libvirt config
This commit is contained in:
parent
140749e34c
commit
1166e932c5
@ -7,6 +7,7 @@
|
|||||||
roles:
|
roles:
|
||||||
- python-install
|
- python-install
|
||||||
- sshd
|
- sshd
|
||||||
#- firewall
|
- firewall
|
||||||
- pikaur
|
- pikaur
|
||||||
- zfs-install
|
- zfs-install
|
||||||
|
- libvirt-server
|
@ -30,7 +30,7 @@
|
|||||||
proto: tcp
|
proto: tcp
|
||||||
interface: "{{ firewall_ssh_interface }}"
|
interface: "{{ firewall_ssh_interface }}"
|
||||||
direction: in
|
direction: in
|
||||||
src: '{{ item }}'
|
src: "{{ item }}"
|
||||||
loop:
|
loop:
|
||||||
- 192.168.20.0/24
|
- 192.168.20.0/24
|
||||||
- 192.168.72.0/24
|
- 192.168.72.0/24
|
||||||
|
@ -6,6 +6,8 @@ libvirt_server_packages:
|
|||||||
- openbsd-netcat
|
- openbsd-netcat
|
||||||
- edk2-ovmf
|
- edk2-ovmf
|
||||||
- swtpm
|
- swtpm
|
||||||
|
- libvirt-python
|
||||||
|
- python-lxml
|
||||||
|
|
||||||
libvirt_zfs_pool_name: zfs
|
libvirt_zfs_pool_name: zfs
|
||||||
libvirt_zfs_pool_path: ssd/vhds
|
libvirt_zfs_pool_path: ssd/vhds
|
||||||
|
@ -5,7 +5,6 @@
|
|||||||
name: "{{ libvirt_server_packages }}"
|
name: "{{ libvirt_server_packages }}"
|
||||||
state: latest
|
state: latest
|
||||||
update_cache: true
|
update_cache: true
|
||||||
reason: explicit
|
|
||||||
when:
|
when:
|
||||||
- ansible_os_family == 'Arch'
|
- ansible_os_family == 'Arch'
|
||||||
|
|
||||||
@ -23,9 +22,12 @@
|
|||||||
state: started
|
state: started
|
||||||
enabled: yes
|
enabled: yes
|
||||||
|
|
||||||
- name: define vm cluster network
|
- name: set cluster network variables
|
||||||
|
set_fact:
|
||||||
libvirt_network_name: "{{ libvirt_cluster_network_name }}"
|
libvirt_network_name: "{{ libvirt_cluster_network_name }}"
|
||||||
libvirt_network_domain: "{{ libvirt_cluster_network_name }}"
|
libvirt_network_domain: "{{ libvirt_cluster_network_name }}"
|
||||||
|
|
||||||
|
- name: define vm cluster network
|
||||||
community.libvirt.virt_net:
|
community.libvirt.virt_net:
|
||||||
name: "{{ libvirt_cluster_network_name }}"
|
name: "{{ libvirt_cluster_network_name }}"
|
||||||
command: define
|
command: define
|
||||||
@ -34,7 +36,7 @@
|
|||||||
- name: build vm cluster network
|
- name: build vm cluster network
|
||||||
community.libvirt.virt_net:
|
community.libvirt.virt_net:
|
||||||
name: "{{ libvirt_cluster_network_name }}"
|
name: "{{ libvirt_cluster_network_name }}"
|
||||||
command: build
|
command: create
|
||||||
|
|
||||||
- name: start vm cluster network
|
- name: start vm cluster network
|
||||||
community.libvirt.virt_net:
|
community.libvirt.virt_net:
|
||||||
@ -52,32 +54,36 @@
|
|||||||
name: "{{ libvirt_zfs_pool_path }}"
|
name: "{{ libvirt_zfs_pool_path }}"
|
||||||
state: present
|
state: present
|
||||||
extra_zfs_properties:
|
extra_zfs_properties:
|
||||||
- canmount: off
|
canmount: off
|
||||||
- mountpoint: none
|
mountpoint: none
|
||||||
- compression: off
|
compression: off
|
||||||
- primarycache: metadata
|
primarycache: metadata
|
||||||
- secondarycache: none
