Improve lxc config

host_vars/ariane

@@ -1,2 +1,14 @@
 inventory_hostname: ariane.fet.htu.tuwien.ac.at
 inventory_hostname_short: ariane
+
+lxc:
+  containers:
+  - name: betam
+    revision: "01"
+    hwaddr: 2e:6d:b6:07:14:01
+    template: debian
+    extra: lxc.cgroup.devices.allow = c 188:0 rwm
+  - name: zyklon
+    revision: "01"
+    hwaddr: 2e:6d:b6:07:15:01
+    template: voidlinux

hosts/production

@@ -1,6 +1,6 @@
 all:
   children:
-    fet:
+    fet_hosts:
       hosts:
         ariane:
         lxc-pet-01:

roles/ariane/files/lxc-zyklon.conf

@@ -1,15 +0,0 @@
-# {{ ansible_managed }}
-
-lxc.network.type = veth
-lxc.network.link = br0
-lxc.network.flags = up
-lxc.network.hwaddr = 2e:6d:b6:07:15:01
-
-lxc.aa_profile = unconfined
-lxc.rootfs = /var/lib/lxc/lxc-zyklon-01/rootfs
-lxc.rootfs.backend = dir
-
-lxc.include = /usr/share/lxc/config/voidlinux.common.conf
-
-lxc.utsname = lxc-zyklon-01
-lxc.arch = amd64

roles/ariane/tasks/lxc-betam.yml

@@ -1,14 +0,0 @@
----
-- name: lxc - betam container
-  lxc_container:
-    name: lxc-betam-01
-    template: debian
-
-- name: lxc - betam config
-  template:
-    dest: /var/lib/lxc/lxc-betam-01/config
-    src: lxc-betam.conf.j2
-    owner: root
-    group: root
-    mode: 0644
-    backup: yes

roles/ariane/tasks/lxc-zyklon.yml

@@ -1,14 +0,0 @@
----
-- name: lxc - zyklon container
-  lxc_container:
-    name: lxc-zyklon-01
-    template: voidlinux
-
-- name: lxc - zyklon config
-  copy:
-    dest: /var/lib/lxc/lxc-zyklon-01/config
-    src: lxc-zyklon.conf
-    owner: root
-    group: root
-    mode: 0644
-    backup: yes

roles/ariane/tasks/lxc.yml

@@ -28,3 +28,19 @@
     group: root
     mode: 0644
     backup: yes
+
+- name: lxc - create container
+  lxc_container:
+    name: "lxc-{{ item.name }}-{{ item.revision }}"
+    template: "{{ item.template }}"
+  with_items: "{{ lxc.containers }}"
+
+- name: lxc - config
+  template:
+    dest: "/var/lib/lxc/lxc-{{ item.name }}-{{ item.revision }}/config"
+    src: lxc.j2
+    owner: root
+    group: root
+    mode: 0644
+    backup: yes
+  with_items: "{{ lxc.containers }}"

roles/ariane/tasks/main.yml

@@ -23,14 +23,6 @@
   when: ariane_lxc
   tags: ['ariane_lxc', 'lxc']
 
-- include_tasks: lxc-betam.yml
-  when: ariane_lxc
-  tags: ['ariane_lxc', 'lxc']
-
-- include_tasks: lxc-zyklon.yml
-  when: ariane_lxc
-  tags: ['ariane_lxc', 'lxc']
-
 - include_tasks: snapper.yml
   when: ariane_snapper
   tags: ['ariane_snapper', 'snapper']

roles/ariane/templates/lxc-betam.conf.j2

@@ -1,24 +0,0 @@
-# {{ ansible_managed }}
-
-lxc.network.type = veth
-lxc.network.link = br0
-lxc.network.flags = up
-lxc.network.hwaddr = 2e:6d:b6:07:14:01
-
-lxc.aa_profile = unconfined
-lxc.rootfs = /var/lib/lxc/lxc-{{ lxc_host }}-01/rootfs
-lxc.rootfs.backend = dir
-
-lxc.include = /usr/share/lxc/config/debian.common.conf
-
-lxc.utsname = lxc-betam-01
-lxc.arch = amd64
-
-lxc.cgroup.devices.allow = c 188:0 rwm
-
-
-lxc_host: betam
-lxc_rev: 01
-lxc_hwaddr: 2e:6d:b6:07:14:01
-lxc_extra: lxc.cgroup.devices.allow = c 188:0 rwm
-

roles/ariane/templates/lxc.j2

@@ -3,15 +3,17 @@
 lxc.network.type = veth
 lxc.network.link = br0
 lxc.network.flags = up
-lxc.network.hwaddr = {{ lxc_hwaddr }}
+lxc.network.hwaddr = {{ item.hwaddr }}
 
 lxc.aa_profile = unconfined
-lxc.rootfs = /var/lib/lxc/lxc-{{ lxc_host }}-{{ lxc_rev }}/rootfs
+lxc.rootfs = /var/lib/lxc/lxc-{{ item.name }}-{{ item.revision }}/rootfs
 lxc.rootfs.backend = dir
 
-lxc.include = /usr/share/lxc/config/debian.common.conf
+lxc.include = /usr/share/lxc/config/{{ item.template }}.common.conf
 
-lxc.utsname = lxc-{{ lxc_host }}-{{ lxc-rev }}
+lxc.utsname = lxc-{{ item.name }}-{{ item.revision }}
 lxc.arch = amd64
+{% if item.extra is defined %}
 
-{{ lxc_extra }}
+{{ item.extra }}
+{% endif %}

site.yml

@@ -7,7 +7,11 @@
   - name: install python3
     raw: test -e /usr/bin/python3 || (apt-get update && apt-get install -y python3) || (xbps-install -S && xbps-install python)
 
-- hosts: fet
+- hosts: fet_hosts
+  roles:
+  - common
+
+- hosts: fet_containers
   roles:
   - common