12:11 p.m.
Changes from [v1]:
* guest changes
- set root password to a user-provided value
- only allow key-based SSH login for root
- configure serial console for emergency access
- disable audio, video and USB
- allocate 256 MiB for swap instead of 2 GiB
- allocate 15 GiB for storage instead of 10 GiB
- use host-passthrough CPU mode
- set timezone to UTC
* tool changes
- rename to lcitool
- implement basic configuration support
- refuse to run from outside the source directory
- provide better error messages
* others
- improve documentation, mainly the host setup part
[v1] https://www.redhat.com/archives/libvir-list/2017-October/msg00651.html
Andrea Bolognani (6):
guests: Rename from 'ansible'
guests: Introduce lcitool
guests: Remove bootstrap phase
guests: Add unattended installation support
guests: Configure bootloaders
guests: Update documentation
ansible/Makefile | 12 --
ansible/README.markdown | 60 -------
ansible/bootstrap.yml | 15 --
{ansible => guests}/.gitignore | 0
guests/README.markdown | 97 +++++++++++
{ansible => guests}/ansible.cfg | 1 -
guests/group_vars/all/install.yml | 11 ++
{ansible => guests}/group_vars/all/main.yml | 5 +
guests/host_vars/libvirt-centos-6/install.yml | 3 +
.../host_vars/libvirt-centos-6/main.yml | 0
.../host_vars/libvirt-centos-6/vault.yml | 0
guests/host_vars/libvirt-centos-7/install.yml | 3 +
.../host_vars/libvirt-centos-7/main.yml | 0
.../host_vars/libvirt-centos-7/vault.yml | 0
guests/host_vars/libvirt-debian-8/install.yml | 3 +
.../host_vars/libvirt-debian-8/main.yml | 0
.../host_vars/libvirt-debian-8/vault.yml | 0
guests/host_vars/libvirt-debian-9/install.yml | 3 +
.../host_vars/libvirt-debian-9/main.yml | 0
.../host_vars/libvirt-debian-9/vault.yml | 0
guests/host_vars/libvirt-fedora-25/install.yml | 3 +
.../host_vars/libvirt-fedora-25/main.yml | 0
.../host_vars/libvirt-fedora-25/vault.yml | 0
guests/host_vars/libvirt-fedora-26/install.yml | 3 +
.../host_vars/libvirt-fedora-26/main.yml | 0
.../host_vars/libvirt-fedora-26/vault.yml | 0
.../host_vars/libvirt-fedora-rawhide/install.yml | 3 +
.../host_vars/libvirt-fedora-rawhide/main.yml | 0
.../host_vars/libvirt-fedora-rawhide/vault.yml | 0
.../host_vars/libvirt-freebsd-10/main.yml | 0
.../host_vars/libvirt-freebsd-10/vault.yml | 0
.../host_vars/libvirt-freebsd-11/main.yml | 0
.../host_vars/libvirt-freebsd-11/vault.yml | 0
guests/host_vars/libvirt-ubuntu-12/install.yml | 3 +
.../host_vars/libvirt-ubuntu-12/main.yml | 0
.../host_vars/libvirt-ubuntu-12/vault.yml | 0
guests/host_vars/libvirt-ubuntu-14/install.yml | 3 +
.../host_vars/libvirt-ubuntu-14/main.yml | 0
.../host_vars/libvirt-ubuntu-14/vault.yml | 0
guests/host_vars/libvirt-ubuntu-16/install.yml | 3 +
.../host_vars/libvirt-ubuntu-16/main.yml | 0
.../host_vars/libvirt-ubuntu-16/vault.yml | 0
{ansible => guests}/inventory | 0
guests/kickstart.cfg | 60 +++++++
guests/lcitool | 183 +++++++++++++++++++++
guests/preseed.cfg | 85 ++++++++++
{ansible => guests}/site.yml | 8 +
{ansible => guests}/tasks/base.yml | 61 ++++++-
{ansible => guests}/tasks/bootstrap.yml | 0
{ansible => guests}/tasks/compat.yml | 0
{ansible => guests}/tasks/jenkins.yml | 0
{ansible => guests}/tasks/packages.yml | 0
{ansible => guests}/templates/jenkins.service.j2 | 0
{ansible => guests}/vars/mappings.yml | 0
{ansible => guests}/vars/projects/base.yml | 0
{ansible => guests}/vars/projects/jenkins.yml | 0
{ansible => guests}/vars/projects/libosinfo.yml | 0
{ansible => guests}/vars/projects/libvirt-cim.yml | 0
{ansible => guests}/vars/projects/libvirt-glib.yml | 0
.../vars/projects/libvirt-go-xml.yml | 0
{ansible => guests}/vars/projects/libvirt-go.yml | 0
{ansible => guests}/vars/projects/libvirt-perl.yml | 0
.../vars/projects/libvirt-python.yml | 0
.../vars/projects/libvirt-sandbox.yml | 0
{ansible => guests}/vars/projects/libvirt-tck.yml | 0
{ansible => guests}/vars/projects/libvirt.yml | 0
.../vars/projects/osinfo-db-tools.yml | 0
{ansible => guests}/vars/projects/osinfo-db.yml | 0
{ansible => guests}/vars/projects/virt-manager.yml | 0
{ansible => guests}/vars/projects/virt-viewer.yml | 0
70 files changed, 539 insertions(+), 89 deletions(-)
delete mode 100644 ansible/Makefile
delete mode 100644 ansible/README.markdown
delete mode 100644 ansible/bootstrap.yml
rename {ansible => guests}/.gitignore (100%)
create mode 100644 guests/README.markdown
rename {ansible => guests}/ansible.cfg (71%)
create mode 100644 guests/group_vars/all/install.yml
rename {ansible => guests}/group_vars/all/main.yml (51%)
create mode 100644 guests/host_vars/libvirt-centos-6/install.yml
rename {ansible => guests}/host_vars/libvirt-centos-6/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-centos-6/vault.yml (100%)
create mode 100644 guests/host_vars/libvirt-centos-7/install.yml
rename {ansible => guests}/host_vars/libvirt-centos-7/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-centos-7/vault.yml (100%)
create mode 100644 guests/host_vars/libvirt-debian-8/install.yml
rename {ansible => guests}/host_vars/libvirt-debian-8/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-debian-8/vault.yml (100%)
create mode 100644 guests/host_vars/libvirt-debian-9/install.yml
rename {ansible => guests}/host_vars/libvirt-debian-9/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-debian-9/vault.yml (100%)
create mode 100644 guests/host_vars/libvirt-fedora-25/install.yml
rename {ansible => guests}/host_vars/libvirt-fedora-25/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-fedora-25/vault.yml (100%)
create mode 100644 guests/host_vars/libvirt-fedora-26/install.yml
rename {ansible => guests}/host_vars/libvirt-fedora-26/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-fedora-26/vault.yml (100%)
create mode 100644 guests/host_vars/libvirt-fedora-rawhide/install.yml
rename {ansible => guests}/host_vars/libvirt-fedora-rawhide/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-fedora-rawhide/vault.yml (100%)
rename {ansible => guests}/host_vars/libvirt-freebsd-10/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-freebsd-10/vault.yml (100%)
rename {ansible => guests}/host_vars/libvirt-freebsd-11/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-freebsd-11/vault.yml (100%)
create mode 100644 guests/host_vars/libvirt-ubuntu-12/install.yml
rename {ansible => guests}/host_vars/libvirt-ubuntu-12/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-ubuntu-12/vault.yml (100%)
create mode 100644 guests/host_vars/libvirt-ubuntu-14/install.yml
rename {ansible => guests}/host_vars/libvirt-ubuntu-14/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-ubuntu-14/vault.yml (100%)
create mode 100644 guests/host_vars/libvirt-ubuntu-16/install.yml
rename {ansible => guests}/host_vars/libvirt-ubuntu-16/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-ubuntu-16/vault.yml (100%)
rename {ansible => guests}/inventory (100%)
create mode 100644 guests/kickstart.cfg
create mode 100755 guests/lcitool
create mode 100644 guests/preseed.cfg
rename {ansible => guests}/site.yml (83%)
rename {ansible => guests}/tasks/base.yml (58%)
rename {ansible => guests}/tasks/bootstrap.yml (100%)
rename {ansible => guests}/tasks/compat.yml (100%)
rename {ansible => guests}/tasks/jenkins.yml (100%)
rename {ansible => guests}/tasks/packages.yml (100%)
rename {ansible => guests}/templates/jenkins.service.j2 (100%)
rename {ansible => guests}/vars/mappings.yml (100%)
rename {ansible => guests}/vars/projects/base.yml (100%)
rename {ansible => guests}/vars/projects/jenkins.yml (100%)
rename {ansible => guests}/vars/projects/libosinfo.yml (100%)
rename {ansible => guests}/vars/projects/libvirt-cim.yml (100%)
rename {ansible => guests}/vars/projects/libvirt-glib.yml (100%)
rename {ansible => guests}/vars/projects/libvirt-go-xml.yml (100%)
rename {ansible => guests}/vars/projects/libvirt-go.yml (100%)
rename {ansible => guests}/vars/projects/libvirt-perl.yml (100%)
rename {ansible => guests}/vars/projects/libvirt-python.yml (100%)
rename {ansible => guests}/vars/projects/libvirt-sandbox.yml (100%)
rename {ansible => guests}/vars/projects/libvirt-tck.yml (100%)
rename {ansible => guests}/vars/projects/libvirt.yml (100%)
rename {ansible => guests}/vars/projects/osinfo-db-tools.yml (100%)
rename {ansible => guests}/vars/projects/osinfo-db.yml (100%)
rename {ansible => guests}/vars/projects/virt-manager.yml (100%)
rename {ansible => guests}/vars/projects/virt-viewer.yml (100%)
--
2.13.6
12:11 p.m.
New subject: [libvirt] [libvirt-jenkins-ci PATCH v2 1/6] guests: Rename from 'ansible'
There will be more than just Ansible playbooks in that directory
pretty soon, so a more generic name is more appropriate.
