diff --git a/templates/lxc-openstack.conf.j2 b/templates/lxc-openstack.conf.j2 index 4fd83c86..f9a9fd9f 100644 --- a/templates/lxc-openstack.conf.j2 +++ b/templates/lxc-openstack.conf.j2 @@ -1,7 +1,9 @@ # {{ ansible_managed }} +{% if ansible_facts['os_family'] | lower == 'debian' %} lxc.apparmor.profile = generated lxc.apparmor.allow_nesting = 1 +{% endif %} lxc.start.auto = 1 lxc.start.delay = 15 lxc.group = onboot diff --git a/templates/prep-scripts/redhat_prep.sh.j2 b/templates/prep-scripts/redhat_prep.sh.j2 index 76798932..965a6d7d 100644 --- a/templates/prep-scripts/redhat_prep.sh.j2 +++ b/templates/prep-scripts/redhat_prep.sh.j2 @@ -11,6 +11,7 @@ fi # The containers do not need the LXC repository (only hosts need it). rm -f /etc/yum.repos.d/thm-lxc3.0* +rm -f /etc/yum.repos.d/epel-lxc_hosts.repo # This repo should be installed from package, so requires extra vars to work properly rm -f /etc/yum.repos.d/CentOS-NFV-OpenvSwitch.repo diff --git a/vars/redhat-10-host.yml b/vars/redhat-10-host.yml new file mode 100644 index 00000000..946d4c96 --- /dev/null +++ b/vars/redhat-10-host.yml @@ -0,0 +1,61 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +system_config_dir: "/etc/sysconfig" +systemd_utils_prefix: "/lib/systemd" + +_lxc_hosts_epel_packages: + - lxc* + - python3-lxc + +lxc_centos_repo_keys: + - key: "/etc/pki/rpm-gpg/neil-lxc4.0.gpg" + url: "https://download.copr.fedorainfracloud.org/results/neil/lxc4.0/pubkey.gpg" + state: present + +lxc_centos_repos: + - name: epel-lxc_hosts + description: Copr repo for lxc4.0 owned by neil + baseurl: https://download.copr.fedorainfracloud.org/results/neil/lxc4.0/epel-10-$basearch/ + gpgcheck: true + gpgkey: "file:///etc/pki/rpm-gpg/neil-lxc4.0.gpg" + enabled: true + state: present + includepkgs: "{{ _lxc_hosts_epel_packages }}" + +# Required rpm packages. +_lxc_hosts_distro_packages: + - dbus + - dnsmasq + - e2fsprogs + - git-core + - iptables + - "kernel-modules-extra-{{ ansible_facts['kernel'] }}" # required by iptables/ebtables to avoid kernel upgrade + - libseccomp + - lxc + - lxc-devel + - lxc-libs + - lxc-templates + - policycoreutils-python-utils + - procps + - python3-lxc + - systemd-container + - tar + - unzip + - xz + +lxc_ssh_service_name: sshd + +lxc_xz_bin: xz diff --git a/vars/redhat-host.yml b/vars/redhat-host.yml index a119c860..f04872d7 100644 --- a/vars/redhat-host.yml +++ b/vars/redhat-host.yml @@ -40,7 +40,7 @@ _lxc_hosts_distro_packages: - dbus - dnsmasq - e2fsprogs - - git + - git-core - iptables - libseccomp - lxc diff --git a/vars/redhat.yml b/vars/redhat.yml index 347ead21..015baa46 100644 --- a/vars/redhat.yml +++ b/vars/redhat.yml @@ -39,6 +39,7 @@ _lxc_cache_prep_template: "prep-scripts/redhat_prep.sh.j2" _lxc_cache_distro_packages: - ca-certificates - git-core # needed everywhere when wheel_build=false + - gnupg2 - iputils - iproute - libxml2 @@ -46,6 +47,10 @@ _lxc_cache_distro_packages: - procps - python3 - python3-libs + - python3-setuptools - setup - sudo + - systemd + - systemd-networkd + - systemd-resolved - tzdata