* Manage the main OpenVZ's configuration file (/etc/vz/vz.conf).
* The network management for an OpenVZ CT now works for all Debian family and not only Debian >=7.
This commit is contained in:
parent
093d2e4122
commit
1a593c678f
|
@ -1,4 +1,13 @@
|
|||
|
||||
---------------------------------------
|
||||
###
|
||||
|
||||
##### Features
|
||||
* Manage the main OpenVZ's configuration file (/etc/vz/vz.conf).
|
||||
|
||||
##### Changes
|
||||
* The network management for an OpenVZ CT now works for all Debian family and not only Debian >=7.
|
||||
|
||||
---------------------------------------
|
||||
### 0.2.0 - 2015/01/27
|
||||
|
||||
|
|
|
@ -56,6 +56,8 @@ class proxmox::hypervisor (
|
|||
$pve_modules_list = $proxmox::params::pve_modules_list,
|
||||
$pve_modules_file_path = $proxmox::params::pve_modules_file_path,
|
||||
$pve_modules_file_content = $proxmox::params::pve_modules_file_content,
|
||||
$vz_config_file_path = $proxmox::params::vz_config_file_path,
|
||||
$vz_config_file_tpl = $proxmox::params::vz_config_file_tpl,
|
||||
$labs_firewall_rule = $proxmox::params::labs_firewall_rule,
|
||||
) inherits proxmox::params {
|
||||
|
||||
|
|
|
@ -32,6 +32,12 @@ class proxmox::hypervisor::config {
|
|||
onlyif => 'grep "if (data.status !== \'Active\') {" /usr/share/pve-manager/ext4/pvemanagerlib.js',
|
||||
}
|
||||
|
||||
## OpenVZ configuration
|
||||
file { "${proxmox::hypervisor::vz_config_file_path}":
|
||||
ensure => present,
|
||||
content => template("${proxmox::hypervisor::vz_config_file_tpl}"),
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
if $proxmox::hypervisor::labs_firewall_rule == true {
|
||||
|
|
|
@ -38,25 +38,28 @@ class proxmox::params {
|
|||
$pve_modules_file_path = '/etc/modules-load.d/proxmox.conf'
|
||||
$pve_modules_file_content = 'proxmox/hypervisor/proxmox_modules.conf.erb'
|
||||
|
||||
# OpenVZ configuration
|
||||
$vz_config_file_path = '/etc/vz/vz.conf'
|
||||
$vz_config_file_tpl = 'proxmox/hypervisor/vz.conf.erb'
|
||||
|
||||
# Firewall
|
||||
$labs_firewall_rule = false
|
||||
|
||||
|
||||
## VM - OpenVZ
|
||||
# Network
|
||||
$vm_interfaces_path = '/etc/network/interfaces'
|
||||
$vm_interfaces_content = 'proxmox/vm/openzv_interfaces.erb'
|
||||
$vm_interfaces_tail_path = '/etc/network/interfaces.tail'
|
||||
$vm_interfaces_tail_content = 'proxmox/vm/openzv_interfaces.tail.erb'
|
||||
$network_service_name = 'networking'
|
||||
$network_service_manage = true
|
||||
$network_service_enabled = true
|
||||
|
||||
|
||||
}
|
||||
|
||||
## VM - OpenVZ
|
||||
# Network
|
||||
$vm_interfaces_path = '/etc/network/interfaces'
|
||||
$vm_interfaces_content = 'proxmox/vm/openzv_interfaces.erb'
|
||||
$vm_interfaces_tail_path = '/etc/network/interfaces.tail'
|
||||
$vm_interfaces_tail_content = 'proxmox/vm/openzv_interfaces.tail.erb'
|
||||
$network_service_name = 'networking'
|
||||
$network_service_manage = true
|
||||
$network_service_enabled = true
|
||||
|
||||
}
|
||||
default: {
|
||||
fail("Proxmox Virtual Environment only works with Debian system; And the OpenVZ configuration has been tested only with Debian; So osfamily (${::osfamily}) or lsbdistid (${::lsbdistid}) is unsupported")
|
||||
fail("Proxmox Virtual Environment only works with Debian system; And the OpenVZ configuration has been tested only with Debian family; So osfamily (${::osfamily}) or lsbdistid (${::lsbdistid}) is unsupported")
|
||||
|
||||
}
|
||||
|
||||
|
|
|
@ -0,0 +1,52 @@
|
|||
## Global parameters
|
||||
VIRTUOZZO=yes
|
||||
LOCKDIR=/var/lib/vz/lock
|
||||
DUMPDIR=/var/lib/vz/dump
|
||||
VE0CPUUNITS=1000
|
||||
|
||||
## Logging parameters
|
||||
LOGGING=yes
|
||||
LOGFILE=/var/log/vzctl.log
|
||||
LOG_LEVEL=0
|
||||
VERBOSE=0
|
||||
|
||||
## Disk quota parameters
|
||||
DISK_QUOTA=yes
|
||||
VZFASTBOOT=no
|
||||
|
||||
# Disable module loading. If set, vz initscript does not load any modules.
|
||||
#MODULES_DISABLED=yes
|
||||
|
||||
# The name of the device whose IP address will be used as source IP for CT.
|
||||
# By default automatically assigned.
|
||||
#VE_ROUTE_SRC_DEV="eth0"
|
||||
|
||||
# Controls which interfaces to send ARP requests and modify ARP tables on.
|
||||
NEIGHBOUR_DEVS=detect
|
||||
|
||||
## Fail if there is another machine in the network with the same IP
|
||||
ERROR_ON_ARPFAIL="no"
|
||||
|
||||
## Template parameters
|
||||
TEMPLATE=/var/lib/vz/template
|
||||
|
||||
## Defaults for containers
|
||||
VE_ROOT=/var/lib/vz/root/$VEID
|
||||
VE_PRIVATE=/var/lib/vz/private/$VEID
|
||||
|
||||
## Filesystem layout for new CTs: either simfs (default) or ploop
|
||||
#VE_LAYOUT=ploop
|
||||
|
||||
## Load vzwdog module
|
||||
VZWDOG="no"
|
||||
|
||||
## IPv4 iptables kernel modules to be enabled in CTs by default
|
||||
IPTABLES="ipt_REJECT ipt_recent ipt_owner ipt_REDIRECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"
|
||||
## IPv4 iptables kernel modules to be loaded by init.d/vz script
|
||||
IPTABLES_MODULES="$IPTABLES"
|
||||
|
||||
## Enable IPv6
|
||||
IPV6="yes"
|
||||
|
||||
## IPv6 ip6tables kernel modules
|
||||
IP6TABLES="ip6_tables ip6table_filter ip6table_mangle ip6t_REJECT"
|
Loading…
Reference in New Issue