mirror of
https://github.com/OpenNebula/one.git
synced 2025-02-08 05:57:23 +03:00
Vlastimil Holer
Tino Vázquez
parent
e45ed7921b
commit
bff39b36f5
16
share/oneprovision/ansible/default_lxd.yml
Normal file
16
share/oneprovision/ansible/default_lxd.yml
Normal file
@ -0,0 +1,16 @@
|
||||
---
|
||||
|
||||
- hosts: all
|
||||
gather_facts: false
|
||||
roles:
|
||||
- python
|
||||
|
||||
- hosts: nodes
|
||||
roles:
|
||||
- ddc
|
||||
- opennebula-repository
|
||||
- opennebula-node-lxd
|
||||
- opennebula-ssh
|
||||
- tuntap
|
||||
- bridged-networking
|
||||
- iptables
|
||||
@ -0,0 +1,19 @@
|
||||
---
|
||||
|
||||
# Install qemu-ev on CentOS
|
||||
opennebula_node_kvm_use_ev: true
|
||||
|
||||
# Create bridge with tap0 bridge port
|
||||
bridged_networking_iface: tap0
|
||||
|
||||
# Tap0 is already managed by tuntap role
|
||||
bridged_networking_iface_manage: false
|
||||
|
||||
# Configure static IP on bridge, works as gateway
|
||||
bridged_networking_static_ip: 192.168.150.1
|
||||
|
||||
# Enable Masquerade
|
||||
iptables_masquerade_enabled: true
|
||||
|
||||
# Disable iptables strict rules which drop all not matching the base rules
|
||||
iptables_base_rules_strict: false
|
||||
@ -14,3 +14,7 @@ opennebula_node_kvm_manage_kvm: True
|
||||
|
||||
# Name of Red Hat EV repository
|
||||
opennebula_node_kvm_rhev_repo: rhel-7-server-rhv-4-mgmt-agent-rpms
|
||||
|
||||
# SELinux booleans to configure
|
||||
opennebula_node_selinux_booleans:
|
||||
- { name: 'virt_use_nfs', state: 'yes' }
|
||||
|
||||
@ -4,13 +4,13 @@
|
||||
- name: Update centos-release package
|
||||
yum: name=centos-release state=latest
|
||||
register: yum_result
|
||||
until: yum_result | succeeded
|
||||
until: yum_result is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
- name: Install qemu-ev repository
|
||||
yum: name=centos-release-qemu-ev state=latest
|
||||
register: yum_result
|
||||
until: yum_result | succeeded
|
||||
until: yum_result is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
when: ansible_distribution == "CentOS" and opennebula_node_kvm_use_ev
|
||||
@ -18,9 +18,13 @@
|
||||
- block:
|
||||
- name: Enable RHEV repo
|
||||
command: subscription-manager repos --enable {{ opennebula_node_kvm_rhev_repo }}
|
||||
register: sm_result
|
||||
until: sm_result is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
- name: Instal RHEV
|
||||
yum: name=qemu-kvm-rhev state=latest
|
||||
until: yum_result | succeeded
|
||||
until: yum_result is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
when: ansible_distribution == "RedHat" and opennebula_node_kvm_use_ev
|
||||
@ -28,7 +32,7 @@
|
||||
- name: Install qemu-kvm-ev
|
||||
yum: name=qemu-kvm-ev state=present
|
||||
register: yum_result
|
||||
until: yum_result | succeeded
|
||||
until: yum_result is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
when: ansible_distribution == "CentOS" and opennebula_node_kvm_use_ev
|
||||
@ -36,14 +40,26 @@
|
||||
- name: Install qemu-kvm (base)
|
||||
yum: name=qemu-kvm state=present
|
||||
register: yum_result
|
||||
until: yum_result | succeeded
|
||||
until: yum_result is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
when: not opennebula_node_kvm_use_ev
|
||||
|
||||
- name: Install OpenNebula node kvm package
|
||||
yum: name=opennebula-node-kvm state=latest
|
||||
register: yum_result
|
||||
until: yum_result | succeeded
|
||||
# Update to a fixed mkswap
|
||||
# * Wed Jan 31 2018 Karel Zak <kzak@redhat.com> 2.23.2-51
|
||||
# - fix #1538545 - SELinux error creating swap file
|
||||
- name: Update util-linux
|
||||
package:
|
||||
name: util-linux
|
||||
state: latest
|
||||
register: pkg_result
|
||||
until: pkg_result is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
|
||||
- name: Install OpenNebula node KVM package
|
||||
yum: name=opennebula-node-kvm state=latest
|
||||
register: yum_result
|
||||
until: yum_result is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
|
||||
@ -9,22 +9,6 @@
|
||||
retries: 3
|
||||
delay: 10
|
||||
|
||||
- name: Add permissions to apparmor
|
||||
lineinfile:
|
||||
dest: /etc/apparmor.d/abstractions/libvirt-qemu
|
||||
line: "{{ item }}"
|
||||
with_items:
|
||||
- " /srv/** rwk,"
|
||||
- " /var/lib/one/datastores/** rwk,"
|
||||
|
||||
- name: Reload apparmor
|
||||
service:
|
||||
name: apparmor
|
||||
state: reloaded
|
||||
register: service_result
|
||||
failed_when: "service_result|failed and ('find' not in service_result.msg and 'found' not in service_result.msg)"
|
||||
when: ansible_distribution == "Ubuntu"
|
||||
|
||||
# RHEL / CentOS compatibility
|
||||
- name: Create /usr/libexec
|
||||
file:
|
||||
|
||||
@ -1,13 +1,28 @@
|
||||
---
|
||||
|
||||
- name: Restart Libvirtd (RedHat)
|
||||
service: name=libvirtd state=restarted enabled=yes
|
||||
service:
|
||||
name: libvirtd
|
||||
state: restarted
|
||||
enabled: yes
|
||||
when: ansible_os_family == "RedHat"
|
||||
|
||||
- name: Restart Libvirtd (Debian)
|
||||
service: name=libvirtd state=restarted enabled=yes
|
||||
service:
|
||||
name: libvirtd
|
||||
state: restarted
|
||||
enabled: yes
|
||||
when: ansible_distribution == "Debian"
|
||||
|
||||
- name: Restart Libvirt-bin (Ubuntu)
|
||||
service: name=libvirt-bin state=restarted enabled=yes
|
||||
when: ansible_distribution == "Ubuntu"
|
||||
- name: Restart Libvirt-bin (Ubuntu up to 18.04)
|
||||
service:
|
||||
name: libvirt-bin
|
||||
state: restarted
|
||||
enabled: yes
|
||||
when: ansible_distribution == "Ubuntu" and ansible_distribution_version|float < 18.10
|
||||
|
||||
- name: Restart Libvirtd (Ubuntu from 18.10)
|
||||
service:
|
||||
name: libvirtd
|
||||
state: restarted
|
||||
enabled: yes
|
||||
when: ansible_distribution == "Ubuntu" and ansible_distribution_version|float >= 18.10
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
when: opennebula_node_kvm_manage_kvm == True
|
||||
|
||||
- include: libvirt.yml
|
||||
- include: security.yml
|
||||
|
||||
- name: "create datastore for ONE_LOCATION"
|
||||
file: path={{ one_location }}/var/datastores owner=oneadmin group=oneadmin state=directory
|
||||
|
||||
@ -0,0 +1,31 @@
|
||||
---
|
||||
|
||||
# SELinux
|
||||
- block:
|
||||
- name: Set SELinux booleans
|
||||
seboolean:
|
||||
name: '{{ item.name }}'
|
||||
state: '{{ item.state }}'
|
||||
persistent: yes
|
||||
with_items: '{{ opennebula_node_selinux_booleans }}'
|
||||
when:
|
||||
- ansible_selinux.status == 'enabled'
|
||||
- ansible_os_family == "RedHat"
|
||||
|
||||
# AppArmor
|
||||
- block:
|
||||
- name: Add permissions to apparmor
|
||||
lineinfile:
|
||||
dest: /etc/apparmor.d/abstractions/libvirt-qemu
|
||||
line: "{{ item }}"
|
||||
with_items:
|
||||
- " /srv/** rwk,"
|
||||
- " /var/lib/one/datastores/** rwk,"
|
||||
|
||||
- name: Reload apparmor
|
||||
service:
|
||||
name: apparmor
|
||||
state: reloaded
|
||||
register: service_result
|
||||
failed_when: "service_result|failed and ('find' not in service_result.msg and 'found' not in service_result.msg)"
|
||||
when: ansible_distribution == "Ubuntu"
|
||||
@ -0,0 +1,17 @@
|
||||
# opennebula-node-lxd
|
||||
|
||||
## Description
|
||||
|
||||
Installs the opennebula-node-lxd package.
