Compare commits
14 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| efda1af7ec | |||
| 77b4f9eb86 | |||
| c4ca53c276 | |||
| 452080fb6d | |||
| 9c8b5b70b2 | |||
| c78fa85aa7 | |||
| ed4a8cbfc0 | |||
| 874438cdf6 | |||
| 3a4938b9e6 | |||
| fd39a0408d | |||
| db28a55718 | |||
| e75f317f98 | |||
| 211ebc15e9 | |||
| 9c0fcde94e |
Executable
+24
@@ -0,0 +1,24 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# VM names from vars/vms.yml
|
||||||
|
VMS=("coreos-vm" "flatcar-vm" "microos-vm")
|
||||||
|
# Image directory from group_vars/all.yml
|
||||||
|
IMAGES_DIR="/var/lib/libvirt/images"
|
||||||
|
|
||||||
|
for vm in "${VMS[@]}"; do
|
||||||
|
echo "Cleaning up VM: $vm"
|
||||||
|
|
||||||
|
# Destroy the VM (force stop)
|
||||||
|
sudo virsh destroy "$vm" 2>/dev/null || echo "VM $vm is not running."
|
||||||
|
|
||||||
|
# Undefine the VM (remove configuration)
|
||||||
|
sudo virsh undefine "$vm" 2>/dev/null || echo "VM $vm is not defined."
|
||||||
|
|
||||||
|
# Remove the disk image
|
||||||
|
sudo rm -f "$IMAGES_DIR/$vm.qcow2"
|
||||||
|
sudo rm -f "$IMAGES_DIR/$vm.download"
|
||||||
|
|
||||||
|
echo "VM $vm cleaned up."
|
||||||
|
done
|
||||||
|
|
||||||
|
echo "Cleanup complete."
|
||||||
@@ -7,7 +7,7 @@ vm_ssh_public_key: "~/.ssh/id_vms.pub" # Path to your public key for SSH access
|
|||||||
# Default VM resources
|
# Default VM resources
|
||||||
default_cpu: 2
|
default_cpu: 2
|
||||||
default_ram: 2048
|
default_ram: 2048
|
||||||
default_disk: "20G"
|
default_disk: 20 # GB
|
||||||
|
|
||||||
# Storage path for images
|
# Storage path for images
|
||||||
vm_images_dir: "/var/lib/libvirt/images"
|
vm_images_dir: "/var/lib/libvirt/images"
|
||||||
|
|||||||
@@ -1,12 +1,28 @@
|
|||||||
---
|
---
|
||||||
- name: Generate Ignition config for CoreOS/Flatcar
|
- name: Generate Butane config for CoreOS
|
||||||
template:
|
template:
|
||||||
src: ignition.json.j2
|
src: coreos_ignition.bu.j2
|
||||||
dest: "/tmp/{{ vm_name }}_ignition.json"
|
dest: "/tmp/{{ vm_name }}.bu"
|
||||||
when: os_type == "coreos" or os_type == "flatcar"
|
when: os_type == 'coreos'
|
||||||
|
|
||||||
- name: Generate Cloud-init config for MicroOS
|
- name: Generate Butane config for Flatcar
|
||||||
template:
|
template:
|
||||||
src: user-data.yaml.j2
|
src: flatcar_ignition.bu.j2
|
||||||
dest: "/tmp/{{ vm_name }}_user-data"
|
dest: "/tmp/{{ vm_name }}.bu"
|
||||||
when: os_type == "microos"
|
when: os_type == 'flatcar'
|
||||||
|
|
||||||
|
- name: Generate Butane config for microos
|
||||||
|
template:
|
||||||
|
src: microos_ignition.bu.j2
|
||||||
|
dest: "/tmp/{{ vm_name }}.bu"
|
||||||
|
when: os_type == 'microos'
|
||||||
|
|
||||||
|
- name: Compile Butane to Ignition JSON
|
||||||
|
shell: |
|
||||||
|
docker run --rm -i quay.io/coreos/butane --pretty --strict < /tmp/{{ vm_name }}.bu > {{ vm_images_dir }}/{{ vm_name }}.ign
|
||||||
|
become: yes
|
||||||
|
|
||||||
|
- name: Generate dummy meta-data file
|
||||||
|
copy:
|
||||||
|
content: "instance-id: {{ vm_name }}\nlocal-hostname: {{ vm_name }}\n"
|
||||||
|
dest: "{{ vm_images_dir }}/{{ vm_name }}_meta-data"
|
||||||
