[libvirt] [libvirt-jenkins-ci PATCH v2 0/6] Unattended guest installation and more
Changes from [v1]: * guest changes - set root password to a user-provided value - only allow key-based SSH login for root - configure serial console for emergency access - disable audio, video and USB - allocate 256 MiB for swap instead of 2 GiB - allocate 15 GiB for storage instead of 10 GiB - use host-passthrough CPU mode - set timezone to UTC * tool changes - rename to lcitool - implement basic configuration support - refuse to run from outside the source directory - provide better error messages * others - improve documentation, mainly the host setup part [v1] https://www.redhat.com/archives/libvir-list/2017-October/msg00651.html Andrea Bolognani (6): guests: Rename from 'ansible' guests: Introduce lcitool guests: Remove bootstrap phase guests: Add unattended installation support guests: Configure bootloaders guests: Update documentation ansible/Makefile | 12 -- ansible/README.markdown | 60 ------- ansible/bootstrap.yml | 15 -- {ansible => guests}/.gitignore | 0 guests/README.markdown | 97 +++++++++++ {ansible => guests}/ansible.cfg | 1 - guests/group_vars/all/install.yml | 11 ++ {ansible => guests}/group_vars/all/main.yml | 5 + guests/host_vars/libvirt-centos-6/install.yml | 3 + .../host_vars/libvirt-centos-6/main.yml | 0 .../host_vars/libvirt-centos-6/vault.yml | 0 guests/host_vars/libvirt-centos-7/install.yml | 3 + .../host_vars/libvirt-centos-7/main.yml | 0 .../host_vars/libvirt-centos-7/vault.yml | 0 guests/host_vars/libvirt-debian-8/install.yml | 3 + .../host_vars/libvirt-debian-8/main.yml | 0 .../host_vars/libvirt-debian-8/vault.yml | 0 guests/host_vars/libvirt-debian-9/install.yml | 3 + .../host_vars/libvirt-debian-9/main.yml | 0 .../host_vars/libvirt-debian-9/vault.yml | 0 guests/host_vars/libvirt-fedora-25/install.yml | 3 + .../host_vars/libvirt-fedora-25/main.yml | 0 .../host_vars/libvirt-fedora-25/vault.yml | 0 guests/host_vars/libvirt-fedora-26/install.yml | 3 + .../host_vars/libvirt-fedora-26/main.yml | 0 .../host_vars/libvirt-fedora-26/vault.yml | 0 .../host_vars/libvirt-fedora-rawhide/install.yml | 3 + .../host_vars/libvirt-fedora-rawhide/main.yml | 0 .../host_vars/libvirt-fedora-rawhide/vault.yml | 0 .../host_vars/libvirt-freebsd-10/main.yml | 0 .../host_vars/libvirt-freebsd-10/vault.yml | 0 .../host_vars/libvirt-freebsd-11/main.yml | 0 .../host_vars/libvirt-freebsd-11/vault.yml | 0 guests/host_vars/libvirt-ubuntu-12/install.yml | 3 + .../host_vars/libvirt-ubuntu-12/main.yml | 0 .../host_vars/libvirt-ubuntu-12/vault.yml | 0 guests/host_vars/libvirt-ubuntu-14/install.yml | 3 + .../host_vars/libvirt-ubuntu-14/main.yml | 0 .../host_vars/libvirt-ubuntu-14/vault.yml | 0 guests/host_vars/libvirt-ubuntu-16/install.yml | 3 + .../host_vars/libvirt-ubuntu-16/main.yml | 0 .../host_vars/libvirt-ubuntu-16/vault.yml | 0 {ansible => guests}/inventory | 0 guests/kickstart.cfg | 60 +++++++ guests/lcitool | 183 +++++++++++++++++++++ guests/preseed.cfg | 85 ++++++++++ {ansible => guests}/site.yml | 8 + {ansible => guests}/tasks/base.yml | 61 ++++++- {ansible => guests}/tasks/bootstrap.yml | 0 {ansible => guests}/tasks/compat.yml | 0 {ansible => guests}/tasks/jenkins.yml | 0 {ansible => guests}/tasks/packages.yml | 0 {ansible => guests}/templates/jenkins.service.j2 | 0 {ansible => guests}/vars/mappings.yml | 0 {ansible => guests}/vars/projects/base.yml | 0 {ansible => guests}/vars/projects/jenkins.yml | 0 {ansible => guests}/vars/projects/libosinfo.yml | 0 {ansible => guests}/vars/projects/libvirt-cim.yml | 0 {ansible => guests}/vars/projects/libvirt-glib.yml | 0 .../vars/projects/libvirt-go-xml.yml | 0 {ansible => guests}/vars/projects/libvirt-go.yml | 0 {ansible => guests}/vars/projects/libvirt-perl.yml | 0 .../vars/projects/libvirt-python.yml | 0 .../vars/projects/libvirt-sandbox.yml | 0 {ansible => guests}/vars/projects/libvirt-tck.yml | 0 {ansible => guests}/vars/projects/libvirt.yml | 0 .../vars/projects/osinfo-db-tools.yml | 0 {ansible => guests}/vars/projects/osinfo-db.yml | 0 {ansible => guests}/vars/projects/virt-manager.yml | 0 {ansible => guests}/vars/projects/virt-viewer.yml | 0 70 files changed, 539 insertions(+), 89 deletions(-) delete mode 100644 ansible/Makefile delete mode 100644 ansible/README.markdown delete mode 100644 ansible/bootstrap.yml rename {ansible => guests}/.gitignore (100%) create mode 100644 guests/README.markdown rename {ansible => guests}/ansible.cfg (71%) create mode 100644 guests/group_vars/all/install.yml rename {ansible => guests}/group_vars/all/main.yml (51%) create mode 100644 guests/host_vars/libvirt-centos-6/install.yml rename {ansible => guests}/host_vars/libvirt-centos-6/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-centos-6/vault.yml (100%) create mode 100644 guests/host_vars/libvirt-centos-7/install.yml rename {ansible => guests}/host_vars/libvirt-centos-7/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-centos-7/vault.yml (100%) create mode 100644 guests/host_vars/libvirt-debian-8/install.yml rename {ansible => guests}/host_vars/libvirt-debian-8/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-debian-8/vault.yml (100%) create mode 100644 guests/host_vars/libvirt-debian-9/install.yml rename {ansible => guests}/host_vars/libvirt-debian-9/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-debian-9/vault.yml (100%) create mode 100644 guests/host_vars/libvirt-fedora-25/install.yml rename {ansible => guests}/host_vars/libvirt-fedora-25/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-fedora-25/vault.yml (100%) create mode 100644 guests/host_vars/libvirt-fedora-26/install.yml rename {ansible => guests}/host_vars/libvirt-fedora-26/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-fedora-26/vault.yml (100%) create mode 100644 guests/host_vars/libvirt-fedora-rawhide/install.yml rename {ansible => guests}/host_vars/libvirt-fedora-rawhide/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-fedora-rawhide/vault.yml (100%) rename {ansible => guests}/host_vars/libvirt-freebsd-10/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-freebsd-10/vault.yml (100%) rename {ansible => guests}/host_vars/libvirt-freebsd-11/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-freebsd-11/vault.yml (100%) create mode 100644 guests/host_vars/libvirt-ubuntu-12/install.yml rename {ansible => guests}/host_vars/libvirt-ubuntu-12/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-ubuntu-12/vault.yml (100%) create mode 100644 guests/host_vars/libvirt-ubuntu-14/install.yml rename {ansible => guests}/host_vars/libvirt-ubuntu-14/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-ubuntu-14/vault.yml (100%) create mode 100644 guests/host_vars/libvirt-ubuntu-16/install.yml rename {ansible => guests}/host_vars/libvirt-ubuntu-16/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-ubuntu-16/vault.yml (100%) rename {ansible => guests}/inventory (100%) create mode 100644 guests/kickstart.cfg create mode 100755 guests/lcitool create mode 100644 guests/preseed.cfg rename {ansible => guests}/site.yml (83%) rename {ansible => guests}/tasks/base.yml (58%) rename {ansible => guests}/tasks/bootstrap.yml (100%) rename {ansible => guests}/tasks/compat.yml (100%) rename {ansible => guests}/tasks/jenkins.yml (100%) rename {ansible => guests}/tasks/packages.yml (100%) rename {ansible => guests}/templates/jenkins.service.j2 (100%) rename {ansible => guests}/vars/mappings.yml (100%) rename {ansible => guests}/vars/projects/base.yml (100%) rename {ansible => guests}/vars/projects/jenkins.yml (100%) rename {ansible => guests}/vars/projects/libosinfo.yml (100%) rename {ansible => guests}/vars/projects/libvirt-cim.yml (100%) rename {ansible => guests}/vars/projects/libvirt-glib.yml (100%) rename {ansible => guests}/vars/projects/libvirt-go-xml.yml (100%) rename {ansible => guests}/vars/projects/libvirt-go.yml (100%) rename {ansible => guests}/vars/projects/libvirt-perl.yml (100%) rename {ansible => guests}/vars/projects/libvirt-python.yml (100%) rename {ansible => guests}/vars/projects/libvirt-sandbox.yml (100%) rename {ansible => guests}/vars/projects/libvirt-tck.yml (100%) rename {ansible => guests}/vars/projects/libvirt.yml (100%) rename {ansible => guests}/vars/projects/osinfo-db-tools.yml (100%) rename {ansible => guests}/vars/projects/osinfo-db.yml (100%) rename {ansible => guests}/vars/projects/virt-manager.yml (100%) rename {ansible => guests}/vars/projects/virt-viewer.yml (100%) -- 2.13.6
