{"id":45,"sha1":"375fced9325f658b8f807d1d36834eee10b512a0","playbook":{"id":2,"items":{"plays":18,"tasks":316,"results":313,"hosts":2,"files":136,"records":0},"arguments":{"version":null,"verbosity":0,"private_key_file":null,"remote_user":null,"connection":"openstack.osa.ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"force_handlers":true,"flush_cache":false,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"tags":["all"],"skip_tags":[],"check":false,"diff":false,"inventory":["/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/dynamic_inventory.py","/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/inventory.ini","/etc/openstack_deploy/inventory.ini"],"listhosts":false,"subset":null,"extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":8,"module_path":null,"syntax":false,"listtasks":false,"listtags":false,"step":false,"start_at_task":null,"args":["setup-hosts.yml"]},"labels":[{"id":1,"name":"check:False"},{"id":2,"name":"tags:all"}],"started":"2025-12-08T13:27:39.675908Z","ended":"2025-12-08T13:33:13.621332Z","duration":"00:05:33.945424","name":null,"ansible_version":"2.18.6","client_version":"1.7.4","python_version":"3.12.3","server_version":"1.7.4","status":"completed","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-hosts.yml","controller":"aio1.openstack.local","user":"root"},"content":"---\n# Copyright 2014, Rackspace US, Inc.\n#\n# Licensed under the Apache License, Version 2.0 (the \"License\");\n# you may not use this file except in compliance with the License.\n# You may obtain a copy of the License at\n#\n#     http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS,\n# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n# See the License for the specific language governing permissions and\n# limitations under the License.\n\n# Set the package install state for distribution packages\n# Options are 'present' and 'latest'\nlxc_hosts_package_state: \"{{ package_state | default('present') }}\"\n\n# Define a list of extra distribuition packages to install onto the host\n# at the discretion of the deployer\nlxc_hosts_extra_distro_packages: []\n\n# Define the total list of packages which to install onto the host combining\n# distibution specific and deployers extra package lists\nlxc_hosts_distro_packages: \"{{ (_lxc_hosts_distro_packages | select) + lxc_hosts_extra_distro_packages }}\"\n\n# Mappings from Ansible reported architecture to distro release architecture\nlxc_architecture_mapping:\n  x86_64: amd64\n  ppc64le: ppc64el\n  s390x: s390x\n  armv7l: armhf\n  aarch64: arm64\n\n# Set the volume size for the machine image caches. We only use the\n# most specific mountpoint from the hierarchy.\n# NOTE: Size is set in Gigabytes.\nlxc_host_machine_volume_size: |-\n  {%- set mounts = [] -%}\n  {%- set mount_points = ['/var/lib/machines', '/var/lib/', '/var', '/'] -%}\n  {%- for mount in mount_points -%}\n  {%-   for dev in ansible_facts['mounts'] -%}\n  {%-     if mount == dev.mount -%}\n  {%-       set _ = mounts.append(dev.size_total // (1024**3)) -%}\n  {%-     endif -%}\n  {%-   endfor -%}\n  {%- endfor -%}\n  {{ mounts[0] }}\n\n# Enable or Disable the BTRFS quota system for the \"/var/lib/machines\" mount\n# point. More information on the BTRFS quota system can be found here:\n#  * https://btrfs.wiki.kernel.org/index.php/Quota_support\nlxc_host_machine_quota_disabled: false\n\n# Set the default qgroup limits used for file system quotas. The default is\n# \"none\". See the following documentation for more information:\n#  * https://btrfs.wiki.kernel.org/index.php/Manpage/btrfs-qgroup\nlxc_host_machine_qgroup_space_limit: none\nlxc_host_machine_qgroup_compression_limit: none\n\n# DefaultTasksMax systemd value. It's not recommended to change this value as it\n# could prevent new processes from starting on busy containers.