|
secondarycache: none
|
||||||
- reservation: none
|
reservation: none
|
||||||
- refreservation: none
|
refreservation: none
|
||||||
- dedup: off
|
dedup: off
|
||||||
- encryption: off
|
encryption: off
|
||||||
- volmode: dev
|
volmode: dev
|
||||||
- devices: off
|
devices: off
|
||||||
- atime: off
|
atime: off
|
||||||
|
|
||||||
- name: define zfs storage pool
|
- name: set zfs pool variables
|
||||||
|
set_fact:
|
||||||
libvirt_pool_type: zfs
|
libvirt_pool_type: zfs
|
||||||
libvirt_pool_name: "{{ libvirt_zfs_pool_name }}"
|
libvirt_pool_name: "{{ libvirt_zfs_pool_name }}"
|
||||||
libvirt_pool_path: "{{ libvirt_zfs_pool_path }}"
|
libvirt_pool_source: "{{ libvirt_zfs_pool_path }}"
|
||||||
|
libvirt_pool_target: ""
|
||||||
|
|
||||||
|
- name: define zfs storage pool
|
||||||
community.libvirt.virt_pool:
|
community.libvirt.virt_pool:
|
||||||
name: "{{ libvirt_zfs_pool_name }}"
|
name: "{{ libvirt_zfs_pool_name }}"
|
||||||
command: define
|
command: define
|
||||||
xml: '{{ lookup("template", "pool.xml.j2") }}'
|
xml: '{{ lookup("template", "pool.xml.j2") }}'
|
||||||
|
|
||||||
- name: build zfs storage pool
|
# - name: build zfs storage pool
|
||||||
community.libvirt.virt_pool:
|
# community.libvirt.virt_pool:
|
||||||
name: "{{ libvirt_zfs_pool_name }}"
|
# name: "{{ libvirt_zfs_pool_name }}"
|
||||||
command: build
|
# command: build
|
||||||
|
|
||||||
- name: start zfs storage pool
|
- name: start zfs storage pool
|
||||||
community.libvirt.virt_pool:
|
community.libvirt.virt_pool:
|
||||||
@ -85,6 +91,13 @@
|
|||||||
state: active
|
state: active
|
||||||
autostart: true
|
autostart: true
|
||||||
|
|
||||||
|
- name: set iso pool variables
|
||||||
|
set_fact:
|
||||||
|
libvirt_pool_type: dir
|
||||||
|
libvirt_pool_name: "{{ libvirt_iso_pool_name }}"
|
||||||
|
libvirt_pool_source: ""
|
||||||
|
libvirt_pool_target: "{{ libvirt_iso_pool_path }}"
|
||||||
|
|
||||||
- name: create iso storage dir
|
- name: create iso storage dir
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
@ -95,9 +108,6 @@
|
|||||||
mode: 0775
|
mode: 0775
|
||||||
|
|
||||||
- name: define iso storage pool
|
- name: define iso storage pool
|
||||||
libvirt_pool_type: dir
|
|
||||||
libvirt_pool_name: "{{ libvirt_iso_pool_name }}"
|
|
||||||
libvirt_pool_path: "{{ libvirt_iso_pool_path }}"
|
|
||||||
community.libvirt.virt_pool:
|
community.libvirt.virt_pool:
|
||||||
name: "{{ libvirt_iso_pool_name }}"
|
name: "{{ libvirt_iso_pool_name }}"
|
||||||
command: define
|
command: define
|
||||||
@ -114,6 +124,13 @@
|
|||||||
state: active
|
state: active
|
||||||
autostart: true
|
autostart: true
|
||||||
|
|
||||||
|
- name: set iso pool variables
|
||||||
|
set_fact:
|
||||||
|
libvirt_pool_type: dir
|
||||||
|
libvirt_pool_name: "{{ libvirt_qcow_pool_name }}"
|
||||||
|
libvirt_pool_source: ""
|
||||||
|
libvirt_pool_target: "{{ libvirt_qcow_pool_path }}"
|
||||||
|
|
||||||
- name: create qcow storage dir
|
- name: create qcow storage dir
