{"id":126,"sha1":"7a096f897ea7c9a3c743af218a5c25f18bc1a4f4","playbook":{"id":2,"items":{"plays":18,"tasks":608,"results":2412,"hosts":15,"files":158,"records":0},"arguments":{"version":null,"verbosity":0,"private_key_file":null,"remote_user":null,"connection":"openstack.osa.ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"force_handlers":true,"flush_cache":false,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"tags":["all"],"skip_tags":[],"check":false,"diff":false,"inventory":["/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/dynamic_inventory.py","/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/inventory.ini","/etc/openstack_deploy/inventory.ini"],"listhosts":false,"subset":null,"extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":4,"module_path":null,"syntax":false,"listtasks":false,"listtags":false,"step":false,"start_at_task":null,"args":["setup-hosts.yml"]},"labels":[{"id":1,"name":"check:False"},{"id":2,"name":"tags:all"}],"started":"2025-12-08T13:40:18.992997Z","ended":"2025-12-08T13:50:25.791366Z","duration":"00:10:06.798369","name":null,"ansible_version":"2.18.6","client_version":"1.7.4","python_version":"3.12.11","server_version":"1.7.4","status":"completed","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-hosts.yml","controller":"aio1.openstack.local","user":"root"},"content":"---\n# Copyright 2014, Rackspace US, Inc.\n#\n# Licensed under the Apache License, Version 2.0 (the \"License\");\n# you may not use this file except in compliance with the License.\n# You may obtain a copy of the License at\n#\n# http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS,\n# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n# See the License for the specific language governing permissions and\n# limitations under the License.\n\n# NOTE(mhayden): One of three exit codes should be returned.\n# 0 = service is running\n# 3 = service is installed, but not running\n# 4 = service is not installed, and not running\n- name: Check if NetworkManager is running\n command: systemctl status NetworkManager\n changed_when: false\n failed_when: false\n register: networkmanager_check\n tags:\n - skip_ansible_lint\n\n- name: Ensure network services wait on networking (if using NetworkManager)\n ansible.builtin.service:\n name: NetworkManager-wait-online.service\n enabled: true\n when: networkmanager_check.rc == 0\n\n# NOTE(mhayden): There are systemd services that act like ifup/ifdown hooks\n# and handle the customized LXC container networking. Starting lxc-net will\n# trample over these hooks and cause networking issues for containers.\n- name: Disable and stop lxc-net\n ansible.builtin.systemd:\n name: lxc-net\n enabled: false\n state: stopped\n masked: true\n tags:\n - lxc-net\n\n- name: Setup LXC OVS Bridge\n openvswitch.openvswitch.openvswitch_bridge:\n bridge: \"{{ lxc_net_bridge }}\"\n fail_mode: standalone\n state: present\n when: lxc_net_bridge_type == 'openvswitch'\n\n- name: Run the systemd-networkd role\n ansible.builtin.include_role:\n name: systemd_networkd\n vars:\n _lxc_net_bridge_devices:\n - NetDev:\n Name: \"{{ lxc_net_bridge }}\"\n Kind: bridge\n MTUBytes: \"{{ lxc_net_mtu }}\"\n Bridge:\n ForwardDelaySec: 0\n HelloTimeSec: 2\n MaxAgeSec: 12\n STP: false\n systemd_networkd_prefix: \"lxc-net\"\n systemd_run_networkd: true\n systemd_netdevs: \"{{ (lxc_net_bridge_type == 'openvswitch') | ternary([], _lxc_net_bridge_devices) }}\"\n systemd_networks:\n - interface: \"{{ lxc_net_bridge }}\"\n address: \"{{ lxc_net_address }}\"\n netmask: \"{{ lxc_net_netmask }}\"\n mtu: \"{{ lxc_net_mtu }}\"\n config_overrides:\n Network:\n ConfigureWithoutCarrier: true\n Gateway: \"{{ lxc_net_gateway is not none | ternary(lxc_net_gateway, {}) }}\"\n\n- name: Run the systemd-service role\n ansible.builtin.include_role:\n name: systemd_service\n vars:\n systemd_service_enabled: true\n systemd_slice_name: lxc-dnsmasq\n systemd_services:\n - service_name: lxc-dnsmasq\n state: started\n enabled: true\n execstartpres: |\n {% set pres = ['-/usr/bin/pkill -u {{ lxc_net_dnsmasq_user }} \"^dnsmasq\"'] %}\n {% if lxc_net_manage_iptables | bool %}\n {% set _ = pres.append('/usr/local/bin/lxc-system-manage iptables-create') %}\n {% endif %}\n {{ pres }}\n execstarts:\n - /usr/local/bin/lxc-system-manage dnsmasq-start\n execstops:\n - -/usr/local/bin/lxc-system-manage dnsmasq-stop\n execstopposts: |\n {% set posts = [] %}\n {% if lxc_net_manage_iptables | bool %}\n {% set _ = posts.append('-/usr/local/bin/lxc-system-manage iptables-remove') %}\n {% endif %}\n {{ posts }}\n config_overrides:\n Unit:\n Before: lxc.service\n Service:\n PIDFile: /run/lxc/dnsmasq.pid\n when: lxc_net_nat | bool\n\n# Check that the container bridge exists, if not bring it up\n- name: Check Container Bridge exists\n ansible.builtin.stat:\n path: \"/sys/class/net/{{ lxc_net_bridge }}/bridge/bridge_id\"\n register: bridge_check\n failed_when: false\n changed_when: not bridge_check.stat.exists\n notify:\n - Bring bridge up\n tags:\n - lxc-bridge\n\n# Ensure lxc networks are running as they're supposed to\n- name: Flush handlers\n ansible.builtin.meta: flush_handlers\n","created":"2025-12-08T13:42:43.277495Z","updated":"2025-12-08T13:42:43.277507Z","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible-lxc_hosts/tasks/lxc_net.yml"}