There will be more than just Ansible playbooks in that directory pretty soon, so a more generic name is more appropriate. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- {ansible => guests}/.gitignore | 0 {ansible => guests}/Makefile | 0 {ansible => guests}/README.markdown | 0 {ansible => guests}/ansible.cfg | 0 {ansible => guests}/bootstrap.yml | 0 {ansible => guests}/group_vars/all/main.yml | 0 {ansible => guests}/host_vars/libvirt-centos-6/main.yml | 0 {ansible => guests}/host_vars/libvirt-centos-6/vault.yml | 0 {ansible => guests}/host_vars/libvirt-centos-7/main.yml | 0 {ansible => guests}/host_vars/libvirt-centos-7/vault.yml | 0 {ansible => guests}/host_vars/libvirt-debian-8/main.yml | 0 {ansible => guests}/host_vars/libvirt-debian-8/vault.yml | 0 {ansible => guests}/host_vars/libvirt-debian-9/main.yml | 0 {ansible => guests}/host_vars/libvirt-debian-9/vault.yml | 0 {ansible => guests}/host_vars/libvirt-fedora-25/main.yml | 0 {ansible => guests}/host_vars/libvirt-fedora-25/vault.yml | 0 {ansible => guests}/host_vars/libvirt-fedora-26/main.yml | 0 {ansible => guests}/host_vars/libvirt-fedora-26/vault.yml | 0 {ansible => guests}/host_vars/libvirt-fedora-rawhide/main.yml | 0 {ansible => guests}/host_vars/libvirt-fedora-rawhide/vault.yml | 0 {ansible => guests}/host_vars/libvirt-freebsd-10/main.yml | 0 {ansible => guests}/host_vars/libvirt-freebsd-10/vault.yml | 0 {ansible => guests}/host_vars/libvirt-freebsd-11/main.yml | 0 {ansible => guests}/host_vars/libvirt-freebsd-11/vault.yml | 0 {ansible => guests}/host_vars/libvirt-ubuntu-12/main.yml | 0 {ansible => guests}/host_vars/libvirt-ubuntu-12/vault.yml | 0 {ansible => guests}/host_vars/libvirt-ubuntu-14/main.yml | 0 {ansible => guests}/host_vars/libvirt-ubuntu-14/vault.yml | 0 {ansible => guests}/host_vars/libvirt-ubuntu-16/main.yml | 0 {ansible => guests}/host_vars/libvirt-ubuntu-16/vault.yml | 0 {ansible => guests}/inventory | 0 {ansible => guests}/site.yml | 0 {ansible => guests}/tasks/base.yml | 0 {ansible => guests}/tasks/bootstrap.yml | 0 {ansible => guests}/tasks/compat.yml | 0 {ansible => guests}/tasks/jenkins.yml | 0 {ansible => guests}/tasks/packages.yml | 0 {ansible => guests}/templates/jenkins.service.j2 | 0 {ansible => guests}/vars/mappings.yml | 0 {ansible => guests}/vars/projects/base.yml | 0 {ansible => guests}/vars/projects/jenkins.yml | 0 {ansible => guests}/vars/projects/libosinfo.yml | 0 {ansible => guests}/vars/projects/libvirt-cim.yml | 0 {ansible => guests}/vars/projects/libvirt-glib.yml | 0 {ansible => guests}/vars/projects/libvirt-go-xml.yml | 0 {ansible => guests}/vars/projects/libvirt-go.yml | 0 {ansible => guests}/vars/projects/libvirt-perl.yml | 0 {ansible => guests}/vars/projects/libvirt-python.yml | 0 {ansible => guests}/vars/projects/libvirt-sandbox.yml | 0 {ansible => guests}/vars/projects/libvirt-tck.yml | 0 {ansible => guests}/vars/projects/libvirt.yml | 0 {ansible => guests}/vars/projects/osinfo-db-tools.yml | 0 {ansible => guests}/vars/projects/osinfo-db.yml | 0 {ansible => guests}/vars/projects/virt-manager.yml | 0 {ansible => guests}/vars/projects/virt-viewer.yml | 0 55 files changed, 0 insertions(+), 0 deletions(-) rename {ansible => guests}/.gitignore (100%) rename {ansible => guests}/Makefile (100%) rename {ansible => guests}/README.markdown (100%) rename {ansible => guests}/ansible.cfg (100%) rename {ansible => guests}/bootstrap.yml (100%) rename {ansible => guests}/group_vars/all/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-centos-6/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-centos-6/vault.yml (100%) rename {ansible => guests}/host_vars/libvirt-centos-7/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-centos-7/vault.yml (100%) rename {ansible => guests}/host_vars/libvirt-debian-8/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-debian-8/vault.yml (100%) rename {ansible => guests}/host_vars/libvirt-debian-9/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-debian-9/vault.yml (100%) rename {ansible => guests}/host_vars/libvirt-fedora-25/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-fedora-25/vault.yml (100%) rename {ansible => guests}/host_vars/libvirt-fedora-26/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-fedora-26/vault.yml (100%) rename {ansible => guests}/host_vars/libvirt-fedora-rawhide/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-fedora-rawhide/vault.yml (100%) rename {ansible => guests}/host_vars/libvirt-freebsd-10/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-freebsd-10/vault.yml (100%) rename {ansible => guests}/host_vars/libvirt-freebsd-11/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-freebsd-11/vault.yml (100%) rename {ansible => guests}/host_vars/libvirt-ubuntu-12/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-ubuntu-12/vault.yml (100%) rename {ansible => guests}/host_vars/libvirt-ubuntu-14/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-ubuntu-14/vault.yml (100%) rename {ansible => guests}/host_vars/libvirt-ubuntu-16/main.yml (100%) rename {ansible => guests}/host_vars/libvirt-ubuntu-16/vault.yml (100%) rename {ansible => guests}/inventory (100%) rename {ansible => guests}/site.yml (100%) rename {ansible => guests}/tasks/base.yml (100%) rename {ansible => guests}/tasks/bootstrap.yml (100%) rename {ansible => guests}/tasks/compat.yml (100%) rename {ansible => guests}/tasks/jenkins.yml (100%) rename {ansible => guests}/tasks/packages.yml (100%) rename {ansible => guests}/templates/jenkins.service.j2 (100%) rename {ansible => guests}/vars/mappings.yml (100%) rename {ansible => guests}/vars/projects/base.yml (100%) rename {ansible => guests}/vars/projects/jenkins.yml (100%) rename {ansible => guests}/vars/projects/libosinfo.yml (100%) rename {ansible => guests}/vars/projects/libvirt-cim.yml (100%) rename {ansible => guests}/vars/projects/libvirt-glib.yml (100%) rename {ansible => guests}/vars/projects/libvirt-go-xml.yml (100%) rename {ansible => guests}/vars/projects/libvirt-go.yml (100%) rename {ansible => guests}/vars/projects/libvirt-perl.yml (100%) rename {ansible => guests}/vars/projects/libvirt-python.yml (100%) rename {ansible => guests}/vars/projects/libvirt-sandbox.yml (100%) rename {ansible => guests}/vars/projects/libvirt-tck.yml (100%) rename {ansible => guests}/vars/projects/libvirt.yml (100%) rename {ansible => guests}/vars/projects/osinfo-db-tools.yml (100%) rename {ansible => guests}/vars/projects/osinfo-db.yml (100%) rename {ansible => guests}/vars/projects/virt-manager.yml (100%) rename {ansible => guests}/vars/projects/virt-viewer.yml (100%) diff --git a/ansible/.gitignore b/guests/.gitignore similarity index 100% rename from ansible/.gitignore rename to guests/.gitignore diff --git a/ansible/Makefile b/guests/Makefile similarity index 100% rename from ansible/Makefile rename to guests/Makefile diff --git a/ansible/README.markdown b/guests/README.markdown similarity index 100% rename from ansible/README.markdown rename to guests/README.markdown diff --git a/ansible/ansible.cfg b/guests/ansible.cfg similarity index 100% rename from ansible/ansible.cfg rename to guests/ansible.cfg diff --git a/ansible/bootstrap.yml b/guests/bootstrap.yml similarity index 100% rename from ansible/bootstrap.yml rename to guests/bootstrap.yml diff --git a/ansible/group_vars/all/main.yml b/guests/group_vars/all/main.yml similarity index 100% rename from ansible/group_vars/all/main.yml rename to guests/group_vars/all/main.yml diff --git a/ansible/host_vars/libvirt-centos-6/main.yml b/guests/host_vars/libvirt-centos-6/main.yml similarity index 100% rename from ansible/host_vars/libvirt-centos-6/main.yml rename to guests/host_vars/libvirt-centos-6/main.yml diff --git a/ansible/host_vars/libvirt-centos-6/vault.yml b/guests/host_vars/libvirt-centos-6/vault.yml similarity index 100% rename from ansible/host_vars/libvirt-centos-6/vault.yml rename to guests/host_vars/libvirt-centos-6/vault.yml diff --git a/ansible/host_vars/libvirt-centos-7/main.yml b/guests/host_vars/libvirt-centos-7/main.yml similarity index 100% rename from ansible/host_vars/libvirt-centos-7/main.yml rename to guests/host_vars/libvirt-centos-7/main.yml diff --git a/ansible/host_vars/libvirt-centos-7/vault.yml b/guests/host_vars/libvirt-centos-7/vault.yml similarity index 100% rename from ansible/host_vars/libvirt-centos-7/vault.yml rename to guests/host_vars/libvirt-centos-7/vault.yml diff --git a/ansible/host_vars/libvirt-debian-8/main.yml b/guests/host_vars/libvirt-debian-8/main.yml similarity index 100% rename from ansible/host_vars/libvirt-debian-8/main.yml rename to guests/host_vars/libvirt-debian-8/main.yml diff --git a/ansible/host_vars/libvirt-debian-8/vault.yml b/guests/host_vars/libvirt-debian-8/vault.yml similarity index 100% rename from ansible/host_vars/libvirt-debian-8/vault.yml rename to guests/host_vars/libvirt-debian-8/vault.yml diff --git a/ansible/host_vars/libvirt-debian-9/main.yml b/guests/host_vars/libvirt-debian-9/main.yml similarity index 100% rename from ansible/host_vars/libvirt-debian-9/main.yml rename to guests/host_vars/libvirt-debian-9/main.yml diff --git a/ansible/host_vars/libvirt-debian-9/vault.yml b/guests/host_vars/libvirt-debian-9/vault.yml similarity index 100% rename from ansible/host_vars/libvirt-debian-9/vault.yml rename to guests/host_vars/libvirt-debian-9/vault.yml diff --git