@@ -0,0 +1,18 @@
|
|||||||
|
variant: fcos
|
||||||
|
version: 1.5.0
|
||||||
|
passwd:
|
||||||
|
users:
|
||||||
|
- name: root
|
||||||
|
password_hash: "{{ vm_password | password_hash('sha512') }}"
|
||||||
|
ssh_authorized_keys:
|
||||||
|
- "{{ lookup('file', vm_ssh_public_key) | trim }}"
|
||||||
|
- name: {{ vm_user }}
|
||||||
|
password_hash: "{{ vm_password | password_hash('sha512') }}"
|
||||||
|
ssh_authorized_keys:
|
||||||
|
- "{{ lookup('file', vm_ssh_public_key) | trim }}"
|
||||||
|
storage:
|
||||||
|
files:
|
||||||
|
- path: /etc/ssh/sshd_config.d/permit_root_login.conf
|
||||||
|
mode: 0644
|
||||||
|
contents:
|
||||||
|
inline: PermitRootLogin yes
|
||||||
@@ -0,0 +1,18 @@
|
|||||||
|
variant: fcos
|
||||||
|
version: 1.4.0
|
||||||
|
passwd:
|
||||||
|
users:
|
||||||
|
- name: root
|
||||||
|
password_hash: "{{ vm_password | password_hash('sha512') }}"
|
||||||
|
ssh_authorized_keys:
|
||||||
|
- "{{ lookup('file', vm_ssh_public_key) | trim }}"
|
||||||
|
- name: {{ vm_user }}
|
||||||
|
password_hash: "{{ vm_password | password_hash('sha512') }}"
|
||||||
|
ssh_authorized_keys:
|
||||||
|
- "{{ lookup('file', vm_ssh_public_key) | trim }}"
|
||||||
|
storage:
|
||||||
|
files:
|
||||||
|
- path: /etc/ssh/sshd_config.d/permit_root_login.conf
|
||||||
|
mode: 0644
|
||||||
|
contents:
|
||||||
|
inline: PermitRootLogin yes
|
||||||
@@ -1,26 +0,0 @@
|
|||||||
{
|
|
||||||
"ignition": {
|
|
||||||
"version": "0.3.0"
|
|
||||||
},
|
|
||||||
"passwd": {
|
|
||||||
"users": [
|
|
||||||
{
|
|
||||||
"name": "{{ vm_user }}",
|
|
||||||
"password_hash": "{{ vm_password | password_hash('sha512') }}",
|
|
||||||
"ssh_public_keys": [
|
|
||||||
"{{ lookup('file', vm_ssh_public_key) }}"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"storage": {
|
|
||||||
"files": [
|
|
||||||
{
|
|
||||||
"path": "/etc/ssh/sshd_config.d/permit_root_login.conf",
|
|
||||||
"contents": {
|
|
||||||
"source": "data:text/plain;charset=utf-8,PermitRootLogin yes"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -0,0 +1,78 @@
|
|||||||
|
variant: fcos
|
||||||
|
version: 1.5.0
|
||||||
|
passwd:
|
||||||
|
users:
|
||||||
|
- name: root
|
||||||
|
password_hash: "{{ vm_password | password_hash('sha512') }}"
|
||||||
|
ssh_authorized_keys:
|
||||||
|
- "{{ lookup('file', vm_ssh_public_key) | trim }}"
|
||||||
|
storage:
|
||||||
|
files:
|
||||||
|
- path: /etc/ssh/sshd_config.d/permit_root_login.conf
|
||||||
|
mode: 0644
|
||||||
|
contents:
|
||||||
|
inline: PermitRootLogin yes
|
||||||
|
systemd:
|
||||||
|
units:
|
||||||
|
# 1. Einmaliger Dienst, der das Subvolume "@home" physisch auf der Platte anlegt
|
||||||
|
- name: create-home-subvolume.service
|
||||||
|
enabled: true
|
||||||
|
contents: |
|
||||||
|
[Unit]
|
||||||
|
Description=Create Btrfs Subvolume for Home (Once)
|
||||||
|
After=local-fs-pre.target
|
||||||
|
Before=home.mount
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
ExecStartPre=/usr/bin/mkdir -p /run/mnt-root-init
|
||||||
|
ExecStartPre=/usr/bin/mount -o subvolid=5 /dev/disk/by-label/ROOT /run/mnt-root-init
|
||||||
|
