{"id":360,"sha1":"1c65c7d7dedc1347a4762ae4b62d61686160369b","playbook":{"id":3,"items":{"plays":37,"tasks":567,"results":554,"hosts":7,"files":221,"records":0},"arguments":{"version":null,"verbosity":0,"private_key_file":null,"remote_user":null,"connection":"openstack.osa.ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"force_handlers":true,"flush_cache":false,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"tags":["all"],"skip_tags":[],"check":false,"diff":false,"inventory":["/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/dynamic_inventory.py","/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/inventory.ini","/etc/openstack_deploy/inventory.ini"],"listhosts":false,"subset":null,"extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":4,"module_path":null,"syntax":false,"listtasks":false,"listtags":false,"step":false,"start_at_task":null,"args":["setup-infrastructure.yml"]},"labels":[{"id":1,"name":"check:False"},{"id":2,"name":"tags:all"}],"started":"2025-12-14T10:15:01.440414Z","ended":"2025-12-14T10:21:34.655502Z","duration":"00:06:33.215088","name":null,"ansible_version":"2.18.6","client_version":"1.7.4","python_version":"3.13.5","server_version":"1.7.4","status":"completed","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-infrastructure.yml","controller":"aio1.openstack.local","user":"root"},"content":"---\n# Copyright 2016, Rackspace US, Inc.\n#\n# Licensed under the Apache License, Version 2.0 (the \"License\");\n# you may not use this file except in compliance with the License.\n# You may obtain a copy of the License at\n#\n# http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS,\n# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n# See the License for the specific language governing permissions and\n# limitations under the License.\n\n# Usage:\n# This common task will update lxc containers to use the lxc-openstack\n# app-armor profile by default however this profile can be changed as needed.\n\n# This will also load in a list of bind mounts for a given container. To load\n# in a list of bind mounts the variable, \"list_of_bind_mounts\" must be used\n# containing at least one dictionary with the keys \"bind_dir_path\",\n# \"relative_bind_dir_path\", and \"mount_path\".\n# * bind_dir_path = Container path used in a bind mount\n# * mount_path = Local path on the physical host used for a bind mount\n\n# If extra container configurations are desirable set the\n# \"extra_container_config\" list to strings containing the options needed.\n\n- name: Set default bind mounts (bind var/log)\n ansible.builtin.set_fact:\n lxc_default_bind_mounts: '{{ lxc_default_bind_mounts | default([{\"bind_dir_path\": \"/var/log\", \"mount_path\": \"/openstack/log/\" ~ inventory_hostname}]) }}'\n when:\n - default_bind_mount_logs | bool\n tags:\n - common-lxc\n\n- name: Ensure mount directories exists\n ansible.builtin.file:\n path: \"{{ item['mount_path'] }}\"\n state: \"directory\"\n with_items:\n - \"{{ lxc_default_bind_mounts | default([]) }}\"\n - \"{{ list_of_bind_mounts | default([]) }}\"\n when:\n - item.create | default('dir') == 'dir'\n delegate_to: \"{{ physical_host }}\"\n tags:\n - common-lxc\n\n- name: Add bind mount configuration to container\n ansible.builtin.lineinfile:\n dest: \"/var/lib/lxc/{{ inventory_hostname }}/config\"\n line: \"lxc.mount.entry = {{ item['mount_path'] }} {{ item['bind_dir_path'].lstrip('/') }} none bind,create={{ item.create | default('dir') }} 0 0\"\n insertbefore: \"^lxc.mount.entry = .*\\\\s{{ item['bind_dir_path'].lstrip('/') | regex_replace('/', '\\/') }}.