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
{ansible => guests}/.gitignore | 0
{ansible => guests}/Makefile | 0
{ansible => guests}/README.markdown | 0
{ansible => guests}/ansible.cfg | 0
{ansible => guests}/bootstrap.yml | 0
{ansible => guests}/group_vars/all/main.yml | 0
{ansible => guests}/host_vars/libvirt-centos-6/main.yml | 0
{ansible => guests}/host_vars/libvirt-centos-6/vault.yml | 0
{ansible => guests}/host_vars/libvirt-centos-7/main.yml | 0
{ansible => guests}/host_vars/libvirt-centos-7/vault.yml | 0
{ansible => guests}/host_vars/libvirt-debian-8/main.yml | 0
{ansible => guests}/host_vars/libvirt-debian-8/vault.yml | 0
{ansible => guests}/host_vars/libvirt-debian-9/main.yml | 0
{ansible => guests}/host_vars/libvirt-debian-9/vault.yml | 0
{ansible => guests}/host_vars/libvirt-fedora-25/main.yml | 0
{ansible => guests}/host_vars/libvirt-fedora-25/vault.yml | 0
{ansible => guests}/host_vars/libvirt-fedora-26/main.yml | 0
{ansible => guests}/host_vars/libvirt-fedora-26/vault.yml | 0
{ansible => guests}/host_vars/libvirt-fedora-rawhide/main.yml | 0
{ansible => guests}/host_vars/libvirt-fedora-rawhide/vault.yml | 0
{ansible => guests}/host_vars/libvirt-freebsd-10/main.yml | 0
{ansible => guests}/host_vars/libvirt-freebsd-10/vault.yml | 0
{ansible => guests}/host_vars/libvirt-freebsd-11/main.yml | 0
{ansible => guests}/host_vars/libvirt-freebsd-11/vault.yml | 0
{ansible => guests}/host_vars/libvirt-ubuntu-12/main.yml | 0
{ansible => guests}/host_vars/libvirt-ubuntu-12/vault.yml | 0
{ansible => guests}/host_vars/libvirt-ubuntu-14/main.yml | 0
{ansible => guests}/host_vars/libvirt-ubuntu-14/vault.yml | 0
{ansible => guests}/host_vars/libvirt-ubuntu-16/main.yml | 0
{ansible => guests}/host_vars/libvirt-ubuntu-16/vault.yml | 0
{ansible => guests}/inventory | 0
{ansible => guests}/site.yml | 0
{ansible => guests}/tasks/base.yml | 0
{ansible => guests}/tasks/bootstrap.yml | 0
{ansible => guests}/tasks/compat.yml | 0
{ansible => guests}/tasks/jenkins.yml | 0
{ansible => guests}/tasks/packages.yml | 0
{ansible => guests}/templates/jenkins.service.j2 | 0
{ansible => guests}/vars/mappings.yml | 0
{ansible => guests}/vars/projects/base.yml | 0
{ansible => guests}/vars/projects/jenkins.yml | 0
{ansible => guests}/vars/projects/libosinfo.yml | 0
{ansible => guests}/vars/projects/libvirt-cim.yml | 0
{ansible => guests}/vars/projects/libvirt-glib.yml | 0
{ansible => guests}/vars/projects/libvirt-go-xml.yml | 0
{ansible => guests}/vars/projects/libvirt-go.yml | 0
{ansible => guests}/vars/projects/libvirt-perl.yml | 0
{ansible => guests}/vars/projects/libvirt-python.yml | 0
{ansible => guests}/vars/projects/libvirt-sandbox.yml | 0
{ansible => guests}/vars/projects/libvirt-tck.yml | 0
{ansible => guests}/vars/projects/libvirt.yml | 0
{ansible => guests}/vars/projects/osinfo-db-tools.yml | 0
{ansible => guests}/vars/projects/osinfo-db.yml | 0
{ansible => guests}/vars/projects/virt-manager.yml | 0
{ansible => guests}/vars/projects/virt-viewer.yml | 0
55 files changed, 0 insertions(+), 0 deletions(-)
rename {ansible => guests}/.gitignore (100%)
rename {ansible => guests}/Makefile (100%)
rename {ansible => guests}/README.markdown (100%)
rename {ansible => guests}/ansible.cfg (100%)
rename {ansible => guests}/bootstrap.yml (100%)
rename {ansible => guests}/group_vars/all/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-centos-6/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-centos-6/vault.yml (100%)
rename {ansible => guests}/host_vars/libvirt-centos-7/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-centos-7/vault.yml (100%)
rename {ansible => guests}/host_vars/libvirt-debian-8/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-debian-8/vault.yml (100%)
rename {ansible => guests}/host_vars/libvirt-debian-9/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-debian-9/vault.yml (100%)
rename {ansible => guests}/host_vars/libvirt-fedora-25/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-fedora-25/vault.yml (100%)
rename {ansible => guests}/host_vars/libvirt-fedora-26/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-fedora-26/vault.yml (100%)
rename {ansible => guests}/host_vars/libvirt-fedora-rawhide/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-fedora-rawhide/vault.yml (100%)
rename {ansible => guests}/host_vars/libvirt-freebsd-10/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-freebsd-10/vault.yml (100%)
rename {ansible => guests}/host_vars/libvirt-freebsd-11/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-freebsd-11/vault.yml (100%)
rename {ansible => guests}/host_vars/libvirt-ubuntu-12/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-ubuntu-12/vault.yml (100%)
rename {ansible => guests}/host_vars/libvirt-ubuntu-14/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-ubuntu-14/vault.yml (100%)
rename {ansible => guests}/host_vars/libvirt-ubuntu-16/main.yml (100%)
rename {ansible => guests}/host_vars/libvirt-ubuntu-16/vault.yml (100%)
rename {ansible => guests}/inventory (100%)
rename {ansible => guests}/site.yml (100%)
rename {ansible => guests}/tasks/base.yml (100%)
rename {ansible => guests}/tasks/bootstrap.yml (100%)
rename {ansible => guests}/tasks/compat.yml (100%)
rename {ansible => guests}/tasks/jenkins.yml (100%)
rename {ansible => guests}/tasks/packages.yml (100%)
rename {ansible => guests}/templates/jenkins.service.j2 (100%)
rename {ansible => guests}/vars/mappings.yml (100%)
rename {ansible => guests}/vars/projects/base.yml (100%)
rename {ansible => guests}/vars/projects/jenkins.yml (100%)
rename {ansible => guests}/vars/projects/libosinfo.yml (100%)
rename {ansible => guests}/vars/projects/libvirt-cim.yml (100%)
rename {ansible => guests}/vars/projects/libvirt-glib.yml (100%)
rename {ansible => guests}/vars/projects/libvirt-go-xml.yml (100%)
rename {ansible => guests}/vars/projects/libvirt-go.yml (100%)
rename {ansible => guests}/vars/projects/libvirt-perl.yml (100%)
rename {ansible => guests}/vars/projects/libvirt-python.yml (100%)
rename {ansible => guests}/vars/projects/libvirt-sandbox.yml (100%)
rename {ansible => guests}/vars/projects/libvirt-tck.yml (100%)
rename {ansible => guests}/vars/projects/libvirt.yml (100%)
rename {ansible => guests}/vars/projects/osinfo-db-tools.yml (100%)
rename {ansible => guests}/vars/projects/osinfo-db.yml (100%)
rename {ansible => guests}/vars/projects/virt-manager.yml (100%)
rename {ansible => guests}/vars/projects/virt-viewer.yml (100%)
diff --git a/ansible/.gitignore b/guests/.gitignore
similarity index 100%
rename from ansible/.gitignore
rename to guests/.gitignore
diff --git a/ansible/Makefile b/guests/Makefile
similarity index 100%
rename from ansible/Makefile
rename to guests/Makefile
diff --git a/ansible/README.markdown b/guests/README.markdown
similarity index 100%
rename from ansible/README.markdown
rename to guests/README.markdown
diff --git a/ansible/ansible.cfg b/guests/ansible.cfg
similarity index 100%
rename from ansible/ansible.cfg
rename to guests/ansible.cfg
diff --git a/ansible/bootstrap.yml b/guests/bootstrap.yml
similarity index 100%
rename from ansible/bootstrap.yml
rename to guests/bootstrap.yml
diff --git a/ansible/group_vars/all/main.yml b/guests/group_vars/all/main.yml
similarity index 100%
rename from ansible/group_vars/all/main.yml
rename to guests/group_vars/all/main.yml
diff --git a/ansible/host_vars/libvirt-centos-6/main.yml
b/guests/host_vars/libvirt-centos-6/main.yml
similarity index 100%
rename from ansible/host_vars/libvirt-centos-6/main.yml
rename to guests/host_vars/libvirt-centos-6/main.yml
diff --git a/ansible/host_vars/libvirt-centos-6/vault.yml
b/guests/host_vars/libvirt-centos-6/vault.yml
similarity index 100%
rename from ansible/host_vars/libvirt-centos-6/vault.yml
rename to guests/host_vars/libvirt-centos-6/vault.yml
diff --git a/ansible/host_vars/libvirt-centos-7/main.yml
b/guests/host_vars/libvirt-centos-7/main.yml
similarity index 100%
rename from ansible/host_vars/libvirt-centos-7/main.yml
rename to guests/host_vars/libvirt-centos-7/main.yml
diff --git a/ansible/host_vars/libvirt-centos-7/vault.yml
b/guests/host_vars/libvirt-centos-7/vault.yml
similarity index 100%
rename from ansible/host_vars/libvirt-centos-7/vault.yml
rename to guests/host_vars/libvirt-centos-7/vault.yml
diff --git a/ansible/host_vars/libvirt-debian-8/main.yml
b/guests/host_vars/libvirt-debian-8/main.yml
similarity index 100%
rename from ansible/host_vars/libvirt-debian-8/main.yml
rename to guests/host_vars/libvirt-debian-8/main.yml
diff --git a/ansible/host_vars/libvirt-debian-8/vault.yml
b/guests/host_vars/libvirt-debian-8/vault.yml
similarity index 100%
rename from ansible/host_vars/libvirt-debian-8/vault.yml
rename to guests/host_vars/libvirt-debian-8/vault.yml
diff --git a/ansible/host_vars/libvirt-debian-9/main.yml
b/guests/host_vars/libvirt-debian-9/main.yml
similarity index 100%
rename from ansible/host_vars/libvirt-debian-9/main.yml
