--- /dev/null
+---
+- name: Basic Setup for alfred
+ hosts: alfred.mgmt
+ roles:
+ - role: base
+ - role: vm-host
--- /dev/null
+---
+- name: Basic Setup for testvm
+ hosts: testvm.mgmt
+ roles:
+ - role: base
+ - role: vm-grub
+ - role: vm-network
+++ /dev/null
----
-- name: Basic Setup for server: testvm
- hosts:
- roles:
- - role: base
- - role: vm-grub
- - role: vm-network
--- /dev/null
+---
+vm_host:
+ installer:
+ net_if: br-mgmt
+ preseed_path: /srv/preseed
+ path: /srv/installer
+ distros:
+ - distro: debian
+ codename: stretch
+ arch:
+ - amd64
+ - i386
+ - distro: ubuntu
+ codename: xenial
+ arch:
+ - amd64
+ - i386
+ network:
+ interface: br-mgmt
+ ip: 192.168.33.65
+ mask: 255.255.255.0
+ gateway: 192.168.33.1
+ nameservers:
+ - 192.168.33.1
+ - 10.12.0.10
+ indices:
+ testvm.mgmt: 200
+++ /dev/null
----
-vm_host:
- installer:
- net_if: br-mgmt
- preseed_path: /srv/preseed
- path: /srv/installer
- distros:
- - distro: debian
- codename: stretch
- arch:
- - amd64
- - i386
- - distro: ubuntu
- codename: xenial
- arch:
- - amd64
- - i386
- network:
- interface: br-mgmt
- ip: 192.168.33.65
- mask: 255.255.255.0
- gateway: 192.168.33.1
- nameservers:
- - 192.168.33.1
- - 10.12.0.10
- indices:
- testvm: 200
--- /dev/null
+---
+localconfig_ssh_config_user: root
+
+vm_install_host: alfred.mgmt
+
+vm_install:
+ host: "{{ vm_install_host }}"
+ mem: 1024
+ numcpu: 2
+ disks:
+ primary: vda
+ virtio:
+ vda:
+ vg: alfred
+ lv: "{{ inventory_hostname }}"
+ size: 10g
+ interfaces:
+ - idx: 1
+ bridge: "{{ hostvars[vm_install_host].vm_host.network.interface }}"
+ name: primary0
+ autostart: True
+
+vm_network:
+ systemd_link:
+ interfaces: "{{ vm_install.interfaces }}"
+ primary:
+ interface: primary0
+ ip: "{{ (hostvars[vm_install_host].vm_host.network.ip+'/'+hostvars[vm_install_host].vm_host.network.mask) | ipaddr(hostvars[vm_install_host].vm_host.network.indices[inventory_hostname]) | ipaddr('address') }}"
+ mask: "{{ hostvars[vm_install_host].vm_host.network.mask }}"
+ gateway: "{{ hostvars[vm_install_host].vm_host.network.gateway | default(hostvars[vm_install_host].vm_host.network.ip) }}"
+ nameservers: "{{ hostvars[vm_install_host].vm_host.network.nameservers }}"
+ domain: realraum.at
+++ /dev/null
----
-vm_install_host: alfred.mgmt
-
-vm_install:
- host: "{{ vm_install_host }}"
- mem: 1024
- numcpu: 2
- disks:
- primary: vda
- virtio:
- vda:
- vg: storage
- lv: "{{ inventory_hostname }}"
- size: 10g
- interfaces:
- - idx: 1
- bridge: "{{ hostvars[vm_install_host].vm_host.network.interface }}"
- name: primary0
- autostart: True
-
-vm_network:
- systemd_link:
- interfaces: "{{ vm_install.interfaces }}"
- primary:
- interface: primary0
- ip: "{{ (hostvars[vm_install_host].vm_host.network.ip+'/'+hostvars[vm_install_host].vm_host.network.mask) | ipaddr(hostvars[vm_install_host].vm_host.network.indices[inventory_hostname]) | ipaddr('address') }}"
- mask: "{{ hostvars[vm_install_host].vm_host.network.mask }}"
- gateway: "{{ hostvars[vm_install_host].vm_host.network.gateway | default(hostvars[vm_install_host].vm_host.network.ip) }}"
- nameservers: "{{ hostvars[vm_install_host].vm_host.network.nameservers }}"
- domain: realraum.at
entrance
galley.mgmt
hacksch.mgmt
-## TODO: remove the variable once https://github.com/ansible/ansible/issues/39119 is fixed
-metrics.mgmt localconfig_ssh_config_user=root
r3home.mgmt
tickets.mgmt
vex
+## TODO: remove the variable once https://github.com/ansible/ansible/issues/39119 is fixed
+metrics.mgmt localconfig_ssh_config_user=root
+testvm.mgmt localconfig_ssh_config_user=root
[servers:children]
baremetalservers
#[apu]
#gnocchi1
#gnocchi2
-
exit 1
fi
-SHORT="$1"
-SSH_HOST=$(ssh -G "$1" | grep "^hostname " | awk '{ print($2) }' )
+SHORT="r3-${1%%.*}"
+SSH_HOST=$(ssh -G "$SHORT" | grep "^hostname " | awk '{ print($2) }' )
for name in $SHORT $SSH_HOST; do
- ssh-keygen -f "$HOME/.ssh/known_hosts" -R "$name"
+ ssh-keygen -f "$HOME/.ssh/known_hosts" -R "[$name]:22000"
done
exit 0
- name: Set authorized keys for root user
authorized_key:
user: root
- key: "{{ lookup('pipe','cat ssh/noc/*.pub') }}"
+ ### TODO: this lookup doesn't work if the playbook lives in another directory
+ ### replace this with variables!!!
