diff options
Diffstat (limited to 'roles/vm/install')
| -rw-r--r-- | roles/vm/install/meta/main.yml | 7 | ||||
| -rw-r--r-- | roles/vm/install/tasks/main.yml | 160 | ||||
| -rw-r--r-- | roles/vm/install/templates/libvirt-domain.xml.j2 | 32 | ||||
| -rw-r--r-- | roles/vm/install/templates/preseed_debian-stretch.cfg.j2 | 105 | ||||
| -rw-r--r-- | roles/vm/install/templates/preseed_ubuntu-xenial.cfg.j2 | 113 |
5 files changed, 115 insertions, 302 deletions
diff --git a/roles/vm/install/meta/main.yml b/roles/vm/install/meta/main.yml new file mode 100644 index 00000000..d5f95204 --- /dev/null +++ b/roles/vm/install/meta/main.yml @@ -0,0 +1,7 @@ +--- +dependencies: + - role: debian-installer + distros: + - distro: "{{ install_distro }}" + codename: "{{ install_codename }}" + arch: [ "{{ hostvars[hostname].install_cooked.arch | default('amd64') }}" ] diff --git a/roles/vm/install/tasks/main.yml b/roles/vm/install/tasks/main.yml index c4220434..973f44d1 100644 --- a/roles/vm/install/tasks/main.yml +++ b/roles/vm/install/tasks/main.yml @@ -1,11 +1,6 @@ --- -- name: generate preseed file - template: - src: "preseed_{{ vmdistro }}-{{ vmdistcodename }}.cfg.j2" - dest: "{{ vm_host.installer.preseed_path }}/vm-{{ vmname }}-{{ vmdistro }}-{{ vmdistcodename }}.cfg" - - name: create disks for vm - with_dict: "{{ hostvars[vmname].vm_install_cooked.disks.virtio | default({}) | combine(hostvars[vmname].vm_install_cooked.disks.scsi | default({})) }}" + with_dict: "{{ hostvars[hostname].install_cooked.disks.virtio | default({}) | combine(hostvars[hostname].install_cooked.disks.scsi | default({})) }}" lvol: vg: "{{ item.value.vg }}" lv: "{{ item.value.lv }}" @@ -13,84 +8,107 @@ - name: check if vm already exists virt: - name: "{{ vmname }}" + name: "{{ hostname }}" command: info register: vmhost_info -- name: destroy exisiting vm - virt: - name: "{{ vmname }}" - state: destroyed - when: vmname in vmhost_info - -- name: wait for vm to be destroyed - wait_for_virt: - name: "{{ vmname }}" - states: shutdown,crashed - timeout: 5 - when: vmname in vmhost_info - -- name: undefining exisiting vm - virt: - name: "{{ vmname }}" - command: undefine - when: vmname in vmhost_info - -- name: enable installer in VM config - set_fact: - run_installer: True - -- name: define new installer vm - virt: - name: "{{ vmname }}" - command: define - xml: "{{ lookup('template', 'libvirt-domain.xml.j2') }}" - -- name: start vm - virt: - name: "{{ vmname }}" - state: running - -- name: wait for installer to start - wait_for_virt: - name: "{{ vmname }}" - states: running - timeout: 10 - -- debug: - msg: "you can check on the status of the installer running this command 'virsh console {{ vmname }}' on host {{ inventory_hostname }}." - -- name: wait for installer to finish or crash - wait_for_virt: - name: "{{ vmname }}" - states: shutdown,crashed - timeout: 1200 - register: installer_result - failed_when: installer_result.failed or installer_result.state == "crashed" - -- name: undefining installer vm - virt: - name: "{{ vmname }}" - command: undefine - -- name: disable installer in VM config - set_fact: - run_installer: False +- block: + - name: destroy exisiting vm + virt: + name: "{{ hostname }}" + state: destroyed + + - name: wait for vm to be destroyed + wait_for_virt: + name: "{{ hostname }}" + states: shutdown,crashed + timeout: 5 + + - name: undefining exisiting vm + virt: + name: "{{ hostname }}" + command: undefine + + when: hostname in vmhost_info + +- block: + - name: create a temporary workdir + command: mktemp -d + register: tmpdir + + - import_role: + name: preseed + vars: + ssh_keys_root: "{{ hostvars[hostname].ssh_keys_root }}" + install_interface: enp1s1 + preseed_tmpdir: "{{ tmpdir.stdout }}" + + - name: Make preseed workdir readable by qemu + acl: + path: "{{ tmpdir.stdout }}" + state: present + entity: libvirt-qemu + etype: user + permissions: rx + + - name: define new installer vm + virt: + name: "{{ hostname }}" + command: define + xml: "{{ lookup('template', 'libvirt-domain.xml.j2') }}" + vars: + run_installer: yes + preseed_tmpdir: "{{ tmpdir.stdout }}" + + - name: start vm + virt: + name: "{{ hostname }}" + state: running + + - name: wait for installer to start + wait_for_virt: + name: "{{ hostname }}" + states: running + timeout: 10 + + - debug: + msg: "you can check on the status of the installer running this command 'virsh console {{ hostname }}' on host {{ inventory_hostname }}." + + - name: wait for installer to finish or crash + wait_for_virt: + name: "{{ hostname }}" + states: shutdown,crashed + timeout: 900 + register: installer_result + failed_when: installer_result.failed or installer_result.state == "crashed" + + - name: undefining installer vm + virt: + name: "{{ hostname }}" + command: undefine + + always: + - name: cleanup temporary workdir + file: + path: "{{ tmpdir.stdout }}" + state: absent - name: define new production vm virt: - name: "{{ vmname }}" + name: "{{ hostname }}" command: define xml: "{{ lookup('template', 'libvirt-domain.xml.j2') }}" + vars: + run_installer: no - name: start vm virt: - name: "{{ vmname }}" + name: "{{ hostname }}" state: running - name: mark vm as autostarted virt: - name: "{{ vmname }}" - autostart: "{{ hostvars[vmname].vm_install_cooked.autostart }}" + name: "{{ hostname }}" + autostart: "{{ hostvars[hostname].install_cooked.autostart }}" command: info ## virt module needs either command or state - when: hostvars[vmname].vm_install_cooked.autostart is defined + when: hostvars[hostname].install_cooked.autostart is defined diff --git a/roles/vm/install/templates/libvirt-domain.xml.j2 b/roles/vm/install/templates/libvirt-domain.xml.j2 index 2bf4b57b..f3bdeae1 100644 --- a/roles/vm/install/templates/libvirt-domain.xml.j2 +++ b/roles/vm/install/templates/libvirt-domain.xml.j2 @@ -1,14 +1,14 @@ <domain type='kvm'> - <name>{{ vmname }}</name> - <memory>{{ hostvars[vmname].vm_install_cooked.mem * 1024 }}</memory> - <currentMemory>{{ hostvars[vmname].vm_install_cooked.mem * 1024 }}</currentMemory> - <vcpu>{{ hostvars[vmname].vm_install_cooked.numcpu }}</vcpu> + <name>{{ hostname }}</name> + <memory>{{ hostvars[hostname].install_cooked.mem * 1024 }}</memory> + <currentMemory>{{ hostvars[hostname].install_cooked.mem * 1024 }}</currentMemory> + <vcpu>{{ hostvars[hostname].install_cooked.numcpu }}</vcpu> <os> <type arch='x86_64' machine='pc-0.12'>hvm</type> {% if run_installer %} - <kernel>{{ vm_host.installer.path }}/{{ vmdistro }}-{{ vmdistcodename }}/{{ hostvars[vmname].vm_install_cooked.arch | default('amd64') }}/linux</kernel> - <initrd>{{ vm_host.installer.path }}/{{ vmdistro }}-{{ vmdistcodename }}/{{ hostvars[vmname].vm_install_cooked.arch | default('amd64') }}/initrd.gz</initrd> - <cmdline>console=ttyS0,115200n8 auto=true interface=auto url=tftp://{{ hostvars[inventory_hostname]['ansible_' + (vm_host.installer.net_if | replace('-', '_'))].ipv4.address }}/vm-{{ vmname }}-{{ vmdistro }}-{{ vmdistcodename }}.cfg netcfg/choose_interface=enp1s1 netcfg/disable_autoconfig=true netcfg/get_ipaddress={{ hostvars[vmname].vm_network_cooked.primary.ip }} netcfg/get_netmask={{ hostvars[vmname].vm_network_cooked.primary.mask }} netcfg/get_gateway={{ hostvars[vmname].vm_network_cooked.primary.gateway }} netcfg/get_nameservers="{{ hostvars[vmname].vm_network_cooked.nameservers | join(' ') }}" netcfg/confirm_static=true netcfg/get_hostname={{ vmname }} netcfg/get_domain={{ hostvars[vmname].vm_network_cooked.domain }}</cmdline> + <kernel>{{ debian_installer_path }}/{{ install_distro }}-{{ install_codename }}/{{ hostvars[hostname].install_cooked.arch | default('amd64') }}/linux</kernel> + <initrd>{{ preseed_tmpdir }}/initrd.preseed.gz</initrd> + <cmdline>console=ttyS0,115200n8</cmdline> {% endif %} <boot dev='hd'/> </os> @@ -28,9 +28,15 @@ {% endif %} <devices> <emulator>/usr/bin/kvm</emulator> + <!-- Provide a virtualized RNG to the guest --> + <rng model='virtio'> + <!-- Allow consuming up to 10kb/s, measured over 2s --> + <rate period="2000" bytes="20480"/> + <backend model='random'>/dev/random</backend> + </rng> -{% if 'virtio' in hostvars[vmname].vm_install_cooked.disks %} -{% for device, lv in hostvars[vmname].vm_install_cooked.disks.virtio.items() %} +{% if 'virtio' in hostvars[hostname].install_cooked.disks %} +{% for device, lv in hostvars[hostname].install_cooked.disks.virtio.items() %} <disk type='block' device='disk'> <driver name='qemu' type='raw' cache='none' discard='unmap'/> <source dev='/dev/mapper/{{ lv.vg | replace('-', '--') }}-{{ lv.lv | replace('-', '--') }}'/> @@ -39,9 +45,9 @@ {% endfor %} {% endif %} -{% if 'scsi' in hostvars[vmname].vm_install_cooked.disks %} +{% if 'scsi' in hostvars[hostname].install_cooked.disks %} <controller type='scsi' index='0' model='virtio-scsi'/> -{% for device, lv in hostvars[vmname].vm_install_cooked.disks.scsi.items() %} +{% for device, lv in hostvars[hostname].install_cooked.disks.scsi.items() %} <disk type='block' device='disk'> <driver name='qemu' type='raw' cache='none' discard='unmap'/> <source dev='/dev/mapper/{{ lv.vg | replace('-', '--') }}-{{ lv.lv | replace('-', '--') }}'/> @@ -50,8 +56,8 @@ {% endfor %} {% endif %} -{% if hostvars[vmname].vm_install_cooked.interfaces %} -{% for if in hostvars[vmname].vm_install_cooked.interfaces %} +{% if hostvars[hostname].install_cooked.interfaces %} +{% for if in hostvars[hostname].install_cooked.interfaces %} <interface type='bridge'> <source bridge='{{ if.bridge }}'/> <model type='virtio'/> diff --git a/roles/vm/install/templates/preseed_debian-stretch.cfg.j2 b/roles/vm/install/templates/preseed_debian-stretch.cfg.j2 deleted file mode 100644 index 8e221671..00000000 --- a/roles/vm/install/templates/preseed_debian-stretch.cfg.j2 +++ /dev/null @@ -1,105 +0,0 @@ -######################################################################### -# spreadspace preseed file for Debian stretch based VMs -######################################################################### - -d-i debian-installer/language string en -d-i debian-installer/country string AT -d-i debian-installer/locale string de_AT.UTF-8 -d-i keyboard-configuration/xkb-keymap select de - - -#d-i netcfg/choose_interface select enp1s1 -#d-i netcfg/disable_autoconfig boolean false -#d-i netcfg/get_ipaddress string {{ hostvars[vmname].vm_network_cooked.primary.ip }} -#d-i netcfg/get_netmask string {{ hostvars[vmname].vm_network_cooked.primary.mask }} -#d-i netcfg/get_gateway string {{ hostvars[vmname].vm_network_cooked.primary.gateway }} -#d-i netcfg/get_nameservers string {{ hostvars[vmname].vm_network_cooked.nameservers | join(' ') }} -#d-i netcfg/confirm_static boolean true - -d-i netcfg/get_hostname string {{ vmname }} -d-i netcfg/get_domain string {{ hostvars[vmname].vm_network_cooked.domain }} -d-i netcfg/wireless_wep string - - -d-i mirror/country string manual -d-i mirror/http/hostname string deb.debian.org -d-i mirror/http/directory string /debian -d-i mirror/http/proxy string - - -d-i passwd/make-user boolean false -d-i passwd/root-password password this-very-very-secure-password-will-be-removed-by-latecommand -d-i passwd/root-password-again password this-very-very-secure-password-will-be-removed-by-latecommand - - -d-i clock-setup/utc boolean true -d-i time/zone string Europe/Vienna -d-i clock-setup/ntp boolean false - - -d-i partman-auto/disk string /dev/{{ hostvars[vmname].vm_install_cooked.disks.primary }} -d-i partman-auto/method string lvm -d-i partman-lvm/device_remove_lvm boolean true -d-i partman-md/device_remove_md boolean true - -d-i partman-lvm/confirm boolean true -d-i partman-lvm/confirm_nooverwrite boolean true - -d-i partman-auto/expert_recipe string \ - boot-root :: \ - 1000 10000 -1 ext4 \ - $defaultignore{ } $primary{ } $bootable{ } \ - method{ lvm } vg_name{ {{ vmname }} } \ - . \ - 2048 10000 2560 ext4 \ - $lvmok{ } in_vg{ {{ vmname }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ / } \ - . \ - 1024 11000 1280 ext4 \ - $lvmok{ } in_vg{ {{ vmname }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ /var } \ - . \ - 768 10000 768 ext4 \ - $lvmok{ } in_vg{ {{ vmname }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ /var/log } \ - options/nodev{ nodev } options/noatime{ noatime } \ - options/noexec{ noexec } \ - . \ - 16 20000 -1 ext4 \ - $lvmok{ } in_vg{ {{ vmname }} } \ - method( keep } lv_name{ dummy } \ - . - -d-i partman-auto-lvm/no_boot boolean true -d-i partman-basicfilesystems/no_swap true -d-i partman-partitioning/confirm_write_new_label boolean true -d-i partman/choose_partition select finish -d-i partman/confirm boolean true -d-i partman/confirm_nooverwrite boolean true - - -d-i base-installer/install-recommends boolean false -d-i apt-setup/security_host string deb.debian.org - -tasksel tasksel/first multiselect -d-i pkgsel/include string openssh-server python -d-i pkgsel/upgrade select safe-upgrade -popularity-contest popularity-contest/participate boolean false - -d-i grub-installer/choose_bootdev string /dev/{{ hostvars[vmname].vm_install_cooked.disks.primary }} -d-i grub-installer/only_debian boolean true -d-i grub-installer/with_other_os boolean false - -d-i finish-install/reboot_in_progress note - - -d-i preseed/late_command string \ - lvremove -f {{ vmname }}/dummy; \ - in-target bash -c "apt-get update -q && apt-get full-upgrade -y -q"; \ - in-target bash -c "passwd -d root; passwd -l root; umask 077; mkdir -p /root/.ssh/; echo -e '{{ sshserver_root_keys }}' > /root/.ssh/authorized_keys" diff --git a/roles/vm/install/templates/preseed_ubuntu-xenial.cfg.j2 b/roles/vm/install/templates/preseed_ubuntu-xenial.cfg.j2 deleted file mode 100644 index dc53fd36..00000000 --- a/roles/vm/install/templates/preseed_ubuntu-xenial.cfg.j2 +++ /dev/null @@ -1,113 +0,0 @@ -######################################################################### -# spreadspace preseed file for Ubuntu xenial based VMs -######################################################################### - -d-i debian-installer/language string en -d-i debian-installer/country string AT -d-i debian-installer/locale string en_US.UTF-8 -d-i localechooser/preferred-locale string en_US.UTF-8 -d-i localechooser/supported-locales multiselect de_DE.UTF-8, de_AT.UTF-8 -d-i console-setup/ask_detect boolean false -d-i keyboard-configuration/xkb-keymap