changed container bind mounts to use abspath

This change modifies the container create bind mounts to use the absolute path that would be within the container instead of the relitive path. This change is being done to ensure that there are never issues with bind mounts as in newer versions of LXC and the CGManager the absolute path is required. Change-Id: I6af23c7ea0a7f905bdd587adde966a449402ed0a Closes-Bug: #1462068
2015-06-04 14:25:10 -05:00 · 2015-06-04 14:25:10 -05:00 · a6536b132c
commit a6536b132c
parent 86b6e8e640
7 changed files with 78 additions and 19 deletions
--- a/playbooks/galera-install.yml
+++ b/playbooks/galera-install.yml
@ -24,7 +24,7 @@
        container_command: |
          [[ ! -d "/var/lib/mysql" ]] && mkdir -p "/var/lib/mysql"
        container_config:
-          - "lxc.mount.entry=/openstack/{{ container_name }} var/lib/mysql none bind 0 0"
+          - "lxc.mount.entry=/openstack/{{ container_name }} /var/lib/mysql none bind 0 0"
      delegate_to: "{{ physical_host }}"
      when: is_metal == false or is_metal == "False"
      tags:
--- a/playbooks/os-glance-install.yml
+++ b/playbooks/os-glance-install.yml
@ -24,7 +24,7 @@
        container_command: |
          [[ ! -d "/var/lib/glance/images" ]] && mkdir -p "/var/lib/glance/images"
        container_config:
-          - "lxc.mount.entry=/openstack/{{ container_name }} var/lib/glance/images none bind 0 0"
+          - "lxc.mount.entry=/openstack/{{ container_name }} /var/lib/glance/images none bind 0 0"
      delegate_to: "{{ physical_host }}"
      when: is_metal == false or is_metal == "False"
      tags:
--- a/playbooks/repo-server.yml
+++ b/playbooks/repo-server.yml
@ -24,7 +24,7 @@
        container_command: |
          [[ ! -d "/var/www" ]] && mkdir -p "/var/www"
        container_config:
-          - "lxc.mount.entry=/openstack/{{ container_name }} var/www none bind 0 0"
+          - "lxc.mount.entry=/openstack/{{ container_name }} /var/www none bind 0 0"
      delegate_to: "{{ physical_host }}"
      when: is_metal == false or is_metal == "False"
      tags:
--- a/playbooks/roles/lxc_container_create/tasks/container_create.yml
+++ b/playbooks/roles/lxc_container_create/tasks/container_create.yml
@ -37,18 +37,6 @@
  tags:
    - lxc-container-vg-detect

- name: Container service directories
-  file:
-    path: "{{ item }}"
-    state: "directory"
-  with_items:
-    - "/openstack/{{ inventory_hostname }}"
-    - "/openstack/backup/{{ inventory_hostname }}"
-    - "/openstack/log/{{ inventory_hostname }}"
-  delegate_to: "{{ physical_host }}"
-  tags:
-    - lxc-container-directories
-
 - name: Create container
  lxc_container:
    name: "{{ inventory_hostname }}"
@ -67,6 +55,18 @@
  tags:
    - lxc-container-create