+ key: "{{ lookup('pipe','cat ../ssh/noc/*.pub') }}"
exclusive: yes
- name: disable apt suggests and recommends
- name: generate preseed file
template:
src: "preseed_{{ vmdistro }}-{{ vmdistcodename }}.cfg.j2"
- dest: "{{ hostvars[vm_install.host].vm_host.installer.preseed_path }}/vm-{{ inventory_hostname }}-{{ vmdistro }}-{{ vmdistcodename }}.cfg"
- delegate_to: "{{ vm_install.host }}"
+ dest: "{{ vm_host.installer.preseed_path }}/vm-{{ vmname }}-{{ vmdistro }}-{{ vmdistcodename }}.cfg"
- name: create disks for vm
- with_dict: "{{ vm_install.disks.virtio | default({}) | combine(vm_install.disks.scsi | default({})) }}"
+ with_dict: "{{ hostvars[vmname].vm_install_cooked.disks.virtio | default({}) | combine(hostvars[vmname].vm_install_cooked.disks.scsi | default({})) }}"
lvol:
vg: "{{ item.value.vg }}"
lv: "{{ item.value.lv }}"
size: "{{ item.value.size }}"
- delegate_to: "{{ vm_install.host }}"
- name: check if vm already exists
virt:
- name: "{{ inventory_hostname }}"
+ name: "{{ vmname }}"
command: info
- delegate_to: "{{ vm_install.host }}"
register: vmhost_info
- name: destroy exisiting vm
virt:
- name: "{{ inventory_hostname }}"
+ name: "{{ vmname }}"
state: destroyed
- delegate_to: "{{ vm_install.host }}"
- when: inventory_hostname in vmhost_info
+ when: vmname in vmhost_info
- name: wait for vm to be destroyed
wait_for_virt:
- name: "{{ inventory_hostname }}"
+ name: "{{ vmname }}"
states: shutdown,crashed
timeout: 5
- delegate_to: "{{ vm_install.host }}"
- when: inventory_hostname in vmhost_info
+ when: vmname in vmhost_info
- name: undefining exisiting vm
virt:
- name: "{{ inventory_hostname }}"
+ name: "{{ vmname }}"
command: undefine
- delegate_to: "{{ vm_install.host }}"
- when: inventory_hostname in vmhost_info
+ when: vmname in vmhost_info
- name: enable installer in VM config
set_fact:
- name: define new installer vm
virt:
- name: "{{ inventory_hostname }}"
+ name: "{{ vmname }}"
command: define
xml: "{{ lookup('template', 'libvirt-domain.xml.j2') }}"
- delegate_to: "{{ vm_install.host }}"
- name: start vm
virt:
- name: "{{ inventory_hostname }}"
+ name: "{{ vmname }}"
state: running
- delegate_to: "{{ vm_install.host }}"
- name: wait for installer to start
wait_for_virt:
- name: "{{ inventory_hostname }}"
+ name: "{{ vmname }}"
states: running
timeout: 10
- delegate_to: "{{ vm_install.host }}"
- debug:
- msg: "you can check on the status of the installer running this command 'virsh console {{ inventory_hostname }}' on host {{ vm_install.host }}."
+ msg: "you can check on the status of the installer running this command 'virsh console {{ vmname }}' on host {{ inventory_hostname }}."
