From 3fe42a618f29b927bfce3bfb400e22ec27306245 Mon Sep 17 00:00:00 2001 From: Siroco Date: Tue, 8 Mar 2022 19:55:15 +0100 Subject: [PATCH] Ansible Role Create KVMs --- kvm_provision.yaml | 25 +++++ roles/kvm_provision/README.md | 50 +++++++++ roles/kvm_provision/defaults/main.yml | 13 +++ roles/kvm_provision/handlers/main.yml | 2 + roles/kvm_provision/meta/main.yml | 52 +++++++++ roles/kvm_provision/tasks/main.yml | 70 ++++++++++++ .../templates/vm-template.xml.j2 | 106 ++++++++++++++++++ roles/kvm_provision/tests/inventory | 2 + roles/kvm_provision/tests/test.yml | 5 + roles/kvm_provision/vars/main.yml | 2 + 10 files changed, 327 insertions(+) create mode 100644 kvm_provision.yaml create mode 100644 roles/kvm_provision/README.md create mode 100644 roles/kvm_provision/defaults/main.yml create mode 100644 roles/kvm_provision/handlers/main.yml create mode 100644 roles/kvm_provision/meta/main.yml create mode 100644 roles/kvm_provision/tasks/main.yml create mode 100644 roles/kvm_provision/templates/vm-template.xml.j2 create mode 100644 roles/kvm_provision/tests/inventory create mode 100644 roles/kvm_provision/tests/test.yml create mode 100644 roles/kvm_provision/vars/main.yml diff --git a/kvm_provision.yaml b/kvm_provision.yaml new file mode 100644 index 0000000..a6fec73 --- /dev/null +++ b/kvm_provision.yaml @@ -0,0 +1,25 @@ +- name: Deploys VM based on cloud image + hosts: localhost + gather_facts: yes + #become: yes + vars: + pool_dir: "/home/user/kvm" + vm: vm_name + vcpus: 1 + ram_mb: 512 + cleanup: no + net: default + ssh_pub_key: "/home/user/.ssh/id_ed25519.pub" + + tasks: + - name: KVM Provision role + include_role: + name: kvm_provision + vars: + libvirt_pool_dir: "{{ pool_dir }}" + vm_name: "{{ vm }}" + vm_vcpus: "{{ vcpus }}" + vm_ram_mb: "{{ ram_mb }}" + vm_net: "{{ net }}" + cleanup_tmp: "{{ cleanup }}" + ssh_key: "{{ ssh_pub_key }}" diff --git a/roles/kvm_provision/README.md b/roles/kvm_provision/README.md new file mode 100644 index 0000000..de86c2e --- /dev/null +++ b/roles/kvm_provision/README.md @@ -0,0 +1,50 @@ +KVM Provision +========= + +Provision virtual machines to local libvirt + +Related to: +* https://www.redhat.com/sysadmin/build-VM-fast-ansible +* https://www.redhat.com/sysadmin/developing-ansible-role + +Requirements +------------ + +Recommend: + +* Pre install and configure libvirt +* Create your ssh key +* Check permissions/security apparmor on qemu:///system or qemu:///session + +Example Playbook +---------------- + +- name: Deploys VM based on cloud image + hosts: localhost + gather_facts: yes + vars: + pool_dir: "/home/user/kvm" + vm: vm_name + vcpus: 1 + ram_mb: 512 + cleanup: no + net: default + ssh_pub_key: "/home/user/.ssh/id_ed25519.pub" + + tasks: + - name: KVM Provision role + include_role: + name: kvm_provision + vars: + libvirt_pool_dir: "{{ pool_dir }}" + vm_name: "{{ vm }}" + vm_vcpus: "{{ vcpus }}" + vm_ram_mb: "{{ ram_mb }}" + vm_net: "{{ net }}" + cleanup_tmp: "{{ cleanup }}" + ssh_key: "{{ ssh_pub_key }}" + +License +------- + +BSD diff --git a/roles/kvm_provision/defaults/main.yml b/roles/kvm_provision/defaults/main.yml new file mode 100644 index 0000000..96306d8 --- /dev/null +++ b/roles/kvm_provision/defaults/main.yml @@ -0,0 +1,13 @@ +--- +# defaults file for kvm_provision +base_image_name: debian-11-nocloud-amd64.qcow2 +base_image_url: https://cloud.debian.org/images/cloud/bullseye/latest/{{ base_image_name }} +base_image_sha: 6180a18d3ed6ad2e24000024dc275c3956584873da2200113194e8db08dd316b8be1dd0421016c2e87ba0a445a1c0068bc86a4071e6e02cd8821d0f060e19544 +libvirt_pool_dir: "/var/lib/libvirt/images" +vm_name: debian-dev +vm_vcpus: 2 +vm_ram_mb: 2048 +vm_net: default +vm_root_pass: debian +cleanup_tmp: no +ssh_key: /home/ocoris/.ssh/id_rsa.pub diff --git a/roles/kvm_provision/handlers/main.yml b/roles/kvm_provision/handlers/main.yml new file mode 100644 index 0000000..9119a30 --- /dev/null +++ b/roles/kvm_provision/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for kvm_provision diff --git a/roles/kvm_provision/meta/main.yml b/roles/kvm_provision/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/kvm_provision/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/kvm_provision/tasks/main.yml b/roles/kvm_provision/tasks/main.yml new file mode 100644 index 0000000..9e8c6b5 --- /dev/null +++ b/roles/kvm_provision/tasks/main.yml @@ -0,0 +1,70 @@ +--- +- name: Requirements + apt: + name: + - guestfs-tools + - python3-libvirt + - qemu-system + - libvirt-clients + - libvirt-daemon-system + state: present + become: yes + + +- name: Get VMs + community.libvirt.virt: + command: list_vms + uri: "qemu:///system" + register: existing_vms + changed_when: no + +- name: Create VM if not exists + block: + + - name: Download base image + get_url: + url: "{{ base_image_url }}" + dest: "/tmp/{{ base_image_name }}" + checksum: "sha512:{{ base_image_sha }}" + mode: '0660' + + - name: Copy base image to libvirt + copy: + dest: "{{ libvirt_pool_dir }}/{{ vm_name }}.qcow2" + src: "/tmp/{{ base_image_name }}" + force: no + remote_src: yes + mode: 0660 + register: copy_results + + - name: Custom kvm + command: + virt-customize -a {{ libvirt_pool_dir }}/{{ vm_name }}.qcow2 \ + --hostname {{ vm_name }} \ + --root-password password:{{ vm_root_pass }} \ + --ssh-inject 'root:file:{{ ssh_key }}' + when: copy_results is changed + + - name: Define vm + community.libvirt.virt: + uri: "qemu:///system" + command: define + xml: "{{ lookup('template','vm-template.xml.j2') }}" + + when: "vm_name not in existing_vms.list_vms" + +- name: Ensure VM is started + community.libvirt.virt: + name: "{{ vm_name }}" + uri: "qemu:///system" + state: running + register: vm_start_results + until: "vm_start_results is success" + retries: 15 + delay: 2 + +- name: Ensure temporary file is deleted + file: + path: "/tmp/{{ base_image_name }}" + state: absent + when: cleanup_tmp | bool diff --git a/roles/kvm_provision/templates/vm-template.xml.j2 b/roles/kvm_provision/templates/vm-template.xml.j2 new file mode 100644 index 0000000..5f23a29 --- /dev/null +++ b/roles/kvm_provision/templates/vm-template.xml.j2 @@ -0,0 +1,106 @@ + + {{ vm_name}} + {{ vm_ram_mb }} + {{ vm_vcpus }} + + hvm + + + + + + + + + Skylake-Client-IBRS + + + + + + + + + + + + + destroy + restart + destroy + + + + + + /usr/bin/kvm + + + + +
+ + + + +
+ + + + + + + + + + + + + + + + + +
+ + + + +
+ + + +
+ + + + + + + + + + +