openstack/openstack-ansible-lxc_hosts
Code Issues Proposed changes
openstack-ansible-lxc_hosts/defaults/main.yml
Kevin Carter eb9f3d858b IRR for lxc_host 
The change moves the role out from the main repo lxc_host
repository and into its own standalone repository.

Items within this change:
  * The role has been updated to ensure it runs standalone.
  * Tests added to the role within tox.
  * Functional tests added to the role that can either be run
    via the run_tests.sh script or using tox.
  * dev requirements have been updated for testing usecases.
  * Docs added to both the README.rst file as well as the docs
    folder.

Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2015-11-03 04:22:57 -06:00

100 lines
3.3 KiB
YAML
Raw Blame History

---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# lxc container rootfs directory and cache path
lxc_container_directory: "/var/lib/lxc"
lxc_container_cache_path: "/var/cache/lxc"
# lxc container net network
lxc_net_bridge: lxcbr0
lxc_net_bridge_port: none
lxc_net_address: 10.0.3.1
lxc_net_netmask: 255.255.255.0
lxc_net_gateway: none ## if "none" no gateway will on the LXC bridge, nat must be "false" to use a gateway.
# lxc container nat enabled
lxc_net_nat: true ## If "true" nat rules will be created with the lxc network.
# lxc container dhcp settings
lxc_net_dhcp_range: 10.0.3.2,10.0.3.253
lxc_net_dhcp_max: 253
lxc_net_dhcp_config: ''
lxc_net_dnsmasq_user: lxc-dnsmasq
lxc_net_domain: ''
# lxc_container_net_link variable should be set to the lxc-net bridge.
lxc_container_net_link: "{{ lxc_net_bridge }}" ## name of the host bridge to attach to
lxc_container_net_type: veth ## lxc network interface type (veth, phys, vlan, macvlan, empty)
lxc_container_net_name: eth0 ## name of the interface inside the container.
# System control kernel tuning
lxc_kernel_options:
- { key: 'fs.inotify.max_user_instances', value: 1024 }
# Default image to build from
lxc_container_release: trusty
lxc_container_user_name: ubuntu
lxc_container_user_password: "{{ lookup('pipe', 'date --rfc-3339=ns | sha512sum | base64 | head -c 32') }}"
lxc_container_template_options: >
--release {{ lxc_container_release }}
--user {{ lxc_container_user_name }}
--password {{ lxc_container_user_password }}
lxc_container_template_main_apt_repo: "https://mirror.rackspace.com/ubuntu"
lxc_container_template_security_apt_repo: "https://mirror.rackspace.com/ubuntu"
# Required apt packages.
lxc_apt_packages:
- apparmor-utils
- bridge-utils
- cgmanager
- cgroup-lite
- debootstrap
- dnsmasq
- git
- liblxc1
- lxc
- lxc-dev
- lxc-templates
- python-dev
- python3-lxc
# Commands to run against cached LXC image
lxc_cache_commands:
- apt-get update
- apt-get -y upgrade
- apt-get -y install python2.7
- rm -f /usr/bin/python
- ln -s /usr/bin/python2.7 /usr/bin/python
lxc_cache_resolvers:
- 'nameserver 8.8.8.8'
- 'nameserver 8.8.4.4'
lxc_cache_sshd_configuration:
- { regexp: "^PermitRootLogin", line: "PermitRootLogin yes" }
- { regexp: "^TCPKeepAlive", line: "TCPKeepAlive yes" }
- { regexp: "^UseDNS", line: "UseDNS no" }
- { regexp: "^X11Forwarding", line: "X11Forwarding no" }
- { regexp: "^PasswordAuthentication", line: "PasswordAuthentication no" }
# Prebuilt images to deploy onto hosts for use in containers.
# lxc_container_caches:
# - url: "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz"
# name: "trusty.tgz"
# sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c"
# chroot_path: trusty/rootfs-amd64
View Git Blame Copy Permalink