commit 29ee8f0e1468976a7d5d4769437f0dffa1fd881b Author: Jonathan Rosser Date: Tue Jul 21 10:50:04 2020 +0100 Remove support for LXC2 configuration keys The removal of support for Centos-7 means that it is no longer necessary to maintain compatibility with LXC2 configuration keys. This patch removes the code which substitutes LXC3 keys for LXC2 keys. Depends-On: https://review.opendev.org/742166 Depends-On: https://review.opendev.org/742103 Change-Id: I2911a20a3391e880df80f41eed5c9a8d5e36c2f4 diff --git a/defaults/main.yml b/defaults/main.yml index 00987d4..32898a2 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -24,20 +24,6 @@ lxc_container_wait_params: # Wait 60 seconds for the container to respond timeout: 60 - -## A list of 'legacy' lxc configuration keys and their corresponding new -## keys. Use this map to substitute keys suitable for other/newer lxc versions -lxc_config_key_mapping: - 4: - lxc.aa_profile: lxc.apparmor.profile - lxc.haltsignal: lxc.signal.halt - lxc.utsname: lxc.uts.name - 3: - lxc.aa_profile: lxc.apparmor.profile - lxc.haltsignal: lxc.signal.halt - lxc.utsname: lxc.uts.name - 2: - lxc_container_config: /etc/lxc/lxc-openstack.conf lxc_container_config_list: [] lxc_container_commands: "" diff --git a/releasenotes/notes/remove-lxc2-support-cf492c787fee8657.yaml b/releasenotes/notes/remove-lxc2-support-cf492c787fee8657.yaml new file mode 100644 index 0000000..db60402 --- /dev/null +++ b/releasenotes/notes/remove-lxc2-support-cf492c787fee8657.yaml @@ -0,0 +1,9 @@ +--- +upgrade: + - | + As support for Centos-7 is removed from openstack-ansible in the Victoria + release it is no longer necessary to support LXC2 configuration syntax in + the lxc_container_create ansible role. The version of LXC is now assumed + to be 3 or greater, and any LXC configuration keys that are being overriden + by the deployer in the variable lxc_container_config_list should be updated + to be LXC3 syntax as these will no longer be be converted by ansible code.. diff --git a/tasks/lxc_container_config.yml b/tasks/lxc_container_config.yml index 8e202d0..583a2b8 100644 --- a/tasks/lxc_container_config.yml +++ b/tasks/lxc_container_config.yml @@ -17,7 +17,7 @@ - name: Write default container config lineinfile: dest: "/var/lib/lxc/{{ inventory_hostname }}/config" - line: "{{ lxc_config_key_mapping[lxc_major_version|int][item.split('=', 1)[0]] | default(item.split('=', 1)[0]) }} = {{ item.split('=', 1)[-1] }}" + line: "{{ item }}" backup: "true" with_items: "{{ lxc_container_default_config_list | union(lxc_container_config_list) }}" delegate_to: "{{ physical_host }}" @@ -172,7 +172,7 @@ with_items: - "lxc.hook.pre-start = /var/lib/lxc/{{ inventory_hostname }}/veth-cleanup.sh" - "lxc.hook.post-stop = /var/lib/lxc/{{ inventory_hostname }}/veth-cleanup.sh" - - "{{ lxc_config_key_mapping[lxc_major_version|int]['lxc.haltsignal'] | default('lxc.haltsignal') }} = SIGRTMIN+4" + - "lxc.signal.halt = SIGRTMIN+4" delegate_to: "{{ physical_host }}" - name: Run veth wiring diff --git a/tasks/main.yml b/tasks/main.yml index 8621782..0a2da96 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -13,18 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Pull lxc version - command: "lxc-ls --version" - changed_when: false - register: lxc_version - delegate_to: "{{ physical_host }}" - tags: - - skip_ansible_lint - -- name: Enable or Disable lxc three syntax - set_fact: - lxc_three_syntax: "{{ (lxc_version.stdout.split('.')[0] | int) >= 3 }}" - lxc_major_version: "{{ lxc_version.stdout.split('.')[0] }}" - name: Allow the usage of local facts file: diff --git a/templates/container-interface.ini.j2 b/templates/container-interface.ini.j2 index e200a4d..6e3c5c8 100644 --- a/templates/container-interface.ini.j2 +++ b/templates/container-interface.ini.j2 @@ -1,6 +1,6 @@ # {{ ansible_managed }} {### For lxc > 3.0 use lxc.net.[i] otherwise use lxc.network #} -{% set _lxc_net_var = (lxc_three_syntax | bool) | ternary ('lxc.net.' + ((item.0 | default(0)) | string),'lxc.network') %} +{% set _lxc_net_var = 'lxc.net.' + ((item.0 | default(0)) | string) %} # Set the interface's type for the container {{ _lxc_net_var }}.type = {{ item.1.type|default('veth') }} diff --git a/tests/test-containers-functional.yml b/tests/test-containers-functional.yml index be4f4da..ed7e1e1 100644 --- a/tests/test-containers-functional.yml +++ b/tests/test-containers-functional.yml @@ -24,17 +24,6 @@ tags: - skip_ansible_lint - - name: Pull lxc version - command: "lxc-ls --version" - changed_when: false - register: lxc_version - tags: - - skip_ansible_lint - - - name: Enable or Disable lxc three syntax - set_fact: - lxc_three_syntax: "{{ (lxc_version.stdout.split('.')[0] | int) >= 3 }}" - - name: Verify that the expected containers are present with the correct addresses # Example stdout: # NAME IPV4 @@ -48,7 +37,7 @@ - lxc_container_list.stdout is search("container3\s+(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3},\s+)*10.100.100.4(,\s+\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})*\s+") - name: Check for the presence of the right app armor profile for container1 - command: "grep \"^{{ lxc_three_syntax | ternary('lxc.apparmor.profile', 'lxc.aa_profile') }} = {{ (hostvars[physical_host | default('localhost')]['ansible_distribution'] == 'Debian') | ternary('unconfined', 'lxc-openstack') }}$\" {{ item }}" + command: "grep \"^lxc.apparmor.profile={{ (hostvars[physical_host | default('localhost')]['ansible_distribution'] == 'Debian') | ternary('unconfined', 'lxc-openstack') }}$\" {{ item }}" register: container_profile failed_when: container_profile.rc != 0 with_sequence: start=1 end=3 format=/var/lib/lxc/container%x/config