a/ansible/host_vars/libvirt-fedora-25/main.yml b/guests/host_vars/libvirt-fedora-25/main.yml similarity index 100% rename from ansible/host_vars/libvirt-fedora-25/main.yml rename to guests/host_vars/libvirt-fedora-25/main.yml diff --git a/ansible/host_vars/libvirt-fedora-25/vault.yml b/guests/host_vars/libvirt-fedora-25/vault.yml similarity index 100% rename from ansible/host_vars/libvirt-fedora-25/vault.yml rename to guests/host_vars/libvirt-fedora-25/vault.yml diff --git a/ansible/host_vars/libvirt-fedora-26/main.yml b/guests/host_vars/libvirt-fedora-26/main.yml similarity index 100% rename from ansible/host_vars/libvirt-fedora-26/main.yml rename to guests/host_vars/libvirt-fedora-26/main.yml diff --git a/ansible/host_vars/libvirt-fedora-26/vault.yml b/guests/host_vars/libvirt-fedora-26/vault.yml similarity index 100% rename from ansible/host_vars/libvirt-fedora-26/vault.yml rename to guests/host_vars/libvirt-fedora-26/vault.yml diff --git a/ansible/host_vars/libvirt-fedora-rawhide/main.yml b/guests/host_vars/libvirt-fedora-rawhide/main.yml similarity index 100% rename from ansible/host_vars/libvirt-fedora-rawhide/main.yml rename to guests/host_vars/libvirt-fedora-rawhide/main.yml diff --git a/ansible/host_vars/libvirt-fedora-rawhide/vault.yml b/guests/host_vars/libvirt-fedora-rawhide/vault.yml similarity index 100% rename from ansible/host_vars/libvirt-fedora-rawhide/vault.yml rename to guests/host_vars/libvirt-fedora-rawhide/vault.yml diff --git a/ansible/host_vars/libvirt-freebsd-10/main.yml b/guests/host_vars/libvirt-freebsd-10/main.yml similarity index 100% rename from ansible/host_vars/libvirt-freebsd-10/main.yml rename to guests/host_vars/libvirt-freebsd-10/main.yml diff --git a/ansible/host_vars/libvirt-freebsd-10/vault.yml b/guests/host_vars/libvirt-freebsd-10/vault.yml similarity index 100% rename from ansible/host_vars/libvirt-freebsd-10/vault.yml rename to guests/host_vars/libvirt-freebsd-10/vault.yml diff --git a/ansible/host_vars/libvirt-freebsd-11/main.yml b/guests/host_vars/libvirt-freebsd-11/main.yml similarity index 100% rename from ansible/host_vars/libvirt-freebsd-11/main.yml rename to guests/host_vars/libvirt-freebsd-11/main.yml diff --git a/ansible/host_vars/libvirt-freebsd-11/vault.yml b/guests/host_vars/libvirt-freebsd-11/vault.yml similarity index 100% rename from ansible/host_vars/libvirt-freebsd-11/vault.yml rename to guests/host_vars/libvirt-freebsd-11/vault.yml diff --git a/ansible/host_vars/libvirt-ubuntu-12/main.yml b/guests/host_vars/libvirt-ubuntu-12/main.yml similarity index 100% rename from ansible/host_vars/libvirt-ubuntu-12/main.yml rename to guests/host_vars/libvirt-ubuntu-12/main.yml diff --git a/ansible/host_vars/libvirt-ubuntu-12/vault.yml b/guests/host_vars/libvirt-ubuntu-12/vault.yml similarity index 100% rename from ansible/host_vars/libvirt-ubuntu-12/vault.yml rename to guests/host_vars/libvirt-ubuntu-12/vault.yml diff --git a/ansible/host_vars/libvirt-ubuntu-14/main.yml b/guests/host_vars/libvirt-ubuntu-14/main.yml similarity index 100% rename from ansible/host_vars/libvirt-ubuntu-14/main.yml rename to guests/host_vars/libvirt-ubuntu-14/main.yml diff --git a/ansible/host_vars/libvirt-ubuntu-14/vault.yml b/guests/host_vars/libvirt-ubuntu-14/vault.yml similarity index 100% rename from ansible/host_vars/libvirt-ubuntu-14/vault.yml rename to guests/host_vars/libvirt-ubuntu-14/vault.yml diff --git a/ansible/host_vars/libvirt-ubuntu-16/main.yml b/guests/host_vars/libvirt-ubuntu-16/main.yml similarity index 100% rename from ansible/host_vars/libvirt-ubuntu-16/main.yml rename to guests/host_vars/libvirt-ubuntu-16/main.yml diff --git a/ansible/host_vars/libvirt-ubuntu-16/vault.yml b/guests/host_vars/libvirt-ubuntu-16/vault.yml similarity index 100% rename from ansible/host_vars/libvirt-ubuntu-16/vault.yml rename to guests/host_vars/libvirt-ubuntu-16/vault.yml diff --git a/ansible/inventory b/guests/inventory similarity index 100% rename from ansible/inventory rename to guests/inventory diff --git a/ansible/site.yml b/guests/site.yml similarity index 100% rename from ansible/site.yml rename to guests/site.yml diff --git a/ansible/tasks/base.yml b/guests/tasks/base.yml similarity index 100% rename from ansible/tasks/base.yml rename to guests/tasks/base.yml diff --git a/ansible/tasks/bootstrap.yml b/guests/tasks/bootstrap.yml similarity index 100% rename from ansible/tasks/bootstrap.yml rename to guests/tasks/bootstrap.yml diff --git a/ansible/tasks/compat.yml b/guests/tasks/compat.yml similarity index 100% rename from ansible/tasks/compat.yml rename to guests/tasks/compat.yml diff --git a/ansible/tasks/jenkins.yml b/guests/tasks/jenkins.yml similarity index 100% rename from ansible/tasks/jenkins.yml rename to guests/tasks/jenkins.yml diff --git a/ansible/tasks/packages.yml b/guests/tasks/packages.yml similarity index 100% rename from ansible/tasks/packages.yml rename to guests/tasks/packages.yml diff --git a/ansible/templates/jenkins.service.j2 b/guests/templates/jenkins.service.j2 similarity index 100% rename from ansible/templates/jenkins.service.j2 rename to guests/templates/jenkins.service.j2 diff --git a/ansible/vars/mappings.yml b/guests/vars/mappings.yml similarity index 100% rename from ansible/vars/mappings.yml rename to guests/vars/mappings.yml diff --git a/ansible/vars/projects/base.yml b/guests/vars/projects/base.yml similarity index 100% rename from ansible/vars/projects/base.yml rename to guests/vars/projects/base.yml diff --git a/ansible/vars/projects/jenkins.yml b/guests/vars/projects/jenkins.yml similarity index 100% rename from ansible/vars/projects/jenkins.yml rename to guests/vars/projects/jenkins.yml diff --git a/ansible/vars/projects/libosinfo.yml b/guests/vars/projects/libosinfo.yml similarity index 100% rename from ansible/vars/projects/libosinfo.yml rename to guests/vars/projects/libosinfo.yml diff --git a/ansible/vars/projects/libvirt-cim.yml b/guests/vars/projects/libvirt-cim.yml similarity index 100% rename from ansible/vars/projects/libvirt-cim.yml rename to guests/vars/projects/libvirt-cim.yml diff --git a/ansible/vars/projects/libvirt-glib.yml b/guests/vars/projects/libvirt-glib.yml similarity index 100% rename from ansible/vars/projects/libvirt-glib.yml rename to guests/vars/projects/libvirt-glib.yml diff --git a/ansible/vars/projects/libvirt-go-xml.yml b/guests/vars/projects/libvirt-go-xml.yml similarity index 100% rename from ansible/vars/projects/libvirt-go-xml.yml rename to guests/vars/projects/libvirt-go-xml.yml diff --git a/ansible/vars/projects/libvirt-go.yml b/guests/vars/projects/libvirt-go.yml similarity index 100% rename from ansible/vars/projects/libvirt-go.yml rename to guests/vars/projects/libvirt-go.yml diff --git a/ansible/vars/projects/libvirt-perl.yml b/guests/vars/projects/libvirt-perl.yml similarity index 100% rename from ansible/vars/projects/libvirt-perl.yml rename to guests/vars/projects/libvirt-perl.yml diff --git a/ansible/vars/projects/libvirt-python.yml b/guests/vars/projects/libvirt-python.yml similarity index 100% rename from ansible/vars/projects/libvirt-python.yml rename to guests/vars/projects/libvirt-python.yml diff --git a/ansible/vars/projects/libvirt-sandbox.yml b/guests/vars/projects/libvirt-sandbox.yml similarity index 100% rename from ansible/vars/projects/libvirt-sandbox.yml rename to guests/vars/projects/libvirt-sandbox.yml diff --git a/ansible/vars/projects/libvirt-tck.yml b/guests/vars/projects/libvirt-tck.yml similarity index 100% rename from ansible/vars/projects/libvirt-tck.yml rename to guests/vars/projects/libvirt-tck.yml diff --git a/ansible/vars/projects/libvirt.yml b/guests/vars/projects/libvirt.yml similarity index 100% rename from ansible/vars/projects/libvirt.yml rename to guests/vars/projects/libvirt.yml diff --git a/ansible/vars/projects/osinfo-db-tools.yml b/guests/vars/projects/osinfo-db-tools.yml similarity index 100% rename from ansible/vars/projects/osinfo-db-tools.yml rename to guests/vars/projects/osinfo-db-tools.yml diff --git a/ansible/vars/projects/osinfo-db.yml b/guests/vars/projects/osinfo-db.yml similarity index 100% rename from ansible/vars/projects/osinfo-db.yml rename to guests/vars/projects/osinfo-db.yml diff --git a/ansible/vars/projects/virt-manager.yml b/guests/vars/projects/virt-manager.yml similarity index 100% rename from ansible/vars/projects/virt-manager.yml rename to guests/vars/projects/virt-manager.yml diff --git a/ansible/vars/projects/virt-viewer.yml b/guests/vars/projects/virt-viewer.yml similarity index 100% rename from ansible/vars/projects/virt-viewer.yml rename to guests/vars/projects/virt-viewer.yml -- 2.13.6
