Commit Graph

45 Commits (82da45e5207529998f1043eaa3498a980c9db4d2)

Author SHA1 Message Date
René Moser 7c613c314c Merge pull request #1997 from evgeni/lxc-container_config-fixes
Lxc container config fixes
9 years ago
Evgeni Golov 98514ace6e do not set LXC default config
this was accidentally re-introduced in 7120fb4b

Signed-off-by: Evgeni Golov <evgeni@golov.de>
9 years ago
Evgeni Golov 8db3a63983 fix handling of config options that share the same prefix
container_config:
      - "lxc.network.ipv4.gateway=auto"
      - "lxc.network.ipv4=192.0.2.1"

might try to override lxc.network.ipv4.gateway in the second entry as both
start with "lxc.network.ipv4".
use a regular expression to find a line that contains (optional) whitespace
and an = after the key.

Signed-off-by: Evgeni Golov <evgeni@golov.de>
9 years ago
Evgeni Golov c03e77a63a strip whitespace from key and value before inserting it into the config
before the following would produce four entries:

    container_config:
      - "lxc.network.flags=up"
      - "lxc.network.flags =up"
      - "lxc.network.flags= up"
      - "lxc.network.flags = up"

let's strip the whitespace and insert only one "lxc.network.flags = up"
into the final config

Signed-off-by: Evgeni Golov <evgeni@golov.de>
9 years ago
Michael Scherer 7120fb4b01 Properly label path argument with type='path' (#1940) 9 years ago
Evgeni Golov 6bfd2846f8 don't create world-readable archives of LXC containers
with the default umask tar will create a world-readable archive of the

container, which may contain sensitive data



Signed-off-by: Evgeni Golov <evgeni@golov.de>
9 years ago
Evgeni Golov 7c3999a92a do not use a predictable filenames in the LXC plugin
* do not use a predictable filename for the LXC attach script

* don't use predictable filenames for LXC attach script logging

* don't set a predictable archive_path



this should prevent symlink attacks which could result in

* data corruption

* data leakage

* privilege escalation
9 years ago
René Moser fb3d584abd Merge pull request #1933 from evgeni/no-lxc-default.conf
do not set a default config for lxc containers
9 years ago
Evgeni Golov 185bcbd8f7 explicitly set "default: null" in the docs 9 years ago
Chris Porter da84e2e9b8 fix security vulnerability in lxc module
octal/decimal confusion makes file world-writable before executing it
9 years ago
Evgeni Golov 71b0067aa6 do not set a default config for lxc containers
otherwise deploying user-containers fail as these require information
from ~/.config/lxc/default.conf that the LXC tools will load if no
--config was supplied

Signed-off-by: Evgeni Golov <evgeni@golov.de>
9 years ago
Ritesh Khadgaray 040b358770 Fix test failure for lxc_container
TRACE:
    while parsing a block mapping
      in "<string>", line 33, column 13:
                    description: resulting state of  ...
                    ^
    expected <block end>, but found ','
      in "lxc_container.RETURN", line 419, column 53:
         ... "/tmp/test-container-config.tar",

ERROR: RETURN is not valid YAML. Line 419 column 53
9 years ago
Brian Coca be66e9d297 add container name to return and document return
fixes #1848
9 years ago
Michael Scherer 2f3dc1352f Replace choices=BOOLEANS by type='bool', fix #1326 9 years ago
Toshio Kuratomi cbed642009 Simplify code 9 years ago
Alex Punco 29c8b50d56 fix creation containers on btrfs subvolumes 9 years ago
Brian Coca 7a0bfd91bb updated docs to new choice option 9 years ago
Daniël b56e5c670b add zfs backing store support 9 years ago
Toshio Kuratomi a5da6da2d6 Merge pull request #638 from jpic/fix/define-HAS_LXC
Define HAS_LXC even if import lxc doesn't fail.
10 years ago
jpic c4d2472148 Fixed lxc option parsing.
This fixes::

    Traceback (most recent call last):
      File "/home/jpic/.ansible/tmp/ansible-tmp-1435080916.98-133068627776311/lxc_container", line 3355, in <module>
        main()
      File "/home/jpic/.ansible/tmp/ansible-tmp-1435080916.98-133068627776311/lxc_container", line 1724, in main
        lxc_manage.run()
      File "/home/jpic/.ansible/tmp/ansible-tmp-1435080916.98-133068627776311/lxc_container", line 1605, in run
        action()
      File "/home/jpic/.ansible/tmp/ansible-tmp-1435080916.98-133068627776311/lxc_container", line 1145, in _started
        self._config()
      File "/home/jpic/.ansible/tmp/ansible-tmp-1435080916.98-133068627776311/lxc_container", line 714, in _config
        _, _value = option_line.split('=')
    ValueError: too many values to unpack

With such a task::

    tasks:
    - lxc_container:
        name: buildbot-master
        container_config:
        - "lxc.mount.entry = {{ cwd }} srv/peopletest none defaults,bind,uid=0,create=dir 0 0"
10 years ago
jpic d8063b913e Define HAS_LXC even if import lxc doesn't fail.
This fixes::

    Traceback (most recent call last):
      File "/home/jpic/.ansible/tmp/ansible-tmp-1435080800.61-38257321141340/lxc_container", line 3353, in <module>
        main()
      File "/home/jpic/.ansible/tmp/ansible-tmp-1435080800.61-38257321141340/lxc_container", line 1712, in main
        if not HAS_LXC:
    NameError: global name 'HAS_LXC' is not defined
10 years ago
Greg DeKoenigsberg 7108b77c17 Merge pull request #606 from cloudnull/lxc-restart-fix
Fix the lxc container restart state
10 years ago
Greg DeKoenigsberg 004dedba8a Changes to author formatting, remove emails 10 years ago
Kevin Carter 391df0ffe0 Updates the doc information for the python2-lxc dep
The python2-lxc library has been uploaded to pypi as such this commit
updates the requirements and doc information for the module such that
it instructs the user to install the pip package "lxc-python2" while
also noting that the package could be gotten from source as well. In
the update comments have been added to the requirements list which
notes where the package should come from,

