum repo for lxc 3
yum_repository: ansible.builtin.yum_repository:
name: thm-lxc3.0 name: thm-lxc3.0
description: "Copr repo for lxc3.0 owned by thm" description: "Copr repo for lxc3.0 owned by thm"
baseurl: "{{ lxc_centos_package_baseurl }}" baseurl: "{{ lxc_centos_package_baseurl }}"
@ -30,7 +30,7 @@
state: present state: present
- name: Add GPG key for COPR LXC repo - name: Add GPG key for COPR LXC repo
rpm_key: ansible.builtin.rpm_key:
key: "{{ lxc_centos_package_key }}" key: "{{ lxc_centos_package_key }}"
state: present state: present
register: add_keys register: add_keys
@ -39,7 +39,7 @@
delay: 2 delay: 2
- name: Download EPEL gpg keys - name: Download EPEL gpg keys
get_url: ansible.builtin.get_url:
url: "{{ lxc_centos_epel_key }}" url: "{{ lxc_centos_epel_key }}"
dest: /etc/pki/rpm-gpg dest: /etc/pki/rpm-gpg
mode: "0640" mode: "0640"
@ -49,12 +49,12 @@
delay: 2 delay: 2
- name: Install EPEL gpg keys - name: Install EPEL gpg keys
rpm_key: ansible.builtin.rpm_key:
key: "/etc/pki/rpm-gpg/{{ lxc_centos_epel_key.split('/')[-1] }}" key: "/etc/pki/rpm-gpg/{{ lxc_centos_epel_key.split('/')[-1] }}"
state: present state: present
- name: Install the EPEL repository - Centos-8 - name: Install the EPEL repository - Centos-8
yum_repository: ansible.builtin.yum_repository:
name: epel-lxc_hosts name: epel-lxc_hosts
baseurl: "{{ lxc_centos_epel_mirror ~ '/' ~ ansible_facts['distribution_major_version'] ~ '/Everything/' ~ ansible_facts['architecture'] }}" baseurl: "{{ lxc_centos_epel_mirror ~ '/' ~ ansible_facts['distribution_major_version'] ~ '/Everything/' ~ ansible_facts['architecture'] }}"
description: "Extra Packages for Enterprise Linux {{ ansible_facts['distribution_major_version'] }} - $basearch" description: "Extra Packages for Enterprise Linux {{ ansible_facts['distribution_major_version'] }} - $basearch"
@ -69,7 +69,7 @@
delay: 2 delay: 2
- name: Install distro packages - name: Install distro packages
package: ansible.builtin.package:
pkg: "{{ lxc_hosts_distro_packages }}" pkg: "{{ lxc_hosts_distro_packages }}"
state: "{{ lxc_hosts_package_state }}" state: "{{ lxc_hosts_package_state }}"
register: install_packages register: install_packages
@ -80,7 +80,7 @@
- lxc-packages - lxc-packages
- name: Remove sub system lock if found - name: Remove sub system lock if found
file: ansible.builtin.file:
path: "/var/lock/subsys/lxc" path: "/var/lock/subsys/lxc"
state: "absent" state: "absent"
owner: "root" owner: "root"
@ -89,7 +89,7 @@
- lxc-directories - lxc-directories
- name: Enable lxc service - name: Enable lxc service
service: ansible.builtin.service:
name: lxc name: lxc
enabled: "yes" enabled: "yes"
tags: tags:

14
tasks/lxc_net.yml
View File

@ -26,7 +26,7 @@
- skip_ansible_lint - skip_ansible_lint
- name: Ensure network services wait on networking (if using NetworkManager) - name: Ensure network services wait on networking (if using NetworkManager)
service: ansible.builtin.service:
name: NetworkManager-wait-online.service name: NetworkManager-wait-online.service
enabled: true enabled: true
when: networkmanager_check.rc == 0 when: networkmanager_check.rc == 0
@ -35,7 +35,7 @@
# and handle the customized LXC container networking. Starting lxc-net will # and handle the customized LXC container networking. Starting lxc-net will
# trample over these hooks and cause networking issues for containers. # trample over these hooks and cause networking issues for containers.
- name: Disable and stop lxc-net - name: Disable and stop lxc-net
systemd: ansible.builtin.systemd:
name: lxc-net name: lxc-net
enabled: false enabled: false
state: stopped state: stopped
@ -44,14 +44,14 @@
- lxc-net - lxc-net
- name: Setup LXC OVS Bridge - name: Setup LXC OVS Bridge
openvswitch_bridge: openvswitch.openvswitch.openvswitch_bridge:
bridge: "{{ lxc_net_bridge }}" bridge: "{{ lxc_net_bridge }}"
fail_mode: standalone fail_mode: standalone
state: present state: present
when: lxc_net_bridge_type == 'openvswitch' when: lxc_net_bridge_type == 'openvswitch'
- name: Run the systemd-networkd role - name: Run the systemd-networkd role
include_role: ansible.builtin.include_role:
name: systemd_networkd name: systemd_networkd
vars: vars:
_lxc_net_bridge_devices: _lxc_net_bridge_devices:
@ -76,7 +76,7 @@
Gateway: "{{ lxc_net_gateway is not none | ternary(lxc_net_gateway, {}) }}" Gateway: "{{ lxc_net_gateway is not none | ternary(lxc_net_gateway, {}) }}"
- name: Run the systemd-service role - name: Run the systemd-service role
include_role: ansible.builtin.include_role:
name: systemd_service name: systemd_service
vars: vars:
systemd_service_enabled: true systemd_service_enabled: true
@ -110,7 +110,7 @@
# Check that the container bridge exists, if not bring it up # Check that the container bridge exists, if not bring it up
- name: Check Container Bridge exists - name: Check Container Bridge exists
stat: ansible.builtin.stat:
path: "/sys/class/net/{{ lxc_net_bridge }}/bridge/bridge_id" path: "/sys/class/net/{{ lxc_net_bridge }}/bridge/bridge_id"
register: bridge_check register: bridge_check
failed_when: false failed_when: false
@ -122,4 +122,4 @@
# Ensure lxc networks are running as they're supposed to # Ensure lxc networks are running as they're supposed to
- name: Flush handlers - name: Flush handlers
meta: flush_handlers ansible.builtin.meta: flush_handlers