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
@ -124,9 +141,6 @@
|
|||||||
mode: 0775
|
mode: 0775
|
||||||
|
|
||||||
- name: define qcow storage pool
|
- name: define qcow storage pool
|
||||||
libvirt_pool_type: dir
|
|
||||||
libvirt_pool_name: "{{ libvirt_qcow_pool_name }}"
|
|
||||||
libvirt_pool_path: "{{ libvirt_qcow_pool_path }}"
|
|
||||||
community.libvirt.virt_pool:
|
community.libvirt.virt_pool:
|
||||||
name: "{{ libvirt_qcow_pool_name }}"
|
name: "{{ libvirt_qcow_pool_name }}"
|
||||||
command: define
|
command: define
|
||||||
|
@ -1,6 +1,9 @@
|
|||||||
<pool type="{{ libvirt_pool_type }}">
|
<pool type="{{ libvirt_pool_type }}">
|
||||||
<name>{{ libvirt_pool_name }}</name>
|
<name>{{ libvirt_pool_name }}</name>
|
||||||
<source>
|
<source>
|
||||||
<name>{{ libvirt_pool_path }}</name>
|
<name>{{ libvirt_pool_source }}</name>
|
||||||
</source>
|
</source>
|
||||||
|
<target>
|
||||||
|
<path>{{ libvirt_pool_target }}</path>
|
||||||
|
</target>
|
||||||
</pool>
|
</pool>
|
||||||
|
17
ansible/roles/zfs-install/defaults/main.yml
Normal file
17
ansible/roles/zfs-install/defaults/main.yml
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
---
|
||||||
|
aur_zfs_key_fingerprint: '4F3BA9AB6D1F8D683DC2DFB56AD860EED4598027'
|
||||||
|
zfs_prereq_packages:
|
||||||
|
- gnupg
|
||||||
|
- linux-lts-headers
|
||||||
|
zfs_packages:
|
||||||
|
- zfs-utils
|
||||||
|
- zfs-dkms
|
||||||
|
zfs_arc_min: '1073741824'
|
||||||
|
zfs_arc_max: '4294967296'
|
||||||
|
zfs_zpool_ashift: '12'
|
||||||
|
zfs_zpool_name: ssd
|
||||||
|
zfs_zpool_compression: lz4
|
||||||
|
zfs_zpool_type: mirror
|
||||||
|
zfs_zpool_disk_a: /dev/disk/by-id/ata-Samsung_SSD_850_PRO_2TB_S3D4NX0J503633V
|
||||||
|
zfs_zpool_disk_b: /dev/disk/by-id/ata-Samsung_SSD_850_PRO_2TB_S3D4NX0J708201E
|
||||||
|
zfs_backup_dataset: ssd/backup
|
@ -1,15 +1,91 @@
|
|||||||
---
|
---
|
||||||
- name: Install ZFS DKMS module
|
- name: install zfs prerequisites
|
||||||
|
become: true
|
||||||
|
community.general.pacman:
|
||||||
|
name: "{{ zfs_prereq_packages }}"
|
||||||
|
state: latest
|
||||||
|
update_cache: true
|
||||||
|
when:
|
||||||
|
- ansible_os_family == 'Arch'
|
||||||
|
|
||||||
|
- name: add gpg parameters file from template
|
||||||
|
become: true
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: key-params.j2
|
||||||
|
dest: /root/key-params
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0660
|
||||||
|
|
||||||
|
- name: generate gpg key for root
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.shell:
|
ansible.builtin.shell:
|
||||||
cmd: pikaur -S zfs-dkms --noconfirm
|
cmd: gpg --batch --gen-key /root/key-params
|
||||||
executable: /usr/bin/bash
|
|
||||||
|
|
||||||
# install linux-lts-headers first
|
- name: import zfs signing key
|
||||||
# add a gpg signing key, import and lsign the AUR key below
|
become: true
|
||||||
# https://gist.github.com/woods/8970150
|
ansible.builtin.shell:
|
||||||
# zfs-dkms AUR key 6AD860EED4598027 / 4F3BA9AB6D1F8D683DC2DFB56AD860EED4598027
|