rename to guests/host_vars/libvirt-debian-9/main.yml
diff --git a/ansible/host_vars/libvirt-debian-9/vault.yml
b/guests/host_vars/libvirt-debian-9/vault.yml
similarity index 100%
rename from ansible/host_vars/libvirt-debian-9/vault.yml
rename to guests/host_vars/libvirt-debian-9/vault.yml
diff --git a/ansible/host_vars/libvirt-fedora-25/main.yml
b/guests/host_vars/libvirt-fedora-25/main.yml
similarity index 100%
rename from ansible/host_vars/libvirt-fedora-25/main.yml
rename to guests/host_vars/libvirt-fedora-25/main.yml
diff --git a/ansible/host_vars/libvirt-fedora-25/vault.yml
b/guests/host_vars/libvirt-fedora-25/vault.yml
similarity index 100%
rename from ansible/host_vars/libvirt-fedora-25/vault.yml
rename to guests/host_vars/libvirt-fedora-25/vault.yml
diff --git a/ansible/host_vars/libvirt-fedora-26/main.yml
b/guests/host_vars/libvirt-fedora-26/main.yml
similarity index 100%
rename from ansible/host_vars/libvirt-fedora-26/main.yml
rename to guests/host_vars/libvirt-fedora-26/main.yml
diff --git a/ansible/host_vars/libvirt-fedora-26/vault.yml
b/guests/host_vars/libvirt-fedora-26/vault.yml
similarity index 100%
rename from ansible/host_vars/libvirt-fedora-26/vault.yml
rename to guests/host_vars/libvirt-fedora-26/vault.yml
diff --git a/ansible/host_vars/libvirt-fedora-rawhide/main.yml
b/guests/host_vars/libvirt-fedora-rawhide/main.yml
similarity index 100%
rename from ansible/host_vars/libvirt-fedora-rawhide/main.yml
rename to guests/host_vars/libvirt-fedora-rawhide/main.yml
diff --git a/ansible/host_vars/libvirt-fedora-rawhide/vault.yml
b/guests/host_vars/libvirt-fedora-rawhide/vault.yml
similarity index 100%
rename from ansible/host_vars/libvirt-fedora-rawhide/vault.yml
rename to guests/host_vars/libvirt-fedora-rawhide/vault.yml
diff --git a/ansible/host_vars/libvirt-freebsd-10/main.yml
b/guests/host_vars/libvirt-freebsd-10/main.yml
similarity index 100%
rename from ansible/host_vars/libvirt-freebsd-10/main.yml
rename to guests/host_vars/libvirt-freebsd-10/main.yml
diff --git a/ansible/host_vars/libvirt-freebsd-10/vault.yml
b/guests/host_vars/libvirt-freebsd-10/vault.yml
similarity index 100%
rename from ansible/host_vars/libvirt-freebsd-10/vault.yml
rename to guests/host_vars/libvirt-freebsd-10/vault.yml
diff --git a/ansible/host_vars/libvirt-freebsd-11/main.yml
b/guests/host_vars/libvirt-freebsd-11/main.yml
similarity index 100%
rename from ansible/host_vars/libvirt-freebsd-11/main.yml
rename to guests/host_vars/libvirt-freebsd-11/main.yml
diff --git a/ansible/host_vars/libvirt-freebsd-11/vault.yml
b/guests/host_vars/libvirt-freebsd-11/vault.yml
similarity index 100%
rename from ansible/host_vars/libvirt-freebsd-11/vault.yml
rename to guests/host_vars/libvirt-freebsd-11/vault.yml
diff --git a/ansible/host_vars/libvirt-ubuntu-12/main.yml
b/guests/host_vars/libvirt-ubuntu-12/main.yml
similarity index 100%
rename from ansible/host_vars/libvirt-ubuntu-12/main.yml
rename to guests/host_vars/libvirt-ubuntu-12/main.yml
diff --git a/ansible/host_vars/libvirt-ubuntu-12/vault.yml
b/guests/host_vars/libvirt-ubuntu-12/vault.yml
similarity index 100%
rename from ansible/host_vars/libvirt-ubuntu-12/vault.yml
rename to guests/host_vars/libvirt-ubuntu-12/vault.yml
diff --git a/ansible/host_vars/libvirt-ubuntu-14/main.yml
b/guests/host_vars/libvirt-ubuntu-14/main.yml
similarity index 100%
rename from ansible/host_vars/libvirt-ubuntu-14/main.yml
rename to guests/host_vars/libvirt-ubuntu-14/main.yml
diff --git a/ansible/host_vars/libvirt-ubuntu-14/vault.yml
b/guests/host_vars/libvirt-ubuntu-14/vault.yml
similarity index 100%
rename from ansible/host_vars/libvirt-ubuntu-14/vault.yml
rename to guests/host_vars/libvirt-ubuntu-14/vault.yml
diff --git a/ansible/host_vars/libvirt-ubuntu-16/main.yml
b/guests/host_vars/libvirt-ubuntu-16/main.yml
similarity index 100%
rename from ansible/host_vars/libvirt-ubuntu-16/main.yml
rename to guests/host_vars/libvirt-ubuntu-16/main.yml
diff --git a/ansible/host_vars/libvirt-ubuntu-16/vault.yml
b/guests/host_vars/libvirt-ubuntu-16/vault.yml
similarity index 100%
rename from ansible/host_vars/libvirt-ubuntu-16/vault.yml
rename to guests/host_vars/libvirt-ubuntu-16/vault.yml
diff --git a/ansible/inventory b/guests/inventory
similarity index 100%
rename from ansible/inventory
rename to guests/inventory
diff --git a/ansible/site.yml b/guests/site.yml
similarity index 100%
rename from ansible/site.yml
rename to guests/site.yml
diff --git a/ansible/tasks/base.yml b/guests/tasks/base.yml
similarity index 100%
rename from ansible/tasks/base.yml
rename to guests/tasks/base.yml
diff --git a/ansible/tasks/bootstrap.yml b/guests/tasks/bootstrap.yml
similarity index 100%
rename from ansible/tasks/bootstrap.yml
rename to guests/tasks/bootstrap.yml
diff --git a/ansible/tasks/compat.yml b/guests/tasks/compat.yml
similarity index 100%
rename from ansible/tasks/compat.yml
rename to guests/tasks/compat.yml
diff --git a/ansible/tasks/jenkins.yml b/guests/tasks/jenkins.yml
similarity index 100%
rename from ansible/tasks/jenkins.yml
rename to guests/tasks/jenkins.yml
diff --git a/ansible/tasks/packages.yml b/guests/tasks/packages.yml
similarity index 100%
rename from ansible/tasks/packages.yml
rename to guests/tasks/packages.yml
diff --git a/ansible/templates/jenkins.service.j2 b/guests/templates/jenkins.service.j2
similarity index 100%
rename from ansible/templates/jenkins.service.j2
rename to guests/templates/jenkins.service.j2
diff --git a/ansible/vars/mappings.yml b/guests/vars/mappings.yml
similarity index 100%
rename from ansible/vars/mappings.yml
rename to guests/vars/mappings.yml
diff --git a/ansible/vars/projects/base.yml b/guests/vars/projects/base.yml
similarity index 100%
rename from ansible/vars/projects/base.yml
rename to guests/vars/projects/base.yml
diff --git a/ansible/vars/projects/jenkins.yml b/guests/vars/projects/jenkins.yml
similarity index 100%
rename from ansible/vars/projects/jenkins.yml
rename to guests/vars/projects/jenkins.yml
diff --git a/ansible/vars/projects/libosinfo.yml b/guests/vars/projects/libosinfo.yml
similarity index 100%
rename from ansible/vars/projects/libosinfo.yml
rename to guests/vars/projects/libosinfo.yml
diff --git a/ansible/vars/projects/libvirt-cim.yml b/guests/vars/projects/libvirt-cim.yml
similarity index 100%
rename from ansible/vars/projects/libvirt-cim.yml
rename to guests/vars/projects/libvirt-cim.yml
diff --git a/ansible/vars/projects/libvirt-glib.yml
b/guests/vars/projects/libvirt-glib.yml
similarity index 100%
rename from ansible/vars/projects/libvirt-glib.yml
rename to guests/vars/projects/libvirt-glib.yml
diff --git a/ansible/vars/projects/libvirt-go-xml.yml
b/guests/vars/projects/libvirt-go-xml.yml
similarity index 100%
rename from ansible/vars/projects/libvirt-go-xml.yml
rename to guests/vars/projects/libvirt-go-xml.yml
diff --git a/ansible/vars/projects/libvirt-go.yml b/guests/vars/projects/libvirt-go.yml
similarity index 100%
rename from ansible/vars/projects/libvirt-go.yml
rename to guests/vars/projects/libvirt-go.yml
diff --git a/ansible/vars/projects/libvirt-perl.yml
b/guests/vars/projects/libvirt-perl.yml
similarity index 100%
rename from ansible/vars/projects/libvirt-perl.yml
rename to guests/vars/projects/libvirt-perl.yml
diff --git a/ansible/vars/projects/libvirt-python.yml
b/guests/vars/projects/libvirt-python.yml
similarity index 100%
rename from ansible/vars/projects/libvirt-python.yml
rename to guests/vars/projects/libvirt-python.yml
diff --git a/ansible/vars/projects/libvirt-sandbox.yml
b/guests/vars/projects/libvirt-sandbox.yml
similarity index 100%
rename from ansible/vars/projects/libvirt-sandbox.yml
rename to guests/vars/projects/libvirt-sandbox.yml
diff --git a/ansible/vars/projects/libvirt-tck.yml b/guests/vars/projects/libvirt-tck.yml
similarity index 100%
rename from ansible/vars/projects/libvirt-tck.yml
rename to guests/vars/projects/libvirt-tck.yml
diff --git a/ansible/vars/projects/libvirt.yml b/guests/vars/projects/libvirt.yml
similarity index 100%
rename from ansible/vars/projects/libvirt.yml
rename to guests/vars/projects/libvirt.yml
diff --git a/ansible/vars/projects/osinfo-db-tools.yml
b/guests/vars/projects/osinfo-db-tools.yml
similarity index 100%
rename from ansible/vars/projects/osinfo-db-tools.yml
rename to guests/vars/projects/osinfo-db-tools.yml
diff --git a/ansible/vars/projects/osinfo-db.yml b/guests/vars/projects/osinfo-db.yml
similarity index 100%
rename from ansible/vars/projects/osinfo-db.yml
rename to guests/vars/projects/osinfo-db.yml
diff --git a/ansible/vars/projects/virt-manager.yml
b/guests/vars/projects/virt-manager.yml
similarity index 100%
rename from ansible/vars/projects/virt-manager.yml
rename to guests/vars/projects/virt-manager.yml
diff --git a/ansible/vars/projects/virt-viewer.yml b/guests/vars/projects/virt-viewer.yml
similarity index 100%
rename from ansible/vars/projects/virt-viewer.yml
rename to guests/vars/projects/virt-viewer.yml
--
2.13.6
12:11 p.m.
New subject: [libvirt] [libvirt-jenkins-ci PATCH v2 2/6] guests: Introduce lcitool
This script replaces the existing Makefile, and will be extended
to provide more functionality in future commits.
It also takes over ownership of the Ansible vault password, which
is now expected to be stored in lcitool's own config directory
along with more settings that will be introduced later.
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
guests/Makefile | 12 ---------
guests/ansible.cfg | 1 -
guests/lcitool | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 76 insertions(+), 13 deletions(-)
delete mode 100644 guests/Makefile
create mode 100755 guests/lcitool
diff --git a/guests/Makefile b/guests/Makefile
deleted file mode 100644
index 39ebe52..0000000
--- a/guests/Makefile
+++ /dev/null
@@ -1,12 +0,0 @@
-all:
-
-site:
- @ansible-playbook site.yml
-
-bootstrap:
- @ansible-playbook --ask-pass bootstrap.yml
-
-clean:
- @rm -f *.retry log
-
-.PHONY: all site bootstrap clean
diff --git a/guests/ansible.cfg b/guests/ansible.cfg
index 84fde77..6b18c57 100644
--- a/guests/ansible.cfg
+++ b/guests/ansible.cfg
@@ -5,7 +5,6 @@ inventory = ./inventory
log_path = ./log
nocows = 1
squash_actions = package
-vault_password_file = ~/.ansible/libvirt-jenkins-ci.vault-password
[ssh_connection]
pipelining = True
diff --git a/guests/lcitool b/guests/lcitool
new file mode 100755
index 0000000..aaee5f9
--- /dev/null
+++ b/guests/lcitool
@@ -0,0 +1,76 @@
+#!/bin/sh
+
+# -------------------
+# Utility functions
+# -------------------
+
+# die MESSAGE
+#
+# Abort the program after displaying $MESSAGE on standard error.
+die() {
+ echo "$1" >&2
+ exit 1
+}
+
+# ----------------------
+# User-visible actions
+# ----------------------
+
+do_help() {
+ echo "\
+Usage: $CALL_NAME ACTION [OPTIONS]
+
+Actions:
+ list List known guests
+ prepare GUEST|all Prepare or update GUEST. Can be run multiple times
+ update GUEST|all Alias for prepare
+ help Display this help"
+}
+
+do_list() {
+ # List all guests present in the inventory. Skip group names,
+ # comments and empty lines
+ grep -vE '^#|^\[|^$' inventory | sort -u
+}
+
+do_prepare() {
+ GUEST="$1"
+
+ test "$GUEST" || {
+ die "$(do_help)"
+ }
+ do_list | grep -q "$GUEST" || test "$GUEST" = all || {
+ die "$PROGRAM_NAME: $GUEST: Unknown guest"
+ }
+
+ VAULT_PASS_FILE="$CONFIG_DIR/vault-password"
+
+ # Make sure required passwords exist and are not invalid (empty)
+ test -f "$VAULT_PASS_FILE" && test "$(cat
"$VAULT_PASS_FILE")" || {
+ die "$PROGRAM_NAME: $VAULT_PASS_FILE: Missing or invalid password"
+ }
+
+ ansible-playbook \
+ --vault-password-file "$VAULT_PASS_FILE" \
+ -l "$GUEST" \
+ site.yml
+}
+
+# ---------------------
+# Program entry point
+# ---------------------
+
+CALL_NAME="$0"
+PROGRAM_NAME="${0##*/}"
+CONFIG_DIR="$HOME/.config/$PROGRAM_NAME"
+
+test -f "$PROGRAM_NAME" || {
+ die "$PROGRAM_NAME: Must be run from the source directory"
+}
+
+case "$1" in
+ list) do_list ;;
+ prepare|update) do_prepare "$2" ;;
+ *help) do_help ;;
+ *) die "$(do_help)" ;;
+esac
--
2.13.6
6:40 a.m.
New subject: [libvirt] [libvirt-jenkins-ci PATCH v2 2/6] guests: Introduce lcitool
On Wed, 2017-10-18 at 19:11 +0200, Andrea Bolognani wrote:
This script replaces the existing Makefile, and will be extended
to provide more functionality in future commits.
It also takes over ownership of the Ansible vault password, which
is now expected to be stored in lcitool's own config directory
along with more settings that will be introduced later.
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
guests/Makefile | 12 ---------
guests/ansible.cfg | 1 -
guests/lcitool | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 76 insertions(+), 13 deletions(-)
delete mode 100644 guests/Makefile
create mode 100755 guests/lcitool
FYI: I came up with a cuter name, licito[1], and I will use that when
pushing unless someone feel strongly otherwise .
[1] As in LIbvirt CI TOol
--
Andrea Bolognani / Red Hat / Virtualization
7:04 a.m.
New subject: [libvirt] [libvirt-jenkins-ci PATCH v2 2/6] guests: Introduce lcitool
On Thu, Oct 19, 2017 at 01:40:39PM +0200, Andrea Bolognani wrote:
On Wed, 2017-10-18 at 19:11 +0200, Andrea Bolognani wrote:
> This script replaces the existing Makefile, and will be extended
> to provide more functionality in future commits.
>
> It also takes over ownership of the Ansible vault password, which
> is now expected to be stored in lcitool's own config directory
> along with more settings that will be introduced later.
>
> Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
> ---
> guests/Makefile | 12 ---------
> guests/ansible.cfg | 1 -
> guests/lcitool | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
> 3 files changed, 76 insertions(+), 13 deletions(-)
> delete mode 100644 guests/Makefile
> create mode 100755 guests/lcitool
FYI: I came up with a cuter name, licito[1], and I will use that when
pushing unless someone feel strongly otherwise .
I liked manage better that lcitool, but lcitool makes sense as well.
However, I don't like licito, it might sound cool but IMHO it's not
useful at all.
Pavel
7:42 a.m.
New subject: [libvirt] [libvirt-jenkins-ci PATCH v2 2/6] guests: Introduce lcitool
On Thu, 2017-10-19 at 14:04 +0200, Pavel Hrdina wrote:
> > This script replaces the existing Makefile, and will be
extended
> > to provide more functionality in future commits.
> >
> > It also takes over ownership of the Ansible vault password, which
> > is now expected to be stored in lcitool's own config directory
> > along with more settings that will be introduced later.
> >
> > Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
> > ---
> > guests/Makefile | 12 ---------
> > guests/ansible.cfg | 1 -
> > guests/lcitool | 76
++++++++++++++++++++++++++++++++++++++++++++++++++++++
> > 3 files changed, 76 insertions(+), 13 deletions(-)
> > delete mode 100644 guests/Makefile
> > create mode 100755 guests/lcitool
>
> FYI: I came up with a cuter name, licito[1], and I will use that when
> pushing unless someone feel strongly otherwise .
I liked manage better that lcitool, but lcitool makes sense as well.
However, I don't like licito, it might sound cool but IMHO it's not
useful at all.
I liked 'manage' better as well but it's also extremely generic, so
the moment we started writing data outside the source directory it
was automatically off the table.
Neither of the other names is particularly useful, they're just
names but at least they're both fairly unique and reasonably easy
to remember. I think that 'licito' is a very fair name, and using
it would definitely not be illegal :P
http://www.spanishcentral.com/translate/l%C3%ADcito
So if your only argument against it is that you don't like it very
much, my reply is that I do like it quite a bit and, well, I get to
name the programs I write :)
--
Andrea Bolognani / Red Hat / Virtualization
7:53 a.m.
New subject: [libvirt] [libvirt-jenkins-ci PATCH v2 2/6] guests: Introduce lcitool
On Thu, Oct 19, 2017 at 02:42:15PM +0200, Andrea Bolognani wrote:
On Thu, 2017-10-19 at 14:04 +0200, Pavel Hrdina wrote:
> > > This script replaces the existing Makefile, and will be extended
> > > to provide more functionality in future commits.
> > >
> > > It also takes over ownership of the Ansible vault password, which
> > > is now expected to be stored in lcitool's own config directory
> > > along with more settings that will be introduced later.
> > >
> > > Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
> > > ---
> > > guests/Makefile | 12 ---------
> > > guests/ansible.cfg | 1 -
> > > guests/lcitool | 76
++++++++++++++++++++++++++++++++++++++++++++++++++++++
> > > 3 files changed, 76 insertions(+), 13 deletions(-)
> > > delete mode 100644 guests/Makefile
> > > create mode 100755 guests/lcitool
> >
> > FYI: I came up with a cuter name, licito[1], and I will use that when
> > pushing unless someone feel strongly otherwise .
>
> I liked manage better that lcitool, but lcitool makes sense as well.
> However, I don't like licito, it might sound cool but IMHO it's not
> useful at all.
I liked 'manage' better as well but it's also extremely generic, so
the moment we started writing data outside the source directory it
was automatically off the table.
I agree with that, manage is not usable in this case.
Neither of the other names is particularly useful, they're just
names but at least they're both fairly unique and reasonably easy
to remember. I think that 'licito' is a very fair name, and using
it would definitely not be illegal :P
http://www.spanishcentral.com/translate/l%C3%ADcito
So if your only argument against it is that you don't like it very
much, my reply is that I do like it quite a bit and, well, I get to
name the programs I write :)
Well, yes and no :) you can name the program but you also need to have
an ACK from community to accept that name. "licito" is just a cool name
that doesn't tell you anything from the first glance what it is. On the
other hand lcitool tells you that it's some kind of tool and that the
"lci" part specifies what kind of tool it is. It's not only that I
don't personally like it but it also looks like some randomly chosen
name even though there is some pattern behind it.
I vote for lcitool instead of licito.
Pavel
8:53 a.m.
New subject: [libvirt] [libvirt-jenkins-ci PATCH v2 2/6] guests: Introduce lcitool
On Thu, 2017-10-19 at 14:53 +0200, Pavel Hrdina wrote:
> So if your only argument against it is that you don't like
it very
> much, my reply is that I do like it quite a bit and, well, I get to
> name the programs I write :)
Well, yes and no :) you can name the program but you also need to have
an ACK from community to accept that name. "licito" is just a cool name
that doesn't tell you anything from the first glance what it is. On the
other hand lcitool tells you that it's some kind of tool and that the
"lci" part specifies what kind of tool it is. It's not only that I
don't personally like it but it also looks like some randomly chosen
name even though there is some pattern behind it.
I vote for lcitool instead of licito.
I don't feel like any of your arguments have much weight, since
for most applications the name only has a very vague correlation
with the functionality or intended purpose, if that: see mutt,
dnf, evince, firefox, ansible and so, so many more examples.
