Erste Schritte für neue root-Server mit kvm

bootstrapCore.yml

@@ -4,13 +4,13 @@
   become: true
   roles:
   - apt_upgrade
-  - hostnames
+  - bs_hostnames
-  - ntp
+  - bs_ntp
-  - users
+  - bs_users
-  - sshd
+  - bs_sshd
-  - scripte
+  - bs_scripte
-  - cron
+  - bs_cron
-  - ufw
+  - bs_ufw
-  - snmp
+  - bs_snmp
 
 ...

bootstrapRoot.yml

@@ -3,9 +3,9 @@
   remote_user: root
   roles:
   - apt_upgrade
-  - hostnames
+  - bs_hostnames
-  - users
+  - bs_users
-  - sshd
+  - bs_sshd
    
 # sshd schließt den root user von ssh aus, danach läuft das Playbook nicht mehr als root
 # Weiter geht's mit bootstrapCore

bootstrapTest.yml

@@ -0,0 +1,10 @@
+---
+- hosts: "{{ target }}"
+  remote_user: core
+  become: true
+  roles:
+  - kvm_setup
+  - kvm_installvm
+
+
+...

host_vars/bbb.xitq.de

@@ -6,4 +6,14 @@ install_image:
     drives: sda,sdb
 
 passwordless_sudo: true
+
+install_vm:
+    osvariant: ubuntu20.04
+    image: /home/core/tmp/ubuntu-22.04.1-live-server-amd64.iso
+    ram: 4096
+    size: 20
+    vcpus: 2
+
+
+
 ...

roles/bs_hostnames/tasks/main.yml

@@ -0,0 +1,19 @@
+---
+- name: Set hostname
+  hostname: 
+    name: "{{ inventory_hostname }}"
+
+
+#- name: Copy hosts file to server
+#  copy:
+#    src: hosts
+#    dest: /etc/hosts
+#    owner: root
+#    group: root
+#    mode: 0644
+
+- name: Write IP-Adress of active SSH-Connection to /etc/hosts file
+  debug: 
+    var: ansible_facts['default_ipv4']['address']
+
+...

roles/hostnames/tasks/main.yml

@@ -1,15 +0,0 @@
----
-- name: Set hostname
-  hostname: 
-    name: "{{ inventory_hostname }}"
-
-- name: Copy hosts file to server
-  copy:
-    src: hosts
-    dest: /etc/hosts
-    owner: root
-    group: root
-    mode: 0644
-
-
-...

roles/kvm_installvm/files/virtinstall_options

@@ -0,0 +1,11 @@
+virt-install \
+--name ubuntu2204 \
+--ram 4096 \
+--disk path=/var/kvm/images/ubuntu2204.img,size=20 \
+--vcpus 2 \
+--os-variant ubuntu22.04 \
+--network bridge=br0 \
+--graphics none \
+--console pty,target_type=serial \
+--location /home/ubuntu-22.04-live-server-amd64.iso,kernel=casper/vmlinuz,initrd=casper/initrd \
+--extra-args 'console=ttyS0,115200n8

roles/kvm_installvm/tasks/main.yml

@@ -0,0 +1,37 @@
+---
+
+- name: Download Ubuntu 22.04 iso to user core's tmp dir
+  ansible.builtin.get_url:
+    url: https://releases.ubuntu.com/22.04/ubuntu-22.04.1-live-server-amd64.iso
+    dest: /home/core/tmp/ubuntu-22.04.1-live-server-amd64.iso
+    mode: '0640'
+
+- name: Download Ubuntu 20.04 iso to user core's tmp dir
+  ansible.builtin.get_url:
+    url: https://releases.ubuntu.com/focal/ubuntu-20.04.5-live-server-amd64.iso
+    dest: /home/core/tmp/ubuntu-20.04.1-live-server-amd64.iso
+    mode: '0640'
+
+- name: DEBUG variables TEST ONLY
+  debug: 
+    msg: "{{ install_vm.ram }}"
+  
+
+- name: Install VM with default host-specific host_vars settings
+  shell: 
+    #cmd: echo {{ install_vm.ram }} 
+    cmd: virt-install --name {{ vm }} --ram {{ install_vm.ram }} --disk path=/var/lib/libvirt/images/{{ vm }}.img,size={{ install_vm.size }} --vcpus {{ install_vm.vcpus }} --os-variant {{ install_vm.osvariant }} --network bridge=br0 --graphics none --console pty,target_type=serial --location {{ install_vm.image }},kernel=casper/vmlinuz,initrd=casper/initrd --extra-args 'console=ttyS0,115200n8'
+
+
+
+
+- name: Upload vm XML-Description to core's tmp dir
+  ansible.builtin.template:
+    src: default.xml
+    dest: /home/core/tmp/
+    owner: core
+    group: users
+    mode: '0644'
+
+
+...