# Hier werden die Subvolumes @home angelegt, falls sie nicht existieren
|
||||||
|
ExecStart=/usr/bin/bash -c "for sub in @home; do [ -d /run/mnt-root-init/\$$sub ] || /usr/sbin/btrfs subvolume create /run/mnt-root-init/$$sub; done"
|
||||||
|
ExecStartPost=/usr/bin/umount /run/mnt-root-init
|
||||||
|
ExecStartPost=/usr/bin/rmdir /run/mnt-root-init
|
||||||
|
RemainAfterExit=true
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
RequiredBy=home.mount
|
||||||
|
# Der Name der Unit MUSS exakt dem Pfad entsprechen (aus /home wird home.mount)
|
||||||
|
- name: home.mount
|
||||||
|
enabled: true
|
||||||
|
contents: |
|
||||||
|
[Unit]
|
||||||
|
Description=Mount Separates Home Laufwerk
|
||||||
|
Before=local-fs.target
|
||||||
|
|
||||||
|
[Mount]
|
||||||
|
What=/dev/disk/by-label/ROOT
|
||||||
|
Where=/home
|
||||||
|
Type=btrfs
|
||||||
|
Options=defaults,subvol=@home
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=local-fs.target
|
||||||
|
# HIER wird der zusätzliche User sicher angelegt, NACHDEM /home gemountet ist
|
||||||
|
- name: create-custom-users.service
|
||||||
|
enabled: true
|
||||||
|
contents: |
|
||||||
|
[Unit]
|
||||||
|
Description=Create Additional System Users safely after Mounts
|
||||||
|
After=home.mount
|
||||||
|
Requires=home.mount
|
||||||
|
Before=multi-user.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
# Legt den User an, setzt das Home-Verzeichnis, fügt ihn zu wheel (sudo) hinzu und setzt den SSH Key
|
||||||
|
ExecStart=/usr/bin/bash -c "\
|
||||||
|
/usr/sbin/useradd -m -s /bin/bash {{ vm_user }} && \
|
||||||
|
/usr/sbin/usermod -p '{{ vm_password | password_hash('sha512') }}' {{ vm_user }} && \
|
||||||
|
/usr/bin/mkdir -p /home/{{ vm_user }}/.ssh && \
|
||||||
|
/usr/bin/echo '{{ lookup('file', vm_ssh_public_key) | trim }}' > /home/{{ vm_user }}/.ssh/authorized_keys && \
|
||||||
|
/usr/bin/chown -R {{ vm_user }}:{{ vm_user }} /home/{{ vm_user }}/.ssh && \
|
||||||
|
/usr/bin/chmod 700 /home/{{ vm_user }}/.ssh && \
|
||||||
|
/usr/bin/chmod 600 /home/{{ vm_user }}/.ssh/authorized_keys"
|
||||||
|
RemainAfterExit=true
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
@@ -3,6 +3,17 @@ users:
|
|||||||
- name: {{ vm_user }}
|
- name: {{ vm_user }}
|
||||||
passwd: {{ vm_password | password_hash('sha512') }}
|
passwd: {{ vm_password | password_hash('sha512') }}
|
||||||
ssh_authorized_keys:
|
ssh_authorized_keys:
|
||||||
- {{ lookup('file', vm_ssh_public_key) }}
|
- {{ lookup('file', vm_ssh_public_key) | trim }}
|
||||||
sudo: ALL=(ALL) NOPASSWD:ALL
|
sudo: ALL=(ALL) NOPASSWD:ALL
|
||||||
lock_passwd: false
|
lock_passwd: false
|
||||||
|
- name: root
|
||||||
|
passwd: {{ vm_password | password_hash('sha512') }}
|
||||||
|
sudo: ALL=(ALL) NOPASSWD:ALL
|
||||||
|
lock_passwd: false
|
||||||
|
|
||||||
|
runcmd:
|
||||||
|
- mkdir -p /etc/ssh/sshd_config.d
|
||||||
|
- echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/permit_root_login.conf
|
||||||
|
- systemctl restart sshd
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -1,11 +1,10 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
- name: Define image URLs
|
- name: Define image URLs
|