12
tasks/lxc_post_install.yml
View File

@ -14,7 +14,7 @@
# limitations under the License. # limitations under the License.
- name: Ensure the lxc dnsmasq user exists - name: Ensure the lxc dnsmasq user exists
user: ansible.builtin.user:
name: "{{ lxc_net_dnsmasq_user }}" name: "{{ lxc_net_dnsmasq_user }}"
comment: "LXC dnsmasq" comment: "LXC dnsmasq"
system: "yes" system: "yes"
@ -24,7 +24,7 @@
- lxc-dnsmasq-user - lxc-dnsmasq-user
- name: Drop base config file(s) - name: Drop base config file(s)
template: ansible.builtin.template:
src: "{{ item.src }}" src: "{{ item.src }}"
dest: "{{ item.dest }}" dest: "{{ item.dest }}"
owner: "{{ item.owner | default('root') }}" owner: "{{ item.owner | default('root') }}"
@ -40,7 +40,7 @@
- lxc-config - lxc-config
- name: Drop lxc veth check script - name: Drop lxc veth check script
copy: ansible.builtin.copy:
src: "lxc-veth-check.sh" src: "lxc-veth-check.sh"
dest: "/usr/local/bin/lxc-veth-check" dest: "/usr/local/bin/lxc-veth-check"
owner: "root" owner: "root"
@ -51,7 +51,7 @@
- lxc-config - lxc-config
- name: Set systemd DefaultTasksMax value - name: Set systemd DefaultTasksMax value
lineinfile: ansible.builtin.lineinfile:
dest: /etc/systemd/system.conf dest: /etc/systemd/system.conf
state: present state: present
regexp: "^.*DefaultTasksMax.*$" regexp: "^.*DefaultTasksMax.*$"
@ -64,7 +64,7 @@
- lxc-config - lxc-config
- name: Set sshd MaxSessions - name: Set sshd MaxSessions
lineinfile: ansible.builtin.lineinfile:
dest: /etc/ssh/sshd_config dest: /etc/ssh/sshd_config
state: present state: present
regexp: "^#?MaxSessions.*$" regexp: "^#?MaxSessions.*$"
@ -75,7 +75,7 @@
- lxc-config - lxc-config
- name: Tuning kernel for lxc - name: Tuning kernel for lxc
sysctl: ansible.posix.sysctl:
name: "{{ item.key }}" name: "{{ item.key }}"
value: "{{ item.value }}" value: "{{ item.value }}"
sysctl_set: "{{ item.set | default('yes') }}" sysctl_set: "{{ item.set | default('yes') }}"

2
tasks/lxc_pre_install.yml
View File

@ -14,7 +14,7 @@
# limitations under the License. # limitations under the License.
- name: Create base directories - name: Create base directories
file: ansible.builtin.file:
path: "{{ item }}" path: "{{ item }}"
state: "directory" state: "directory"
owner: "root" owner: "root"

16
tasks/main.yml
View File

@ -14,7 +14,7 @@
# limitations under the License. # limitations under the License.
- name: Gather variables for each operating system - name: Gather variables for each operating system
include_vars: "{{ lookup('first_found', params) }}" ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
vars: vars:
params: params:
files: files:
@ -29,7 +29,7 @@
- always - always
- name: Gather container variables - name: Gather container variables
include_vars: "{{ lookup('first_found', params) }}" ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
vars: vars:
params: params:
files: files:
@ -45,32 +45,32 @@
- always - always
- name: Including lxc_pre_install tasks - name: Including lxc_pre_install tasks
include_tasks: lxc_pre_install.yml ansible.builtin.include_tasks: lxc_pre_install.yml
tags: tags:
- lxc_hosts-install - lxc_hosts-install
- name: Including lxc_install tasks" - name: Including lxc_install tasks"
include_tasks: "lxc_install_{{ ansible_facts['pkg_mgr'] }}.yml" ansible.builtin.include_tasks: "lxc_install_{{ ansible_facts['pkg_mgr'] }}.yml"
tags: tags:
- lxc_hosts-install - lxc_hosts-install
- name: Including lxc_post_install tasks - name: Including lxc_post_install tasks
include_tasks: lxc_post_install.yml ansible.builtin.include_tasks: lxc_post_install.yml
tags: tags:
- lxc_hosts-config - lxc_hosts-config
- name: Including lxc_net tasks - name: Including lxc_net tasks
include_tasks: lxc_net.yml ansible.builtin.include_tasks: lxc_net.yml
when: when:
- lxc_net_managed | bool - lxc_net_managed | bool
tags: tags:
- lxc_hosts-config - lxc_hosts-config
- name: Including lxc_cache tasks - name: Including lxc_cache tasks
include_tasks: lxc_cache.yml ansible.builtin.include_tasks: lxc_cache.yml
tags: tags:
- lxc_hosts-install - lxc_hosts-install
- lxc_hosts-config - lxc_hosts-config
- name: Flush handlers - name: Flush handlers
meta: flush_handlers ansible.builtin.meta: flush_handlers