That said, point taken about the need for the community to stand
behind a name before it can be adopted.
Most importantly, I feel like we could both spend our time in a
more productive way than argue about this, so let's just stick
with the existing name unless someone comes up with a different
one that manages to make everyone happy.
--
Andrea Bolognani / Red Hat / Virtualization
9 a.m.
New subject: [libvirt] [libvirt-jenkins-ci PATCH v2 2/6] guests: Introduce lcitool
On Thu, Oct 19, 2017 at 03:53:48PM +0200, Andrea Bolognani wrote:
On Thu, 2017-10-19 at 14:53 +0200, Pavel Hrdina wrote:
> > So if your only argument against it is that you don't like it very
> > much, my reply is that I do like it quite a bit and, well, I get to
> > name the programs I write :)
>
> Well, yes and no :) you can name the program but you also need to have
> an ACK from community to accept that name. "licito" is just a cool name
> that doesn't tell you anything from the first glance what it is. On the
> other hand lcitool tells you that it's some kind of tool and that the
> "lci" part specifies what kind of tool it is. It's not only that I
> don't personally like it but it also looks like some randomly chosen
> name even though there is some pattern behind it.
>
> I vote for lcitool instead of licito.
I don't feel like any of your arguments have much weight, since
for most applications the name only has a very vague correlation
with the functionality or intended purpose, if that: see mutt,
dnf, evince, firefox, ansible and so, so many more examples.
And there could be a lot of examples to support my statement.
That said, point taken about the need for the community to stand
behind a name before it can be adopted.
Most importantly, I feel like we could both spend our time in a
more productive way than argue about this, so let's just stick
with the existing name unless someone comes up with a different
one that manages to make everyone happy.
Since lcitool was also your idea I didn't think that you would not like
to use it and prefer the new one. Anyway, thanks for sticking with
the current name.
Pavel
12:11 p.m.
New subject: [libvirt] [libvirt-jenkins-ci PATCH v2 3/6] guests: Remove bootstrap phase
Having to bootstrap the guest as a separate phase is annoying and
can be avoided by assuming the root password is well-known.
This doesn't hurt security because we're going to be changing the
root password with a user-provided one the first time Ansible is
run; moreover, we only leave key-based SSH authentication enabled
for the root user.
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
guests/bootstrap.yml | 15 ---------------
guests/group_vars/all/main.yml | 5 +++++
guests/lcitool | 25 +++++++++++++++++++++++++
guests/site.yml | 8 ++++++++
guests/tasks/base.yml | 11 ++++++++++-
5 files changed, 48 insertions(+), 16 deletions(-)
delete mode 100644 guests/bootstrap.yml
diff --git a/guests/bootstrap.yml b/guests/bootstrap.yml
deleted file mode 100644
index 544dd9d..0000000
--- a/guests/bootstrap.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-- hosts: all
- gather_facts: no
-
- tasks:
-
- # Bootstrap Ansible itself
- - include: tasks/bootstrap.yml
-
-- hosts: all
-
- tasks:
-
- # Prepare the base environment
- - include: tasks/base.yml
diff --git a/guests/group_vars/all/main.yml b/guests/group_vars/all/main.yml
index 81b7d43..d24af59 100644
--- a/guests/group_vars/all/main.yml
+++ b/guests/group_vars/all/main.yml
@@ -1,6 +1,11 @@
---
ansible_user: root
+# This password is only used to access the guest the very first time
+# Ansible is used: afterwards, the user's SSH key will have been installed
+# in the guest and SSH password authentication will have been disabled
+ansible_ssh_pass: root
+
jenkins_url: https://ci.centos.org/computer/{{ inventory_hostname }}/slave-agent.jnlp
# Paths to various command. Can be overridden on a per-host basis
diff --git a/guests/lcitool b/guests/lcitool
index aaee5f9..10a72cf 100755
--- a/guests/lcitool
+++ b/guests/lcitool
@@ -12,6 +12,19 @@ die() {
exit 1
}
+# hash_file PASS_FILE
+#
+# Generate a password hash from the contents of PASS_FILE.
+hash_file() {
+ PASS_FILE="$1"
+
+ python2 -c "
+import crypt
+password = open('$PASS_FILE', 'r').read().strip()
+print(crypt.crypt(password,
+ crypt.mksalt(crypt.METHOD_SHA512)))"
+}
+
# ----------------------
# User-visible actions
# ----------------------
@@ -44,11 +57,23 @@ do_prepare() {
}
VAULT_PASS_FILE="$CONFIG_DIR/vault-password"
+ ROOT_PASS_FILE="$CONFIG_DIR/root-password"
# Make sure required passwords exist and are not invalid (empty)
test -f "$VAULT_PASS_FILE" && test "$(cat
"$VAULT_PASS_FILE")" || {
die "$PROGRAM_NAME: $VAULT_PASS_FILE: Missing or invalid password"
}
+ test -f "$ROOT_PASS_FILE" && test "$(cat
"$ROOT_PASS_FILE")" || {
+ die "$PROGRAM_NAME: $ROOT_PASS_FILE: Missing or invalid password"
+ }
+
+ ROOT_HASH_FILE="$CONFIG_DIR/.root-password.hash"
+
+ # Regenerate root password hash. Ansible expects passwords as hashes but
+ # doesn't provide a built-in facility to generate one from plain text
+ hash_file "$ROOT_PASS_FILE" >"$ROOT_HASH_FILE" || {
+ die "$PROGRAM_NAME: Failure while hashing root password"
+ }
ansible-playbook \
--vault-password-file "$VAULT_PASS_FILE" \
diff --git a/guests/site.yml b/guests/site.yml
index e6cf10d..9c75dcb 100644
--- a/guests/site.yml
+++ b/guests/site.yml
@@ -1,5 +1,13 @@
---
- hosts: all
+ gather_facts: no
+
+ tasks:
+
+ # Bootstrap Ansible itself
+ - include: tasks/bootstrap.yml
+
+- hosts: all
vars_files:
- vars/mappings.yml
diff --git a/guests/tasks/base.yml b/guests/tasks/base.yml
index dd8d306..a9066e4 100644
--- a/guests/tasks/base.yml
+++ b/guests/tasks/base.yml
@@ -96,9 +96,10 @@
hostname:
name: '{{ inventory_hostname }}'
-- name: Configure root shell
+- name: Configure root password and shell
user:
name: root
+ password: '{{ lookup("file", lookup("env", "HOME")
+ "/.config/lcitool/.root-password.hash") }}'
shell: '{{ bash }}'
- name: Configure ssh access for the root user
@@ -106,3 +107,11 @@
user: root
key: '{{ lookup("file", lookup("env", "HOME") +
"/.ssh/id_rsa.pub") }}'
state: present
+
+- name: Disable password authentication for the root user
+ lineinfile:
+ path: /etc/ssh/sshd_config
+ regexp: '^#*\s*PermitRootLogin\s*.*$'
+ line: 'PermitRootLogin without-password'
+ state: present
+ backup: yes
--
2.13.6
12:11 p.m.
New subject: [libvirt] [libvirt-jenkins-ci PATCH v2 4/6] guests: Add unattended installation support
The lcitool script can now be used to install most known guests
without requiring user interaction.
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
guests/group_vars/all/install.yml | 11 +++
guests/host_vars/libvirt-centos-6/install.yml | 3 +
guests/host_vars/libvirt-centos-7/install.yml | 3 +
guests/host_vars/libvirt-debian-8/install.yml | 3 +
guests/host_vars/libvirt-debian-9/install.yml | 3 +
guests/host_vars/libvirt-fedora-25/install.yml | 3 +
guests/host_vars/libvirt-fedora-26/install.yml | 3 +
.../host_vars/libvirt-fedora-rawhide/install.yml | 3 +
guests/host_vars/libvirt-ubuntu-12/install.yml | 3 +
guests/host_vars/libvirt-ubuntu-14/install.yml | 3 +
guests/host_vars/libvirt-ubuntu-16/install.yml | 3 +
guests/kickstart.cfg | 60 +++++++++++++++
guests/lcitool | 82 +++++++++++++++++++++
guests/preseed.cfg | 85 ++++++++++++++++++++++
14 files changed, 268 insertions(+)
create mode 100644 guests/group_vars/all/install.yml
create mode 100644 guests/host_vars/libvirt-centos-6/install.yml
create mode 100644 guests/host_vars/libvirt-centos-7/install.yml
create mode 100644 guests/host_vars/libvirt-debian-8/install.yml
create mode 100644 guests/host_vars/libvirt-debian-9/install.yml
create mode 100644 guests/host_vars/libvirt-fedora-25/install.yml
create mode 100644 guests/host_vars/libvirt-fedora-26/install.yml
create mode 100644 guests/host_vars/libvirt-fedora-rawhide/install.yml
create mode 100644 guests/host_vars/libvirt-ubuntu-12/install.yml
create mode 100644 guests/host_vars/libvirt-ubuntu-14/install.yml
create mode 100644 guests/host_vars/libvirt-ubuntu-16/install.yml
create mode 100644 guests/kickstart.cfg
create mode 100644 guests/preseed.cfg
diff --git a/guests/group_vars/all/install.yml b/guests/group_vars/all/install.yml
new file mode 100644
index 0000000..94b752f
--- /dev/null
+++ b/guests/group_vars/all/install.yml
@@ -0,0 +1,11 @@
+---
+# Sizes are in GiB
+install_virt_type: kvm
+install_arch: x86_64
+install_machine: pc
+install_cpu_model: host-passthrough
+install_vcpus: 2
+install_memory_size: 2
+install_disk_size: 15
+install_storage_pool: default
+install_network: default
diff --git a/guests/host_vars/libvirt-centos-6/install.yml
b/guests/host_vars/libvirt-centos-6/install.yml
new file mode 100644
index 0000000..3a9459b
--- /dev/null
+++ b/guests/host_vars/libvirt-centos-6/install.yml
@@ -0,0 +1,3 @@
+---
+install_url: http://mirror.centos.org/centos/6/os/x86_64/
+install_config: kickstart.cfg
diff --git a/guests/host_vars/libvirt-centos-7/install.yml
b/guests/host_vars/libvirt-centos-7/install.yml
new file mode 100644
index 0000000..f003b89
--- /dev/null
+++ b/guests/host_vars/libvirt-centos-7/install.yml
@@ -0,0 +1,3 @@
+---
+install_url: http://mirror.centos.org/centos/7/os/x86_64/
+install_config: kickstart.cfg
diff --git a/guests/host_vars/libvirt-debian-8/install.yml
b/guests/host_vars/libvirt-debian-8/install.yml
new file mode 100644
index 0000000..a2c8341
--- /dev/null
+++ b/guests/host_vars/libvirt-debian-8/install.yml
@@ -0,0 +1,3 @@
+---
+install_url: http://deb.debian.org/debian/dists/jessie/main/installer-amd64/
+install_config: preseed.cfg
diff --git a/guests/host_vars/libvirt-debian-9/install.yml
b/guests/host_vars/libvirt-debian-9/install.yml
new file mode 100644
index 0000000..5b1da76
--- /dev/null
+++ b/guests/host_vars/libvirt-debian-9/install.yml
@@ -0,0 +1,3 @@
+---
+install_url: http://deb.debian.org/debian/dists/stretch/main/installer-amd64/
+install_config: preseed.cfg
diff --git a/guests/host_vars/libvirt-fedora-25/install.yml
b/guests/host_vars/libvirt-fedora-25/install.yml
new file mode 100644
index 0000000..bb4bde3
--- /dev/null
+++ b/guests/host_vars/libvirt-fedora-25/install.yml
@@ -0,0 +1,3 @@
+---
+install_url:
https://download.fedoraproject.org/pub/fedora/linux/releases/25/Server/x8...