\nlxc_default_tasks_max: 8192\n\n# lxc container rootfs directory and cache path\nlxc_container_directory: \"/var/lib/lxc\"\nlxc_container_cache_path: \"/var/cache/lxc/download\"\n\nlxc_container_common_config:\n  lxc.mount.entry:\n    - /sys/kernel/debug sys/kernel/debug none bind,optional 0 0\n    - /sys/kernel/security sys/kernel/security none bind,optional 0 0\n    - /sys/fs/pstore sys/fs/pstore none bind,optional 0 0\n    - mqueue dev/mqueue mqueue rw,relatime,create=dir,optional 0 0\n  lxc.cgroup.devices.allow:\n    - c 254:0 rm  # rtc\n    - c 10:228 rwm # hpet\n\n# The container backing store can be set to 'overlayfs' to use overlayfs\n# This should only be done for production use with a linux kernel > 3.14\n# which is when overlayfs was merged into the mainline kernel\nlxc_container_backing_store: dir\n\n# The container backing method can be set to 'copy-on-write' to use LVM\n# snapshot-backed containers when the container backing store is set to\n# 'lvm'.\n# lxc_container_backing_method: copy-on-write\n\n# When using a base container to snapshot from for the overlayfs or LVM\n# copy-on-write backing stored, the base container can be set.\nlxc_container_base_name: >-\n  {{ ansible_facts['distribution'] | lower ~ '-' ~\n     ansible_facts['distribution_major_version'] ~ '-' ~\n     lxc_architecture_mapping.get(ansible_facts['architecture']) }}\n\n# Set the default zfs root name\nlxc_container_zfs_root_name: \"pool/lxc\"\n\n# Allow OSA to generate the LXC network configuration and manage the interface state.\nlxc_net_managed: true\n\n# lxc container net network\nlxc_net_bridge: lxcbr0\n# Can be 'linuxbridge' or 'openvswitch'\nlxc_net_bridge_type: linuxbridge\nlxc_net_address: 10.0.3.1\nlxc_net_netmask: 255.255.255.0\nlxc_net_cidr: 24\nlxc_net_gateway: ## if null, no gateway will be on the LXC bridge. lxc_net_nat must be \"false\" to use a gateway.\nlxc_net_mtu: 1500\n\n# lxc container nat enabled\nlxc_net_nat: true ## If \"true\", nat rules will be created with the lxc network.\n\n# Enable iptables for lxc network\nlxc_net_manage_iptables: true ## If \"true\" iptables rules will be added when the bridge is up and deleted when bridge is down\n\n# lxc container dhcp settings\nlxc_net_dhcp_range: 10.0.3.2,10.0.3.253\nlxc_net_dhcp_max: 253\nlxc_net_dhcp_config: \"\"\nlxc_net_dnsmasq_user: lxc-dnsmasq\nlxc_net_domain: \"\"\n\n# lxc network ipv6 settings\nlxc_net6_address: ## ie. fd05:ffb8:32b4:1212::1\nlxc_net6_netmask: ## ie. 64\nlxc_net6_nat: false\n\n# System control kernel tuning\nlxc_kernel_options:\n  - { key: \"fs.inotify.max_user_instances\", value: 1024 }\n\n# The compression ratio used when creating the container cache rootfs archive\nlxc_image_compression_ratio: 0\n\n# A list of files may be copied into the container image cache from the\n# deployment host during its preparation.\n# Example:\n#   lxc_container_cache_files:\n#     - src: \"/etc/openstack_deploy/files/etc/issue\"\n#       dest: \"/etc/issue\"\nlxc_container_cache_files: []\n\n# A list of files may be copied into the container image cache from the\n# LXC host during its preparation.\n# Example:\n#   lxc_container_cache_files_from_host:\n#     - \"/etc/apt/sources.list.d/myrepo.list\"\nlxc_container_cache_files_from_host: []\n\n# LXC container shutdown delay before force-killing running container\nlxc_container_shutdown_delay: 60\n\n# DNS servers to use during cache preparation\nlxc_cache_prep_dns:\n  - \"{{ lxc_net_address }}\"\n\n# Custom shell commands to run before/after the LXC cache prep process has taken\n# place.