LILiK
/
lilik_playbook
5
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Playbooks to a new Lilik
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
446 Commits
12 Branches
967 KiB
Tree: cec0b7cf50
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'cec0b7cf50'
${ noResults }
lilik_playbook/roles/lxc_guest/templates/config.j2

43 lines
1.3 KiB
Raw Normal View History

roles/lxc_guest: add unprivileged support
5 years ago
Some playbooks full of joy.
9 years ago
roles/lxc_guest: add support for alpine linux vm
4 years ago
roles/lxc_guest: add unprivileged support
5 years ago
roles/lxc_guest: add support for alpine linux vm
4 years ago
roles/lxc_guest: add unprivileged support
5 years ago
Some playbooks full of joy.
9 years ago
roles/lxc_guest: improved syntax and upgrades Debian version upgraded to buster. New templates compatibile with stable versions of LXC provided with debian. Cleaner syntax using `ssh_lxc.py` connection plugin. Now we don't user `lxc-attach -n ...` in the `shell` module on the host anymore, but we delegate to `{{ vm_name }}` with `connection: ssh_lxc`, using suitable Ansible module to do operation directly on the container before it is online and SSH accessible. We added an option to force an LVM VG name: if the default naming convention is not used the vg name can be overriden with the `vg_name` variable. The `xfs` filesystem seems to be broken in this release, so we used `ext4` as default for new container. This point needs further investigation.
5 years ago
Some playbooks full of joy.
9 years ago
roles/lxc_guest: improved syntax and upgrades Debian version upgraded to buster. New templates compatibile with stable versions of LXC provided with debian. Cleaner syntax using `ssh_lxc.py` connection plugin. Now we don't user `lxc-attach -n ...` in the `shell` module on the host anymore, but we delegate to `{{ vm_name }}` with `connection: ssh_lxc`, using suitable Ansible module to do operation directly on the container before it is online and SSH accessible. We added an option to force an LVM VG name: if the default naming convention is not used the vg name can be overriden with the `vg_name` variable. The `xfs` filesystem seems to be broken in this release, so we used `ext4` as default for new container. This point needs further investigation.
5 years ago
Some playbooks full of joy.
9 years ago
roles/lxc_guest: add unprivileged support
5 years ago
roles/lxc_guest: improved syntax and upgrades Debian version upgraded to buster. New templates compatibile with stable versions of LXC provided with debian. Cleaner syntax using `ssh_lxc.py` connection plugin. Now we don't user `lxc-attach -n ...` in the `shell` module on the host anymore, but we delegate to `{{ vm_name }}` with `connection: ssh_lxc`, using suitable Ansible module to do operation directly on the container before it is online and SSH accessible. We added an option to force an LVM VG name: if the default naming convention is not used the vg name can be overriden with the `vg_name` variable. The `xfs` filesystem seems to be broken in this release, so we used `ext4` as default for new container. This point needs further investigation.
5 years ago
Some playbooks full of joy.
9 years ago
 
  1. {% if unprivileged %}
  2. # Distribution configuration (unprivileged)
  3. lxc.include = /usr/share/lxc/config/common.conf
  4. lxc.include = /usr/share/lxc/config/userns.conf
  5. lxc.arch = linux64
  6. 

  7. {%   if distro == 'debian' %}
  8. lxc.mount.entry = /sys/kernel/debug sys/kernel/debug none bind,optional 0 0
  9. lxc.mount.entry = /sys/kernel/security sys/kernel/security none bind,optional 0 0
  10. lxc.mount.entry = /sys/fs/pstore sys/fs/pstore none bind,optional 0 0
  11. lxc.mount.entry = mqueue dev/mqueue mqueue rw,relatime,create=dir,optional 0 0
  12. {%   endif %}
  13. 

  14. lxc.apparmor.profile = generated
  15. 

  16. # Container specific configuration
  17. lxc.idmap = u 0 {{ subuidmap }}
  18. lxc.idmap = g 0 {{ subgidmap }}
  19. 

  20. {% else %}
  21. # Distribution configuration (privileged)
  22. lxc.include = /usr/share/lxc/config/debian.common.conf
  23. 

  24. lxc.apparmor.profile = generated
  25. lxc.apparmor.allow_nesting = 1
  26. 

  27. lxc.tty.max = 4
  28. lxc.arch = amd64
  29. lxc.pty.max = 1024
  30. 

  31. # Container specific configuration
  32. {% endif %}
  33. lxc.uts.name = {{ vm_name }}
  34. lxc.rootfs.path = lvm:/dev/{{ vg_name }}/vm_{{ vm_name }}
  35. 

  36. # Network configuration
  37. lxc.net.0.type = veth
  38. lxc.net.0.flags = up
  39. lxc.net.0.link = br0
  40. lxc.net.0.name = eth0
  41. lxc.net.0.ipv4.address = {{ hostvars | ip_from_inventory(vm_name) }}/24
  42. lxc.net.0.ipv4.gateway = {{ hostvars | ip_from_inventory('vm_gateway') }}
  43. lxc.start.auto = {% if auto_start %}1{% else %}0{% endif %}