Last active
August 29, 2015 14:20
-
-
Save cloudnull/3015a4cff9573866ce55 to your computer and use it in GitHub Desktop.
master
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
global_environment_variables: | |
- "VAR=things" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# from https://github.com/stackforge/os-ansible-deployment/blob/juno/rpc_deployment/roles/container_setup/tasks/container_setup.yml | |
- name: Basic Inner Container Setup | |
lxc: | |
name: "{{ container_name }}" | |
command: "attach" | |
container_command: | | |
{% if global_environment_variables is defined %} | |
{%- for env_var in global_environment_variables %} | |
if ! grep '{{ env_var }}' /etc/environment; | |
echo '{{ env_var }}' | tee -a /etc/environment | |
fi | |
{%- endfor %} | |
{% endif %} | |
mkdir -p ~/.ssh/ | |
if [ ! -f "~/.ssh/authorized_keys" ];then | |
touch ~/.ssh/authorized_keys | |
fi | |
grep '{{ container_ssh_key }}' ~/.ssh/authorized_keys || echo '{{ container_ssh_key }}' | tee -a ~/.ssh/authorized_keys | |
# Create internal directories | |
mkdir -p /monitoring | |
mkdir -p /etc/network/interfaces.d | |
mkdir -p /var/backup | |
mkdir -p '/var/log/{{ service_name }}' | |
mkdir -p '/etc/{{ service_name }}' | |
sed -i 's/PermitRootLogin.*/PermitRootLogin\ yes/g' /etc/ssh/sshd_config | |
service ssh restart | |
apt-get update | |
apt-get -y install python2.7 | |
rm /usr/bin/python | |
ln -s /usr/bin/python2.7 /usr/bin/python | |
echo -e '{{ default_interfaces }}' | tee /etc/network/interfaces | |
echo -e '{{ management_interface }}' | tee /etc/network/interfaces.d/management.cfg | |
delegate_to: "{{ physical_host }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# from https://github.com/stackforge/os-ansible-deployment/blob/master/playbooks/roles/lxc_container_create/tasks/container_create.yml | |
- name: Create container | |
lxc_container: | |
name: "{{ inventory_hostname }}" | |
container_log: "true" | |
config: "{{ properties.container_config|default(lxc_container_config) }}" | |
template: "{{ properties.container_template|default(lxc_container_template) }}" | |
state: started | |
backing_store: "{{ properties.container_backing_store|default(lxc_container_backing_store) }}" | |
fs_size: "{{ properties.container_fs_size|default(lxc_container_fs_size) }}" | |
fs_type: "{{ properties.container_fs_type|default(lxc_container_fs_type) }}" | |
vg_name: "{{ properties.container_vg_name|default(lxc_container_vg_name) }}" | |
template_options: "{{ lxc_container_template_options }}" | |
container_command: | | |
{% if global_environment_variables is defined %} | |
{%- for env_var in global_environment_variables %} | |
if ! grep '{{ env_var }}' /etc/environment; | |
echo '{{ env_var }}' | tee -a /etc/environment | |
fi | |
{%- endfor %} | |
{% endif %} | |
mkdir -p ~/.ssh/ | |
if [ ! -f "~/.ssh/authorized_keys" ];then | |
touch ~/.ssh/authorized_keys | |
fi | |
grep '{{ lxc_container_ssh_key }}' ~/.ssh/authorized_keys || echo '{{ lxc_container_ssh_key }}' | tee -a ~/.ssh/authorized_keys | |
# Create internal directories | |
mkdir -p /etc/network/interfaces.d | |
mkdir -p /var/backup | |
sed -i 's/PermitRootLogin.*/PermitRootLogin\ yes/g' /etc/ssh/sshd_config | |
service ssh restart | |
# Configure defined apt-repos | |
rm /etc/apt/sources.list | |
echo '# Do not edit this file. Add new sources to /etc/apt/sources.list.d/' | tee /etc/apt/sources.list | |
echo 'deb {{ lxc_container_template_main_apt_repo }} {{ lxc_container_release }} main restricted universe multiverse' | tee -a /etc/apt/sources.list | |
echo 'deb {{ lxc_container_template_main_apt_repo }} {{ lxc_container_release }}-updates main restricted universe multiverse' | tee -a /etc/apt/sources.list | |
echo 'deb {{ lxc_container_template_main_apt_repo }} {{ lxc_container_release }}-backports main restricted universe multiverse' | tee -a /etc/apt/sources.list | |
echo 'deb {{ lxc_container_template_security_apt_repo }} {{ lxc_container_release }}-security main restricted universe multiverse' | tee -a /etc/apt/sources.list | |
while timeout 120 apt-get update && apt-get -y install python2.7; [ $? = 124 ]; do | |
sleep 5 | |
done | |
rm /usr/bin/python | |
ln -s /usr/bin/python2.7 /usr/bin/python | |
echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/network/interfaces | |
container_config: | |
- "lxc.aa_profile=lxc-openstack" | |
- "lxc.mount.entry=/openstack/backup/{{ inventory_hostname }} var/backup none defaults,bind,rw 0 0" | |
delegate_to: "{{ physical_host }}" | |
tags: | |
- lxc-container-create |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment