From cb3895c81c6931482e688a820013f6926644221d Mon Sep 17 00:00:00 2001 From: Georg Kunz Date: Mon, 24 Aug 2020 23:09:51 +0200 Subject: Implementing jump VM create via ansible This patch reimplements the creation of the jump VM as ansible playbook. The advantage of this approach is a more deterministic behavior and the ability to render configuration files using templates based on the pdf and idf. Moreover, this patch allows to overwrite the VENDOR variable. This is necessary to allow deployment in different labs via CI. The BMRA configuration has not yet been transformed to ansible template and needs to follow in subsequent patches. Signed-off-by: Georg Kunz Signed-off-by: Victor Morales Change-Id: I2cde41dcecec7480bddf71ed864f06244a89f1f3 Reviewed-on: https://gerrit.opnfv.org/gerrit/c/kuberef/+/70882 Tested-by: jenkins-ci Reviewed-by: Victor Morales --- playbooks/bootstrap.yaml | 17 ++++ playbooks/jump-vm.yaml | 16 ++++ playbooks/roles/bootstrap/tasks/main.yaml | 20 +++++ playbooks/roles/jump-vm/tasks/main.yaml | 99 ++++++++++++++++++++++ playbooks/roles/jump-vm/templates/meta-data.j2 | 1 + .../roles/jump-vm/templates/network-config.j2 | 14 +++ playbooks/roles/jump-vm/templates/user-data.j2 | 13 +++ 7 files changed, 180 insertions(+) create mode 100644 playbooks/bootstrap.yaml create mode 100644 playbooks/jump-vm.yaml create mode 100644 playbooks/roles/bootstrap/tasks/main.yaml create mode 100644 playbooks/roles/jump-vm/tasks/main.yaml create mode 100644 playbooks/roles/jump-vm/templates/meta-data.j2 create mode 100644 playbooks/roles/jump-vm/templates/network-config.j2 create mode 100644 playbooks/roles/jump-vm/templates/user-data.j2 (limited to 'playbooks') diff --git a/playbooks/bootstrap.yaml b/playbooks/bootstrap.yaml new file mode 100644 index 0000000..4ef2baa --- /dev/null +++ b/playbooks/bootstrap.yaml @@ -0,0 +1,17 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) Ericsson AB and others +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +- hosts: localhost + connection: local + gather_facts: false + become: false + + roles: + - role: bootstrap diff --git a/playbooks/jump-vm.yaml b/playbooks/jump-vm.yaml new file mode 100644 index 0000000..bdad81c --- /dev/null +++ b/playbooks/jump-vm.yaml @@ -0,0 +1,16 @@ +--- +############################################################################## +# Copyright (c) Ericsson AB and others +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +- hosts: localhost + connection: local + gather_facts: false + become: false + + roles: + - role: jump-vm diff --git a/playbooks/roles/bootstrap/tasks/main.yaml b/playbooks/roles/bootstrap/tasks/main.yaml new file mode 100644 index 0000000..ff20552 --- /dev/null +++ b/playbooks/roles/bootstrap/tasks/main.yaml @@ -0,0 +1,20 @@ +--- +############################################################################## +# Copyright (c) Ericsson AB and others +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +# collected PDF and IDF are copied into group_vars +# folder in order to ensure we have single PDF and IDF +- name: Copy collected PDF and IDF to group_vars + copy: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + force: true + mode: 0644 + with_items: + - {src: "{{ kuberef_root }}/hw_config/{{ lookup('env', 'VENDOR') }}/pdf.yaml", dest: "{{ inventory_path }}/group_vars/all/pdf.yaml"} + - {src: "{{ kuberef_root }}/hw_config/{{ lookup('env', 'VENDOR') }}/idf.yaml", dest: "{{ inventory_path }}/group_vars/all/idf.yaml"} diff --git a/playbooks/roles/jump-vm/tasks/main.yaml b/playbooks/roles/jump-vm/tasks/main.yaml new file mode 100644 index 0000000..f5f6154 --- /dev/null +++ b/playbooks/roles/jump-vm/tasks/main.yaml @@ -0,0 +1,99 @@ +--- +############################################################################## +# Copyright (c) Ericsson AB and others +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +- name: get all running VMs + virt: + command: list_vms + state: running + register: running_vms + +- name: shutdown existing jump VM + virt: + name: "{{ jumphost.name }}" + command: destroy + when: + jumphost.name in running_vms.list_vms + +- name: get all shutdown VMs + virt: + command: list_vms + state: shutdown + register: shutdown_vms + +- name: undefine existing