-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathprepare_hypervisor.yml
182 lines (152 loc) · 5.57 KB
/
prepare_hypervisor.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
---
- name: Prepare the hypervisor
hosts: hypervisor
gather_facts: yes
any_errors_fatal: true
vars_files:
- vars/hypervisor.yml
tasks:
- name: Make sure that directory for custom facts exists
file:
path: "{{ custom_facts }}"
state: directory
mode: 0755
- block:
- name: Get deployment prefix
set_fact:
prefix: "{{ provision.prefix }}"
- set_fact:
net_list: [0]
- set_fact:
data_net_list: [14]
- block:
- set_fact:
net_list: "{{ net_list + [item.value.net|int] }}"
with_dict: "{{ ansible_local.deployment_info }}"
- set_fact:
data_net_list: "{{ data_net_list + [item.value.data_net|int] }}"
with_dict: "{{ ansible_local.deployment_info }}"
when: ansible_local.deployment_info is defined
- name: generate deployment info dict
vars:
id: "{{ prefix }}"
net_prefix: "{{ (net_list|max)|int+10 }}"
data_net: "{{ (data_net_list|max)|int+10 }}"
set_fact:
deployments_info: "{{ deployments_info|default({})| combine( {id:{'net': net_prefix, 'data_net': data_net }})}}"
- name: Create running deployment custom fact
template:
src: deployments.fact.j2
dest: "{{ custom_facts }}/run.fact"
mode: 0644
when: provision.prefix is defined
- name: install packages
package:
name: "{{ item }}"
state: present
with_items: "{{ packages }}"
register: yum_result
- block:
- name: check for OVMF package
action: "{{ ansible_pkg_mgr }} list=OVMF enablerepo='*'"
register: ovmf_status
- name: install OVMF package
action: "{{ ansible_pkg_mgr }} name=OVMF state=present enablerepo='*' "
when: ovmf_status.results|list|length > 0
- name: check if UEFI binaries are installed from OVMF
command: "rpm -q OVMF"
args:
warn: no
register: rpm_check_ovmf
ignore_errors: True
changed_when: False
when: ovmf_status.results|list|length == 0
- name: check if UEFI binaries are installed from edk2.git-ovmf-x64
command: "rpm -q edk2.git-ovmf-x64"
args:
warn: no
register: rpm_check_edk2
ignore_errors: True
changed_when: False
when: ovmf_status.results|list|length == 0
- name: "Fail if UEFI related binaries are missing"
fail:
msg: "UEFI related binaries are missing, please refer http://infrared.readthedocs.io/en/stable/advance_features.html#uefi-mode-related-binaries"
when:
- ovmf_status.results|list|length == 0
- rpm_check_ovmf.stdout.find('is not installed') != -1
- rpm_check_edk2.stdout.find('is not installed') != -1
when: provision.bootmode == 'uefi'
- name: stop libvirtd
service:
name: "libvirtd"
state: "stopped"
when: yum_result.changed
# NOTE(psedlak): due to some flakiness in >few days running libvirt/dbus
# lets always restart libvirt at beginning of provisioning
- name: "always restart libvirtd"
service:
name: "libvirtd"
state: "restarted"
enabled: yes
- name: check if host supports virtualization
include_tasks: tasks/enable_virtualization.yml
- name: check if private key exist on system
stat:
path: "/root/.ssh/id_rsa"
register: result
- name: if private key doesn't exist, create it
command: "ssh-keygen -f /root/.ssh/id_rsa -t rsa -N ''"
when: result.stat.exists != true
- name: copy server private key from hypervisor for SSH proxy
fetch:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
flat: yes
with_items:
- {src: "~/.ssh/id_rsa", dest: "{{ inventory_dir }}/id_rsa"}
- {src: "~/.ssh/id_rsa.pub", dest: "{{ inventory_dir }}/id_rsa.pub"}
- name: update file permissions
file:
path: "{{ item }}"
mode: 0600
with_items:
- "{{ inventory_dir }}/id_rsa"
- "{{ inventory_dir }}/id_rsa.pub"
delegate_to: localhost
- name: Increase ssh session limits
lineinfile:
dest: "/etc/ssh/sshd_config"
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
with_items:
- regexp: 'MaxSessions'
line: 'MaxSessions 100'
- regexp: 'MaxStartups'
line: 'MaxStartups 100:30:100'
- name: Restart ssh server to apply parameters
service:
name: "sshd"
state: "restarted"
enabled: yes
- name: Set up authorized_keys for the deploy user
authorized_key:
user: root
key: "{{ lookup('file', item) }}"
with_first_found:
- files:
- "{{ inventory_dir }}/id_rsa.pub"
skip: true
- block:
- name: Change timezone to {{ provision.topology.timezone }}
timezone:
name: "{{ provision.topology.timezone }}"
register: timezone_change
- debug:
msg: "Changing timezone from {{ timezone_change.diff.before.name }} to {{ timezone_change.diff.after.name }}"
- name: Restart libvirtd after timezone change
service:
name: "libvirtd"
state: "restarted"
tags: timezone
when: provision.topology.timezone|default('')