roles/kvm_installvm/templates/default.xml

@@ -0,0 +1,114 @@
+<domain type='kvm'>
+  <name>vhostxpm</name>
+  <uuid>15666f6a-c48b-49b1-a2f9-2b01193cb204</uuid>
+  <title>XIT Projektmanagement</title>
+  <memory unit='KiB'>6291456</memory>
+  <currentMemory unit='KiB'>4194304</currentMemory>
+  <vcpu placement='static' current='2'>4</vcpu>
+  <os>
+    <type arch='x86_64' machine='pc-i440fx-xenial'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <features>
+    <acpi/>
+    <apic/>
+    <vmport state='off'/>
+  </features>
+  <cpu mode='custom' match='exact'>
+    <model fallback='allow'>Broadwell-noTSX-IBRS</model>
+  </cpu>
+  <clock offset='utc'>
+    <timer name='rtc' tickpolicy='catchup'/>
+    <timer name='pit' tickpolicy='delay'/>
+    <timer name='hpet' present='no'/>
+  </clock>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <pm>
+    <suspend-to-mem enabled='no'/>
+    <suspend-to-disk enabled='no'/>
+  </pm>
+  <devices>
+    <emulator>/usr/bin/kvm-spice</emulator>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='qcow2'/>
+      <source file='/var/lib/libvirt/images/vhostxpm.qcow2'/>
+      <target dev='hda' bus='ide'/>
+      <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+    </disk>
+    <disk type='file' device='cdrom'>
+      <driver name='qemu' type='raw'/>
+      <target dev='hdb' bus='ide'/>
+      <readonly/>
+      <address type='drive' controller='0' bus='0' target='0' unit='1'/>
+    </disk>
+    <controller type='usb' index='0' model='ich9-ehci1'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x7'/>
+    </controller>
+    <controller type='usb' index='0' model='ich9-uhci1'>
+      <master startport='0'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0' multifunction='on'/>
+    </controller>
+    <controller type='usb' index='0' model='ich9-uhci2'>
+      <master startport='2'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x1'/>
+    </controller>
+    <controller type='usb' index='0' model='ich9-uhci3'>
+      <master startport='4'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x2'/>
+    </controller>
+    <controller type='pci' index='0' model='pci-root'/>
+    <controller type='ide' index='0'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
+    </controller>
+    <controller type='virtio-serial' index='0'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
+    </controller>
+    <filesystem type='mount' accessmode='mapped'>
+      <source dir='/var/tomcatlib'/>
+      <target dir='/libshare'/>
+      <readonly/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x08' function='0x0'/>
+    </filesystem>
+    <filesystem type='mount' accessmode='mapped'>
+      <source dir='/var/www/html/SDW/public/fonts'/>
+      <target dir='/fontshare'/>
+      <readonly/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x09' function='0x0'/>
+    </filesystem>
+    <interface type='network'>
+      <mac address='52:54:00:40:dc:13'/>
+      <source network='default'/>
+      <model type='rtl8139'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
+    </interface>
+    <serial type='pty'>
+      <target port='0'/>
+    </serial>
+    <console type='pty'>
+      <target type='serial' port='0'/>
+    </console>
+    <channel type='spicevmc'>
+      <target type='virtio' name='com.redhat.spice.0'/>
+      <address type='virtio-serial' controller='0' bus='0' port='1'/>
+    </channel>
+    <input type='mouse' bus='ps2'/>
+    <input type='keyboard' bus='ps2'/>
+    <graphics type='spice' autoport='yes'/>
+    <sound model='ich6'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
+    </sound>
+    <video>
+      <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
+    </video>
+    <redirdev bus='usb' type='spicevmc'>
+    </redirdev>
+    <redirdev bus='usb' type='spicevmc'>
+    </redirdev>
+    <memballoon model='virtio'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
+    </memballoon>
+  </devices>
+</domain>

roles/kvm_setup/tasks/main.yml

@@ -0,0 +1,31 @@
+- name: Install KVM hypervisor apt packages
+  apt:
+    name: 
+      - bridge-utils
+      - cpu-checker
+      - libvirt-clients
+      - libvirt-daemon
+      - qemu 
+      - qemu-kvm
+      - qemu-utils
+      - libvirt-daemon-system
+      - libvirt-clients
+      - virtinst
+      - virt-manager
+
+- name: Check KVM ok
+  shell: /usr/sbin/kvm-ok
+  register: kvmok
+  # failed_when: kvm-ok 
+  
+- name: Debug KVM ok
+  debug:
+    msg: "{{ kvmok }}"
+  
+- name: Add user core to libvirt group
+  user:
+    name: core
+    groups: libvirt
+    append: "true"
+
+...