* Manage the main OpenVZ's configuration file (/etc/vz/vz.conf).
* The network management for an OpenVZ CT now works for all Debian family and not only Debian >=7.
This commit is contained in:
parent
093d2e4122
commit
1a593c678f
|
@ -1,4 +1,13 @@
|
||||||
|
|
||||||
|
---------------------------------------
|
||||||
|
###
|
||||||
|
|
||||||
|
##### Features
|
||||||
|
* Manage the main OpenVZ's configuration file (/etc/vz/vz.conf).
|
||||||
|
|
||||||
|
##### Changes
|
||||||
|
* The network management for an OpenVZ CT now works for all Debian family and not only Debian >=7.
|
||||||
|
|
||||||
---------------------------------------
|
---------------------------------------
|
||||||
### 0.2.0 - 2015/01/27
|
### 0.2.0 - 2015/01/27
|
||||||
|
|
||||||
|
|
|
@ -56,6 +56,8 @@ class proxmox::hypervisor (
|
||||||
$pve_modules_list = $proxmox::params::pve_modules_list,
|
$pve_modules_list = $proxmox::params::pve_modules_list,
|
||||||
$pve_modules_file_path = $proxmox::params::pve_modules_file_path,
|
$pve_modules_file_path = $proxmox::params::pve_modules_file_path,
|
||||||
$pve_modules_file_content = $proxmox::params::pve_modules_file_content,
|
$pve_modules_file_content = $proxmox::params::pve_modules_file_content,
|
||||||
|
$vz_config_file_path = $proxmox::params::vz_config_file_path,
|
||||||
|
$vz_config_file_tpl = $proxmox::params::vz_config_file_tpl,
|
||||||
$labs_firewall_rule = $proxmox::params::labs_firewall_rule,
|
$labs_firewall_rule = $proxmox::params::labs_firewall_rule,
|
||||||
) inherits proxmox::params {
|
) inherits proxmox::params {
|
||||||
|
|
||||||
|
|
|
@ -32,6 +32,12 @@ class proxmox::hypervisor::config {
|
||||||
onlyif => 'grep "if (data.status !== \'Active\') {" /usr/share/pve-manager/ext4/pvemanagerlib.js',
|
onlyif => 'grep "if (data.status !== \'Active\') {" /usr/share/pve-manager/ext4/pvemanagerlib.js',
|
||||||
}
|
}
|
||||||
|
|
||||||
|
## OpenVZ configuration
|
||||||
|
file { "${proxmox::hypervisor::vz_config_file_path}":
|
||||||
|
ensure => present,
|
||||||
|
content => template("${proxmox::hypervisor::vz_config_file_tpl}"),
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if $proxmox::hypervisor::labs_firewall_rule == true {
|
if $proxmox::hypervisor::labs_firewall_rule == true {
|
||||||
|
|
|
@ -38,25 +38,28 @@ class proxmox::params {
|
||||||
$pve_modules_file_path = '/etc/modules-load.d/proxmox.conf'
|
$pve_modules_file_path = '/etc/modules-load.d/proxmox.conf'
|
||||||
$pve_modules_file_content = 'proxmox/hypervisor/proxmox_modules.conf.erb'
|
$pve_modules_file_content = 'proxmox/hypervisor/proxmox_modules.conf.erb'
|
||||||
|
|
||||||
|
# OpenVZ configuration
|
||||||
|
$vz_config_file_path = '/etc/vz/vz.conf'
|
||||||
|
$vz_config_file_tpl = 'proxmox/hypervisor/vz.conf.erb'
|
||||||
|
|
||||||
# Firewall
|
# Firewall
|
||||||
$labs_firewall_rule = false
|
$labs_firewall_rule = false
|
||||||
|
|
||||||
|
|
||||||
## VM - OpenVZ
|
|
||||||
# Network
|
|
||||||
$vm_interfaces_path = '/etc/network/interfaces'
|
|
||||||
$vm_interfaces_content = 'proxmox/vm/openzv_interfaces.erb'
|
|
||||||
$vm_interfaces_tail_path = '/etc/network/interfaces.tail'
|
|
||||||