+install_config: kickstart.cfg
diff --git a/guests/host_vars/libvirt-fedora-26/install.yml
b/guests/host_vars/libvirt-fedora-26/install.yml
new file mode 100644
index 0000000..eff160d
--- /dev/null
+++ b/guests/host_vars/libvirt-fedora-26/install.yml
@@ -0,0 +1,3 @@
+---
+install_url:
https://download.fedoraproject.org/pub/fedora/linux/releases/26/Server/x8...
+install_config: kickstart.cfg
diff --git a/guests/host_vars/libvirt-fedora-rawhide/install.yml
b/guests/host_vars/libvirt-fedora-rawhide/install.yml
new file mode 100644
index 0000000..2216e81
--- /dev/null
+++ b/guests/host_vars/libvirt-fedora-rawhide/install.yml
@@ -0,0 +1,3 @@
+---
+install_url:
https://download.fedoraproject.org/pub/fedora/linux/development/rawhide/E...
+install_config: kickstart.cfg
diff --git a/guests/host_vars/libvirt-ubuntu-12/install.yml
b/guests/host_vars/libvirt-ubuntu-12/install.yml
new file mode 100644
index 0000000..997304f
--- /dev/null
+++ b/guests/host_vars/libvirt-ubuntu-12/install.yml
@@ -0,0 +1,3 @@
+---
+install_url: http://archive.ubuntu.com/ubuntu/dists/precise/main/installer-amd64/
+install_config: preseed.cfg
diff --git a/guests/host_vars/libvirt-ubuntu-14/install.yml
b/guests/host_vars/libvirt-ubuntu-14/install.yml
new file mode 100644
index 0000000..d7862a5
--- /dev/null
+++ b/guests/host_vars/libvirt-ubuntu-14/install.yml
@@ -0,0 +1,3 @@
+---
+install_url: http://archive.ubuntu.com/ubuntu/dists/trusty/main/installer-amd64/
+install_config: preseed.cfg
diff --git a/guests/host_vars/libvirt-ubuntu-16/install.yml
b/guests/host_vars/libvirt-ubuntu-16/install.yml
new file mode 100644
index 0000000..a7bb2da
--- /dev/null
+++ b/guests/host_vars/libvirt-ubuntu-16/install.yml
@@ -0,0 +1,3 @@
+---
+install_url: http://archive.ubuntu.com/ubuntu/dists/xenial/main/installer-amd64/
+install_config: preseed.cfg
diff --git a/guests/kickstart.cfg b/guests/kickstart.cfg
new file mode 100644
index 0000000..603c0ae
--- /dev/null
+++ b/guests/kickstart.cfg
@@ -0,0 +1,60 @@
+# Installer configuration
+#
+# Perform a text based installation followed by a reboot, and disable
+# the first boot assistant
+text
+install
+reboot
+firstboot --disable
+
+
+# Environment configuration
+#
+# Locale, keyboard and timezone. All these will be configured again
+# later with Ansible, but they're required information so we must
+# provide them
+lang en_US.UTF-8
+keyboard us
+timezone --utc UTC
+
+
+# User creation
+#
+# We don't create any user except for root. We can use a very insecure
+# root password here because it will be replaced with a used-defined one
+# with Ansible immediately after installation
+authconfig --enableshadow --passalgo=sha512
+rootpw --plaintext root
+
+
+# Partition disk
+#
+# Erase everything and set up a 2 GiB swap partition, then assign all
+# remaining space to the root partition
+ignoredisk --only-use=vda
+zerombr
+clearpart --none
+part / --fstype=ext4 --size=2048 --grow
+part swap --fstype=swap --size=256
+
+
+# Install bootloader
+#
+# The bootloader will be installed in the MBR
+bootloader --location=mbr --timeout=1
+
+
+# Configure networking
+#
+# The only network interface available to the guest will come up
+# at boot using IPv4-only DHCP
+network --bootproto=dhcp --noipv6 --activate --onboot=yes
+
+
+# Software installation
+#
+# Only install the very base packages: everything else will be
+# installed later using Ansible
+%packages
+@core
+%end
diff --git a/guests/lcitool b/guests/lcitool
index 10a72cf..c10b49b 100755
--- a/guests/lcitool
+++ b/guests/lcitool
@@ -25,6 +25,34 @@ print(crypt.crypt(password,
crypt.mksalt(crypt.METHOD_SHA512)))"
}
+# yaml_var FILE VAR
+#
+# Read $FILE and output the value of YAML variable $VAR. Only trivial YAML
+# values are supported, eg. strings and numbers that don't depend on the
+# value of other variables. That's enough for our use case.
+yaml_var() {
+ grep "^$2:\\s*" "$1" 2>/dev/null | tail -1 | sed
"s/$2:\\s*//g"
+}
+
+# load_config FILE
+#
+# Read all known configuration variables from $FILE and set them in the
+# environment. Configuration variables that have already been set in
+# the environment will not be updated.
+load_config() {
+ INSTALL_URL=${INSTALL_URL:-$(yaml_var "$1" install_url)}
+ INSTALL_CONFIG=${INSTALL_CONFIG:-$(yaml_var "$1" install_config)}
+ INSTALL_VIRT_TYPE=${INSTALL_ARCH:-$(yaml_var "$1" install_virt_type)}
+ INSTALL_ARCH=${INSTALL_ARCH:-$(yaml_var "$1" install_arch)}
+ INSTALL_MACHINE=${INSTALL_MACHINE:-$(yaml_var "$1" install_machine)}
+ INSTALL_CPU_MODEL=${INSTALL_CPU_MODEL:-$(yaml_var "$1" install_cpu_model)}
+ INSTALL_VCPUS=${INSTALL_VCPUS:-$(yaml_var "$1" install_vcpus)}
+ INSTALL_MEMORY_SIZE=${INSTALL_MEMORY_SIZE:-$(yaml_var "$1"
install_memory_size)}
+ INSTALL_DISK_SIZE=${INSTALL_DISK_SIZE:-$(yaml_var "$1" install_disk_size)}
+ INSTALL_STORAGE_POOL=${INSTALL_STORAGE_POOL:-$(yaml_var "$1"
install_storage_pool)}
+ INSTALL_NETWORK=${INSTALL_NETWORK:-$(yaml_var "$1" install_network)}
+}
+
# ----------------------
# User-visible actions
# ----------------------
@@ -35,6 +63,7 @@ Usage: $CALL_NAME ACTION [OPTIONS]
Actions:
list List known guests
+ install GUEST Install GUEST
prepare GUEST|all Prepare or update GUEST. Can be run multiple times
update GUEST|all Alias for prepare
help Display this help"
@@ -46,6 +75,58 @@ do_list() {
grep -vE '^#|^\[|^$' inventory | sort -u
}
+do_install()
+{
+ GUEST="$1"
+
+ test "$GUEST" || {
+ die "$(do_help)"
+ }
+ do_list | grep -q "$GUEST" || {
+ die "$PROGRAM_NAME: $GUEST: Unknown guest"
+ }
+ test -f "host_vars/$GUEST/install.yml" || {
+ die "$PROGRAM_NAME: $GUEST: Missing configuration, guest must be installed
manually"
+ }
+
+ # Load configuration files. Values don't get overwritten after being
+ # set the first time, so loading the host-specific configuration before
+ # the group configuration ensures overrides work as expected
+ load_config "host_vars/$GUEST/install.yml"
+ load_config "group_vars/all/install.yml"
+
+ # Both memory size and disk size use GiB as unit, but virt-install wants
+ # disk size in GiB and memory size in *MiB*, so perform conversion here
+ INSTALL_MEMORY_SIZE=$(expr "$INSTALL_MEMORY_SIZE" \* 1024 2>/dev/null)
+
+ # preseed files must use a well-known name to be picked up by d-i;
+ # for kickstart files, we can use whatever name we please but we need
+ # to point anaconda in the right direction through a kernel argument
+ case "$INSTALL_CONFIG" in
+ *kickstart*|*ks*) EXTRA_ARGS="ks=file:/${INSTALL_CONFIG##*/}" ;;
+ esac
+
+ virt-install \
+ --name "$GUEST" \
+ --location "$INSTALL_URL" \
+ --virt-type "$INSTALL_VIRT_TYPE" \
+ --arch "$INSTALL_ARCH" \
+ --machine "$INSTALL_MACHINE" \
+ --cpu "$INSTALL_CPU_MODEL" \
+ --vcpus "$INSTALL_VCPUS" \
+ --memory "$INSTALL_MEMORY_SIZE" \
+ --disk "size=$INSTALL_DISK_SIZE,pool=$INSTALL_STORAGE_POOL,bus=virtio"
\
+ --network "network=$INSTALL_NETWORK,model=virtio" \
+ --graphics none \
+ --console pty \
+ --sound none \
+ --controller usb,model=none \
+ --initrd-inject "$INSTALL_CONFIG" \
+ --extra-args "console=ttyS0 $EXTRA_ARGS" \
+ --autostart \
+ --wait 0
+}
+
do_prepare() {
GUEST="$1"
@@ -95,6 +176,7 @@ test -f "$PROGRAM_NAME" || {
case "$1" in
list) do_list ;;
+ install) do_install "$2" ;;
prepare|update) do_prepare "$2" ;;
*help) do_help ;;
*) die "$(do_help)" ;;
diff --git a/guests/preseed.cfg b/guests/preseed.cfg
new file mode 100644
index 0000000..00fd20d
--- /dev/null
+++ b/guests/preseed.cfg
@@ -0,0 +1,85 @@
+# Installer configuration
+#
+# Perform an automated installation where only critical questions
+# are asked interactively
+d-i auto-install/enable boolean true
+d-i debconf/priority string critical
+d-i finish-install/reboot_in_progress note
+
+
+# Environment configuration
+#
+# Locale, keyboard and timezone. All these will be configured again
+# later with Ansible, but they're required information so we must
+# provide them
+d-i debian-installer/locale string en_US.UTF-8
+d-i keyboard-configuration/xkb-keymap select us
+d-i time/zone string UTC
+d-i clock-setup/utc boolean true
+d-i clock-setup/ntp boolean true
+
+
+# User creation
+#
+# We don't create any user except for root. We can use a very insecure
+# root password here because it will be replaced with a used-defined one
+# with Ansible immediately after installation
+d-i passwd/make-user boolean false
+d-i passwd/root-login boolean true
+d-i passwd/root-password password root
+d-i passwd/root-password-again password root
+d-i user-setup/allow-password-weak boolean true
+
+
+# Partition disk
+#
+# Erase everything and set up a 2 GiB swap partition, then assign all
+# remaining space to the root partition
+d-i partman-auto/disk string /dev/vda
+d-i partman-auto/method string regular
+d-i partman-auto/expert_recipe string \
+ custom :: \
+ 2048 2048 -1 ext4 \
+ $primary{ } $bootable{ } \
+ method{ format } format{ } \
+ use_filesystem{ } filesystem{ ext4 } \
+ mountpoint{ / } \
+ . \
+ 256 256 256 linux-swap \
+ $primary{ } \
+ method{ swap } format{ } \
+ .
