| README.md | ●●●●● patch | view | raw | blame | history | |
| defaults/main.yml | ●●●●● patch | view | raw | blame | history | |
| meta/main.yml | ●●●●● patch | view | raw | blame | history | |
| tasks/main.yml | ●●●●● patch | view | raw | blame | history | |
| templates/sysding.j2 | ●●●●● patch | view | raw | blame | history |
README.md
@@ -1,22 +1,144 @@ Role Name ========= This role is supposed to deploy a new OpenIndiana Zone on a yada... This role is supposed to deploy a new OpenIndiana Zone, with different settings. It will also allow to provision (multiple) ZFS filesystems, vnics and other related resources. Requirements ------------ Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. This role obiously requires an OpenIndiana host system and following ansible modules: - solaris_zone - zfs - dladm_vnic Role Variables -------------- A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. You need to create a data structure called "oizone". The mandatory minimum is shown here: `` oizone: name: myzone zoneroot: /export/zones/ filesystems: - path: rpool/export/zones/myzone type: zoneroot zfscreate: true zfs_extra_properties: mountpoint: /export/zones/myzone nics: - physical: ixgbe0 logical: myzone0 address: 10.23.42.23/24 addrsuffix: v4 sysding: timezone: UTC locale: C ip: routes: - target: default # can be a CIDR or a host ip or "default" router: 10.23.42.1 # IP of the router dns: nameservers: - 1.1.1.1 - 8.8.8.8 search: - example.com - openindiana.org domain: example.com users: - name: root hashedpassword: "$5$foobar...." - name: localadm uid: 100 gid: 10 shell: /usr/bin/bash gecos: "Local Admin Account" home: /export/home/localadm hashedpassword: "$5$barfoo...." `` A set of all possible attributes is here: `` oizone: name: oizone updateinventory: true # adds zone on top of your inventory zoneroot: /export/zones/ autoboot: "true" bootargs: # -v iptype: exclusive cpus: dedicated # dedicated or capped-cpu ncpus: 1 mem: capped-memory # or nil ram: 1G swap: 1G locked: 1G brand: ipkg filesystems: - path: rpool/export/zones/oizone type: zoneroot zfscreate: true zfs_extra_properties: refquota: 10G mountpoint: /export/zones/oizone - path: apppool/oizone/datavol1 type: volume zfscreate: true zfs_extra_properties: volsize: 5G - path: apppool/oizone/dataset1 type: dataset zfscreate: true zfs_extra_properties: quota: 2G - path: /disk1 type: lofs mountpoint: /hostdisks/disk1 zfscreate: false options: - ro - nodevices nics: - physical: ixgbe0 logical: oizoneint0 vlan: 100 address: dhcp # can be "dhcp" or a regular IP address addrsuffix: v4 # can be a string, interface0/suffix will be the ipadm create-addr kvm: vnc: "on" bootorder: cd sysding: timezone: UTC locale: C ip: routes: - target: default # can be a CIDR or a host ip or "default" router: 172.18.0.200 # IP of the router dns: nameservers: - 1.1.1.1 - 8.8.8.8 search: - example.com - openindiana.org domain: example.com users: - name: root hashedpassword: "$5$foobar...." - name: localadm uid: 100 gid: 10 shell: /usr/bin/bash gecos: "Local Admin Account" home: /export/home/localadm hashedpassword: "$5$barfoo...." `` Dependencies ------------ A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. No dependencies to others roles so far. Example Playbook ---------------- @@ -24,15 +146,30 @@ Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - hosts: servers vars: - oizone: [... see above ..] roles: - { role: username.rolename, x: 42 } - role: oi-zone License ------- BSD BSD 3-Clause Copyright 2020 Olaf Bohlen Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Author Information ------------------ An optional section for the role authors to include contact information, or a website (HTML is not allowed). Olaf Bohlen <olbohlen@eenfach.de> defaults/main.yml
