generated from the-liberated-edge/wikijs
emo
commit
6cd54972d2
10
README.md
10
README.md
@ -13,9 +13,9 @@ the Ansible collection `theliberatededge.test_linux_containers`.
|
||||
|
||||
1. You have access to a machine running a Linux distribution of your
|
||||
choice.
|
||||
2. [LXD](https://ubuntu.com/lxd) has been installed and initialised on this
|
||||
machine, so that containers can be launched. It will effectively be used as
|
||||
a container hypervisor.
|
||||
2. [incus](https://linuxcontainers.org/incus/docs/main/) has been installed and
|
||||
initialised on this machine, so that containers can be launched. It will
|
||||
effectively be used as a container hypervisor.
|
||||
3. Your user has been granted permissions to manage Linux containers.
|
||||
4. Python 3 has been set up correctly on the machine.
|
||||
5. [Ansible](https://pypi.org/project/ansible/) has been installed.
|
||||
@ -37,7 +37,7 @@ for launching Debian Bookworm linux containers.
|
||||
|
||||
Variables
|
||||
- `lte_container_name` stands for the desired container name that
|
||||
will be visible when running `lxc ls`.
|
||||
will be visible when running `incus ls`.
|
||||
- `lte_container_root_pwd` is the password that will be set for
|
||||
the `root` user in the container named `lte_container_name`.
|
||||
|
||||
@ -124,7 +124,7 @@ make sure that the list of prerequisites below has been satisfied.
|
||||
|
||||
1. You have access to a machine running a Linux distribution of your
|
||||
choice.
|
||||
2. [LXD](https://ubuntu.com/lxd) has been installed and initialised on this
|
||||
2. [incus](https://linuxcontainers.org/incus/docs/main/) has been installed and initialised on this
|
||||
machine, so that containers can be launched. It will effectively be used as
|
||||
a container hypervisor.
|
||||
3. Your user has been granted permissions to manage Linux containers.
|
||||
|
||||
@ -5,14 +5,14 @@
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: find current container state
|
||||
ansible.builtin.command: lxc ls {{ item.name }}
|
||||
ansible.builtin.command: incus ls {{ item.name }}
|
||||
register: state
|
||||
changed_when: false
|
||||
with_items: '{{ molecule_yml.platforms }}'
|
||||
- name: stop and remove running containers
|
||||
ansible.builtin.shell:
|
||||
cmd: |
|
||||
lxc stop {{ item.name }} && \
|
||||
lxc rm {{ item.name }}
|
||||
incus stop {{ item.name }} && \
|
||||
incus rm {{ item.name }}
|
||||
when: state.results[0].rc == 0 and "RUNNING" in state.results[0].stdout
|
||||
with_items: '{{ molecule_yml.platforms }}'
|
||||
|
||||
@ -4,14 +4,14 @@
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: find current container state
|
||||
ansible.builtin.command: lxc ls {{ item.name }}
|
||||
ansible.builtin.command: incus ls {{ item.name }}
|
||||
register: state
|
||||
with_items: '{{ molecule_yml.platforms }}'
|
||||
- name: verify launched container is running
|
||||
ansible.builtin.assert:
|
||||
that: state.results[0].rc == 0 and "RUNNING" in state.results[0].stdout
|
||||
- name: find container ip address
|
||||
ansible.builtin.command: lxc ls -c=4 -f=compact {{ item.name }}
|
||||
ansible.builtin.command: incus ls -c=4 -f=compact {{ item.name }}
|
||||
register: ipv4_raw
|
||||
with_items: '{{ molecule_yml.platforms }}'
|
||||
- name: set ipv4 address string as a fact
|
||||
|
||||
@ -1,19 +1,19 @@
|
||||
---
|
||||
- name: find current container state
|
||||