+- name: Container service directories
+  file:
+    path: "{{ item }}"
+    state: "directory"
+  with_items:
+    - "/openstack/{{ inventory_hostname }}"
+    - "/openstack/backup/{{ inventory_hostname }}"
+    - "/openstack/log/{{ inventory_hostname }}"
+  delegate_to: "{{ physical_host }}"
+  tags:
+    - lxc-container-directories
+
 - name: Load container service mounts and profile
  lxc_container:
    name: "{{ inventory_hostname }}"
@ -74,8 +74,8 @@
      mkdir -p /var/backup
      mkdir -p /var/log/{{ properties.service_name }}
    container_config:
-      - "lxc.mount.entry=/openstack/backup/{{ inventory_hostname }} var/backup none defaults,bind,rw 0 0"
-      - "lxc.mount.entry=/openstack/log/{{ inventory_hostname }} var/log/{{ properties.service_name }} none defaults,bind,rw 0 0"
+      - "lxc.mount.entry=/openstack/backup/{{ inventory_hostname }} /var/backup none defaults,bind,rw 0 0"
+      - "lxc.mount.entry=/openstack/log/{{ inventory_hostname }} /var/log/{{ properties.service_name }} none defaults,bind,rw 0 0"
      - "lxc.aa_profile=lxc-openstack"
  when: properties.service_name is defined
  delegate_to: "{{ physical_host }}"
--- a/playbooks/rsyslog-install.yml
+++ b/playbooks/rsyslog-install.yml
@ -32,7 +32,7 @@
        container_command: |
          [[ ! -d "{{ storage_directory }}" ]] && mkdir -p "{{ storage_directory }}"
        container_config:
-          - "lxc.mount.entry=/openstack/{{ container_name }}/log-storage {{ storage_directory.lstrip('/') }} none bind 0 0"
+          - "lxc.mount.entry=/openstack/{{ container_name }}/log-storage {{ storage_directory }} none bind 0 0"
      delegate_to: "{{ physical_host }}"
      when: is_metal == false or is_metal == "False"
      tags:
--- a/scripts/gate-check-lint.sh
+++ b/scripts/gate-check-lint.sh
@ -36,7 +36,7 @@ fi
 # Ignores the following rules due to how ansible modules work in general
 #     F403 'from ansible.module_utils.basic import *' used; unable to detect undefined names
 #     H303  No wildcard (*) import.
-flake8 --ignore=F403,H303 $(grep -rln -e '^#!/usr/bin/env python' -e '^#!/bin/python' * )
+flake8 --ignore=F403,H303 $(grep -rln -e '^#!/usr/bin/env python' -e '^#!/bin/python' * | grep -v '.sh$')


 # Create keys if they don't already exist.
--- a/scripts/run-upgrade.sh
+++ b/scripts/run-upgrade.sh
@ -365,6 +365,61 @@ cat > /tmp/fix_minor_adjustments.yml <<EOF
      changed_when: keystone_cmd_chown.rc == 0
 EOF

+cat > /tmp/config-fix.py <<EOF
+#!/usr/bin/env python
+import sys
+
+"""Absolute path for bind mounts
+
+This is a simple single function script that was created to allow for a user
+to upgrade / fix bind mounts within an environment which may be using newer
+versions of LXC / LXD with cgroups/cgroupmanager that may require it.
+"""
+
+
+def main(config_file='config'):
+    """Run the main method.
+
+    :param config_file: config file to munge
+    :type config_file: ``str``
+    """
+    print('Working on file [ %s ]' % config_file)
+    with open(config_file) as f:
+        config_lines = f.readlines()
+
+    # List mounts and index them
+    bind_mounts = [
+        (i, config_lines.index(i)) for i in config_lines
+        if i.startswith('lxc.mount.entry')
+        if 'bind' in i
+    ]
+
+    changed = False
+    for mount in bind_mounts:
+        var, option = mount[0].split('=', 1)
+        option = option.strip().split()
+
+        if not option[1].startswith('/'):
+            changed = True
+            option[1] = '/%s' % option[1]
+            config_lines[mount[1]] = '%s = %s\n' % (
+                var.strip(),
+                ' '.join(option)
+            )
+
+    # rewrite the config
+    if changed:
+        with open(config_file, 'w') as f:
+            f.writelines(config_lines)
+        print('File [ %s ] has been changed.' % config_file)
+
+if __name__ == '__main__':
+    main(config_file=sys.argv[1])
+EOF
+
+# Make the config-fix.py script executable.
+chmod +x /tmp/config-fix.py
+
 # Create a play to fix host things
 cat > /tmp/fix_host_things.yml <<EOF
 - name: Fix host things
@ -391,6 +446,9 @@ cat > /tmp/fix_host_things.yml <<EOF
        state: "absent"
        regexp: "^lxc.network"
      with_items: containers.stdout_lines
+    - name: Fix relative bind mounts
+      script: "/tmp/config-fix.py /var/lib/lxc/{{ item }}/config"
+      with_items: containers.stdout_lines
    - name: Remove add_network_interface.conf entry
      lineinfile:
        dest: "/var/lib/lxc/{{ item }}/config"
@ -514,6 +572,7 @@ pushd playbooks
  openstack-ansible /tmp/fix_host_things.yml
  # Remove fix host things play
  rm /tmp/fix_host_things.yml
+  rm /tmp/config-fix.py

  # Run the fix for container networks. Forces True as containers may not exist at this point
  openstack-ansible /tmp/fix_container_interfaces.yml || true