X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;ds=sidebyside;f=modules%2Flxc%2Fmanifests%2Finit.pp;h=4b7b64222461cc461d0b5f7053b2ae08c3dc3c90;hb=416822c6c0d0568cefce6d9f47e159e121e87ed9;hp=0ba4a20f96aa09dbfee7603af916c22aaa88520b;hpb=de1b5a9303bef6166335f08b82a785f8c0607ad9;p=infra.git

diff --git a/modules/lxc/manifests/init.pp b/modules/lxc/manifests/init.pp
index 0ba4a20..4b7b642 100644
--- a/modules/lxc/manifests/init.pp
+++ b/modules/lxc/manifests/init.pp
@@ -7,16 +7,29 @@ class lxc {
     }->
     exec {'lxc-base-image-created':
         logoutput => on_failure,
-        command => '/usr/bin/lxc-create -n base-image -t debian -- -r stretch --packages=gnupg2,puppet,lsb-release,debconf-utils',# gnupg2 needed for puppet managing apt-keys
+        command => '/usr/bin/lxc-create -n base-image -t debian -- -r stretch --packages=gnupg2,puppet,lsb-release,debconf-utils && rm -r /var/lib/lxc/base-image/rootfs/var/lib/apt/lists',# gnupg2 needed for puppet managing apt-keys
         unless => '/usr/bin/test -d /var/lib/lxc/base-image',
         timeout => '0'
     }
+    package {'bridge-utils':
+        ensure => 'installed'
+    } -> file {'/etc/network/interfaces.d/lxcbr0':
+        source => 'puppet:///modules/lxc/lxcbr0'
+    } ~> exec{'stop all containers':
+      command => '/bin/bash -c \'for i in $(lxc-ls); do if [[ $i != base-image ]]; then lxc-stop -n "$i"; fi; done\'',
+      refreshonly => true,
+    } -> exec {'ifup lxcbr0':
+      command => '/sbin/ifdown lxcbr0; /sbin/ifup lxcbr0',
+      refreshonly => true,
+      subscribe => File['/etc/network/interfaces.d/lxcbr0']
+    }
     define container ($contname, $ip, $dir = [], $bind = {}, $confline = []) {
         exec {"lxc-$contname-issue-cert":
           command => "/usr/bin/puppet ca destroy \"$contname\";/usr/bin/puppet ca generate \"$contname\"",
           unless => "/usr/bin/[ -f /var/lib/puppet/ssl/private_keys/$contname.pem ] && /usr/bin/[ -f /var/lib/puppet/ssl/certs/$contname.pem ]",
           before => Exec["lxc-$contname-started"]
         }
+	$ipv6 = $ipsv6[$contname]
 
         exec{ "lxc-$contname-created":
             logoutput => on_failure,
@@ -44,6 +57,16 @@ class lxc {
             path   => "/var/lib/lxc/$contname/config",
             line   => 'lxc.network.ipv4.gateway = 10.0.3.1',
             notify => Exec["lxc-$contname-started"],
+      } -> file_line {"lxc-$contname-conf6":
+            path   => "/var/lib/lxc/$contname/config",
+            line   => "lxc.network.ipv6 = $ipv6/64",
+	    match  => '^lxc\.network\.ipv6 =',
+            notify => Exec["lxc-$contname-started"],
+        } -> file_line {"lxc-$contname-conf7":
+            path   => "/var/lib/lxc/$contname/config",
+            line   => 'lxc.network.ipv6.gateway = fc00:0001::0000:0001',
+	    match  => '^lxc\.network\.ipv6\.gateway =',
+            notify => Exec["lxc-$contname-started"],
         } -> file_line {"lxc-$contname-network":
             path   => "/var/lib/lxc/$contname/rootfs/etc/network/interfaces",
             line   => 'iface eth0 inet manual',
@@ -68,7 +91,7 @@ class lxc {
           file_line { "lxc-$contname-mount-$out":
            path   => "/var/lib/lxc/$contname/config",
            line   => "lxc.mount.entry = $out ${in[target]} none bind${in[option]} 0 0",
-           require=> File_line["lxc-$contname-conf5"],
+           require=> [File_line["lxc-$contname-conf5"], File["$out"]],
            notify  => Exec["lxc-$contname-started"],
           }
         }