||||||
set_fact:
|
set_fact:
|
||||||
os_images:
|
os_images:
|
||||||
coreos: "https://builds.coreos.fedoraproject.org/prod/streams/stable/builds/44.20260510.3.1/x86_64/fedora-coreos-44.20260510.3.1-qemu.x86_64.qcow2.xz"
|
coreos: "https://builds.coreos.fedoraproject.org/prod/streams/stable/builds/44.20260510.3.1/x86_64/fedora-coreos-44.20260510.3.1-qemu.x86_64.qcow2.xz"
|
||||||
flatcar: "https://stable.release.flatcar-linux.net/amd64-usr/current/flatcar_production_qemu_uefi_image.img"
|
flatcar: "https://stable.release.flatcar-linux.net/amd64-usr/current/flatcar_production_qemu_image.img"
|
||||||
microos: "https://ftp.halifax.rwth-aachen.de/opensuse/tumbleweed/appliances/openSUSE-MicroOS.x86_64-kvm-and-xen.qcow2"
|
microos: "https://download.opensuse.org/tumbleweed/appliances/openSUSE-MicroOS.x86_64-ContainerHost-kvm-and-xen.qcow2"
|
||||||
|
|
||||||
- name: Verify internet connectivity
|
- name: Verify internet connectivity
|
||||||
uri:
|
uri:
|
||||||
@@ -23,18 +22,18 @@
|
|||||||
- name: Handle compressed or raw images
|
- name: Handle compressed or raw images
|
||||||
shell: |
|
shell: |
|
||||||
DOWNLOAD_FILE="{{ vm_images_dir }}/{{ vm_name }}.download"
|
DOWNLOAD_FILE="{{ vm_images_dir }}/{{ vm_name }}.download"
|
||||||
FINAL_FILE="{{ vm_images_dir }}/{{ vm_name }}.qcow2"
|
FINAL_FILE="{{ vm_images_dir }}/{{ vm_name }}"
|
||||||
|
|
||||||
# 1. Handle XZ compression
|
# 1. Handle XZ compression
|
||||||
if [[ "{{ os_images[os_type] }}" == *.xz ]]; then
|
if [[ "{{ os_images[os_type] }}" == *.xz ]]; then
|
||||||
echo "Decompressing XZ image..."
|
echo "Decompressing XZ image..."
|
||||||
unxz -c "$DOWNLOAD_FILE" > "$FINAL_FILE"
|
unxz -c "$DOWNLOAD_FILE" > "$FINAL_FILE".qcow2
|
||||||
elif [[ "{{ os_images[os_type] }}" == *.img ]]; then
|
elif [[ "{{ os_images[os_type] }}" == *.img ]]; then
|
||||||
echo "Converting RAW image to QCOW2..."
|
echo "Moving IMG image to final destination..."
|
||||||
qemu-img convert -f raw -O qcow2 "$DOWNLOAD_FILE" "$FINAL_FILE"
|
mv "$DOWNLOAD_FILE" "$FINAL_FILE".img
|
||||||
else
|
else
|
||||||
echo "Moving QCOW2 image to final destination..."
|
echo "Moving QCOW2 image to final destination..."
|
||||||
mv "$DOWNLOAD_FILE" "$FINAL_FILE"
|
mv "$DOWNLOAD_FILE" "$FINAL_FILE".qcow2
|
||||||
fi
|
fi
|
||||||
rm -f "$DOWNLOAD_FILE"
|
rm -f "$DOWNLOAD_FILE"
|
||||||
become: yes
|
become: yes
|
||||||
@@ -43,27 +42,46 @@
|
|||||||
|
|
||||||
- name: Provision VM using virt-install
|
- name: Provision VM using virt-install
|
||||||
shell: |
|
shell: |
|
||||||
|
{% if os_type == 'coreos' %}
|
||||||
virt-install \
|
virt-install \
|
||||||
|
--connect qemu:///system \
|
||||||
--name {{ vm_name }} \
|
--name {{ vm_name }} \
|
||||||
--vcpus {{ cpu | default(default_cpu) }} \
|
--vcpus {{ cpu | default(default_cpu) }} \
|
||||||
--memory {{ ram | default(default_ram) }} \
|
--memory {{ ram | default(default_ram) }} \
|
||||||
--disk path={{ vm_images_dir }}/{{ vm_name }}.qcow2,bus=virtio \
|
--disk size={{ disk | default('10') }},backing_store={{ vm_images_dir }}/{{ vm_name }}.qcow2,backing_format=qcow2,bus=virtio \
|
||||||
--import \
|
|
||||||