$vm_interfaces_tail_content = 'proxmox/vm/openzv_interfaces.tail.erb'
|
|
||||||
$network_service_name = 'networking'
|
|
||||||
$network_service_manage = true
|
|
||||||
$network_service_enabled = true
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
## VM - OpenVZ
|
||||||
|
# Network
|
||||||
|
$vm_interfaces_path = '/etc/network/interfaces'
|
||||||
|
$vm_interfaces_content = 'proxmox/vm/openzv_interfaces.erb'
|
||||||
|
$vm_interfaces_tail_path = '/etc/network/interfaces.tail'
|
||||||
|
$vm_interfaces_tail_content = 'proxmox/vm/openzv_interfaces.tail.erb'
|
||||||
|
$network_service_name = 'networking'
|
||||||
|
$network_service_manage = true
|
||||||
|
$network_service_enabled = true
|
||||||
|
|
||||||
}
|
}
|
||||||
default: {
|
default: {
|
||||||
fail("Proxmox Virtual Environment only works with Debian system; And the OpenVZ configuration has been tested only with Debian; So osfamily (${::osfamily}) or lsbdistid (${::lsbdistid}) is unsupported")
|
fail("Proxmox Virtual Environment only works with Debian system; And the OpenVZ configuration has been tested only with Debian family; So osfamily (${::osfamily}) or lsbdistid (${::lsbdistid}) is unsupported")
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,52 @@
|
||||||
|
## Global parameters
|
||||||
|
VIRTUOZZO=yes
|
||||||
|
LOCKDIR=/var/lib/vz/lock
|
||||||
|
DUMPDIR=/var/lib/vz/dump
|
||||||
|
VE0CPUUNITS=1000
|
||||||
|
|
||||||
|
## Logging parameters
|
||||||
|
LOGGING=yes
|
||||||
|
LOGFILE=/var/log/vzctl.log
|
||||||
|
LOG_LEVEL=0
|
||||||
|
VERBOSE=0
|
||||||
|
|
||||||
|
## Disk quota parameters
|
||||||
|
DISK_QUOTA=yes
|
||||||
|
VZFASTBOOT=no
|
||||||
|
|
||||||
|
# Disable module loading. If set, vz initscript does not load any modules.
|
||||||
|
#MODULES_DISABLED=yes
|
||||||
|
|
||||||
|
# The name of the device whose IP address will be used as source IP for CT.
|
||||||
|
# By default automatically assigned.
|
||||||
|
#VE_ROUTE_SRC_DEV="eth0"
|
||||||
|
|
||||||
|
# Controls which interfaces to send ARP requests and modify ARP tables on.
|
||||||
|
NEIGHBOUR_DEVS=detect
|
||||||
|
|
||||||
|
## Fail if there is another machine in the network with the same IP
|
||||||
|
ERROR_ON_ARPFAIL="no"
|
||||||
|
|
||||||
|
## Template parameters
|
||||||
|
TEMPLATE=/var/lib/vz/template
|
||||||
|
|
||||||
|
## Defaults for containers
|
||||||
|
VE_ROOT=/var/lib/vz/root/$VEID
|
||||||
|
VE_PRIVATE=/var/lib/vz/private/$VEID
|
||||||
|
|
||||||
|
## Filesystem layout for new CTs: either simfs (default) or ploop
|
||||||
|
#VE_LAYOUT=ploop
|
||||||
|
|
||||||
|
## Load vzwdog module
|
||||||
|
VZWDOG="no"
|
||||||
|
|
||||||
|
## IPv4 iptables kernel modules to be enabled in CTs by default
|
||||||
|
IPTABLES="ipt_REJECT ipt_recent ipt_owner ipt_REDIRECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"
|
||||||
|
## IPv4 iptables kernel modules to be loaded by init.d/vz script
|
||||||
|
IPTABLES_MODULES="$IPTABLES"
|
||||||
|
|
||||||
|
## Enable IPv6
|
||||||
|
IPV6="yes"
|
||||||
|
|
||||||
|
## IPv6 ip6tables kernel modules
|
||||||
|
IP6TABLES="ip6_tables ip6table_filter ip6table_mangle ip6t_REJECT"
|
Loading…
Reference in New Issue