This script replaces the existing Makefile, and will be extended to provide more functionality in future commits. It also takes over ownership of the Ansible vault password, which is now expected to be stored in lcitool's own config directory along with more settings that will be introduced later. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- guests/Makefile | 12 --------- guests/ansible.cfg | 1 - guests/lcitool | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 76 insertions(+), 13 deletions(-) delete mode 100644 guests/Makefile create mode 100755 guests/lcitool diff --git a/guests/Makefile b/guests/Makefile deleted file mode 100644 index 39ebe52..0000000 --- a/guests/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -all: - -site: - @ansible-playbook site.yml - -bootstrap: - @ansible-playbook --ask-pass bootstrap.yml - -clean: - @rm -f *.retry log - -.PHONY: all site bootstrap clean diff --git a/guests/ansible.cfg b/guests/ansible.cfg index 84fde77..6b18c57 100644 --- a/guests/ansible.cfg +++ b/guests/ansible.cfg @@ -5,7 +5,6 @@ inventory = ./inventory log_path = ./log nocows = 1 squash_actions = package -vault_password_file = ~/.ansible/libvirt-jenkins-ci.vault-password [ssh_connection] pipelining = True diff --git a/guests/lcitool b/guests/lcitool new file mode 100755 index 0000000..aaee5f9 --- /dev/null +++ b/guests/lcitool @@ -0,0 +1,76 @@ +#!/bin/sh + +# ------------------- +# Utility functions +# ------------------- + +# die MESSAGE +# +# Abort the program after displaying $MESSAGE on standard error. +die() { + echo "$1" >&2 + exit 1 +} + +# ---------------------- +# User-visible actions +# ---------------------- + +do_help() { + echo "\ +Usage: $CALL_NAME ACTION [OPTIONS] + +Actions: + list List known guests + prepare GUEST|all Prepare or update GUEST. Can be run multiple times + update GUEST|all Alias for prepare + help Display this help" +} + +do_list() { + # List all guests present in the inventory. Skip group names, + # comments and empty lines + grep -vE '^#|^\[|^$' inventory | sort -u +} + +do_prepare() { + GUEST="$1" + + test "$GUEST" || { + die "$(do_help)" + } + do_list | grep -q "$GUEST" || test "$GUEST" = all || { + die "$PROGRAM_NAME: $GUEST: Unknown guest" + } + + VAULT_PASS_FILE="$CONFIG_DIR/vault-password" + + # Make sure required passwords exist and are not invalid (empty) + test -f "$VAULT_PASS_FILE" && test "$(cat "$VAULT_PASS_FILE")" || { + die "$PROGRAM_NAME: $VAULT_PASS_FILE: Missing or invalid password" + } + + ansible-playbook \ + --vault-password-file "$VAULT_PASS_FILE" \ + -l "$GUEST" \ + site.yml +} + +# --------------------- +# Program entry point +# --------------------- + +CALL_NAME="$0" +PROGRAM_NAME="${0##*/}" +CONFIG_DIR="$HOME/.config/$PROGRAM_NAME" + +test -f "$PROGRAM_NAME" || { + die "$PROGRAM_NAME: Must be run from the source directory" +} + +case "$1" in + list) do_list ;; + prepare|update) do_prepare "$2" ;; + *help) do_help ;; + *) die "$(do_help)" ;; +esac -- 2.13.6
On Wed, 2017-10-18 at 19:11 +0200, Andrea Bolognani wrote:
This script replaces the existing Makefile, and will be extended to provide more functionality in future commits.
It also takes over ownership of the Ansible vault password, which is now expected to be stored in lcitool's own config directory along with more settings that will be introduced later.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- guests/Makefile | 12 --------- guests/ansible.cfg | 1 - guests/lcitool | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 76 insertions(+), 13 deletions(-) delete mode 100644 guests/Makefile create mode 100755 guests/lcitool
FYI: I came up with a cuter name, licito[1], and I will use that when pushing unless someone feel strongly otherwise . [1] As in LIbvirt CI TOol -- Andrea Bolognani / Red Hat / Virtualization
On Thu, Oct 19, 2017 at 01:40:39PM +0200, Andrea Bolognani wrote:
On Wed, 2017-10-18 at 19:11 +0200, Andrea Bolognani wrote:
This script replaces the existing Makefile, and will be extended to provide more functionality in future commits.
It also takes over ownership of the Ansible vault password, which is now expected to be stored in lcitool's own config directory along with more settings that will be introduced later.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- guests/Makefile | 12 --------- guests/ansible.cfg | 1 - guests/lcitool | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 76 insertions(+), 13 deletions(-) delete mode 100644 guests/Makefile create mode 100755 guests/lcitool
FYI: I came up with a cuter name, licito[1], and I will use that when pushing unless someone feel strongly otherwise .
I liked manage better that lcitool, but lcitool makes sense as well. However, I don't like licito, it might sound cool but IMHO it's not useful at all. Pavel
On Thu, 2017-10-19 at 14:04 +0200, Pavel Hrdina wrote:
This script replaces the existing Makefile, and will be extended to provide more functionality in future commits.
It also takes over ownership of the Ansible vault password, which is now expected to be stored in lcitool's own config directory along with more settings that will be introduced later.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- guests/Makefile | 12 --------- guests/ansible.cfg | 1 - guests/lcitool | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 76 insertions(+), 13 deletions(-) delete mode 100644 guests/Makefile create mode 100755 guests/lcitool
FYI: I came up with a cuter name, licito[1], and I will use that when pushing unless someone feel strongly otherwise .
I liked manage better that lcitool, but lcitool makes sense as well. However, I don't like licito, it might sound cool but IMHO it's not useful at all.
I liked 'manage' better as well but it's also extremely generic, so the moment we started writing data outside the source directory it was automatically off the table. Neither of the other names is particularly useful, they're just names but at least they're both fairly unique and reasonably easy to remember. I think that 'licito' is a very fair name, and using it would definitely not be illegal :P http://www.spanishcentral.com/translate/l%C3%ADcito So if your only argument against it is that you don't like it very much, my reply is that I do like it quite a bit and, well, I get to name the programs I write :) -- Andrea Bolognani / Red Hat / Virtualization
On Thu, Oct 19, 2017 at 02:42:15PM +0200, Andrea Bolognani wrote:
On Thu, 2017-10-19 at 14:04 +0200, Pavel Hrdina wrote:
This script replaces the existing Makefile, and will be extended to provide more functionality in future commits.
It also takes over ownership of the Ansible vault password, which is now expected to be stored in lcitool's own config directory along with more settings that will be introduced later.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- guests/Makefile | 12 --------- guests/ansible.cfg | 1 - guests/lcitool | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 76 insertions(+), 13 deletions(-) delete mode 100644 guests/Makefile create mode 100755 guests/lcitool
FYI: I came up with a cuter name, licito[1], and I will use that when pushing unless someone feel strongly otherwise .
I liked manage better that lcitool, but lcitool makes sense as well. However, I don't like licito, it might sound cool but IMHO it's not useful at all.
I liked 'manage' better as well but it's also extremely generic, so the moment we started writing data outside the source directory it was automatically off the table.
I agree with that, manage is not usable in this case.
Neither of the other names is particularly useful, they're just names but at least they're both fairly unique and reasonably easy to remember. I think that 'licito' is a very fair name, and using it would definitely not be illegal :P
http://www.spanishcentral.com/translate/l%C3%ADcito
So if your only argument against it is that you don't like it very much, my reply is that I do like it quite a bit and, well, I get to name the programs I write :)
Well, yes and no :) you can name the program but you also need to have an ACK from community to accept that name. "licito" is just a cool name that doesn't tell you anything from the first glance what it is. On the other hand lcitool tells you that it's some kind of tool and that the "lci" part specifies what kind of tool it is. It's not only that I don't personally like it but it also looks like some randomly chosen name even though there is some pattern behind it. I vote for lcitool instead of licito. Pavel
On Thu, 2017-10-19 at 14:53 +0200, Pavel Hrdina wrote:
So if your only argument against it is that you don't like it very much, my reply is that I do like it quite a bit and, well, I get to name the programs I write :)
Well, yes and no :) you can name the program but you also need to have an ACK from community to accept that name. "licito" is just a cool name that doesn't tell you anything from the first glance what it is. On the other hand lcitool tells you that it's some kind of tool and that the "lci" part specifies what kind of tool it is. It's not only that I don't personally like it but it also looks like some randomly chosen name even though there is some pattern behind it.