- name: wait for installer to finish or crash
wait_for_virt:
- name: "{{ inventory_hostname }}"
+ name: "{{ vmname }}"
states: shutdown,crashed
timeout: 900
- delegate_to: "{{ vm_install.host }}"
register: installer_result
failed_when: installer_result.failed or installer_result.state == "crashed"
- name: undefining installer vm
virt:
- name: "{{ inventory_hostname }}"
+ name: "{{ vmname }}"
command: undefine
- delegate_to: "{{ vm_install.host }}"
- name: disable installer in VM config
set_fact:
- name: define new production vm
virt:
- name: "{{ inventory_hostname }}"
+ name: "{{ vmname }}"
command: define
xml: "{{ lookup('template', 'libvirt-domain.xml.j2') }}"
- delegate_to: "{{ vm_install.host }}"
- name: start vm
virt:
- name: "{{ inventory_hostname }}"
+ name: "{{ vmname }}"
state: running
- delegate_to: "{{ vm_install.host }}"
- name: mark vm as autostarted
virt:
- name: "{{ inventory_hostname }}"
- autostart: "{{ vm_install.autostart }}"
+ name: "{{ vmname }}"
+ autostart: "{{ hostvars[vmname].vm_install_cooked.autostart }}"
command: info ## virt module needs either command or state
- delegate_to: "{{ vm_install.host }}"
- when: vm_install.autostart is defined
-
- ## TODO: find a better way to fetch host key of new VMs
-- name: disable ssh StrictHostKeyChecking for the next step
- set_fact:
- ansible_ssh_extra_args: -o StrictHostKeyChecking=no
-
-- name: wait for vm to start up
- wait_for_connection:
- delay: 5
- timeout: 120
-
-- name: reenable StrictHostKeyChecking
- set_fact:
- ansible_ssh_extra_args: ""
+ when: hostvars[vmname].vm_install_cooked.autostart is defined
<domain type='kvm'>
- <name>{{ inventory_hostname }}</name>
- <memory>{{ vm_install.mem * 1024 }}</memory>
- <currentMemory>{{ vm_install.mem * 1024 }}</currentMemory>
- <vcpu>{{ vm_install.numcpu }}</vcpu>
+ <name>{{ vmname }}</name>
+ <memory>{{ hostvars[vmname].vm_install_cooked.mem * 1024 }}</memory>
+ <currentMemory>{{ hostvars[vmname].vm_install_cooked.mem * 1024 }}</currentMemory>
+ <vcpu>{{ hostvars[vmname].vm_install_cooked.numcpu }}</vcpu>
<os>
<type arch='x86_64' machine='pc-0.12'>hvm</type>
{% if run_installer %}
- <kernel>{{ hostvars[vm_install.host].vm_host.installer.path }}/{{ vmdistro }}-{{ vmdistcodename }}/{{ vm_install.arch | default('amd64') }}/linux</kernel>
- <initrd>{{ hostvars[vm_install.host].vm_host.installer.path }}/{{ vmdistro }}-{{ vmdistcodename }}/{{ vm_install.arch | default('amd64') }}/initrd.gz</initrd>
- <cmdline>console=ttyS0,115200n8 auto=true interface=auto url=tftp://{{ hostvars[vm_install.host]['ansible_' + hostvars[vm_install.host].vm_host.installer.net_if].ipv4.address }}/vm-{{ inventory_hostname }}-{{ vmdistro }}-{{ vmdistcodename }}.cfg netcfg/choose_interface=enp1s1 netcfg/disable_autoconfig=true netcfg/get_ipaddress={{ vm_network.primary.ip }} netcfg/get_netmask={{ vm_network.primary.mask }} netcfg/get_gateway={{ vm_network.primary.gateway }} netcfg/get_nameservers="{{ vm_network.primary.nameservers | join(' ') }}" netcfg/confirm_static=true netcfg/get_hostname={{ inventory_hostname }} netcfg/get_domain={{ vm_network.primary.domain }}</cmdline>
+ <kernel>{{ vm_host.installer.path }}/{{ vmdistro }}-{{ vmdistcodename }}/{{ hostvars[vmname].vm_install_cooked.arch | default('amd64') }}/linux</kernel>
+ <initrd>{{ vm_host.installer.path }}/{{ vmdistro }}-{{ vmdistcodename }}/{{ hostvars[vmname].vm_install_cooked.arch | default('amd64') }}/initrd.gz</initrd>
+ <cmdline>console=ttyS0,115200n8 auto=true interface=auto url=tftp://{{ hostvars[inventory_hostname]['ansible_' + (vm_host.installer.net_if | replace('-', '_'))].ipv4.address }}/vm-{{ vmname }}-{{ vmdistro }}-{{ vmdistcodename }}.cfg netcfg/choose_interface=enp1s1 netcfg/disable_autoconfig=true netcfg/get_ipaddress={{ hostvars[vmname].vm_network_cooked.primary.ip }} netcfg/get_netmask={{ hostvars[vmname].vm_network_cooked.primary.mask }} netcfg/get_gateway={{ hostvars[vmname].vm_network_cooked.primary.gateway }} netcfg/get_nameservers="{{ hostvars[vmname].vm_network_cooked.primary.nameservers | join(' ') }}" netcfg/confirm_static=true netcfg/get_hostname={{ vmname }} netcfg/get_domain={{ hostvars[vmname].vm_network_cooked.primary.domain }}</cmdline>