--os-variant {{ os_variant }} \
|
--os-variant {{ os_variant }} \
|
||||||
--network network=default \
|
--network network=default \
|
||||||
--graphics none \
|
--graphics none \
|
||||||
--noautoconsole \
|
--noautoconsole \
|
||||||
--boot uefi \
|
--boot uefi \
|
||||||
{% if os_type == 'coreos' or os_type == 'flatcar' %}
|
--sysinfo type=fwcfg,entry0.name=opt/com.coreos/config,entry0.file={{ vm_images_dir }}/{{ vm_name }}.ign
|
||||||
--cloud-init user-data=/tmp/{{ vm_name }}_ignition.json
|
{% elif os_type == 'flatcar' %}
|
||||||
|
virt-install \
|
||||||
|
--connect qemu:///system \
|
||||||
|
--name {{ vm_name }} \
|
||||||
|
--vcpus {{ cpu | default(default_cpu) }} \
|
||||||
|
--memory {{ ram | default(default_ram) }} \
|
||||||
|
--disk path={{ vm_images_dir }}/{{ vm_name }}.img,format=qcow2,bus=virtio \
|
||||||
|
--import \
|
||||||
|
--os-variant {{ os_variant }} \
|
||||||
|
--network network=default \
|
||||||
|
--graphics none \
|
||||||
|
--noautoconsole \
|
||||||
|
--sysinfo system.serial=flatcar.first_boot=1 \
|
||||||
|
--qemu-commandline="-fw_cfg name=opt/org.flatcar-linux/config,file=/{{ vm_images_dir }}/{{ vm_name }}.ign"
|
||||||
{% elif os_type == 'microos' %}
|
{% elif os_type == 'microos' %}
|
||||||
--cloud-init user-data=/tmp/{{ vm_name }}_user-data
|
virt-install \
|
||||||
|
--connect qemu:///system \
|
||||||
|
--name {{ vm_name }} \
|
||||||
|
--vcpus {{ cpu | default(default_cpu) }} \
|
||||||
|
--memory {{ ram | default(default_ram) }} \
|
||||||
|
--disk size={{ disk | default('10') }},backing_store={{ vm_images_dir }}/{{ vm_name }}.qcow2,backing_format=qcow2,bus=virtio \
|
||||||
|
--os-variant {{ os_variant }} \
|
||||||
|
--network network=default \
|
||||||
|
--graphics none \
|
||||||
|
--noautoconsole \
|
||||||
|
--boot uefi \
|
||||||
|
--sysinfo type=fwcfg,entry0.name=opt/com.coreos/config,entry0.file={{ vm_images_dir }}/{{ vm_name }}.ign
|
||||||
{% endif %}
|
{% endif %}
|
||||||
args:
|
args:
|
||||||
creates: "/etc/libvirt/qemu/{{ vm_name }}.xml"
|
creates: "/etc/libvirt/qemu/{{ vm_name }}.xml"
|
||||||
|
|
||||||
- name: Attach configuration to VM
|
|
||||||
debug:
|
|
||||||
msg: "Configuration is now handled by virt-install --cloud-init flag."
|
|
||||||
when: false # This task is now obsolete
|
|
||||||
become: yes
|
|
||||||
|
|||||||
@@ -5,18 +5,18 @@ vms:
|
|||||||
os_variant: "fedora-coreos-stable"
|
os_variant: "fedora-coreos-stable"
|
||||||
cpu: 2
|
cpu: 2
|
||||||
ram: 2048
|
ram: 2048
|
||||||
disk: "20G"
|
disk: 20 # GB
|
||||||
|
|
||||||
- name: flatcar-vm
|
- name: flatcar-vm
|
||||||
os_type: flatcar
|
os_type: flatcar
|
||||||
os_variant: "fedora-coreos-stable"
|
os_variant: "fedora-coreos-stable"
|
||||||
cpu: 2
|
cpu: 2
|
||||||
ram: 2048
|
ram: 2048
|
||||||
disk: "20G"
|
disk: 20 # GB
|
||||||
|
|
||||||
- name: microos-vm
|
- name: microos-vm
|
||||||
os_type: microos
|
os_type: microos
|
||||||
os_variant: "opensusemicroos"
|
os_variant: "opensusetumbleweed"
|
||||||
cpu: 2
|
cpu: 2
|
||||||
ram: 2048
|
ram: 2048
|
||||||
disk: "20G"
|
disk: 20 #GB
|
||||||
|
|||||||
Reference in New Issue
Block a user