I vote for lcitool instead of licito.
I don't feel like any of your arguments have much weight, since for most applications the name only has a very vague correlation with the functionality or intended purpose, if that: see mutt, dnf, evince, firefox, ansible and so, so many more examples. That said, point taken about the need for the community to stand behind a name before it can be adopted. Most importantly, I feel like we could both spend our time in a more productive way than argue about this, so let's just stick with the existing name unless someone comes up with a different one that manages to make everyone happy. -- Andrea Bolognani / Red Hat / Virtualization
On Thu, Oct 19, 2017 at 03:53:48PM +0200, Andrea Bolognani wrote:
On Thu, 2017-10-19 at 14:53 +0200, Pavel Hrdina wrote:
So if your only argument against it is that you don't like it very much, my reply is that I do like it quite a bit and, well, I get to name the programs I write :)
Well, yes and no :) you can name the program but you also need to have an ACK from community to accept that name. "licito" is just a cool name that doesn't tell you anything from the first glance what it is. On the other hand lcitool tells you that it's some kind of tool and that the "lci" part specifies what kind of tool it is. It's not only that I don't personally like it but it also looks like some randomly chosen name even though there is some pattern behind it.
I vote for lcitool instead of licito.
I don't feel like any of your arguments have much weight, since for most applications the name only has a very vague correlation with the functionality or intended purpose, if that: see mutt, dnf, evince, firefox, ansible and so, so many more examples.
And there could be a lot of examples to support my statement.
That said, point taken about the need for the community to stand behind a name before it can be adopted.
Most importantly, I feel like we could both spend our time in a more productive way than argue about this, so let's just stick with the existing name unless someone comes up with a different one that manages to make everyone happy.
Since lcitool was also your idea I didn't think that you would not like to use it and prefer the new one. Anyway, thanks for sticking with the current name. Pavel
Having to bootstrap the guest as a separate phase is annoying and can be avoided by assuming the root password is well-known. This doesn't hurt security because we're going to be changing the root password with a user-provided one the first time Ansible is run; moreover, we only leave key-based SSH authentication enabled for the root user. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- guests/bootstrap.yml | 15 --------------- guests/group_vars/all/main.yml | 5 +++++ guests/lcitool | 25 +++++++++++++++++++++++++ guests/site.yml | 8 ++++++++ guests/tasks/base.yml | 11 ++++++++++- 5 files changed, 48 insertions(+), 16 deletions(-) delete mode 100644 guests/bootstrap.yml diff --git a/guests/bootstrap.yml b/guests/bootstrap.yml deleted file mode 100644 index 544dd9d..0000000 --- a/guests/bootstrap.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- hosts: all - gather_facts: no - - tasks: - - # Bootstrap Ansible itself - - include: tasks/bootstrap.yml - -- hosts: all - - tasks: - - # Prepare the base environment - - include: tasks/base.yml diff --git a/guests/group_vars/all/main.yml b/guests/group_vars/all/main.yml index 81b7d43..d24af59 100644 --- a/guests/group_vars/all/main.yml +++ b/guests/group_vars/all/main.yml @@ -1,6 +1,11 @@ --- ansible_user: root +# This password is only used to access the guest the very first time +# Ansible is used: afterwards, the user's SSH key will have been installed +# in the guest and SSH password authentication will have been disabled +ansible_ssh_pass: root + jenkins_url: https://ci.centos.org/computer/{{ inventory_hostname }}/slave-agent.jnlp # Paths to various command. Can be overridden on a per-host basis diff --git a/guests/lcitool b/guests/lcitool index aaee5f9..10a72cf 100755 --- a/guests/lcitool +++ b/guests/lcitool @@ -12,6 +12,19 @@ die() { exit 1 } +# hash_file PASS_FILE +# +# Generate a password hash from the contents of PASS_FILE. +hash_file() { + PASS_FILE="$1" + + python2 -c " +import crypt +password = open('$PASS_FILE', 'r').read().strip() +print(crypt.crypt(password, + crypt.mksalt(crypt.METHOD_SHA512)))" +} + # ---------------------- # User-visible actions # ---------------------- @@ -44,11 +57,23 @@ do_prepare() { } VAULT_PASS_FILE="$CONFIG_DIR/vault-password" + ROOT_PASS_FILE="$CONFIG_DIR/root-password" # Make sure required passwords exist and are not invalid (empty) test -f "$VAULT_PASS_FILE" && test "$(cat "$VAULT_PASS_FILE")" || { die "$PROGRAM_NAME: $VAULT_PASS_FILE: Missing or invalid password" } + test -f "$ROOT_PASS_FILE" && test "$(cat "$ROOT_PASS_FILE")" || { + die "$PROGRAM_NAME: $ROOT_PASS_FILE: Missing or invalid password" + } + + ROOT_HASH_FILE="$CONFIG_DIR/.root-password.hash" + + # Regenerate root password hash. Ansible expects passwords as hashes but + # doesn't provide a built-in facility to generate one from plain text + hash_file "$ROOT_PASS_FILE" >"$ROOT_HASH_FILE" || { + die "$PROGRAM_NAME: Failure while hashing root password" + } ansible-playbook \ --vault-password-file "$VAULT_PASS_FILE" \ diff --git a/guests/site.yml b/guests/site.yml index e6cf10d..9c75dcb 100644 --- a/guests/site.yml +++ b/guests/site.yml @@ -1,5 +1,13 @@ --- - hosts: all + gather_facts: no + + tasks: + + # Bootstrap Ansible itself + - include: tasks/bootstrap.yml + +- hosts: all vars_files: - vars/mappings.yml diff --git a/guests/tasks/base.yml b/guests/tasks/base.yml index dd8d306..a9066e4 100644 --- a/guests/tasks/base.yml +++ b/guests/tasks/base.yml @@ -96,9 +96,10 @@ hostname: name: '{{ inventory_hostname }}' -- name: Configure root shell +- name: Configure root password and shell user: name: root + password: '{{ lookup("file", lookup("env", "HOME") + "/.config/lcitool/.root-password.hash") }}' shell: '{{ bash }}' - name: Configure ssh access for the root user @@ -106,3 +107,11 @@ user: root key: '{{ lookup("file", lookup("env", "HOME") + "/.ssh/id_rsa.pub") }}' state: present + +- name: Disable password authentication for the root user + lineinfile: + path: /etc/ssh/sshd_config + regexp: '^#*\s*PermitRootLogin\s*.*$' + line: 'PermitRootLogin without-password' + state: present + backup: yes -- 2.13.6
The lcitool script can now be used to install most known guests without requiring user interaction. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- guests/group_vars/all/install.yml | 11 +++ guests/host_vars/libvirt-centos-6/install.yml | 3 + guests/host_vars/libvirt-centos-7/install.yml | 3 + guests/host_vars/libvirt-debian-8/install.yml | 3 + guests/host_vars/libvirt-debian-9/install.yml | 3 + guests/host_vars/libvirt-fedora-25/install.yml | 3 + guests/host_vars/libvirt-fedora-26/install.yml | 3 + .../host_vars/libvirt-fedora-rawhide/install.yml | 3 + guests/host_vars/libvirt-ubuntu-12/install.yml | 3 + guests/host_vars/libvirt-ubuntu-14/install.yml | 3 + guests/host_vars/libvirt-ubuntu-16/install.yml | 3 + guests/kickstart.cfg | 60 +++++++++++++++ guests/lcitool | 82 +++++++++++++++++++++ guests/preseed.cfg | 85 ++++++++++++++++++++++ 14 files changed, 268 insertions(+) create mode 100644 guests/group_vars/all/install.yml create mode 100644 guests/host_vars/libvirt-centos-6/install.yml create mode 100644 guests/host_vars/libvirt-centos-7/install.yml create mode 100644 guests/host_vars/libvirt-debian-8/install.yml create mode 100644 guests/host_vars/libvirt-debian-9/install.yml create mode 100644 guests/host_vars/libvirt-fedora-25/install.yml create mode 100644 guests/host_vars/libvirt-fedora-26/install.yml create mode 100644 guests/host_vars/libvirt-fedora-rawhide/install.yml create mode 100644 guests/host_vars/libvirt-ubuntu-12/install.yml create mode 100644 guests/host_vars/libvirt-ubuntu-14/install.yml create mode 100644 guests/host_vars/libvirt-ubuntu-16/install.yml create mode 100644 guests/kickstart.cfg create mode 100644 guests/preseed.cfg diff --git a/guests/group_vars/all/install.yml b/guests/group_vars/all/install.yml new file mode 100644 index 0000000..94b752f --- /dev/null +++ b/guests/group_vars/all/install.yml @@ -0,0 +1,11 @@ +--- +# Sizes are in GiB +install_virt_type: kvm +install_arch: x86_64 +install_machine: pc +install_cpu_model: host-passthrough +install_vcpus: 2 +install_memory_size: 2 +install_disk_size: 15 +install_storage_pool: default +install_network: default diff --git a/guests/host_vars/libvirt-centos-6/install.yml b/guests/host_vars/libvirt-centos-6/install.yml new file mode 100644 index 0000000..3a9459b --- /dev/null +++ b/guests/host_vars/libvirt-centos-6/install.yml @@ -0,0 +1,3 @@ +--- +install_url: http://mirror.centos.org/centos/6/os/x86_64/ +install_config: kickstart.cfg diff --git a/guests/host_vars/libvirt-centos-7/install.yml b/guests/host_vars/libvirt-centos-7/install.yml new file mode 100644 index 0000000..f003b89 --- /dev/null +++ b/guests/host_vars/libvirt-centos-7/install.yml @@ -0,0 +1,3 @@ +--- +install_url: http://mirror.centos.org/centos/7/os/x86_64/ +install_config: kickstart.cfg diff --git