2023-08-11 00:52:27 +00:00
|
|
|
---
|
|
|
|
|
2023-08-14 12:27:29 +00:00
|
|
|
- name: Format and mount the libvirt disk if it is not root
|
|
|
|
when:
|
|
|
|
- hypervisor.device is defined
|
|
|
|
- hypervisor.device not in (ansible_mounts | json_query('[?mount == `/var/lib/libvirt`].device'))
|
|
|
|
ansible.builtin.include_tasks:
|
|
|
|
file: libvirt_drive_mount.yaml
|
|
|
|
|
|
|
|
- name: Install libvirt packages (Archlinux)
|
|
|
|
when: ansible_distribution == 'Archlinux'
|
2023-08-11 00:52:27 +00:00
|
|
|
community.general.pacman:
|
2023-08-14 12:27:29 +00:00
|
|
|
name: "{{ libvirt_packages['Archlinux'] }}"
|
2023-08-11 00:52:27 +00:00
|
|
|
state: present
|
|
|
|
update_cache: true
|
|
|
|
|
|
|
|
- name: Add user to libvirt group
|
|
|
|
ansible.builtin.user:
|
|
|
|
name: "{{ ansible_user }}"
|
2023-08-14 12:27:29 +00:00
|
|
|
groups:
|
|
|
|
- libvirt
|
|
|
|
- libvirt-qemu
|
2023-08-11 00:52:27 +00:00
|
|
|
append: true
|
|
|
|
|
2023-08-14 12:27:29 +00:00
|
|
|
- name: Load br_netfilter kernel module so sysctl flags can be set
|
|
|
|
community.general.modprobe:
|
|
|
|
name: br_netfilter
|
|
|
|
state: present
|
|
|
|
|
2023-08-11 00:52:27 +00:00
|
|
|
- name: Set required sysctl flags for bridging
|
|
|
|
ansible.posix.sysctl:
|
|
|
|
name: "{{ item.name }}"
|
|
|
|
reload: true
|
|
|
|
state: present
|
|
|
|
sysctl_file: /etc/sysctl.d/bridge.conf
|
|
|
|
sysctl_set: true
|
2023-08-14 12:27:29 +00:00
|
|
|
value: "{{ item.value }}"
|
2023-08-11 00:52:27 +00:00
|
|
|
loop:
|
|
|
|
- name: net.ipv4.ip_forward
|
|
|
|
value: 1
|
|
|
|
- name: net.bridge.bridge-nf-call-iptables
|
|
|
|
value: 0
|
|
|
|
- name: net.bridge.bridge-nf-call-ip6tables
|
|
|
|
value: 0
|
|
|
|
- name: net.bridge.bridge-nf-call-arptables
|
|
|
|
value: 0
|
|
|
|
|
|
|
|
- name: Add bridge(s) to qemu_bridge_helper
|
|
|
|
when: qemu_bridges is defined
|
|
|
|
ansible.builtin.lineinfile:
|
|
|
|
path: /etc/qemu/bridge.conf
|
|
|
|
line: "{{ item }}"
|
|
|
|
state: present
|
|
|
|
backup: false
|
|
|
|
insertafter: EOF
|
|
|
|
loop: "{{ qemu_bridges | default(['virbr0']) }}"
|
|
|
|
|
|
|
|
- name: Start and enable libvirt service
|
|
|
|
ansible.builtin.service:
|
|
|
|
name: libvirtd.service
|
|
|
|
state: started
|
|
|
|
enabled: true
|
|
|
|
|
|
|
|
- name: Stop the default libvirt network
|
|
|
|
community.libvirt.virt_net:
|
|
|
|
name: default
|
|
|
|
state: inactive
|
|
|
|
|
|
|
|
- name: Remove default libvirt network
|
|
|
|
community.libvirt.virt_net:
|
|
|
|
name: default
|
|
|
|
state: absent
|
|
|
|
|
|
|
|
- name: Remove the default libvirt storage pool
|
|
|
|
community.libvirt.virt_pool:
|
|
|
|
name: default
|
|
|
|
state: deleted
|
|
|
|
|
|
|
|
- name: Create standard libvirt storage directories
|
|
|
|
ansible.builtin.file:
|
|
|
|
path: "{{ item }}"
|
|
|
|
state: directory
|
|
|
|
owner: libvirt-qemu
|
|
|
|
group: libvirt-qemu
|
|
|
|
mode: '0775'
|
|
|
|
loop:
|
|
|
|
- /var/lib/libvirt/isos/
|
|
|
|
- /var/lib/libvirt/nvram/
|
|
|
|
|
|
|
|
- name: Get libvirt storage pool facts
|
|
|
|
community.libvirt.virt_pool:
|
|
|
|
command: facts
|
|
|
|
|
2023-08-14 12:27:29 +00:00
|
|
|
- name: Define the standard libvirt storage pools # TODO add when condition against existing pools
|
2023-08-11 00:52:27 +00:00
|
|
|
community.libvirt.virt_pool:
|
|
|
|
name: "{{ item.name }}"
|
|
|
|
command: define
|
2023-08-14 12:27:29 +00:00
|
|
|
xml: "{{ lookup('template', 'dir_libvirt_pool.xml.j2') }}"
|
2023-08-11 00:52:27 +00:00
|
|
|
loop:
|
|
|
|
- name: isos
|
|
|
|
path: /var/lib/libvirt/isos/
|
|
|
|
- name: nvram
|
|
|
|
path: /var/lib/libvirt/nvram/
|
|
|
|
|
|
|
|
- name: Create the standard libvirt storage pools
|
|
|
|
community.libvirt.virt_pool:
|
|
|
|
name: "{{ item }}"
|
|
|
|
command: build
|
|
|
|
loop:
|
|
|
|
- isos
|
|
|
|
- nvram
|
|
|
|
|
|
|
|
- name: Start the standard libvirt storage pools
|
|
|
|
community.libvirt.virt_pool:
|
|
|
|
name: "{{ item }}"
|
|
|
|
state: active
|
|
|
|
autostart: true
|
|
|
|
loop:
|
|
|
|
- isos
|
|
|
|
- nvram
|
|
|
|
|
|
|
|
- name: Setup additional libvirt storage (dir)
|
|
|
|
when: hypervisor.storage == 'dir'
|
|
|
|
ansible.builtin.include_tasks:
|
|
|
|
file: libvirt_dir.yaml
|
|
|
|
|
|
|
|
- name: Setup additional libvirt storage (zfs)
|
|
|
|
when: hypervisor.storage == 'zfs'
|
|
|
|
ansible.builtin.include_tasks:
|
|
|
|
file: libvirt_zfs.yaml
|
|
|
|
|
|
|
|
# - name: Enroll libvirtd TLS certificate
|
|
|
|
|
|
|
|
# - name: Configure libvirtd TLS listener
|
|
|
|
|
|
|
|
# - name: Open libvirtd TLS firewall ports
|