ansible.builtin.command: lxc ls {{ lte_container_name }}
|
||||
ansible.builtin.command: incus ls {{ lte_container_name }}
|
||||
register: container_state
|
||||
changed_when: false
|
||||
- name: launch debian bookworm linux container
|
||||
ansible.builtin.shell:
|
||||
cmd: |
|
||||
lxc launch \
|
||||
incus launch \
|
||||
images:debian/{{ lte_debian_version }}/cloud \
|
||||
{{ lte_container_name }}
|
||||
when: (container_state.rc == 1) or ("RUNNING" not in container_state.stdout)
|
||||
- name: update apt cache and upgrade system packages
|
||||
ansible.builtin.shell:
|
||||
cmd: |-
|
||||
lxc exec {{ lte_container_name }} -- \
|
||||
incus exec {{ lte_container_name }} -- \
|
||||
bash -c \
|
||||
'/usr/bin/apt update && /usr/bin/apt upgrade -y'
|
||||
changed_when: false
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
- name: find systemctl service for openssh-server
|
||||
ansible.builtin.shell:
|
||||
cmd: |-
|
||||
lxc exec {{ lte_container_name }} -- \
|
||||
incus exec {{ lte_container_name }} -- \
|
||||
systemctl status ssh.service
|
||||
register: ssh_service
|
||||
changed_when: false
|
||||
@ -13,14 +13,14 @@
|
||||
- name: install system package openssh-server
|
||||
ansible.builtin.shell:
|
||||
cmd: |-
|
||||
lxc exec {{ lte_container_name }} -- \
|
||||
incus exec {{ lte_container_name }} -- \
|
||||
apt install -y openssh-server
|
||||
register: ssh_pkg
|
||||
when: not ssh_service_exists
|
||||
- name: check openssh server configuration for root access
|
||||
ansible.builtin.shell:
|
||||
cmd: |-
|
||||
lxc exec {{ lte_container_name }} -- \
|
||||
incus exec {{ lte_container_name }} -- \
|
||||
grep -e "^PermitRootLogin yes$" /etc/ssh/sshd_config
|
||||
register: root_access
|
||||
changed_when: false
|
||||
@ -31,7 +31,7 @@
|
||||
- name: configure openssh server to allow root access via ssh
|
||||
ansible.builtin.shell:
|
||||
cmd: |-
|
||||
lxc exec {{ lte_container_name }} -- \
|
||||
incus exec {{ lte_container_name }} -- \
|
||||
sed -i "$ a PermitRootLogin yes" /etc/ssh/sshd_config
|
||||
register: sshd_config
|
||||
when: not ssh_root_login_allowed
|
||||
@ -41,7 +41,7 @@
|
||||
- name: enable openssh server systemd service
|
||||
ansible.builtin.shell:
|
||||
cmd: |-
|
||||
lxc exec {{ lte_container_name }} -- \
|
||||
incus exec {{ lte_container_name }} -- \
|
||||
systemctl enable --now ssh.service
|
||||
when: ssh_pkg_installed
|
||||
- name: set fact sshd_config_touched
|
||||
@ -50,11 +50,11 @@
|
||||
- name: restart openssh server systemd service
|
||||
ansible.builtin.shell:
|
||||
cmd: |-
|
||||
lxc exec {{ lte_container_name }} -- \
|
||||
incus exec {{ lte_container_name }} -- \
|
||||
systemctl restart ssh.service
|
||||
when: sshd_config_touched
|
||||
- name: find container ip address
|
||||
ansible.builtin.command: lxc ls -c=4 -f=compact {{ lte_container_name }}
|
||||
ansible.builtin.command: incus ls -c=4 -f=compact {{ lte_container_name }}
|
||||
register: ipv4
|
||||
changed_when: false
|
||||
when: sshd_config_touched
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
- name: change root user password in container
|
||||
ansible.builtin.shell:
|
||||
cmd: |-
|
||||
lxc exec {{ lte_container_name }} -- \
|
||||
incus exec {{ lte_container_name }} -- \
|
||||
bash -c \
|
||||
'echo "root:{{ lte_container_root_pwd }}" | chpasswd'
|
||||
changed_when: false
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user