@@ -1,72 +1,9 @@ --- # defaults file for oi-zone oizone: name: oizone zoneroot: /export/zones/ autoboot: "true" bootargs: # -v iptype: exclusive cpus: dedicated # dedicated or capped-cpu ncpus: 1 mem: capped-memory # or nil ram: 1G swap: 1G locked: 1G brand: ipkg filesystems: - path: /export/zones/oizone type: zoneroot zfscreate: true zfs_extra_properties: refquota: 10G - path: apppool/oizone/datavol1 type: volume zfscreate: true zfs_extra_properties: volsize: 5G - path: apppool/oizone/dataset1 type: dataset zfscreate: true zfs_extra_properties: quota: 2G - path: /disk1 type: lofs mountpoint: /hostdisks/disk1 zfscreate: false options: - ro - nodevices nics: - physical: ixgbe0 logical: oizoneint0 vlan: 100 address: dhcp # can be "dhcp" or a regular IP address addrsuffix: v4 # can be a string, interface0/suffix will be the ipadm create-addr kvm: vnc: "on" bootorder: cd sysding: timezone: UTC locale: C ip: routes: - target: default # can be a CIDR or a host ip or "default" router: 172.18.0.200 # IP of the router dns: nameservers: - 1.1.1.1 - 8.8.8.8 search: - example.com - openindiana.org domain: example.com users: - name: root hashedpassword: "$5$foobar...." - name: localadm uid: 100 gid: 10 shell: /usr/bin/bash gecos: "Local Admin Account" home: /export/home/localadm hashedpassword: "$5$barfoo...." meta/main.yml
@@ -1,5 +1,5 @@ galaxy_info: author: Olaf Bohlen author: Olaf Bohlen <olbohlen@eenfach.de> description: create zones on OpenIndiana company: eenfach.de
@@ -1,112 +1,155 @@ --- # tasks file for oi-zone - name: create VNICs dladm_vnic: name: "{{ item['logical'] }}" link: "{{ item['physical'] }}" vlan: "{{ item['vlan'] }}" loop: "{{ oizone['nics'] }}" - name: creating zone for you block: - name: create VNICs with VLAN dladm_vnic: name: "{{ item['logical'] }}" link: "{{ item['physical'] }}" vlan: "{{ item['vlan'] }}" loop: "{{ oizone['nics'] }}" when: item['vlan'] is defined - name: create filesystems zfs: name: "{{ item['path'] }}" state: present zfs_extra_properties: "{{ item['zfs_extra_properties'] }}" loop: "{{ oizone['filesystems'] }}" when: zfscreate - name: create VNICs without VLAN dladm_vnic: name: "{{ item['logical'] }}" link: "{{ item['physical'] }}" loop: "{{ oizone['nics'] }}" when: item['vlan'] is not defined - name: create filesystems zfs: name: "{{ item['path'] }}" state: present extra_zfs_properties: "{{ item['extra_zfs_properties'] }}" loop: "{{ oizone['filesystems'] }}" when: item['zfscreate'] - name: set up VM zones for master solaris_zone: name: "{{ oizone['name'] }}" state: installed path: "{{ oizone['zoneroot'] }}/{{ oizone['name'] }}" config: > set brand={{ oizone['brand'] }}; set autoboot={{ oizone['autoboot'] }}; {% if oizone['bootargs'] %} set bootargs={{ oizone['bootargs'] }}; {% endif %} set ip-type={{ oizone['iptype'] }}; {% for nic in oizone['nics'] %} add net; set physical={{ nic['logical'] }}; {% if {{ oizone['iptype'] == "shared" %} set address={{ nic['address'] }}; {% endif %} end; {% endfor %} {% for disk in vmconfig[outer_item]['disks'] %} add device; set match="/dev/zvol/rdsk/localstripe/vm/{{ outer_item }}d{{ disk['instance'] }}"; end; add attr; set name="{{ disk['label'] }}"; set type="string"; set value="localstripe/vm/{{ outer_item }}d{{ disk['instance'] }}"; end; {% endfor %} {% if oizone['cpus'] == "dedicated" %} add dedicated-cpu; set ncpus={{ oizone['ncpus'] }}; end; {% endif %} {% if oizone['cpus'] == "capped-cpu" %} add capped-cpu; set ncpus={{ oizone['ncpus'] }}; end; {% endif %} {% if oizone['mem'] == "capped-memory" %} add capped-memory; set physical={{ oizone['ram'] }}; set swap={{ oizone['swap'] }}; set locked={{ oizone['locked'] }}; end; {% endif %} {% for dataset in oizone['filesystems'] %} {% if dataset['type'] == "dataset" %} add dataset; set name={{ dataset['path'] }}; end; {% endif %} {% if dataset['type'] == "lofs" %} add fs; set special={{ dataset['path'] }}; set dir={{ dataset['mountpoint'] }}; set type="lofs"; {% for option in database['options'] %} add options {{ option }}; {% endfor %} end; {% endif %} {% if dataset['type'] == "volume" %} add device; set match=/dev/zvol/rdsk/{{ dataset['path'] }}; end; {% endif %} {% endfor %} {% if oizone['brand'] == "kvm" %} add attr; set name="bootorder"; set type="string"; set value="{{ oizone['kvm']['bootorder'] }}"; add attr; set name="vnc"; set type="string"; set value="{{ oizone['kvm']['vnc'] }}"; end; add attr; set name="vcpus"; set type="string"; set value="{{ oizone['ncpus'] }}"; end; add attr; set name="ram"; set type="string"; set value="{{ oizone['ram'] }}"; end; {% endif %} - name: set up VM zones for master solaris_zone: name: "{{ oizone['name'] }}" state: installed path: "{{ oizone['zoneroot'] }}/{{ oizone['name'] }}" config: > set brand={{ oizone['brand'] }}; set autoboot={{ oizone['autoboot'] }}; {% if oizone['bootargs'] is defined and oizone['bootargs'] | length %} set bootargs={{ oizone['bootargs'] }}; {% endif %} set ip-type={{ oizone['iptype'] }}; {% for nic in oizone['nics'] %} add net; set physical={{ nic['logical'] }}; {% if oizone['iptype'] == "shared" %} set address={{ nic['address'] }}; {% endif %} end; {% endfor %} {% if oizone['cpus'] is defined and oizone['cpus'] == "dedicated" %} add dedicated-cpu; set ncpus={{ oizone['ncpus'] }}; end; {% endif %} {% if oizone['cpus'] is defined and oizone['cpus'] == "capped-cpu" %} add capped-cpu; set ncpus={{ oizone['ncpus'] }}; end; {% endif %} {% if oizone['mem'] is defined and oizone['mem'] == "capped-memory" %} add capped-memory; set physical={{ oizone['ram'] }}; set swap={{ oizone['swap'] }}; set locked={{ oizone['locked'] }}; end; {% endif %} {% for dataset in oizone['filesystems'] %} {% if dataset['type'] == "dataset" %} add dataset; set name={{ dataset['path'] }}; end; {% endif %} {% if dataset['type'] == "lofs" %} add fs; set special={{ dataset['path'] }}; set dir={{ dataset['mountpoint'] }}; set type="lofs"; {% for option in database['options'] %} add options {{ option }}; {% endfor %} end; {% endif %} {% if dataset['type'] == "volume" %} add device; set match=/dev/zvol/rdsk/{{ dataset['path'] }}; end; {% endif %} {% endfor %} {% if oizone['brand'] == "kvm" %} add attr; set name="bootorder"; set type="string"; set value="{{ oizone['kvm']['bootorder'] }}"; add attr; set name="vnc"; set type="string"; set value="{{ oizone['kvm']['vnc'] }}"; end; add attr; set name="vcpus"; set type="string"; set value="{{ oizone['ncpus'] }}"; end; add attr; set name="ram"; set type="string"; set value="{{ oizone['ram'] }}"; end; {% endif %} - name: create a sysding.conf template: dest: "{{ oizone['zoneroot'] }}/{{ oizone['name'] }}/root/etc/sysding.conf" src: sysding.j2 - name: create a sysding.conf template: dest: "{{ oizone['zoneroot'] }}/{{ oizone['name'] }}/root/etc/sysding.conf" src: sysding.j2 mode: 0400 - name: boot zone solaris_zone: name: "{{ oizone['name'] }}" state: running path: "{{ oizone['zoneroot'] }}/{{ oizone['name'] }}" - name: add zone to inventory local_action: module: lineinfile path: "{{ inventory_file }}" insertbefore: "BOF" line: "{{ oizone['name'] }}.{{ oizone['sysding']['ip']['dns']['domain'] }}" when: - oizone['updateinventory'] is defined - oizone['updateinventory'] rescue: # in case something wents wrong above, we do housekeeping here - name: ATTENTION debug: msg: "failed to install {{ oizone['name'] }}, rolling back" - name: delete zone solaris_zone: name: "{{ oizone['name'] }}" state: absent path: "{{ oizone['zoneroot'] }}/{{ oizone['name'] }}" - name: delete VNICs dladm_vnic: name: "{{ item['logical'] }}" link: "{{ item['physical'] }}" state: absent loop: "{{ oizone['nics'] }}" - name: delete filesystems zfs: name: "{{ item['path'] }}" state: absent extra_zfs_properties: "{{ item['extra_zfs_properties'] }}" loop: "{{ oizone['filesystems'] }}" when: item['zfscreate']
@@ -1,20 +1,25 @@ # created by oi-zone ansible role setup_timezone {{ oizone['sysding']['timezone'] }} setup_locale {{ oizone['sysding']['locale'] }} {% if oizone['sysding']['nfs4domain'] %} {% if oizone['sysding']['nfs4domain'] is defined and oizone['sysding']['nfs4domain'] | length %} setup_nfs4domain "{{ oizone['sysding']['nfs4domain'] }}" {% endif %} {% for user in oizone['sysding']['users'] %} {% if user['name'] != "root" %} setup_user_account {{ user['name'] }} {{ user['uid'] }} {{ user['gid'] }} {{ user['gecos'] }} {{ user['home'] }} {{ user['shell'] }} setup_user_account {{ user['name'] }} {{ user['uid'] }} {{ user['gid'] }} "{{ user['gecos'] }}" "{{ user['home'] }}" "{{ user['shell'] }}" mkdir -p {{ user['home'] }} chmod {{ user['name'] }}:{{ user['gid'] }} {{ user['home'] }} {% if user['authorized_key'] is defined %} mkdir -p "{{ user['home'] }}/.ssh" echo "{{ user['authorized_key'] }}" > "{{ user['home'] }}/.ssh/authorized_keys" {% endif %} chown -R {{ user['name'] }}:{{ user['gid'] }} {{ user['home'] }} {% endif %} setup_user_password {{ user['name'] }} '{{ user["hashedpassword"] }}' {% endfor %} {% if oizone['iptype'] == "exclusive-ip" %} {% if oizone['iptype'] == "exclusive" %} {% for nic in oizone['nics'] %} setup_interface {{ nic['logical'] }} {{ nic['addrsuffix'] }} {{ nic['address'] }} {% endfor %} @@ -24,6 +29,6 @@ setup_route {{ route['target'] }} {{ route['router'] }} {% endfor %} {% if oizone['sysding']['ip']['dns'] %} {% if oizone['sysding']['ip']['dns'] is defined and oizone['sysding']['ip']['dns'] | length %} setup_ns_dns "{{ oizone['sysding']['ip']['dns']['domain'] }}" "{{ oizone['sysding']['ip']['dns']['search'] | join(' ') }}" "{{ oizone['sysding']['ip']['dns']['nameservers'] | join(' ') }}" {% endif %}