+d-i partman-partitioning/confirm_write_new_label boolean true
+d-i partman/choose_partition select finish
+d-i partman/confirm boolean true
+d-i partman/confirm_nooverwrite boolean true
+
+
+# Install bootloader
+#
+# The bootloader will be installed in the MBR
+d-i grub-installer/skip boolean false
+d-i grub-installer/bootdev string /dev/vda
+d-i grub-installer/only_debian boolean true
+
+
+# Configure networking
+#
+# The only network interface available to the guest will come up
+# at boot using DHCP
+d-i netcfg/enable boolean true
+d-i netcfg/choose_interface select auto
+d-i netcfg/get_hostname string localhost
+d-i netcfg/get_domain string localdomain
+
+
+# Software installation
+#
+# Only install the very base packages: everything else will be
+# installed later using Ansible. We need to install openssh-server
+# and configure it to permit root login now, though, otherwise we
+# won't be able to access the machine for Ansible use later on
+tasksel tasksel/first multiselect standard
+d-i pkgsel/upgrade select none
+d-i pkgsel/include string openssh-server
+d-i preseed/late_command string in-target sed -i
's/^#*\s*PermitRootLogin\s*.*$/PermitRootLogin yes/g' /etc/ssh/sshd_config
--
2.13.6
6:15 a.m.
New subject: [libvirt] [libvirt-jenkins-ci PATCH v2 4/6] guests: Add unattended installation support
On Wed, Oct 18, 2017 at 07:11:49PM +0200, Andrea Bolognani wrote:
The lcitool script can now be used to install most known guests
without requiring user interaction.
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
[...]
diff --git a/guests/kickstart.cfg b/guests/kickstart.cfg
new file mode 100644
index 0000000..603c0ae
--- /dev/null
+++ b/guests/kickstart.cfg
@@ -0,0 +1,60 @@
+# Installer configuration
+#
+# Perform a text based installation followed by a reboot, and disable
+# the first boot assistant
+text
+install
+reboot
+firstboot --disable
+
+
+# Environment configuration
+#
+# Locale, keyboard and timezone. All these will be configured again
+# later with Ansible, but they're required information so we must
+# provide them
+lang en_US.UTF-8
+keyboard us
+timezone --utc UTC
+
+
+# User creation
+#
+# We don't create any user except for root. We can use a very insecure
+# root password here because it will be replaced with a used-defined one
+# with Ansible immediately after installation
+authconfig --enableshadow --passalgo=sha512
+rootpw --plaintext root
+
+
+# Partition disk
+#
+# Erase everything and set up a 2 GiB swap partition, then assign all
s/2 GiB/256 MiB/
+# remaining space to the root partition
+ignoredisk --only-use=vda
+zerombr
+clearpart --none
+part / --fstype=ext4 --size=2048 --grow
+part swap --fstype=swap --size=256
+
+
+# Install bootloader
+#
+# The bootloader will be installed in the MBR
+bootloader --location=mbr --timeout=1
+
+
+# Configure networking
+#
+# The only network interface available to the guest will come up
+# at boot using IPv4-only DHCP
+network --bootproto=dhcp --noipv6 --activate --onboot=yes
+
+
+# Software installation
+#
+# Only install the very base packages: everything else will be
+# installed later using Ansible
+%packages
+@core
+%end
[...]
diff --git a/guests/preseed.cfg b/guests/preseed.cfg
new file mode 100644
index 0000000..00fd20d
--- /dev/null
+++ b/guests/preseed.cfg
@@ -0,0 +1,85 @@
+# Installer configuration
+#
+# Perform an automated installation where only critical questions
+# are asked interactively
+d-i auto-install/enable boolean true
+d-i debconf/priority string critical
+d-i finish-install/reboot_in_progress note
+
+
+# Environment configuration
+#
+# Locale, keyboard and timezone. All these will be configured again
+# later with Ansible, but they're required information so we must
+# provide them
+d-i debian-installer/locale string en_US.UTF-8
+d-i keyboard-configuration/xkb-keymap select us
+d-i time/zone string UTC
+d-i clock-setup/utc boolean true
+d-i clock-setup/ntp boolean true
+
+
+# User creation
+#
+# We don't create any user except for root. We can use a very insecure
+# root password here because it will be replaced with a used-defined one
+# with Ansible immediately after installation
+d-i passwd/make-user boolean false
+d-i passwd/root-login boolean true
+d-i passwd/root-password password root
+d-i passwd/root-password-again password root
+d-i user-setup/allow-password-weak boolean true
+
+
+# Partition disk
+#
+# Erase everything and set up a 2 GiB swap partition, then assign all
s/2 GiB/256 MiB/
+# remaining space to the root partition
+d-i partman-auto/disk string /dev/vda
+d-i partman-auto/method string regular
+d-i partman-auto/expert_recipe string \
+ custom :: \
+ 2048 2048 -1 ext4 \
+ $primary{ } $bootable{ } \
+ method{ format } format{ } \
+ use_filesystem{ } filesystem{ ext4 } \
+ mountpoint{ / } \
+ . \
+ 256 256 256 linux-swap \
+ $primary{ } \
+ method{ swap } format{ } \
+ .
+d-i partman-partitioning/confirm_write_new_label boolean true
+d-i partman/choose_partition select finish
+d-i partman/confirm boolean true
+d-i partman/confirm_nooverwrite boolean true
+
+
+# Install bootloader
+#
+# The bootloader will be installed in the MBR
+d-i grub-installer/skip boolean false
+d-i grub-installer/bootdev string /dev/vda
+d-i grub-installer/only_debian boolean true
+
+
+# Configure networking
+#
+# The only network interface available to the guest will come up
+# at boot using DHCP
+d-i netcfg/enable boolean true
+d-i netcfg/choose_interface select auto
+d-i netcfg/get_hostname string localhost
+d-i netcfg/get_domain string localdomain
+
+
+# Software installation
+#
+# Only install the very base packages: everything else will be
+# installed later using Ansible. We need to install openssh-server
+# and configure it to permit root login now, though, otherwise we
+# won't be able to access the machine for Ansible use later on
+tasksel tasksel/first multiselect standard
+d-i pkgsel/upgrade select none
+d-i pkgsel/include string openssh-server
+d-i preseed/late_command string in-target sed -i
's/^#*\s*PermitRootLogin\s*.*$/PermitRootLogin yes/g' /etc/ssh/sshd_config
--
2.13.6
--
libvir-list mailing list
libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
12:11 p.m.
New subject: [libvirt] [libvirt-jenkins-ci PATCH v2 5/6] guests: Configure bootloaders
Both GRUB and the FreeBSD bootloader need some tweaking to make
sure the OS will display boot messages and provide a login prompt
on the serial console, which is useful when SSH access can't be
used for whatever reason.
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
guests/tasks/base.yml | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 50 insertions(+)
diff --git a/guests/tasks/base.yml b/guests/tasks/base.yml
index a9066e4..db805b8 100644
--- a/guests/tasks/base.yml
+++ b/guests/tasks/base.yml
@@ -115,3 +115,53 @@
line: 'PermitRootLogin without-password'
state: present
backup: yes
+
+- name: Look for GRUB configuration
+ stat:
+ path: /etc/default/grub
+ register: grubdefault
+
+- name: Look for GRUB configuration
+ stat:
+ path: /boot/grub/grub.cfg
+ register: grubcfg
+
+- name: Look for GRUB configuration
+ stat:
+ path: /boot/grub2/grub.cfg
+ register: grub2cfg
+
+- name: Configure GRUB
+ lineinfile:
+ path: /etc/default/grub
+ regexp: '^{{ item.key }}=.*$'
+ line: '{{ item.key }}="{{ item.value }}"'
+ backup: yes
+ with_items:
+ - { key: 'GRUB_TIMEOUT', value: '1' }
+ - { key: 'GRUB_CMDLINE_LINUX_DEFAULT', value: 'console=ttyS0' }
+ - { key: 'GRUB_CMDLINE_LINUX', value: 'console=ttyS0' }
+ - { key: 'GRUB_TERMINAL', value: 'serial' }
+ - { key: 'GRUB_SERIAL_COMMAND', value: 'serial' }
+ when:
+ - grubdefault.stat.exists
+
+- name: Apply GRUB configuration
+ command: 'grub-mkconfig -o /boot/grub/grub.cfg'
+ when:
+ - grubcfg.stat.exists
+
+- name: Apply GRUB configuration
+ command: 'grub2-mkconfig -o /boot/grub2/grub.cfg'
+ when:
+ - grub2cfg.stat.exists
+
+- name: Configure the FreeBSD bootloader
+ lineinfile:
+ path: /boot/loader.conf
+ regexp: '^console=.*$'
+ line: 'console="comconsole"'
+ create: yes
+ backup: yes
+ when:
+ - os_name == 'FreeBSD'
--
2.13.6
6:29 a.m.
