[community.general.lxc_container] container_config is ignored #11490
Description
Summary
I'm trying to create a LXC container on a debian trixie host using this task:
- name: Create and start forgejo-runner lxc container
community.general.lxc_container:
name: forgejo-runner
container_log: true
template: download
state: started
template_options: --dist debian --release trixie --arch amd64
container_config:
- "lxc.hook.version = 1"
- "lxc.net.0.type = veth"
- "lxc.apparmor.profile = unconfined"
- "lxc.idmap = u 0 100000 165536"
- "lxc.idmap = g 0 100000 165536"
The LXC is created, but the resulting config on the LXC host has none of the settings I specified and fails to start as I have the default LXC bridge disabled:
$ sudo cat /var/lib/lxc/forgejo-runner/config
# Template used to create this container: /usr/share/lxc/templates/lxc-download
# Parameters passed to the template: --dist debian --release trixie --arch amd64
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
# Distribution configuration
lxc.include = /usr/share/lxc/config/common.conf
lxc.arch = linux64
# Container specific configuration
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
lxc.rootfs.path = dir:/var/lib/lxc/forgejo-runner/rootfs
lxc.uts.name = forgejo-runner
# Network configuration
lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.flags = up
Issue Type
Bug Report
Component Name
lxc_container
Ansible Version
$ ansible --version
ansible [core 2.19.6]
config file = None
configured module search path = ['/home/user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/user/git_projects/srv-ansible/ansible_venv/lib/python3.11/site-packages/ansible
ansible collection location = /home/user/.ansible/collections:/usr/share/ansible/collections
executable location = /home/user/git_projects/srv-ansible/ansible_venv/bin/ansible
python version = 3.11.2 (main, Jul 10 2024, 23:01:58) [GCC 14.1.1 20240522] (/home/user/git_projects/srv-ansible/ansible_venv/bin/python)
jinja version = 3.1.6
pyyaml version = 6.0.2 (with libyaml v0.2.5)Community.general Version
$ ansible-galaxy collection list community.general
# /home/user/git_projects/srv-ansible/ansible_venv/lib/python3.11/site-packages/ansible_collections
Collection Version
----------------- -------
community.general 12.3.0 Configuration
$ ansible-config dump --only-changed
CONFIG_FILE() = None
PAGER(env: PAGER) = less
GALAXY_SERVERS:OS / Environment
Target server where LXC should be created:
$ lsb_release --all
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 13 (trixie)
Release: 13
Codename: trixie
Computer where the ansible playbook is executed:
$ lsb_release --all
LSB Version: n/a
Distributor ID: Arch
Description: Arch Linux
Release: rolling
Codename: n/a
Steps to Reproduce
Install LXC and try to create a container with the following tasks on a debian 13 trixie host.
---
- name: Install LXC packages
ansible.builtin.apt:
name:
- lxc
- libvirt0
- bridge-utils
- uidmap
- lxc-templates
- python3-lxc
state: present
- name: Check if /etc/default/lxc-net needs changes
ansible.builtin.copy:
src: "files/shared/lxc/lxc-net"
dest: "/etc/default/lxc-net"
owner: root
group: root
mode: "0644"
check_mode: true
register: lxc_net_config
- name: Apply changes to /etc/default/lxc-net
when: lxc_net_config.changed
block:
- name: Stop lxc-net.service
ansible.builtin.service:
name: lxc-net.service
state: stopped
- name: Upload /etc/default/lxc-net
ansible.builtin.copy:
src: "files/shared/lxc/lxc-net"
dest: "/etc/default/lxc-net"
owner: root
group: root
mode: "0644"
- name: Start lxc-net.service
ansible.builtin.service:
name: lxc-net.service
state: started
- name: Create and start forgejo-runner lxc container
community.general.lxc_container:
name: forgejo-runner
container_log: true
template: download
state: started
template_options: --dist debian --release trixie --arch amd64
container_config:
- "lxc.hook.version = 1"
- "lxc.net.0.type = veth"
- "lxc.apparmor.profile = unconfined"
- "lxc.idmap = u 0 100000 165536"
- "lxc.idmap = g 0 100000 165536"
- "lxc.hook.start = systemctl mask systemd-networkd.service"$ cat lxc-net
# Managed by Ansible
USE_LXC_BRIDGE="false"
# Honor system's dnsmasq configuration
#LXC_DHCP_CONFILE=/etc/dnsmasq.con
Expected Results
The settings provided in container_config should be applied to the created LXC on the server.
Actual Results
$ sudo cat /var/lib/lxc/forgejo-runner/config
# Template used to create this container: /usr/share/lxc/templates/lxc-download
# Parameters passed to the template: --dist debian --release trixie --arch amd64
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
# Distribution configuration
lxc.include = /usr/share/lxc/config/common.conf
lxc.arch = linux64
# Container specific configuration
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
lxc.rootfs.path = dir:/var/lib/lxc/forgejo-runner/rootfs
lxc.uts.name = forgejo-runner
# Network configuration
lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.flags = upCode of Conduct
- I agree to follow the Ansible Code of Conduct