cmd: gpg --receive-keys {{ aur_zfs_key_fingerprint|quote }}
|
||||||
|
|
||||||
set zfs params (ARC)
|
- name: trust zfs signing key
|
||||||
modprobe zfs
|
become: true
|
||||||
set module to start at boot
|
ansible.builtin.shell:
|
||||||
|
cmd: gpg --quick-lsign-key {{ aur_zfs_key_fingerprint|quote }}
|
||||||
|
|
||||||
|
- name: install zfs module
|
||||||
|
become: true
|
||||||
|
community.general.pacman:
|
||||||
|
executable: /usr/bin/pikaur
|
||||||
|
name: "{{ zfs_packages }}"
|
||||||
|
state: latest
|
||||||
|
update_cache: true
|
||||||
|
when:
|
||||||
|
- ansible_os_family == 'Arch'
|
||||||
|
|
||||||
|
- name: set zfs module parameters
|
||||||
|
become: true
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: zfs.conf.j2
|
||||||
|
dest: /etc/modprobe.d/zfs.conf
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0664
|
||||||
|
|
||||||
|
- name: load zfs module
|
||||||
|
become: true
|
||||||
|
community.general.modprobe:
|
||||||
|
name: zfs
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: create zpool
|
||||||
|
become: true
|
||||||
|
ansible.builtin.shell:
|
||||||
|
cmd: zpool create -o ashift={{ zfs_zpool_ashift|quote }} -o autotrim=on -o cachefile=/etc/zfs/zpool.cache -O acltype=posixacl -O atime=off -O xattr=sa -O mountpoint=none -O canmount=off -O devices=off -O compression={{ zfs_zpool_compression|quote }} {{ zfs_zpool_name|quote }} {{ zfs_zpool_type|quote }} {{ zfs_zpool_disk_a|quote }} {{ zfs_zpool_disk_b|quote }}
|
||||||
|
|
||||||
|
- name: enable zfs services
|
||||||
|
become: true
|
||||||
|
ansible.builtin.service:
|
||||||
|
name: "{{ item }}"
|
||||||
|
state: started
|
||||||
|
enabled: yes
|
||||||
|
loop:
|
||||||
|
- zfs-import-cache.service
|
||||||
|
- zfs-mount.service
|
||||||
|
- zfs.target
|
||||||
|
|
||||||
|
- name: create backup zfs dataset
|
||||||
|
community.general.zfs:
|
||||||
|
name: "{{ zfs_backup_dataset }}"
|
||||||
|
state: present
|
||||||
|
extra_zfs_properties:
|
||||||
|
canmount: off
|
||||||
|
mountpoint: none
|
||||||
|
primarycache: none
|
||||||
|
secondarycache: none
|
||||||
|
reservation: none
|
||||||
|
refreservation: none
|
||||||
|
dedup: off
|
||||||
|
encryption: off
|
||||||
|
volmode: dev
|
||||||
|
devices: off
|
||||||
|
atime: off
|
8
ansible/roles/zfs-install/templates/key-params.j2
Normal file
8
ansible/roles/zfs-install/templates/key-params.j2
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
Key-Type: 1
|
||||||
|
Key-Length: 3072
|
||||||
|
Subkey-Type: 1
|
||||||
|
Subkey-Length: 3072
|
||||||
|
Name-Real: Local Administrator
|
||||||
|
Name-Email: root@{{ ansible_host }}
|
||||||
|
Expire-Date: 0
|
||||||
|
%no-protection
|
2
ansible/roles/zfs-install/templates/zfs.conf.j2
Normal file
2
ansible/roles/zfs-install/templates/zfs.conf.j2
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
options zfs zfs_arc_min={{ zfs_arc_min }}
|
||||||
|
options zfs zfs_arc_max={{ zfs_arc_max }}
|
Loading…
Reference in New Issue
Block a user