a/guests/host_vars/libvirt-debian-8/install.yml b/guests/host_vars/libvirt-debian-8/install.yml new file mode 100644 index 0000000..a2c8341 --- /dev/null +++ b/guests/host_vars/libvirt-debian-8/install.yml @@ -0,0 +1,3 @@ +--- +install_url: http://deb.debian.org/debian/dists/jessie/main/installer-amd64/ +install_config: preseed.cfg diff --git a/guests/host_vars/libvirt-debian-9/install.yml b/guests/host_vars/libvirt-debian-9/install.yml new file mode 100644 index 0000000..5b1da76 --- /dev/null +++ b/guests/host_vars/libvirt-debian-9/install.yml @@ -0,0 +1,3 @@ +--- +install_url: http://deb.debian.org/debian/dists/stretch/main/installer-amd64/ +install_config: preseed.cfg diff --git a/guests/host_vars/libvirt-fedora-25/install.yml b/guests/host_vars/libvirt-fedora-25/install.yml new file mode 100644 index 0000000..bb4bde3 --- /dev/null +++ b/guests/host_vars/libvirt-fedora-25/install.yml @@ -0,0 +1,3 @@ +--- +install_url: https://download.fedoraproject.org/pub/fedora/linux/releases/25/Server/x86_6... +install_config: kickstart.cfg diff --git a/guests/host_vars/libvirt-fedora-26/install.yml b/guests/host_vars/libvirt-fedora-26/install.yml new file mode 100644 index 0000000..eff160d --- /dev/null +++ b/guests/host_vars/libvirt-fedora-26/install.yml @@ -0,0 +1,3 @@ +--- +install_url: https://download.fedoraproject.org/pub/fedora/linux/releases/26/Server/x86_6... +install_config: kickstart.cfg diff --git a/guests/host_vars/libvirt-fedora-rawhide/install.yml b/guests/host_vars/libvirt-fedora-rawhide/install.yml new file mode 100644 index 0000000..2216e81 --- /dev/null +++ b/guests/host_vars/libvirt-fedora-rawhide/install.yml @@ -0,0 +1,3 @@ +--- +install_url: https://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Ever... +install_config: kickstart.cfg diff --git a/guests/host_vars/libvirt-ubuntu-12/install.yml b/guests/host_vars/libvirt-ubuntu-12/install.yml new file mode 100644 index 0000000..997304f --- /dev/null +++ b/guests/host_vars/libvirt-ubuntu-12/install.yml @@ -0,0 +1,3 @@ +--- +install_url: http://archive.ubuntu.com/ubuntu/dists/precise/main/installer-amd64/ +install_config: preseed.cfg diff --git a/guests/host_vars/libvirt-ubuntu-14/install.yml b/guests/host_vars/libvirt-ubuntu-14/install.yml new file mode 100644 index 0000000..d7862a5 --- /dev/null +++ b/guests/host_vars/libvirt-ubuntu-14/install.yml @@ -0,0 +1,3 @@ +--- +install_url: http://archive.ubuntu.com/ubuntu/dists/trusty/main/installer-amd64/ +install_config: preseed.cfg diff --git a/guests/host_vars/libvirt-ubuntu-16/install.yml b/guests/host_vars/libvirt-ubuntu-16/install.yml new file mode 100644 index 0000000..a7bb2da --- /dev/null +++ b/guests/host_vars/libvirt-ubuntu-16/install.yml @@ -0,0 +1,3 @@ +--- +install_url: http://archive.ubuntu.com/ubuntu/dists/xenial/main/installer-amd64/ +install_config: preseed.cfg diff --git a/guests/kickstart.cfg b/guests/kickstart.cfg new file mode 100644 index 0000000..603c0ae --- /dev/null +++ b/guests/kickstart.cfg @@ -0,0 +1,60 @@ +# Installer configuration +# +# Perform a text based installation followed by a reboot, and disable +# the first boot assistant +text +install +reboot +firstboot --disable + + +# Environment configuration +# +# Locale, keyboard and timezone. All these will be configured again +# later with Ansible, but they're required information so we must +# provide them +lang en_US.UTF-8 +keyboard us +timezone --utc UTC + + +# User creation +# +# We don't create any user except for root. We can use a very insecure +# root password here because it will be replaced with a used-defined one +# with Ansible immediately after installation +authconfig --enableshadow --passalgo=sha512 +rootpw --plaintext root + + +# Partition disk +# +# Erase everything and set up a 2 GiB swap partition, then assign all +# remaining space to the root partition +ignoredisk --only-use=vda +zerombr +clearpart --none +part / --fstype=ext4 --size=2048 --grow +part swap --fstype=swap --size=256 + + +# Install bootloader +# +# The bootloader will be installed in the MBR +bootloader --location=mbr --timeout=1 + + +# Configure networking +# +# The only network interface available to the guest will come up +# at boot using IPv4-only DHCP +network --bootproto=dhcp --noipv6 --activate --onboot=yes + + +# Software installation +# +# Only install the very base packages: everything else will be +# installed later using Ansible +%packages +@core +%end diff --git a/guests/lcitool b/guests/lcitool index 10a72cf..c10b49b 100755 --- a/guests/lcitool +++ b/guests/lcitool @@ -25,6 +25,34 @@ print(crypt.crypt(password, crypt.mksalt(crypt.METHOD_SHA512)))" } +# yaml_var FILE VAR +# +# Read $FILE and output the value of YAML variable $VAR. Only trivial YAML +# values are supported, eg. strings and numbers that don't depend on the +# value of other variables. That's enough for our use case. +yaml_var() { + grep "^$2:\\s*" "$1" 2>/dev/null | tail -1 | sed "s/$2:\\s*//g" +} + +# load_config FILE +# +# Read all known configuration variables from $FILE and set them in the +# environment. Configuration variables that have already been set in +# the environment will not be updated. +load_config() { + INSTALL_URL=${INSTALL_URL:-$(yaml_var "$1" install_url)} + INSTALL_CONFIG=${INSTALL_CONFIG:-$(yaml_var "$1" install_config)} + INSTALL_VIRT_TYPE=${INSTALL_ARCH:-$(yaml_var "$1" install_virt_type)} + INSTALL_ARCH=${INSTALL_ARCH:-$(yaml_var "$1" install_arch)} + INSTALL_MACHINE=${INSTALL_MACHINE:-$(yaml_var "$1" install_machine)} + INSTALL_CPU_MODEL=${INSTALL_CPU_MODEL:-$(yaml_var "$1" install_cpu_model)} + INSTALL_VCPUS=${INSTALL_VCPUS:-$(yaml_var "$1" install_vcpus)} + INSTALL_MEMORY_SIZE=${INSTALL_MEMORY_SIZE:-$(yaml_var "$1" install_memory_size)} + INSTALL_DISK_SIZE=${INSTALL_DISK_SIZE:-$(yaml_var "$1" install_disk_size)} + INSTALL_STORAGE_POOL=${INSTALL_STORAGE_POOL:-$(yaml_var "$1" install_storage_pool)} + INSTALL_NETWORK=${INSTALL_NETWORK:-$(yaml_var "$1" install_network)} +} + # ---------------------- # User-visible actions # ---------------------- @@ -35,6 +63,7 @@ Usage: $CALL_NAME ACTION [OPTIONS] Actions: list List known guests + install GUEST Install GUEST prepare GUEST|all Prepare or update GUEST. Can be run multiple times update GUEST|all Alias for prepare help Display this help" @@ -46,6 +75,58 @@ do_list() { grep -vE '^#|^\[|^$' inventory | sort -u } +do_install() +{ + GUEST="$1" + + test "$GUEST" || { + die "$(do_help)" + } + do_list | grep -q "$GUEST" || { + die "$PROGRAM_NAME: $GUEST: Unknown guest" + } + test -f "host_vars/$GUEST/install.yml" || { + die "$PROGRAM_NAME: $GUEST: Missing configuration, guest must be installed manually" + } + + # Load configuration files. Values don't get overwritten after being + # set the first time, so loading the host-specific configuration before + # the group configuration ensures overrides work as expected + load_config "host_vars/$GUEST/install.yml" + load_config "group_vars/all/install.yml" + + # Both memory size and disk size use GiB as unit, but virt-install wants + # disk size in GiB and memory size in *MiB*, so perform conversion here + INSTALL_MEMORY_SIZE=$(expr "$INSTALL_MEMORY_SIZE" \* 1024 2>/dev/null) + + # preseed files must use a well-known name to be picked up by d-i; + # for kickstart files, we can use whatever name we please but we need + # to point anaconda in the right direction through a kernel argument + case "$INSTALL_CONFIG" in + *kickstart*|*ks*) EXTRA_ARGS="ks=file:/${INSTALL_CONFIG##*/}" ;; + esac + + virt-install \ + --name "$GUEST" \ + --location "$INSTALL_URL" \ + --virt-type "$INSTALL_VIRT_TYPE" \ + --arch "$INSTALL_ARCH" \ + --machine "$INSTALL_MACHINE" \ + --cpu "$INSTALL_CPU_MODEL" \ + --vcpus "$INSTALL_VCPUS" \ + --memory "$INSTALL_MEMORY_SIZE" \ + --disk "size=$INSTALL_DISK_SIZE,pool=$INSTALL_STORAGE_POOL,bus=virtio" \ + --network "network=$INSTALL_NETWORK,model=virtio" \ + --graphics none \ + --console pty \ + --sound none \ + --controller usb,model=none \ + --initrd-inject "$INSTALL_CONFIG" \ + --extra-args "console=ttyS0 $EXTRA_ARGS" \ + --autostart \ + --wait 0 +} + do_prepare() { GUEST="$1" @@ -95,6 +176,7 @@ test -f "$PROGRAM_NAME" || { case "$1" in list) do_list ;; + install) do_install "$2" ;; prepare|update) do_prepare "$2" ;; *help) do_help ;; *) die "$(do_help)" ;; diff --git a/guests/preseed.cfg b/guests/preseed.cfg new file mode 100644 index 0000000..00fd20d --- /dev/null +++ b/guests/preseed.cfg @@ -0,0 +1,85 @@ +# Installer configuration +# +# Perform an automated installation where only critical questions +# are asked interactively +d-i auto-install/enable boolean true +d-i debconf/priority string critical +d-i finish-install/reboot_in_progress note + + +# Environment configuration +# +# Locale, keyboard and timezone. All these will be configured again +# later with Ansible, but they're required information so we must +# provide them +d-i debian-installer/locale string en_US.UTF-8 +d-i keyboard-configuration/xkb-keymap select us +d-i time/zone string UTC +d-i clock-setup/utc boolean true +d-i clock-setup/ntp boolean true + + +# User creation +# +# We don't create any user except for root. We can use a very insecure +# root password here because it will be replaced with a used-defined one +# with Ansible immediately after installation +d-i passwd/make-user boolean false +d-i passwd/root-login boolean true +d-i passwd/root-password password root +d-i passwd/root-password-again password root +d-i user-setup/allow-password-weak boolean true + + +# Partition disk +# +# Erase everything and set up a 2 GiB swap partition, then assign all +# remaining space to the root partition +d-i partman-auto/disk string /dev/vda +d-i partman-auto/method string regular +d-i partman-auto/expert_recipe string \ + custom :: \ + 2048 2048 -1 ext4 \ + $primary{ } $bootable{ } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext4 } \ + mountpoint{ / } \ + . \ + 256 256 256 linux-swap \ + $primary{ } \ + method{ swap } format{ } \ + . +d-i partman-partitioning/confirm_write_new_label boolean true +d-i partman/choose_partition select finish +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true + + +# Install bootloader +# +# The bootloader will be installed in the MBR +d-i grub-installer/skip boolean false +d-i grub-installer/bootdev string /dev/vda +d-i grub-installer/only_debian boolean true + + +# Configure networking +# +# The only network interface available to the guest will come up +# at boot using DHCP +d-i netcfg/enable boolean true +d-i netcfg/choose_interface select auto +d-i netcfg/get_hostname string localhost +d-i netcfg/get_domain string localdomain + + +# Software installation +# +# Only install the very base packages: everything else will be +# installed later using Ansible. We need to install openssh-server +# and configure it to permit root login now, though, otherwise we +# won't be able to access the machine for Ansible use later on +tasksel tasksel/first multiselect standard +d-i pkgsel/upgrade select none +d-i pkgsel/include string openssh-server +d-i preseed/late_command string in-target sed -i 's/^#*\s*PermitRootLogin\s*.*$/PermitRootLogin yes/g' /etc/ssh/sshd_config -- 2.13.6
On Wed, Oct 18, 2017 at 07:11:49PM +0200, Andrea Bolognani wrote:
The lcitool script can now be used to install most known guests without requiring user interaction.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> ---
[...]
diff --git a/guests/kickstart.cfg b/guests/kickstart.cfg new file mode 100644 index 0000000..603c0ae --- /dev/null +++ b/guests/kickstart.cfg @@ -0,0 +1,60 @@ +# Installer configuration +# +# Perform a text based installation followed by a reboot, and disable +# the first boot assistant +text +install +reboot +firstboot --disable + + +# Environment configuration +# +# Locale, keyboard and timezone. All these will be configured again +# later with Ansible, but they're required information so we must +# provide them +lang en_US.UTF-8 +keyboard us +timezone --utc UTC + + +# User creation +# +# We don't create any user except for root. We can use a very insecure +# root password here because it will be replaced with a used-defined one +# with Ansible immediately after installation +authconfig --enableshadow --passalgo=sha512 +rootpw --plaintext root + + +# Partition disk +# +# Erase everything and set up a 2 GiB swap partition, then assign all
s/2 GiB/256 MiB/
+# remaining space to the root partition +ignoredisk --only-use=vda +zerombr +clearpart --none +part / --fstype=ext4 --size=2048 --grow +part swap --fstype=swap --size=256 + + +# Install bootloader +# +# The bootloader will be installed in the MBR +bootloader --location=mbr --timeout=1 + + +# Configure networking +# +# The only network interface available to the guest will come up +# at boot using IPv4-only DHCP +network --bootproto=dhcp --noipv6 --activate --onboot=yes + + +# Software installation +# +# Only install the very base packages: everything else will be +# installed later using Ansible +%packages +@core +%end
[...]
diff --git a/guests/preseed.cfg b/guests/preseed.cfg new file mode 100644 index 0000000..00fd20d --- /dev/null +++ b/guests/preseed.cfg @@ -0,0 +1,85 @@ +# Installer configuration +# +# Perform an automated installation where only critical questions +# are asked interactively +d-i auto-install/enable boolean true +d-i debconf/priority string critical +d-i finish-install/reboot_in_progress note + + +# Environment configuration +# +# Locale, keyboard and timezone. All these will be configured again +# later with Ansible, but they're required information so we must +# provide them +d-i debian-installer/locale string en_US.UTF-8 +d-i keyboard-configuration/xkb-keymap select us +d-i time/zone string UTC +d-i clock-setup/utc boolean true +d-i clock-setup/ntp boolean true + + +# User creation +# +# We don't create any user except for root. We can use a very insecure +# root password here because it will be replaced with a used-defined one +# with Ansible immediately after installation +d-i passwd/make-user boolean false +d-i passwd/root-login boolean true +d-i passwd/root-password password root +d-i passwd/root-password-again password root +d-i user-setup/allow-password-weak boolean true + + +# Partition disk +# +# Erase everything and set up a 2 GiB swap partition, then assign all
s/2 GiB/256 MiB/
+# remaining space to the root partition +d-i partman-auto/disk string /dev/vda +d-i partman-auto/method string regular +d-i partman-auto/expert_recipe string \ + custom :: \ + 2048 2048 -1 ext4 \ + $primary{ } $bootable{ } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext4 } \ + mountpoint{ / } \ + . \ + 256 256 256 linux-swap \ + $primary{ } \ + method{ swap } format{ } \ + . +d-i partman-partitioning/confirm_write_new_label boolean true +d-i partman/choose_partition select finish +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true + + +# Install bootloader +# +# The bootloader will be installed in the MBR +d-i grub-installer/skip boolean false +d-i grub-installer/bootdev string /dev/vda +d-i grub-installer/only_debian boolean true + + +# Configure networking +# +# The only network interface available to the guest will come up +# at boot using DHCP +d-i netcfg/enable boolean true +d-i netcfg/choose_interface select auto +d-i netcfg/get_hostname string localhost +d-i netcfg/get_domain string localdomain + + +# Software installation +# +# Only install the very base packages: everything else will be +# installed later using Ansible. We need to install openssh-server +# and configure it to permit root login now, though, otherwise we +# won't be able to access the machine for Ansible use later on +tasksel tasksel/first multiselect standard +d-i pkgsel/upgrade select none +d-i pkgsel/include string openssh-server +d-i preseed/late_command string in-target sed -i 's/^#*\s*PermitRootLogin\s*.*$/PermitRootLogin yes/g' /etc/ssh/sshd_config -- 2.13.6
-- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Both GRUB and the FreeBSD bootloader need some tweaking to make sure the OS will display boot messages and provide a login prompt on the serial console, which is useful when SSH access can't be used for whatever reason. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- guests/tasks/base.yml | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/guests/tasks/base.yml b/guests/tasks/base.yml index a9066e4..db805b8 100644 --- a/guests/tasks/base.yml +++ b/guests/tasks/base.yml @@ -115,3 +115,53 @@ line: 'PermitRootLogin without-password' state: present backup: yes + +- name: Look for GRUB configuration + stat: + path: /etc/default/grub + register: grubdefault + +- name: Look for GRUB configuration + stat: + path: /boot/grub/grub.cfg + register: grubcfg + +- name: Look for GRUB configuration + stat: + path: /boot/grub2/grub.cfg + register: grub2cfg + +- name: Configure GRUB + lineinfile: + path: /etc/default/grub + regexp: '^{{ item.key }}=.*$' + line: '{{ item.key }}="{{ item.value }}"' + backup: yes + with_items: + - { key: 'GRUB_TIMEOUT', value: '1' } + - { key: 'GRUB_CMDLINE_LINUX_DEFAULT', value: 'console=ttyS0' } + - { key: 'GRUB_CMDLINE_LINUX', value: 'console=ttyS0' } + - { key: 'GRUB_TERMINAL', value: 'serial' } + - { key: 'GRUB_SERIAL_COMMAND', value: 'serial' } + when: + - grubdefault.stat.exists + +- name: Apply GRUB configuration + command: 'grub-mkconfig -o /boot/grub/grub.cfg' + when: + - grubcfg.stat.exists + +- name: Apply GRUB configuration + command: 'grub2-mkconfig -o /boot/grub2/grub.cfg' + when: + - grub2cfg.stat.exists + +- name: Configure the FreeBSD bootloader + lineinfile: + path: /boot/loader.conf + regexp: '^console=.*$' + line: 'console="comconsole"' + create: yes + backup: yes + when: + - os_name == 'FreeBSD' -- 2.13.6
On Wed, Oct 18, 2017 at 07:11:50PM +0200, Andrea Bolognani wrote:
Both GRUB and the FreeBSD bootloader need some tweaking to make sure the OS will display boot messages and provide a login prompt on the serial console, which is useful when SSH access can't be used for whatever reason.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- guests/tasks/base.yml | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+)
diff --git a/guests/tasks/base.yml b/guests/tasks/base.yml index a9066e4..db805b8 100644 --- a/guests/tasks/base.yml +++ b/guests/tasks/base.yml @@ -115,3 +115,53 @@ line: 'PermitRootLogin without-password' state: present backup: yes + +- name: Look for GRUB configuration + stat: + path: /etc/default/grub + register: grubdefault + +- name: Look for GRUB configuration + stat: + path: /boot/grub/grub.cfg + register: grubcfg + +- name: Look for GRUB configuration