{% endif %}
<boot dev='hd'/>
</os>
<devices>
<emulator>/usr/bin/kvm</emulator>
-{% if 'virtio' in vm_install.disks %}
-{% for device, lv in vm_install.disks.virtio.items() %}
+{% if 'virtio' in hostvars[vmname].vm_install_cooked.disks %}
+{% for device, lv in hostvars[vmname].vm_install_cooked.disks.virtio.items() %}
<disk type='block' device='disk'>
<driver name='qemu' type='raw' cache='none' discard='unmap'/>
<source dev='/dev/mapper/{{ lv.vg | replace('-', '--') }}-{{ lv.lv | replace('-', '--') }}'/>
{% endfor %}
{% endif %}
-{% if 'scsi' in vm_install.disks %}
+{% if 'scsi' in hostvars[vmname].vm_install_cooked.disks %}
<controller type='scsi' index='0' model='virtio-scsi'/>
-{% for device, lv in vm_install.disks.scsi.items() %}
+{% for device, lv in hostvars[vmname].vm_install_cooked.disks.scsi.items() %}
<disk type='block' device='disk'>
<driver name='qemu' type='raw' cache='none' discard='unmap'/>
<source dev='/dev/mapper/{{ lv.vg | replace('-', '--') }}-{{ lv.lv | replace('-', '--') }}'/>
{% endfor %}
{% endif %}
-{% if vm_install.interfaces %}
-{% for if in vm_install.interfaces %}
+{% if hostvars[vmname].vm_install_cooked.interfaces %}
+{% for if in hostvars[vmname].vm_install_cooked.interfaces %}
<interface type='bridge'>
<source bridge='{{ if.bridge }}'/>
<model type='virtio'/>
#d-i netcfg/choose_interface select enp1s1
#d-i netcfg/disable_autoconfig boolean false
-#d-i netcfg/get_ipaddress string {{ vm_network.primary.ip }}
-#d-i netcfg/get_netmask string {{ vm_network.primary.mask }}
-#d-i netcfg/get_gateway string {{ vm_network.primary.gateway }}
-#d-i netcfg/get_nameservers string {{ vm_network.primary.nameservers | join(' ') }}
+#d-i netcfg/get_ipaddress string {{ hostvars[vmname].vm_network_cooked.primary.ip }}
+#d-i netcfg/get_netmask string {{ hostvars[vmname].vm_network_cooked.primary.mask }}
+#d-i netcfg/get_gateway string {{ hostvars[vmname].vm_network_cooked.primary.gateway }}
+#d-i netcfg/get_nameservers string {{ hostvars[vmname].vm_network_cooked.primary.nameservers | join(' ') }}
#d-i netcfg/confirm_static boolean true
-d-i netcfg/get_hostname string {{ inventory_hostname }}
-d-i netcfg/get_domain string {{ vm_network.primary.domain }}
+d-i netcfg/get_hostname string {{ vmname }}
+d-i netcfg/get_domain string {{ hostvars[vmname].vm_network_cooked.primary.domain }}
d-i netcfg/wireless_wep string
d-i clock-setup/ntp boolean false
-d-i partman-auto/disk string /dev/{{ vm_install.disks.primary }}
+d-i partman-auto/disk string /dev/{{ hostvars[vmname].vm_install_cooked.disks.primary }}
d-i partman-auto/method string lvm
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-md/device_remove_md boolean true
boot-root :: \
1000 10000 -1 ext4 \
$defaultignore{ } $primary{ } $bootable{ } \
- method{ lvm } vg_name{ {{ inventory_hostname }} } \
+ method{ lvm } vg_name{ {{ vmname }} } \
. \
2048 10000 2560 ext4 \
- $lvmok{ } in_vg{ {{ inventory_hostname }} } \
+ $lvmok{ } in_vg{ {{ vmname }} } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ / } \
. \
1024 11000 1280 ext4 \
- $lvmok{ } in_vg{ {{ inventory_hostname }} } \
+ $lvmok{ } in_vg{ {{ vmname }} } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /var } \
. \
768 10000 768 ext4 \
- $lvmok{ } in_vg{ {{ inventory_hostname }} } \
+ $lvmok{ } in_vg{ {{ vmname }} } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /var/log } \
options/noexec{ noexec } \
. \
16 20000 -1 ext4 \
- $lvmok{ } in_vg{ {{ inventory_hostname }} } \
+ $lvmok{ } in_vg{ {{ vmname }} } \
method( keep } lv_name{ dummy } \
.