\nlxc_cache_prep_pre_commands: \"## pre command skipped ##\"\nlxc_cache_prep_post_commands: \"## post command skipped ##\"\n\n# Full path to the base image prep script. By default this will use the\n# named script for a given OS within the \"templates/prep-scripts\" directory.\n# If a deployer wishes to override this script with something else they can\n# do so by defining a user variable with the full path to the local script\n# which will be templated onto the deployment targets.\nlxc_cache_prep_template: \"{{ _lxc_cache_prep_template }}\"\n\n## Define a list of extra distribuition packages to install in the container\n# cache at the discretion of the deployer\nlxc_cache_extra_distro_packages: []\n\n# List of packages to be installed into the base container cache\n# Combines the distribution specific list with deployers extra list\nlxc_cache_distro_packages: \"{{ _lxc_cache_distro_packages + lxc_cache_extra_distro_packages }}\"\n\n# The maximum amount of time (in seconds) to wait until failing the cache\n# preparation process. This is necessary to mitigate the issue that can\n# arise where the cache prep hangs and never fails.\n# The value is specified in seconds, with the default being 20 minutes.\nlxc_cache_prep_timeout: \"{{ _lxc_cache_prep_timeout | default(1200) }}\"\n\n# Command to build a chroot for the container rootfs\nlxc_hosts_container_build_command: \"{{ _lxc_hosts_container_build_command | default('') }}\"\n\n# Local path to cached image\nlxc_image_cache_path: \"/var/lib/machines/{{ lxc_container_base_name }}\"\n\n# Expiration timeout for the cached image\n# Should be in format supported by the to_time_unit filter\nlxc_image_cache_expiration: \"1year\"\n\n# Set this option to true to pull a new cached image.\nlxc_image_cache_refresh: false\n\n## Default download template options\n##  This can be customized to use a local build server and options.\n##  By default these options will be fulfilled by the distro specific\n##  variable files found in vars/\n# lxc_cache_download_template_options: >\n#   --dist NAME_OF_DISTRO\n#   --release DISTRO_RELEASE\n#   --arch CONTAINER_ARCH\n#   --force-cache\n#   --server SERVER_TO_GET_IMAGES_FROM\nlxc_cache_default_variant: default\nlxc_cache_download_template_extra_options: \"\"\nlxc_cache_download_template_options: >-\n  --dist {{ ansible_facts['distribution'] | lower }}\n  --release {{ ansible_facts['distribution_major_version'] }}\n  --arch {{ lxc_architecture_mapping.get(ansible_facts['architecture']) }}\n  --force-cache\n  --server localhost\n  --variant {{ lxc_cache_default_variant }}\n  {{ lxc_cache_download_template_extra_options }}\n\n# Locales to populate in the LXC base cache\nlxc_cache_locales: \"{{ _lxc_cache_locales | default(['en_US.UTF-8']) }}\"\n\n# EL EPEL repository options\nlxc_centos_epel_mirror: \"{{ centos_epel_mirror | default('http://download.fedoraproject.org/pub/epel') }}\"\nlxc_centos_epel_key: >-\n  {{ centos_epel_key | default('http://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-' ~ ansible_facts['distribution_major_version']) }}\nlxc_hosts_epel_packages: \"{{ _lxc_hosts_epel_packages | default([]) }}\"\n\nlxc_centos_repo_keys: \"{{ _lxc_centos_repo_keys }}\"\nlxc_centos_repos: \"{{ _lxc_centos_repos }}\"\n\n# DEB repository options\nlxc_ubuntu_mirror: \"{{ (ansible_facts['architecture'] == 'x86_64') | ternary('http://archive.ubuntu.com/ubuntu', 'http://ports.ubuntu.com/ubuntu-ports') }}\"\nlxc_apt_mirror: \"{{ (ansible_facts['distribution'] == 'Ubuntu') | ternary(lxc_ubuntu_mirror, 'http://deb.debian.org/debian') }}\"\nlxc_apt_mirror_gpg_check: true\nlxc_apt_mirror_gpg_file: ''\n\nlxc_sysctl_file: \"{{ openstack_sysctl_file | default('/etc/sysctl.conf') }}\"\n","created":"2025-12-08T13:27:41.020200Z","updated":"2025-12-08T13:27:41.020228Z","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible-lxc_hosts/defaults/main.yml"}