Closes-Bug: https://github.com/ansible/ansible-modules-extras/issues/550
10 years ago
Kevin Carter 37db619234 lxc_container: remove BabyJSON
Removed the usage of baby json. This is in response to the fact
that the baby json functionality was removed in Ansible 1.8

Ref: https://github.com/ansible/ansible-modules-extras/issues/430
10 years ago
Kevin Carter d3b3d7ff3c Fix the lxc container restart state
The lxc container restart state does not ensure that the container
is in fact started unless another config or command is passed into
the task. to fix this the module simply needs to have the function
call added ``self._container_startup()`` after the container is
put into a stopped state.

Signed-off By: Kevin Carter <kevin.carter@rackspace.com>
10 years ago
Brian Coca 78035779f6 Merge pull request #567 from cloudnull/lxc-package-doc-update
Updates the doc information for the python2-lxc dep
10 years ago
Kevin Carter 858f9e3601 Updates the doc information for the python2-lxc dep
The python2-lxc library has been uploaded to pypi as such this commit
updates the requirements and doc information for the module such that
it instructs the user to install the pip package "lxc-python2" while
also noting that the package could be gotten from source as well. In
the update comments have been added to the requirements list which
notes where the package should come from,

Closes-Bug: https://github.com/ansible/ansible-modules-extras/issues/550
10 years ago
Kevin Carter 61aab829ed lxc_container: remove BabyJSON
Removed the usage of baby json. This is in response to the fact
that the baby json functionality was removed in Ansible 1.8

Ref: https://github.com/ansible/ansible-modules-extras/issues/430
10 years ago
Brian Coca bceeba224f fix doc parsing by correctly quoting author 10 years ago
Brian Coca 67ccbd3bc0 more minor docfixes 10 years ago
Kevin Carter fd0c21df27 Updated lxc module to remove the clone state
The clone state was removed in favor of making the module more
declarative. This change was done in response to review in PR #328
from @bcoca.

In the commit new examples were created on how this feature works.
10 years ago
Greg DeKoenigsberg 9180538277 Adding author's github id 10 years ago
Brian Coca 56f466c70d Merge pull request #328 from cloudnull/lxc-overlayfs-feature
Added overlayfs backend type to the lxc_container module
10 years ago
Brian Coca bfb8868d8b Merge pull request #469 from sigmavirus24/lxc-bug-fix
Interpolate container name into error message
10 years ago
Toshio Kuratomi a589a66710 Update module documentation if modules have a dep on python2.6+ 10 years ago
Ian Cordasco deb11be684 Interpolate container name into error message
In the event failed to start, the container name was not being properly
interpolated into the error message.
10 years ago
Brian Coca c5f787e6df Merge pull request #357 from bcoca/lxc_container_home_fix
Lxc container home fix
10 years ago
Brian Coca ee7fbcf418 minor fix to method of finding home as previous could 'overmatch' 10 years ago
Kevin Carter 2f188600a8 Added overlayfs backend type to the lxc_container module
This commit adds the overlayfs type to the lxc_container module. In
Adding the overlayfs type the commit adds the ability to clone a
container. While cloning is not locked down to only the overlayfs
container backend it is of particular interest when using the overlayfs
backend as it provides for amazingly fast snapshots.

Changes to the resource types and documentation have been added on how
the new backend type can be used along with the clone operation.

This PR addresses a question asked on the original merged pull request
for overlayfs support which came from @fghaas on PR
"https://github.com/ansible/ansible-modules-extras/pull/123".

The overlayfs archive function is a first class function and will
allow for the containers to be backed-up using all methods which
brings support up to that of all other storage backends.
10 years ago
Kevin Carter 24cfcd2497 Updated lxc_container module to fix option parsing
The option parsing object within the module was performing a split
on an '=' sign and assuming that there would only ever be one '='
in a user provided option. Sadly, the assumption is incorrect and
the list comprehension that is building the options list needs to
be set to split on the first occurrence of an '=' sign in a given
option string. This commit adds the required change to make it
possible for options to contain additional '=' signs and be handled
correctly.
10 years ago
Brian Coca bb886a595d updated lxc-containter docs to reflect new name 10 years ago
Maciej Delmanowski 528e1a644c Rename 'lxc-container' module to 'lxc_container'
This is done to keep the convention of naming modules with underscores
instead of hypens.
10 years ago
Kevin Carter 99359fc4e2 Updated volume create methods for a more consistent process
The volume create methods were making an assumption on the unit
sizes being presented by the `vgdisplay` and the `lvdisplay`
commands. To correct the assumption the commands will now enforce
a unit size of "g" which will alway convert sives to gigabytes.
This was an issue brought up by @hughsaunders.
10 years ago
Kevin Carter 4446e4642e Added new module to support LXC containers
The new module will allow users to control LXC containers from ansible.
The module was built for use in LXC >= 1.0 or greater and implements most
of what can be done using the various lxc clients with regards to running
containers. This first module is geared only at managing lxc containers.

The module provides:
  build containers
  destroy containers
  archive containers
  info from a single container
  start / stop / restart containers
  run commands within containers
  add/modify lxc config for a container
  supports backends including LVM
10 years ago