Benoit/esh
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
This repository has been archived on 2025-02-14. You can view files and clone it, but cannot push or open issues or pull requests.
esh/esh_lxd/recipes/containers.rb
Benoit 65be894048 Archive abandoned project
2025-02-15 01:05:58 +09:00

136 lines
4.7 KiB
Ruby
Raw Permalink Blame History

#
# Cookbook:: esh_lxd
# Recipe:: containers
#
# Copyright:: 2022, https://easyself.host
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
node['esh']['lxd']['containers'].each do |container, params|
if params['type'] == 'lxc'
execute "create container #{container}" do
command "lxc launch images:#{params['image']} #{container}"
not_if "lxc info #{container}"
live_stream true
end
end
if params['type'] == 'vm'
execute "create vm #{container}" do
command <<~EOT
lxc launch images:#{params['image']} #{container} --vm
sleep 1m
lxc stop #{container}
EOT
not_if "lxc info #{container}"
live_stream true
end
end
params['volumes'].each do |name, vol_params|
execute "create volume #{name} on #{vol_params['pool']} for #{container}" do
command "lxc storage volume create #{vol_params['pool']} #{name}"
not_if "lxc storage volume show #{vol_params['pool']} #{name}"
live_stream true
end
execute "add volume #{name} on #{vol_params['pool']} for #{container}:/var/lib/#{name}" do
command "lxc config device add #{container} #{name} disk pool=#{vol_params['pool']} source=#{name} path=#{vol_params['path']}"
not_if "lxc config device get #{container} #{name} path"
live_stream true
end
end
if params['type'] == 'vm'
execute "set vm mem #{container}" do
command "lxc config set #{container} limits.memory=#{params['mem']}"
not_if "lxc config get #{container} limits.memory | grep #{params['mem']}"
live_stream true
end
execute "set vm cpu #{container}" do
command "lxc config set #{container} limits.cpu=#{params['cpu']}"
not_if "lxc config get #{container} limits.cpu | grep #{params['cpu']}"
live_stream true
end
execute "set vm disk #{container}" do
command "lxc config device override #{container} root size=#{params['disk']}"
not_if "lxc config device get #{container} root size | grep -q #{params['disk']}"
live_stream true
end
execute "start vm #{container}" do
command "lxc start #{container} && sleep 1m"
only_if "lxc info #{container} | grep -q STOPPED"
live_stream true
end
end
unless params['cinc_flavor'].nil?
distribution = params['cinc_flavor'].split('/').first
release = params['cinc_flavor'].split('/').last
cinc_url = node['esh']['cinc'][distribution][release]['url']
filename = cinc_url.split('/').last
esh_cinc_download cinc_url do
distribution distribution
release release
end
execute "push cinc to container #{container}" do
command "lxc file push #{Chef::Config['file_cache_path']}/#{distribution}/#{release}/#{filename} #{container}/opt/"
not_if "lxc exec #{container} -- test -f /opt/#{filename}"
live_stream true
# Sometimes the container has just been created and copy fail since
# starting take a few secs
retries 3
end
execute "install cinc to container #{container}" do
command "lxc exec #{container} -- apt install -y /opt/#{filename}"
not_if "lxc exec #{container} -- dpkg -s cinc"
live_stream true
end
end
execute "lxc restart #{container}" do
command "lxc restart #{container}"
action :nothing
end
unless params['apparmor'].nil?
execute "set apparmor profile for #{container}" do
command "lxc config set #{container} raw.lxc lxc.apparmor.profile=#{params['apparmor']}"
not_if do
`lxc config get #{container} raw.lxc`.strip == "lxc.apparmor.profile=#{params['apparmor']}"
end
live_stream true
notifies :run, "execute[lxc restart #{container}]", :immediately
end
end
unless params['security.nesting'].nil?
execute "set security.nesting for #{container}" do
command "lxc config set #{container} security.nesting=#{params['security.nesting']}"
not_if do
`lxc config get #{container} security.nesting`.strip == params['security.nesting']
end
live_stream true
notifies :run, "execute[lxc restart #{container}]", :immediately
end
end
next if params['cloudflared'].nil?
params['cloudflared'].each do |tunnel_name, tunnel_hostname|
esh_cloudflared_tunnel tunnel_name do
tunnel_hostname tunnel_hostname
end
end
end
Reference in a new issue View git blame Copy permalink