[SOLVED] How to make changes to an LXC container with Ansible

[janvv]

Hi all,

I have a nice LXC role in Ansible to create new containers:

- name: include password
  include_vars:
    file: vars/proxmox_root_password.yml

- name: create container
  proxmox:
    vmid: "{{ lxc_vmid }}"
    node: "{{ inventory_hostname }}"
    api_user: root@pam
    api_password: "{{ proxmox_root_password }}"
    api_host: "{{ inventory_hostname }}"
    hostname: "{{ lxc_hostname }}"
    ostemplate: "{{ lxc_template }}"
    storage: local-lvm
    pool: "{{ lxc_pool }}"
    password: "{{ proxmox_root_password }}"
    cores: "{{ lxc_cores }}"
    memory: "{{ lxc_memory }}"
    swap: "{{ lxc_swap }}"
    disk: "{{ lxc_disk_gb }}"
    netif: '{"net0":"name=eth0,{{ lxc_network }},bridge=vmbr0"}'
    features:
      - "nesting={{ lxc_nesting }}"
    state: present
  register: lxc_output

- name: read vmid
  set_fact:
    vmid: "{{ lxc_output.msg | regex_search('\\b\\d{1,}\\b') }}"

- name: make sure container is started
  proxmox:
    vmid: "{{ vmid }}"
    api_user: root@pam
    api_password: "{{ proxmox_root_password }}"
    api_host: "{{ inventory_hostname }}"
    state: started

So far, so good. This works perfect.
But now I want to change something. Like... double the memory, or changing the network from dhcp to static... anything
If I change the parameters of the proxmox role in my yaml file, then Ansible does not compare it to the existing container. So nothing happens.
My workaround is to completely destroy the container first, and then rerun the playbook.

This is not what I expect. I expect Ansible to bring the container to the desired state.

Has anyone found a good solution for this?

 

[pille99]

quote: "so nothing happens" - it cant be. always happen something, maybe not visually but in background ...
whats written in the logs of the container ? run ansible-playbook -v (verbose) and get more infos. what is the output on ansible ? all green ? how do you enter the variables references ?

 

[janvv]

quote: "so nothing happens" - it cant be. always happen something, maybe not visually but in background ...
whats written in the logs of the container ? run ansible-playbook -v (verbose) and get more infos. what is the output on ansible ? all green ? how do you enter the variables references ?

All green:

TASK [proxmox_roles/lxc : create container] ******************************************************
ok: [pve]

TASK [proxmox_roles/lxc : read vmid] *************************************************************
ok: [pve]

TASK [proxmox_roles/lxc : make sure container is started] ****************************************
ok: [pve]

I think the Ansible proxmox module only checks if the lxc already exists or not. If yes, green. Regardless of the other specs.

With -v:

 

[janvv]

I have been thinking about it... I think it is a non-issue.
The idea of containers is that they only contain an application. The data should stored somewhere else. Often, the installation of an application does not take a lot of time.
So, what is the problem of recreating the container in the case you change its technical specs? No problem at all.

I changed my playbook to:

- name: include password
  include_vars:
    file: vars/proxmox_root_password.yml

- name: optionally, destroy the existing container
  when: anew is defined
  block:
    - name: stop container
      proxmox:
        vmid: "{{ lxc_vmid }}"
        api_user: root@pam
        api_password: "{{ proxmox_root_password }}"
        api_host: "{{ inventory_hostname }}"
        state: stopped
    - name: destroy container
      proxmox:
        vmid: "{{ lxc_vmid }}"
        api_user: root@pam
        api_password: "{{ proxmox_root_password }}"
        api_host: "{{ inventory_hostname }}"
        state: absent
    
- name: create container
  proxmox:
    vmid: "{{ lxc_vmid }}"

Now I can add an extra parameter when I want to recreate the container:

ansible-playbook setup_pihole.yml -e "anew=whatever"