d-i pkgsel/upgrade select safe-upgrade
popularity-contest popularity-contest/participate boolean false
-d-i grub-installer/choose_bootdev string /dev/{{ vm_install.disks.primary }}
+d-i grub-installer/choose_bootdev string /dev/{{ hostvars[vmname].vm_install_cooked.disks.primary }}
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean false
d-i preseed/late_command string \
- lvremove -f {{ inventory_hostname }}/dummy; \
+ lvremove -f {{ vmname }}/dummy; \
in-target bash -c "apt-get update -q && apt-get full-upgrade -y -q"; \
- in-target bash -c "passwd -d root; passwd -l root; umask 077; mkdir -p /root/.ssh/; echo -e '{{ sshserver_root_keys }}' > /root/.ssh/authorized_keys"
+ in-target bash -c "passwd -d root; passwd -l root; umask 077; mkdir -p /root/.ssh/; echo -e '{{ lookup('pipe','cat ssh/noc/*.pub') | replace('\n', '\\n') }}' > /root/.ssh/authorized_keys"; \
+ in-target bash -c "sed 's/^\(\s*#\s*Port.*\)/Port 22000/' -i /etc/ssh/sshd_config"
iface lo inet loopback
# The primary network interface
-auto {{ srv_network.primary.interface }}
-iface {{ srv_network.primary.interface }} inet static
- address {{ srv_network.primary.ip }}
- netmask {{ srv_network.primary.mask }}
- gateway {{ srv_network.primary.gateway }}
+auto {{ vm_network.primary.interface }}
+iface {{ vm_network.primary.interface }} inet static
+ address {{ vm_network.primary.ip }}
+ netmask {{ vm_network.primary.mask }}
+ gateway {{ vm_network.primary.gateway }}
pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra
pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf
exit 1
fi
-echo "installing vm: $1 with $2/$3"
+name=$1
+shift
+distro=$1
+shift
+codename=$1
+shift
+
+echo "installing vm: $name with $distro/$codename"
echo ""
echo "########## clearing old ssh host keys #########"
-./remove-known-host.sh "$1"
+./remove-known-host.sh "$name"
echo ""
echo "######## running the install playbook ########"
-exec ansible-playbook -e "vmname=$1" -e "vmdistro=$2" -e "vmdistcodename=$3" vm-install.yml
+exec ansible-playbook -e "vmname=$name" -e "vmdistro=$distro" -e "vmdistcodename=$codename" $@ vm-install.yml
---
-- name: Basic Installation
+- name: preperations and sanity checks
hosts: "{{ vmname }}"
gather_facts: no
- pre_tasks:
- - name: Gather facts of vm host
- setup:
- delegate_to: "{{ vm_install.host }}"
- delegate_facts: yes
+ tasks:
+ - name: setup variables
+ set_fact:
+ vm_network_cooked: "{{ vm_network }}"
+ vm_install_cooked: "{{ vm_install }}"
+ - name: create temporary host group for vm host
+ add_host:
+ name: "{{ vm_install.host }}"
+ inventory_dir: "{{inventory_dir}}"
+ group: _vmhost_
+ # TODO: add some sanity checks
+
+- name: basic installation
+ hosts: _vmhost_
roles:
- role: vm-install
+- name: wait for new vm to start up
+ hosts: "{{ vmname }}"
+ gather_facts: no
+ tasks:
+ ## TODO: find a better way to fetch host key of new VMs
+ - name: disable ssh StrictHostKeyChecking for the next step
+ set_fact:
+ ansible_ssh_extra_args: -o StrictHostKeyChecking=no
+ - name: wait for vm to start up
+ wait_for_connection:
+ delay: 5
+ timeout: 120
+ - name: reenable StrictHostKeyChecking
+ set_fact:
+ ansible_ssh_extra_args: ""
+
- import_playbook: "host_playbooks/{{ vmname }}.yml"
-- name: Reboot and wait for VM come back
+- name: reboot and wait for VM come back
hosts: "{{ vmname }}"
gather_facts: no
roles:
projects / noc.git / commitdiff