5 # Copyright 2017, whitestar
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
11 # http://www.apache.org/licenses/LICENSE-2.0
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
20 default['lxcs']['lxc']['env']['lxc'] = {
22 'BOOTGROUPS' => 'onboot,',
23 'SHUTDOWNDELAY' => '5',
25 'STOPOPTS' => '-a -A -s',
26 'USE_LXC_BRIDGE' => 'false',
28 default['lxcs']['lxc']['env']['lxc-net'] = {
29 'USE_LXC_BRIDGE' => 'true',
30 'LXC_BRIDGE' => 'lxcbr0',
31 'LXC_ADDR' => '10.0.3.1',
32 'LXC_NETMASK' => '255.255.255.0',
33 'LXC_NETWORK' => '10.0.3.0/24',
34 'LXC_DHCP_RANGE' => '10.0.3.2,10.0.3.254',
35 'LXC_DHCP_MAX' => '253',
37 default['lxcs']['lxc']['unprivileged_container'] = {
41 # Default initial configuration file
42 # Content is line string's array or single string.
43 # 17.10 (LXC 2.1): https://discuss.linuxcontainers.org/t/lxc-2-1-has-been-released/487
44 default['lxcs']['lxc']['default.conf'] = \
45 if node['platform_version'] >= '17.10'
47 'lxc.net.0.type = veth',
48 'lxc.net.0.link = lxcbr0',
49 'lxc.net.0.flags = up',
50 'lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx',
54 'lxc.network.type = veth',
55 'lxc.network.link = lxcbr0',
56 'lxc.network.flags = up',
57 'lxc.network.hwaddr = 00:16:3e:xx:xx:xx',
60 # Other initial configuration files
61 default['lxcs']['lxc']['extra-default.conf'] = {
63 # Content is line string's array or single string
64 'default-br0.conf' => [
65 'lxc.network.type = veth',
66 'lxc.network.link = br0',
67 'lxc.network.flags = up',
68 'lxc.network.hwaddr = 00:16:3e:xx:xx:xx',
70 'default-br0-unpriv.conf' => [
71 'lxc.network.type = veth',
72 'lxc.network.link = br0',
73 'lxc.network.flags = up',
74 'lxc.network.hwaddr = 00:16:3e:xx:xx:xx',
75 'lxc.id_map = u 0 100000 65536',
76 'lxc.id_map = g 0 100000 65536',
80 # Content is line string's array or single string
81 default['lxcs']['lxc']['lxc-usernet'] = [
82 # USERNAME TYPE BRIDGE COUNT
83 #'alice veth lxcbr0 10',
87 default['lxcs']['lxd']['verbose'] = false
88 default['lxcs']['lxd']['with_zfs'] = false
89 default['lxcs']['lxd']['users_allow'] = []
90 default['lxcs']['lxd']['init'] = {
94 #"--network-address #{node['ipaddress']}",
95 #'--network-port 8443',
96 #'--storage-backend dir',
98 'trust_password_vault_item' => {
101 'name' => 'trust_password',
102 # single password or nested hash password path delimited by slash
103 'env_context' => false,
104 'key' => 'password', # real hash path: "/password"
105 # or nested hash password path delimited by slash
106 #'env_context' => true,
107 #'key' => 'hash/path/to/password', # real hash path: "/#{node.chef_environment}/hash/path/to/password"
113 Automatic (non-interactive) mode
115 Init options for non-interactive mode (--auto):
116 --network-address ADDRESS
117 Address to bind LXD to (default: none)
119 Port to bind LXD to (default: 8443)
120 --storage-backend NAME
121 Storage backend to use (zfs or dir, default: dir)
122 --storage-create-device DEVICE
123 Setup device based storage using DEVICE
124 --storage-create-loop SIZE
125 Setup loop based storage with SIZE in GB
127 Storage pool to use or create
128 --trust-password PASSWORD
129 Password required to add new clients
132 default['lxcs']['lxd']['config'] = {
135 'core.https_address' => '192.168.1.50:8443',
136 'core.trust_password' => true,
137 'storage.zfs_pool_name' => 'lxd',
140 # Ubuntu >= 16.10 (yakkety)
141 default['lxcs']['lxd']['network'] = {
146 'ipv4.address' => '10.62.42.1/24',
147 'ipv4.nat' => 'true',
148 'ipv6.address' => 'fd00:56ad:9f7a:9800::1/64',
149 'ipv6.nat' => 'true',
156 'dns.mode' => 'dynamic',
157 'ipv4.address' => '10.1.3.1/24',
158 'ipv4.dhcp.ranges' => '10.1.3.100-10.1.3.254',
159 'ipv4.nat' => 'true',
160 'ipv6.address' => 'none',
167 default['lxcs']['lxd']['network_force_update'] = false
168 # Ubuntu <= 16.04 LTS (xenial)
169 default['lxcs']['lxd']['bridge'] = {
172 'USE_LXD_BRIDGE' => 'true',
174 # This is still used even if USE_LXD_BRIDGE is set to false
175 # set to an empty value to fully disable
176 'LXD_BRIDGE' => 'lxdbr0',
177 # Update the "default" LXD profile
178 'UPDATE_PROFILE' => 'true',
179 # Path to an extra dnsmasq configuration file
181 # DNS domain for the bridge
182 'LXD_DOMAIN' => 'lxd',
183 ## IPv4 address (e.g. 10.0.8.1)
184 'LXD_IPV4_ADDR' => '',
185 ## IPv4 netmask (e.g. 255.255.255.0)
186 'LXD_IPV4_NETMASK' => '',
187 ## IPv4 network (e.g. 10.0.8.0/24)
188 'LXD_IPV4_NETWORK' => '',
189 ## IPv4 DHCP range (e.g. 10.0.8.2,10.0.8.254)
190 'LXD_IPV4_DHCP_RANGE' => '',
191 ## IPv4 DHCP number of hosts (e.g. 250)
192 'LXD_IPV4_DHCP_MAX' => '',
194 'LXD_IPV4_NAT' => 'true',
195 ## IPv6 address (e.g. 2001:470:b368:4242::1)
196 'LXD_IPV6_ADDR' => '',
197 ## IPv6 CIDR mask (e.g. 64)
198 'LXD_IPV6_MASK' => '',
199 ## IPv6 network (e.g. 2001:470:b368:4242::/64)
200 'LXD_IPV6_NETWORK' => '',
202 'LXD_IPV6_NAT' => 'false',
203 # Run a minimal HTTP PROXY server
204 'LXD_IPV6_PROXY' => 'true',
207 default['lxcs']['lxd']['profile'] = {
209 # Examples (existing profiles)
212 'description' => 'Default LXD profile',
216 'nictype' => 'bridged',
217 'parent' => 'lxdbr0',
224 'linux.kernel_modules' => 'overlay, nf_nat',
225 'security.nesting' => 'true',
227 'description' => 'Profile supporting docker in containers',
230 'path' => '/sys/module/apparmor/parameters/enabled',
231 'source' => '/dev/null',
235 'path' => '/dev/fuse',
236 'type' => 'unix-char',