From d3b53d6f802259b5ea4d12f5a567a7ec86677087 Mon Sep 17 00:00:00 2001
From: Kevin Carter <kevin@cloudnull.com>
Date: Thu, 11 Oct 2018 14:40:28 -0500
Subject: [PATCH] add lxc3 support

Change-Id: I0275461719bbfde31534a352809c50c3f05d7daf
Signed-off-by: Kevin Carter <kevin@cloudnull.com>
---
 .../elastic_dependencies/defaults/main.yml    |  8 ++++++++
 .../roles/elastic_dependencies/tasks/main.yml | 19 ++++++++++++++++---
 2 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/elk_metrics_6x/roles/elastic_dependencies/defaults/main.yml b/elk_metrics_6x/roles/elastic_dependencies/defaults/main.yml
index 55d1a981..bf038c8f 100644
--- a/elk_metrics_6x/roles/elastic_dependencies/defaults/main.yml
+++ b/elk_metrics_6x/roles/elastic_dependencies/defaults/main.yml
@@ -34,3 +34,11 @@ h_mem: "{{ (ansible_memtotal_mb | int) // 2 }}"
 # NOTE(cloudnull) - When the heap size for a given elastic node is graeter than
 #                   6GiB the G1 garbage collector can be enabled.
 elastic_g1gc_enabled: true
+
+elastic_lxc_template_config:
+  3:
+    aa_profile: lxc.apparmor.profile
+    mount: lxc.mount.entry
+  2:
+    aa_profile: lxc.aa_profile
+    mount: lxc.mount.entry
diff --git a/elk_metrics_6x/roles/elastic_dependencies/tasks/main.yml b/elk_metrics_6x/roles/elastic_dependencies/tasks/main.yml
index 2213efad..5a968535 100644
--- a/elk_metrics_6x/roles/elastic_dependencies/tasks/main.yml
+++ b/elk_metrics_6x/roles/elastic_dependencies/tasks/main.yml
@@ -124,15 +124,28 @@
         path: "/openstack/{{ inventory_hostname }}/{{ service_name }}"
         state: "directory"
       delegate_to: "{{ physical_host }}"
-
+    - name: Pull lxc version
+      command: "lxc-ls --version"
+      delegate_to: "{{ physical_host }}"
+      changed_when: false
+      register: lxc_version
+      when:
+        - container_tech | default('lxc') == 'lxc'
+      tags:
+        - skip_ansible_lint
+    - name: Enable or Disable lxc three syntax
+      set_fact:
+        lxc_major_version: "{{ lxc_version.stdout.split('.')[0] }}"
+      when:
+        - container_tech | default('lxc') == 'lxc'
     - name: elasticsearch datapath bind mount
       lxc_container:
         name: "{{ inventory_hostname }}"
         container_command: |
           [[ ! -d "/var/lib/{{ service_name }}" ]] && mkdir -p "/var/lib/{{ service_name }}"
         container_config:
-          - "lxc.mount.entry=/openstack/{{ inventory_hostname }}/{{ service_name }} var/lib/{{ service_name }} none bind 0 0"
-          - "lxc.aa_profile=unconfined"
+          - "{{ elastic_lxc_template_config[(lxc_major_version | int)]['mount'] }}=/openstack/{{ inventory_hostname }}/{{ service_name }} var/lib/{{ service_name }} none bind 0 0"
+          - "{{ elastic_lxc_template_config[(lxc_major_version | int)]['aa_profile'] }}=unconfined"
       delegate_to: "{{ physical_host }}"
       when:
         - container_tech | default('lxc') == 'lxc'