1
0
mirror of https://github.com/OpenNebula/one.git synced 2024-12-22 13:33:52 +03:00

M #-: Add LXC to oneprovision (#1017)

Signed-off-by: Ricardo Diaz <rdiaz@opennebula.io>
This commit is contained in:
Ricardo Diaz 2021-03-23 19:50:36 +01:00 committed by GitHub
parent 82fa9759bb
commit 0a13f68c29
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 112 additions and 0 deletions

View File

@ -11,6 +11,7 @@
- opennebula-repository
- { role: opennebula-node-kvm, when: oneprovision_hypervisor == 'kvm' or oneprovision_hypervisor == 'qemu' }
- { role: opennebula-node-firecracker, when: oneprovision_hypervisor == 'firecracker' }
- { role: opennebula-node-lxc, when: oneprovision_hypervisor == 'lxc' }
- opennebula-ssh
- role: iptables
iptables_base_rules_services:

View File

@ -11,6 +11,7 @@
- opennebula-repository
- { role: opennebula-node-kvm, when: oneprovision_hypervisor == 'kvm' }
- { role: opennebula-node-firecracker, when: oneprovision_hypervisor == 'firecracker' }
- { role: opennebula-node-lxc, when: oneprovision_hypervisor == 'lxc' }
- opennebula-ssh
- role: iptables
iptables_base_rules_services:

View File

@ -0,0 +1,17 @@
# opennebula-node-lxc
## Description
Installs the opennebula-node-lxc package.
## Requirements
No special requirements.
## Variables
All of the variables in this role are documented in the [defaults](defaults/main.yml) file.
## Todo list
None

View File

@ -0,0 +1,8 @@
---
###############################################################################
# Valid defaults
###############################################################################
# SELinux booleans to configure
opennebula_node_selinux_booleans:
- { name: 'virt_use_nfs', state: 'yes' }

View File

@ -0,0 +1,29 @@
---
- name: Update util-linux
package:
name: util-linux
state: latest
register: pkg_result
until: pkg_result is succeeded
retries: 3
delay: 10
- name: Install libgcrypt
package:
name: libgcrypt
state: latest
register: pkg_result
until: pkg_result is succeeded
retries: 3
delay: 10
when:
- ansible_os_family == "RedHat"
- ansible_distribution_major_version == "8"
- name: Install OpenNebula node LXC package
yum: name=opennebula-node-lxc state=latest
register: yum_result
until: yum_result is succeeded
retries: 3
delay: 10

View File

@ -0,0 +1,10 @@
---
- name: Install OpenNebula node LXC package
apt:
name: opennebula-node-lxc
state: latest
register: apt_result
until: apt_result is success
retries: 3
delay: 10

View File

@ -0,0 +1,13 @@
---
- include: centos.yml
when: ansible_os_family == "RedHat"
- include: debian.yml
when: ansible_os_family == "Debian"
- include: security.yml
- name: "create datastore for ONE_LOCATION"
file: path={{ one_location }}/var/datastores owner=oneadmin group=oneadmin state=directory
when: one_location is defined

View File

@ -0,0 +1,31 @@
---
# SELinux
- block:
- name: Set SELinux booleans
seboolean:
name: '{{ item.name }}'
state: '{{ item.state }}'
persistent: yes
with_items: '{{ opennebula_node_selinux_booleans }}'
when:
- ansible_selinux.status == 'enabled'
- ansible_os_family == "RedHat"
# AppArmor
- block:
- name: Add permissions to apparmor
lineinfile:
dest: /etc/apparmor.d/abstractions/libvirt-qemu
line: "{{ item }}"
with_items:
- " /srv/** rwk,"
- " /var/lib/one/datastores/** rwk,"
- name: Reload apparmor
service:
name: apparmor
state: reloaded
register: service_result
failed_when: "service_result is failed and ('find' not in service_result.msg and 'found' not in service_result.msg)"
when: ansible_distribution == "Ubuntu"

View File

@ -47,6 +47,7 @@ inputs:
options:
- 'kvm'
- 'firecracker'
- 'lxc'
default: 'kvm'
...

View File

@ -47,6 +47,7 @@ inputs:
options:
- 'kvm'
- 'firecracker'
- 'lxc'
default: 'kvm'
...