|
||||
|
||||
## Requirements
|
||||
|
||||
No special requirements.
|
||||
|
||||
## Variables
|
||||
|
||||
All of the variables in this role are documented in the [defaults](defaults/main.yml) file.
|
||||
|
||||
## Todo list
|
||||
|
||||
None
|
||||
@ -0,0 +1,4 @@
|
||||
---
|
||||
###############################################################################
|
||||
# Valid defaults
|
||||
###############################################################################
|
||||
@ -0,0 +1,31 @@
|
||||
---
|
||||
|
||||
- name: Enable LXD/LXC from backports on Ubuntu 16.04
|
||||
copy:
|
||||
dest: /etc/apt/preferences.d/backports-lxd
|
||||
content: |
|
||||
Package: /lx[cd]/
|
||||
Pin: release a={{ ansible_distribution_release }}-backports
|
||||
Pin-Priority: 500
|
||||
when:
|
||||
- ansible_distribution == 'Ubuntu'
|
||||
- ansible_distribution_version == '16.04'
|
||||
|
||||
- name: Install OpenNebula node LXD package
|
||||
apt:
|
||||
name: opennebula-node-lxd
|
||||
state: latest
|
||||
register: apt_result
|
||||
until: apt_result is succeeded
|
||||
retries: 3
|
||||
delay: 10
|
||||
|
||||
# Test profile
|
||||
- name: Check for profile test
|
||||
command: lxc profile show test
|
||||
register: lxc_profile_check
|
||||
ignore_errors: yes
|
||||
|
||||
- name: Create test profile
|
||||
command: lxc profile copy default test
|
||||
when: lxc_profile_check is failed
|
||||
@ -0,0 +1,12 @@
|
||||
---
|
||||
|
||||
- name: Include distribution specific tasks
|
||||
include: "{{ ansible_os_family }}.yml"
|
||||
|
||||
- name: 'Create datastore on ONE_LOCATION'
|
||||
file:
|
||||
state: directory
|
||||
path: "{{ one_location }}/var/datastores"
|
||||
owner: oneadmin
|
||||
group: oneadmin
|
||||
when: one_location is defined
|
||||
@ -5,13 +5,13 @@
|
||||
###############################################################################
|
||||
|
||||
# OpenNebula repository version
|
||||
opennebula_repository_version: '5.6'
|
||||
opennebula_repository_version: '5.7'
|
||||
|
||||
# Repository of the OpenNebula packages
|
||||
opennebula_repository_base: 'https://downloads.opennebula.org/repo/{{ opennebula_repository_version }}'
|
||||
|
||||
# Enable gpg check for the packages
|
||||
# Enable GPG check for the packages
|
||||
opennebula_repository_gpgcheck: yes
|
||||
|
||||
# Enable gpg check for the repos (RHEL/CentOS only)
|
||||
# Enable GPG check for the repos (RHEL/CentOS only)
|
||||
opennebula_repository_repo_gpgcheck: yes
|
||||
|
||||
@ -16,7 +16,7 @@ networks:
|
||||
|
||||
- name: "private"
|
||||
vn_mad: "dummy"
|
||||
bridge: "vxlan100"
|
||||
bridge: "vxbr100"
|
||||
mtu: "1450"
|
||||
description: "Private networking"
|
||||
ar:
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user