New subject: [libvirt] [libvirt-jenkins-ci PATCH v2 5/6] guests: Configure bootloaders
On Wed, Oct 18, 2017 at 07:11:50PM +0200, Andrea Bolognani wrote:
Both GRUB and the FreeBSD bootloader need some tweaking to make
sure the OS will display boot messages and provide a login prompt
on the serial console, which is useful when SSH access can't be
used for whatever reason.
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
guests/tasks/base.yml | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 50 insertions(+)
diff --git a/guests/tasks/base.yml b/guests/tasks/base.yml
index a9066e4..db805b8 100644
--- a/guests/tasks/base.yml
+++ b/guests/tasks/base.yml
@@ -115,3 +115,53 @@
line: 'PermitRootLogin without-password'
state: present
backup: yes
+
+- name: Look for GRUB configuration
+ stat:
+ path: /etc/default/grub
+ register: grubdefault
+
+- name: Look for GRUB configuration
+ stat:
+ path: /boot/grub/grub.cfg
+ register: grubcfg
+
+- name: Look for GRUB configuration
s/GRUB/GRUB2/
+ stat:
+ path: /boot/grub2/grub.cfg
+ register: grub2cfg
+
+- name: Configure GRUB
+ lineinfile:
+ path: /etc/default/grub
+ regexp: '^{{ item.key }}=.*$'
+ line: '{{ item.key }}="{{ item.value }}"'
+ backup: yes
+ with_items:
+ - { key: 'GRUB_TIMEOUT', value: '1' }
+ - { key: 'GRUB_CMDLINE_LINUX_DEFAULT', value: 'console=ttyS0' }
+ - { key: 'GRUB_CMDLINE_LINUX', value: 'console=ttyS0' }
+ - { key: 'GRUB_TERMINAL', value: 'serial' }
+ - { key: 'GRUB_SERIAL_COMMAND', value: 'serial' }
+ when:
+ - grubdefault.stat.exists
+
+- name: Apply GRUB configuration
+ command: 'grub-mkconfig -o /boot/grub/grub.cfg'
+ when:
+ - grubcfg.stat.exists
+
+- name: Apply GRUB configuration
s/GRUB/GRUB2/
+ command: 'grub2-mkconfig -o /boot/grub2/grub.cfg'
+ when:
+ - grub2cfg.stat.exists
+
+- name: Configure the FreeBSD bootloader
+ lineinfile:
+ path: /boot/loader.conf
+ regexp: '^console=.*$'
+ line: 'console="comconsole"'
+ create: yes
+ backup: yes
+ when:
+ - os_name == 'FreeBSD'
--
2.13.6
--
libvir-list mailing list
libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
12:11 p.m.
New subject: [libvirt] [libvirt-jenkins-ci PATCH v2 6/6] guests: Update documentation
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
guests/README.markdown | 91 +++++++++++++++++++++++++++++++++++---------------
1 file changed, 64 insertions(+), 27 deletions(-)
diff --git a/guests/README.markdown b/guests/README.markdown
index 4d464e1..100ca31 100644
--- a/guests/README.markdown
+++ b/guests/README.markdown
@@ -1,38 +1,55 @@
-Ansible playbooks for libvirt CI
-================================
+libvirt CI - guest management tools
+===================================
-These can be used to turn a freshly installed machine into a worker for
-the Jenkins-based libvirt CI.
+The tools contained in this directory simplify and automate the management
+of the guests used by the Jenkins-based libvirt CI environment.
-There are two main playbooks:
+There are two steps to bringing up a guest:
-* `bootstrap.yml`, used to perform the bootstrapping phase, that is, getting
- guests to the point where Ansible can manage them fully and prompting the
- user for a password is no longer required;
+* `./lcitool install $guest` will perform an unattended installation
+ of `$guest`. Not all guests can be installed this way: see the "FreeBSD"
+ section below;
-* `site.yml`, used for the remaining configuration steps.
+* `./lcitool prepare $guest` will go through all the post-installation
+ configuration steps required to make the newly-created guest usable as
+ part of the Jenkins CI setup.
-Although you can use the playbooks directly, it's much more convenient to
-call either `make bootstrap` or `make site` instead.
+Once those steps have been performed, maintainance will involve running:
-Each guest only needs to be bootstrapped once; that said, both playbooks are
-idempotent so there's no harm in applying them over and over again.
+* `./lcitool update $guest`
+periodically to ensure the guest configuration is sane and all installed
+packages are updated.
-Requirements
-------------
-SSH must be running in the guest, and root login must be permitted.
+Host setup
+----------
+Ansible and `virt-install` need to be available on the host.
-CI use
-------
+Before you can start bringing up guests, you'll have to store your
+site-specific root password in the `~/.config/lcitool/root-password` file.
+This password will only be necessary for serial console access in case
+something goes horribly wrong; for day to day operations, SSH key
+authentication will be used instead.
-After you have reinstalled a Jenkins worker, run `make bootstrap` followed
-by `make site` and a reboot to get it ready for CI use. No further action
-should be necessary.
+Ansible expects to be able to connect to the guests by name: installing and
+enabling the [libvirt NSS plugin](https://wiki.libvirt.org/page/NSS_module)
+on the host is the easiest way to make sure that works. More specifically,
+you'll want to use the `libvirt_guest` variant of the plugin.
-Adding new workers will require tweaking the inventory and host variables,
+To keep guests up to date over time, it's recommended to have an entry
+along the lines of
+
+ 0 0 * * * cd ~/libvirt-jenkins-ci/guests && ./lcitool update all
+
+in your crontab.
+
+
+Adding new guests
+-----------------
+
+Adding new guests will require tweaking the inventory and host variables,
but it should be very easy to eg. use the Fedora 26 configuration to come
up with a working Fedora 27 configuration.
@@ -40,11 +57,11 @@ up with a working Fedora 27 configuration.
Development use
---------------
-If you are a developer trying to reproduce a bug on some OS you don't have
-easy access to, you can use these playbooks to create a suitable test
+If you are a developer trying to reproduce a bug on some OS you don't
+have easy access to, you can use these tools to create a suitable test
environment.
-Since the playbooks are intended mainly for CI use, you'll have to tweak them
+Since the tools are intended mainly for CI use, you'll have to tweak them
a bit first, including:
* trimming down the `inventory` file to just the guest you're interested in;
@@ -56,5 +73,25 @@ a bit first, including:
* deleting `host_vars/$guest/vault.yml` altogether.
-After performing these tweaks, you should be able to just run `make bootstrap`
-followed by `make site` as usual.
+After performing these tweaks, you should be able to use the same steps
+outlined above.
+
+A better way to deal with this use case will be provided in the future.
+
+
+FreeBSD
+-------
+
+Installation of FreeBSD guests must be performed manually; alternatively,
+the official qcow2 images can be used to quickly bring up such guests.
+
+Some manual tweaking will be needed, in particular:
+
+* `/etc/ssh/sshd_config` must contain the `PermitRootLogin yes` directive;
+
+* `/etc/rc.conf` must contain the `sshd_enable="YES"` setting;
+
+* the root password must be manually set to "root" (without quotes).
+
+Once these steps have been performed, FreeBSD guests can be managed just
+like all other guests.
--
2.13.6
4:10 a.m.
On Wed, Oct 18, 2017 at 07:11:45PM +0200, Andrea Bolognani wrote:
Changes from [v1]:
* guest changes
- set root password to a user-provided value
- only allow key-based SSH login for root
- configure serial console for emergency access
- disable audio, video and USB
- allocate 256 MiB for swap instead of 2 GiB
Why wap in such a virtual machine?
- allocate 15 GiB for storage instead of 10 GiB
- use host-passthrough CPU mode
- set timezone to UTC
* tool changes
- rename to lcitool
- implement basic configuration support
- refuse to run from outside the source directory
- provide better error messages
* others
- improve documentation, mainly the host setup part
[v1] https://www.redhat.com/archives/libvir-list/2017-October/msg00651.html
I can't speak about the installation decisions, that's something that was
already used anyway, I guess, but apart from that, it's pretty neat if I do say
so myself.
I'd ACK it, but I see Dan and Pavel have more insight into this, so I'll let
them do a proper review, just wanted to point out that I think this is something
which will streamline not only our Jenkins CI, but other things as well. Maybe
we'll need to rename the repo then :D
Have a nice noodles^Wday,
Martin
4:18 a.m.
On Thu, Oct 19, 2017 at 11:10:21AM +0200, Martin Kletzander wrote:
On Wed, Oct 18, 2017 at 07:11:45PM +0200, Andrea Bolognani wrote:
> Changes from [v1]:
>
> * guest changes
> - set root password to a user-provided value
> - only allow key-based SSH login for root
> - configure serial console for emergency access
> - disable audio, video and USB
> - allocate 256 MiB for swap instead of 2 GiB
Why wap in such a virtual machine?
Even if you don't expect to use / need it, it is generally a good idea to
give a few 100 MB of swap. This gives the kernel MM greater flexibility to
re-arrange memory when it starts to get low on free RAM. Without it, you
can hit OOM despite technically having enough RAM free.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
9:01 a.m.
On Wed, Oct 18, 2017 at 07:11:45PM +0200, Andrea Bolognani wrote:
Changes from [v1]:
* guest changes
- set root password to a user-provided value
- only allow key-based SSH login for root
- configure serial console for emergency access
- disable audio, video and USB
- allocate 256 MiB for swap instead of 2 GiB
- allocate 15 GiB for storage instead of 10 GiB
- use host-passthrough CPU mode
- set timezone to UTC
* tool changes
- rename to lcitool
- implement basic configuration support
- refuse to run from outside the source directory
- provide better error messages
* others
- improve documentation, mainly the host setup part
[v1] https://www.redhat.com/archives/libvir-list/2017-October/msg00651.html
Andrea Bolognani (6):
guests: Rename from 'ansible'
guests: Introduce lcitool
guests: Remove bootstrap phase
guests: Add unattended installation support
guests: Configure bootloaders
guests: Update documentation
There are some nits pointed out but otherwise this looks really good,
thanks for all the work :).
Reviewed-by: Pavel Hrdina <phrdina(a)redhat.com>
2591
days inactive
2592
days old
17 comments
4 participants
participants (4)
-
Andrea Bolognani -
Daniel P. Berrange -
Martin Kletzander -
Pavel Hrdina