jump VM + virt: + name: "{{ jumphost.name }}" + command: undefine + when: + jumphost.name in shutdown_vms.list_vms + +- name: clean workspace + file: + path: "{{ workspace }}" + state: absent + +- name: create workspace if it does not exist + file: + path: "{{ workspace }}" + state: directory + mode: '0755' + +- name: create directory for base images + file: + path: "{{ images_path }}" + state: directory + mode: '0755' + +- name: download Ubuntu image for jump VM + get_url: + url: https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-amd64.img + dest: "{{ images_path }}/bionic-server-cloudimg-amd64.img" + force: false + mode: '0666' + +- name: create new VM image from base image + command: "qemu-img create -f qcow2 -o backing_file={{ images_path }}/bionic-server-cloudimg-amd64.img {{ workspace }}/{{ jumphost.name }}.qcow2 10G" + +- name: render config files for jump VM from templates + template: + src: "{{ kuberef_root }}/playbooks/roles/jump-vm/templates/{{ item }}.j2" + dest: "{{ workspace }}/{{ item }}" + mode: 0644 + with_items: + - network-config + - user-data + - meta-data + +- name: create config drive + command: "genisoimage -output {{ workspace }}/{{ jumphost.name }}-cidata.iso -volid cidata -joliet -rock \ + {{ workspace }}/user-data {{ workspace }}/meta-data {{ workspace }}/network-config" + +# currently commented out because of portability issues between Centos and Ubuntu +# - name: setting root password for debugging +# become: true +# command: "virt-customize -a {{ workspace }}/{{ jumphost.name }}.qcow2 --root-password password:'root'" + +- name: define jump VM + command: "virt-install --connect qemu:///system --name {{ jumphost.name }} \ + --ram 4096 --vcpus=4 --os-type linux --os-variant ubuntu16.04 \ + --disk path={{ workspace }}/kuberef-jump.qcow2,format=qcow2 \ + --disk {{ workspace }}/kuberef-jump-cidata.iso,device=cdrom \ + --network network=default,model=virtio,mac='{{ jumphost.interfaces[engine.net_config[engine.public_network].interface].mac_address }}' \ + --network bridge=pxebr,model=virtio,mac='{{ jumphost.interfaces[engine.net_config[engine.pxe_network].interface].mac_address }}' \ + --import --noautoconsole" + +- name: start jump VM + virt: + name: "{{ jumphost.name }}" + state: running + +- name: wait for VM to be reachable + wait_for: + host: "{{ jumphost.interfaces[idf.net_config[engine.pxe_network].interface].address }}" + port: 22 diff --git a/playbooks/roles/jump-vm/templates/meta-data.j2 b/playbooks/roles/jump-vm/templates/meta-data.j2 new file mode 100644 index 0000000..b4cc5e8 --- /dev/null +++ b/playbooks/roles/jump-vm/templates/meta-data.j2 @@ -0,0 +1 @@ +local-hostname: {{ jumphost.name }} diff --git a/playbooks/roles/jump-vm/templates/network-config.j2 b/playbooks/roles/jump-vm/templates/network-config.j2 new file mode 100644 index 0000000..ceded54 --- /dev/null +++ b/playbooks/roles/jump-vm/templates/network-config.j2 @@ -0,0 +1,14 @@ +version: 1 +config: + - type: physical + name: "{{ jumphost.interfaces[idf.net_config[engine.public_network].interface].name }}" + mac_address: "{{ jumphost.interfaces[idf.net_config[engine.public_network].interface].mac_address }}" + subnets: + - type: dhcp + - type: physical + name: "{{ jumphost.interfaces[idf.net_config[engine.pxe_network].interface].name }}" + mac_address: "{{ jumphost.interfaces[idf.net_config[engine.pxe_network].interface].mac_address }}" + subnets: + - type: static + address: "{{ jumphost.interfaces[idf.net_config[engine.pxe_network].interface].address }}" + netmask: "{{ idf.net_config[engine.pxe_network].mask }}" diff --git a/playbooks/roles/jump-vm/templates/user-data.j2 b/playbooks/roles/jump-vm/templates/user-data.j2 new file mode 100644 index 0000000..648f8d1 --- /dev/null +++ b/playbooks/roles/jump-vm/templates/user-data.j2 @@ -0,0 +1,13 @@ + #cloud-config + users: + - name: ubuntu + ssh-authorized-keys: + - {{ lookup('file', pub_key ) }} + sudo: ['ALL=(ALL) NOPASSWD:ALL'] + groups: sudo + shell: /bin/bash + runcmd: + # this is requried in labs where the PXE network is different from + # the public network. Without internet connectivity, the installation + # of BMRA fails + - [ iptables, -t, nat, -A, POSTROUTING, -o, ens3, -j, MASQUERADE ] -- cgit 1.2.3-korg