--- - name: Create debian containers for swarm lxc_container: name: "{{ item }}" container_log: true template: debian state: stopped fs_size: 2G template_options: --release stretch -a amd64 container_command: | if [ ! -d ~/.ssh ]; then mkdir /root/.ssh echo "{{ lookup('file', my_ssh_key) }}" | tee -a /root/.ssh/authorized_keys systemctl restart sshd fi with_items: - "worker1" - "worker2" when: inventory_hostname in groups['manager'] - name: Pause execution for 20 seconds pause: seconds: 20 - name: Start lxc containers shell: lxc-start --name {{ item }} with_items: - "worker1" - "worker2" when: inventory_hostname in groups['manager'] - name: Remove old container identification keys shell: ssh-keygen -f /root/.ssh/known_hosts -R {{ item }} with_items: - "10.0.3.100" - "10.0.3.101" when: inventory_hostname in groups['manager'] - name: Ensure container key is up-to-date locally shell: ssh-keyscan -T 15 {{ item }} >> /root/.ssh/known_hosts with_items: - "10.0.3.100" - "10.0.3.101" when: inventory_hostname in groups['manager'] - name: Install python on LXC container raw: which python || (apt-get -y update && apt-get install -y python) when: inventory_hostname in groups['workers'] - name: Allow container network communication with host via linux bridge ufw: rule: allow interface: lxcbr0 direction: in from_ip: "10.0.3.0/24" when: inventory_hostname in groups['manager'] - name: Enable LXC inter-container communication shell: ifconfig eth0 hw ether 00:00:03:12:22:11 when: inventory_hostname in groups['workers'][1]