openstack/openstack-ansible-lxc_hosts
Code Issues Proposed changes
openstack-ansible-lxc_hosts/vars/ubuntu-16.04.yml
Kevin Carter 39135eb4b8 Remove services containers dont need by default 
Ubuntu Xenial adds several services to its base image that we don't
need by default. These packages start services and are being started on
all containers we run. This consuming resources and is making our base
images a little larger than they need to be. This change purges those
packages which removes the services.

Change-Id: I26ed9e26e5b0812ffdd198d9838f7aacefead3a1
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2017-04-27 04:05:49 +00:00

118 lines
3.3 KiB
YAML
Raw Blame History

---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## APT Cache Options
cache_timeout: 600
# Required apt packages.
lxc_hosts_distro_packages:
- apparmor
- apparmor-utils
- bridge-utils
- btrfs-tools
- cgmanager
- cgroup-lite
- dbus
- debootstrap
- dnsmasq
- git
- iptables
- irqbalance
- language-pack-en
- liblxc1
- lxc
- lxc-dev
- lxc-templates
- python-dev
- python3-lxc
- systemd-container
- pxz
lxc_xz_bin: pxz
system_config_dir: "/etc/default"
systemd_utils_prefix: "/lib/systemd"
lxc_cache_map:
distro: ubuntu
arch: "{{ lxc_architecture_mapping.get( ansible_architecture ) }}"
release: xenial
copy_from_host:
- /etc/apt/sources.list
- /etc/apt/apt.conf.d/
- /etc/environment
- /etc/localtime
- /root/repo.keys
cache_prep_commands: |
{{ lxc_cache_prep_pre_commands }}
mkdir -p /etc/ansible/facts.d/
if [ -a /etc/resolv.conf ]; then
mv /etc/resolv.conf /etc/resolv.conf.org
fi
{% for resolver in lxc_cache_prep_dns %}
echo "nameserver {{ resolver }}" >> /etc/resolv.conf
{% endfor %}
apt-key add /root/repo.keys
rm /root/repo.keys
export DEBIAN_FRONTEND=noninteractive
apt-get remove -y --purge snap* lxc* lxd* || true
apt-get update
apt-get install -y {{ lxc_cache_install_debconf }} {{ lxc_cache_distro_packages | join(' ') }}
apt-get upgrade -y {{ lxc_cache_install_debconf }}
rm -f /usr/bin/python
ln -s /usr/bin/python2.7 /usr/bin/python
mkdir -p /root/.ssh
chmod 700 /root/.ssh
userdel --force --remove ubuntu || true
apt-get clean
mkdir -p /var/backup
echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/network/interfaces
mkdir -p /etc/network/interfaces.d
chage -I -1 -d -1 -m 0 -M 99999 -E -1 root
if [ -a /etc/resolv.conf.org ]; then
mv /etc/resolv.conf.org /etc/resolv.conf
else
rm -f /etc/resolv.conf
fi
{{ lxc_cache_prep_post_commands }}
# This forces any modified configurations to remain, and any unmodified configs to be replaced
# ref: http://serverfault.com/questions/259226/automatically-keep-current-version-of-config-files-when-apt-get-install
lxc_cache_install_debconf: '-o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes'
lxc_cache_distro_packages:
- apt-transport-https
- build-essential
- ca-certificates
- git
- iptables
- openssh-server
- python-dev
- python2.7
- rsync
lxc_cached_network_interfaces:
- src: "lxc-net-bridge.cfg.j2"
dest: "/etc/network/interfaces.d/lxc-net-bridge.cfg"
lxc_container_default_interfaces: |
# The loopback network interface
auto lo
iface lo inet loopback
# LXC interface, this is ALWAYS assumed to be DHCP.
auto eth0
iface eth0 inet dhcp
# Load any additional configs
source /etc/network/interfaces.d/*.cfg
View Git Blame Copy Permalink