s/GRUB/GRUB2/
+ stat: + path: /boot/grub2/grub.cfg + register: grub2cfg + +- name: Configure GRUB + lineinfile: + path: /etc/default/grub + regexp: '^{{ item.key }}=.*$' + line: '{{ item.key }}="{{ item.value }}"' + backup: yes + with_items: + - { key: 'GRUB_TIMEOUT', value: '1' } + - { key: 'GRUB_CMDLINE_LINUX_DEFAULT', value: 'console=ttyS0' } + - { key: 'GRUB_CMDLINE_LINUX', value: 'console=ttyS0' } + - { key: 'GRUB_TERMINAL', value: 'serial' } + - { key: 'GRUB_SERIAL_COMMAND', value: 'serial' } + when: + - grubdefault.stat.exists + +- name: Apply GRUB configuration + command: 'grub-mkconfig -o /boot/grub/grub.cfg' + when: + - grubcfg.stat.exists + +- name: Apply GRUB configuration
s/GRUB/GRUB2/
+ command: 'grub2-mkconfig -o /boot/grub2/grub.cfg' + when: + - grub2cfg.stat.exists + +- name: Configure the FreeBSD bootloader + lineinfile: + path: /boot/loader.conf + regexp: '^console=.*$' + line: 'console="comconsole"' + create: yes + backup: yes + when: + - os_name == 'FreeBSD' -- 2.13.6
-- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- guests/README.markdown | 91 +++++++++++++++++++++++++++++++++++--------------- 1 file changed, 64 insertions(+), 27 deletions(-) diff --git a/guests/README.markdown b/guests/README.markdown index 4d464e1..100ca31 100644 --- a/guests/README.markdown +++ b/guests/README.markdown @@ -1,38 +1,55 @@ -Ansible playbooks for libvirt CI -================================ +libvirt CI - guest management tools +=================================== -These can be used to turn a freshly installed machine into a worker for -the Jenkins-based libvirt CI. +The tools contained in this directory simplify and automate the management +of the guests used by the Jenkins-based libvirt CI environment. -There are two main playbooks: +There are two steps to bringing up a guest: -* `bootstrap.yml`, used to perform the bootstrapping phase, that is, getting - guests to the point where Ansible can manage them fully and prompting the - user for a password is no longer required; +* `./lcitool install $guest` will perform an unattended installation + of `$guest`. Not all guests can be installed this way: see the "FreeBSD" + section below; -* `site.yml`, used for the remaining configuration steps. +* `./lcitool prepare $guest` will go through all the post-installation + configuration steps required to make the newly-created guest usable as + part of the Jenkins CI setup. -Although you can use the playbooks directly, it's much more convenient to -call either `make bootstrap` or `make site` instead. +Once those steps have been performed, maintainance will involve running: -Each guest only needs to be bootstrapped once; that said, both playbooks are -idempotent so there's no harm in applying them over and over again. +* `./lcitool update $guest` +periodically to ensure the guest configuration is sane and all installed +packages are updated. -Requirements ------------- -SSH must be running in the guest, and root login must be permitted. +Host setup +---------- +Ansible and `virt-install` need to be available on the host. -CI use ------- +Before you can start bringing up guests, you'll have to store your +site-specific root password in the `~/.config/lcitool/root-password` file. +This password will only be necessary for serial console access in case +something goes horribly wrong; for day to day operations, SSH key +authentication will be used instead. -After you have reinstalled a Jenkins worker, run `make bootstrap` followed -by `make site` and a reboot to get it ready for CI use. No further action -should be necessary. +Ansible expects to be able to connect to the guests by name: installing and +enabling the [libvirt NSS plugin](https://wiki.libvirt.org/page/NSS_module) +on the host is the easiest way to make sure that works. More specifically, +you'll want to use the `libvirt_guest` variant of the plugin. -Adding new workers will require tweaking the inventory and host variables, +To keep guests up to date over time, it's recommended to have an entry +along the lines of + + 0 0 * * * cd ~/libvirt-jenkins-ci/guests && ./lcitool update all + +in your crontab. + + +Adding new guests +----------------- + +Adding new guests will require tweaking the inventory and host variables, but it should be very easy to eg. use the Fedora 26 configuration to come up with a working Fedora 27 configuration. @@ -40,11 +57,11 @@ up with a working Fedora 27 configuration. Development use --------------- -If you are a developer trying to reproduce a bug on some OS you don't have -easy access to, you can use these playbooks to create a suitable test +If you are a developer trying to reproduce a bug on some OS you don't +have easy access to, you can use these tools to create a suitable test environment. -Since the playbooks are intended mainly for CI use, you'll have to tweak them +Since the tools are intended mainly for CI use, you'll have to tweak them a bit first, including: * trimming down the `inventory` file to just the guest you're interested in; @@ -56,5 +73,25 @@ a bit first, including: * deleting `host_vars/$guest/vault.yml` altogether. -After performing these tweaks, you should be able to just run `make bootstrap` -followed by `make site` as usual. +After performing these tweaks, you should be able to use the same steps +outlined above. + +A better way to deal with this use case will be provided in the future. + + +FreeBSD +------- + +Installation of FreeBSD guests must be performed manually; alternatively, +the official qcow2 images can be used to quickly bring up such guests. + +Some manual tweaking will be needed, in particular: + +* `/etc/ssh/sshd_config` must contain the `PermitRootLogin yes` directive; + +* `/etc/rc.conf` must contain the `sshd_enable="YES"` setting; + +* the root password must be manually set to "root" (without quotes). + +Once these steps have been performed, FreeBSD guests can be managed just +like all other guests. -- 2.13.6
On Wed, Oct 18, 2017 at 07:11:45PM +0200, Andrea Bolognani wrote:
Changes from [v1]:
* guest changes - set root password to a user-provided value - only allow key-based SSH login for root - configure serial console for emergency access - disable audio, video and USB - allocate 256 MiB for swap instead of 2 GiB
Why wap in such a virtual machine?
- allocate 15 GiB for storage instead of 10 GiB - use host-passthrough CPU mode - set timezone to UTC
* tool changes - rename to lcitool - implement basic configuration support - refuse to run from outside the source directory - provide better error messages
* others - improve documentation, mainly the host setup part
[v1] https://www.redhat.com/archives/libvir-list/2017-October/msg00651.html
I can't speak about the installation decisions, that's something that was already used anyway, I guess, but apart from that, it's pretty neat if I do say so myself. I'd ACK it, but I see Dan and Pavel have more insight into this, so I'll let them do a proper review, just wanted to point out that I think this is something which will streamline not only our Jenkins CI, but other things as well. Maybe we'll need to rename the repo then :D Have a nice noodles^Wday, Martin
On Thu, Oct 19, 2017 at 11:10:21AM +0200, Martin Kletzander wrote:
On Wed, Oct 18, 2017 at 07:11:45PM +0200, Andrea Bolognani wrote:
Changes from [v1]:
* guest changes - set root password to a user-provided value - only allow key-based SSH login for root - configure serial console for emergency access - disable audio, video and USB - allocate 256 MiB for swap instead of 2 GiB
Why wap in such a virtual machine?
Even if you don't expect to use / need it, it is generally a good idea to give a few 100 MB of swap. This gives the kernel MM greater flexibility to re-arrange memory when it starts to get low on free RAM. Without it, you can hit OOM despite technically having enough RAM free. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On Wed, Oct 18, 2017 at 07:11:45PM +0200, Andrea Bolognani wrote:
Changes from [v1]:
* guest changes - set root password to a user-provided value - only allow key-based SSH login for root - configure serial console for emergency access - disable audio, video and USB - allocate 256 MiB for swap instead of 2 GiB - allocate 15 GiB for storage instead of 10 GiB - use host-passthrough CPU mode - set timezone to UTC
* tool changes - rename to lcitool - implement basic configuration support - refuse to run from outside the source directory - provide better error messages
* others - improve documentation, mainly the host setup part
[v1] https://www.redhat.com/archives/libvir-list/2017-October/msg00651.html
Andrea Bolognani (6): guests: Rename from 'ansible' guests: Introduce lcitool guests: Remove bootstrap phase guests: Add unattended installation support guests: Configure bootloaders guests: Update documentation
There are some nits pointed out but otherwise this looks really good, thanks for all the work :). Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
participants (4)
-
Andrea Bolognani -
Daniel P. Berrange -
Martin Kletzander -
Pavel Hrdina