*\"\n backup: \"true\"\n with_items:\n - \"{{ lxc_default_bind_mounts | default([]) }}\"\n - \"{{ list_of_bind_mounts | default([]) }}\"\n delegate_to: \"{{ physical_host }}\"\n register: _mc\n tags:\n - common-lxc\n\n- name: Extra lxc config\n ansible.builtin.lineinfile:\n path: \"/var/lib/lxc/{{ inventory_hostname }}/config\"\n regexp: \"^{{ item.split('=')[0] }} =\"\n line: \"{{ item.split('=')[0] }} = {{ item.split('=', 1)[1] }}\"\n backup: \"true\"\n with_items: \"{{ extra_container_config | default([]) }}\"\n delegate_to: \"{{ physical_host }}\"\n register: _ec\n tags:\n - common-lxc\n\n- name: Extra lxc config no restart\n ansible.builtin.lineinfile:\n path: \"/var/lib/lxc/{{ inventory_hostname }}/config\"\n regexp: \"^{{ item.split('=')[0] }} =\"\n line: \"{{ item.split('=')[0] }} = {{ item.split('=', 1)[1] }}\"\n backup: \"true\"\n with_items: \"{{ extra_container_config_no_restart | default(['lxc.start.order=100']) }}\"\n delegate_to: \"{{ physical_host }}\"\n tags:\n - common-lxc\n\n- name: Check container state\n ansible.builtin.command: \"lxc-info -n {{ inventory_hostname }} --state\"\n changed_when: false\n delegate_to: \"{{ physical_host }}\"\n register: _lxc_container_state\n until: _lxc_container_state is success\n retries: 3\n delay: 5\n when:\n - (_mc is defined and _mc is changed) or (_ec is defined and _ec is changed)\n\n# Due to https://github.com/ansible/ansible-modules-extras/issues/2691\n# this uses the LXC CLI tools to ensure that we get logging.\n# TODO(odyssey4me): revisit this once the bug is fixed and released\n# NOTE(cloudnull): The `lxc-stop` command will have an RC of 2 if the command\n# fails due to a container already being in a stopped state.\n- name: Lxc container restart\n ansible.builtin.command: >\n lxc-stop --name {{ inventory_hostname }}\n --logfile {{ lxc_container_log_path }}/lxc-{{ inventory_hostname }}.log\n --logpriority {{ (debug | bool) | ternary('DEBUG', 'INFO') }}\n delegate_to: \"{{ physical_host }}\"\n register: container_stop\n until: container_stop is success\n retries: 3\n failed_when:\n - container_stop.rc not in [0, 2]\n when:\n - lxc_container_allow_restarts | default(True) | bool\n - (_mc is defined and _mc is changed) or (_ec is defined and _ec is changed)\n - _lxc_container_state.stdout.find('RUNNING') != -1\n tags:\n - common-lxc\n\n# Due to https://github.com/ansible/ansible-modules-extras/issues/2691\n# this uses the LXC CLI tools to ensure that we get logging.\n# TODO(odyssey4me): revisit this once the bug is fixed and released\n- name: Start Container\n ansible.builtin.command: >\n lxc-start --daemon --name {{ inventory_hostname }}\n --logfile {{ lxc_container_log_path }}/lxc-{{ inventory_hostname }}.log\n --logpriority {{ (debug | bool) | ternary('DEBUG', 'INFO') }}\n delegate_to: \"{{ physical_host }}\"\n register: container_start\n until: container_start is success\n retries: 3\n when:\n - (_mc is defined and _mc is changed) or (_ec is defined and _ec is changed)\n tags:\n - common-lxc\n\n- name: Wait for container tmpfiles-setup finish\n ansible.builtin.raw: systemctl list-units systemd-tmpfiles-setup.service --no-legend | grep 'exited' >/dev/null\n register: systemd_tmpfiles\n until: systemd_tmpfiles.rc == 0\n retries: 20\n delay: 2\n changed_when: false\n\n- name: Wait for container connectivity\n ansible.builtin.wait_for_connection:\n connect_timeout: \"{{ lxc_container_wait_params.connect_timeout | default(omit) }}\"\n delay: \"{{ lxc_container_wait_params.delay | default(omit) }}\"\n sleep: \"{{ lxc_container_wait_params.sleep | default(omit) }}\"\n timeout: \"{{ lxc_container_wait_params.timeout | default(omit) }}\"\n when:\n - (_mc is defined and _mc is changed) or (_ec is defined and _ec is changed)\n tags:\n - common-lxc\n","created":"2025-12-14T10:15:56.064222Z","updated":"2025-12-14T10:15:56.064234Z","path":"/etc/ansible/ansible_collections/openstack/osa/roles/lxc_container_setup/tasks/main.yml"}