select us -d-i keyboard-configuration/layoutcode string us - - -#d-i netcfg/choose_interface select enp1s1 -#d-i netcfg/disable_autoconfig boolean false -#d-i netcfg/get_ipaddress string {{ hostvars[vmname].vm_network_cooked.primary.ip }} -#d-i netcfg/get_netmask string {{ hostvars[vmname].vm_network_cooked.primary.mask }} -#d-i netcfg/get_gateway string {{ hostvars[vmname].vm_network_cooked.primary.gateway }} -#d-i netcfg/get_nameservers string {{ hostvars[vmname].vm_network_cooked.nameservers | join(' ') }} -#d-i netcfg/confirm_static boolean true - -d-i netcfg/get_hostname string {{ vmname }} -d-i netcfg/get_domain string {{ hostvars[vmname].vm_network_cooked.domain }} -d-i netcfg/wireless_wep string - - -d-i mirror/country string manual -d-i mirror/http/hostname string archive.ubuntu.com -d-i mirror/http/directory string /ubuntu -d-i mirror/http/proxy string - - -d-i passwd/make-user boolean false -d-i passwd/root-login boolean true -d-i passwd/root-password password this-very-very-secure-password-will-be-removed-by-latecommand -d-i passwd/root-password-again password this-very-very-secure-password-will-be-removed-by-latecommand - - -d-i clock-setup/utc boolean true -d-i time/zone string Europe/Vienna -d-i clock-setup/ntp boolean false - - -d-i partman-auto/disk string /dev/{{ hostvars[vmname].vm_install_cooked.disks.primary }} -d-i partman-auto/method string lvm -d-i partman-auto/purge_lvm_from_device boolean true -d-i partman-auto-lvm/new_vg_name string {{ vmname }} -d-i partman-auto-lvm/guided_size string max - -d-i partman-lvm/device_remove_lvm boolean true -d-i partman-lvm/confirm boolean true -d-i partman-lvm/confirm_nooverwrite boolean true - -d-i partman-auto/expert_recipe string \ - boot-root :: \ - 1000 10000 -1 ext4 \ - $defaultignore{ } $primary{ } $bootable{ } \ - method{ lvm } vg_name{ {{ vmname }} } \ - . \ - 2048 10000 2560 ext4 \ - $lvmok{ } in_vg{ {{ vmname }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ / } \ - . \ - 1024 11000 1280 ext4 \ - $lvmok{ } in_vg{ {{ vmname }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ /var } \ - . \ - 768 10000 768 ext4 \ - $lvmok{ } in_vg{ {{ vmname }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ /var/log } \ - options/nodev{ nodev } options/noatime{ noatime } \ - options/noexec{ noexec } \ - . \ - 16 20000 -1 ext4 \ - $lvmok{ } in_vg{ {{ vmname }} } \ - method( keep } lv_name{ dummy } \ - . - -d-i partman-auto-lvm/no_boot boolean true -d-i partman-basicfilesystems/no_swap true -d-i partman-partitioning/confirm_write_new_label boolean true -d-i partman/choose_partition select finish -d-i partman/confirm boolean true -d-i partman/confirm_nooverwrite boolean true - - -d-i base-installer/install-recommends boolean false -d-i apt-setup/security_host string archive.ubuntu.com - -tasksel tasksel/first multiselect -d-i pkgsel/include string openssh-server python -d-i pkgsel/upgrade select safe-upgrade -popularity-contest popularity-contest/participate boolean false -d-i pkgsel/update-policy select none - -d-i grub-installer/choose_bootdev string /dev/{{ hostvars[vmname].vm_install_cooked.disks.primary }} -d-i grub-installer/only_debian boolean true -d-i grub-installer/with_other_os boolean false - -d-i finish-install/reboot_in_progress note - - -d-i preseed/late_command string \ - lvremove -f {{ vmname }}/dummy; \ - in-target bash -c "apt-get update -q && apt-get full-upgrade -y -q"; \ - in-target bash -c "passwd -d root; passwd -l root; umask 077; mkdir -p /root/.ssh/; echo -e '{{ sshserver_root_keys }}' > /root/.ssh/authorized_keys" |