-
Notifications
You must be signed in to change notification settings - Fork 0
/
create_control_plane_okd_vm.yml
142 lines (141 loc) · 6.73 KB
/
create_control_plane_okd_vm.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
---
- name: Create control plane {{ item.index }} virtual machine
vars:
vm_name: "control-plane-{{ item.index }}.sandbox.okd.local"
ip: "{{ item.ip }}"
mac: "{{ item.mac }}"
images_path: "/home/{{ ansible_user_id }}/.okd/images"
fedora_coreos_cloud_image_name: "fedora-coreos-31.20200406.20.0-qemu.x86_64.qcow2"
vms_path: "/home/{{ ansible_user_id }}/.okd/vms"
dns_ip: "10.0.6.10"
dns_name: "control-plane-{{ item.index }}.sandbox.okd.local"
block:
- name: List virtual machines
virt:
command: list_vms
uri: "qemu:///session"
register: vms
- name: Create {{ vm_name }} virtual machine
block:
- name: Create {{ vm_name }} virtual machine directory
file:
path: "{{ vms_path }}/{{ vm_name }}"
state: directory
owner: "{{ ansible_user_id }}"
group: "{{ ansible_user_id }}"
- name: Copy fedora coreos cloud image from images to {{ vm_name }} virtual machine directory
copy:
src: "{{ images_path }}/{{ fedora_coreos_cloud_image_name }}"
dest: "{{ vms_path }}/{{ vm_name }}/{{ fedora_coreos_cloud_image_name }}"
owner: "{{ ansible_user_id }}"
group: "{{ ansible_user_id }}"
force: no
- name: Resize image to add 25G more space
shell: qemu-img resize {{ vms_path }}/{{ vm_name }}/{{ fedora_coreos_cloud_image_name }} 25G
- name: Define {{ vm_name }} virtual machine into kvm
virt:
command: define
name: "{{ vm_name }}"
xml: '{{ lookup("template", "templates/vm.xml.j2") }}'
uri: "qemu:///session"
vars:
name: "{{ vm_name }}"
memory: 16384
vcpus: 4
disk_file: "{{ vms_path }}/{{ vm_name }}/{{ fedora_coreos_cloud_image_name }}"
vm_mac: "{{ mac }}"
vm_bridge: "virbr1"
fw_cfg: "name=opt/com.coreos/config,file=/tmp/master.ign"
- name: Start {{ vm_name }} virtual machine
virt:
command: start
name: "{{ vm_name }}"
autostart: yes
uri: "qemu:///session"
- name: |
Wait for port 22.
wait_for:
host: "{{ ip }}"
port: 22
state: drained
delay: 10
- name: |
Add {{ vm_name }} virtual machine to host known_hosts - need to retry as ssh is not available yet after the port 22 is open.
An empty valide response can be returned :(
block:
- name: Retrieve dns virtual machine public key
shell: ssh-keyscan -t ssh-rsa {{ ip }}
register: task_result
until: task_result.rc == 0 and task_result.stdout != ''
retries: 120
delay: 5
- debug:
msg: "{{ task_result }}"
- name: Write dns virtual machine public key into Host known hosts
lineinfile:
path: /home/{{ ansible_user_id }}/.ssh/known_hosts
insertafter: EOF
line: "{{ dns_name }},{{ task_result.stdout }}"
backup: yes
- name: |
Wait until unprivilegied {{ ansible_user_id }} can loggin in using ssh to avoid this message:
# fatal: [localhost]: FAILED! => {"changed": true, "cmd": "ssh core@10.0.5.59 'dig test.apps.sandbox.okd.local +short'", "delta": "0:00:00.102321", "end": "2020-04-11 19:56:50.886226", "msg": "non-zero return code", "rc": 255, "start": "2020-04-11 19:56:50.783905", "stderr": "\"System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8).\"\nAuthentication failed.", "stderr_lines": ["\"System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8).\"", "Authentication failed."], "stdout": "", "stdout_lines": []}
shell: ssh {{ ansible_user_id }}@{{ ip }} 'date'
register: task_result
until: task_result.rc == 0
retries: 120
delay: 5
when: vm_name not in vms.list_vms
- name: Should {{ vm_name }} virtual machine is well configured
block:
- name: Check dns virtual machine is resolvable in {{ vm_name }} VM
block:
- name: Execute dns virtual machine resolution in {{ vm_name }} VM
shell: ssh {{ ansible_user_id }}@{{ ip }} 'dig dns.okd.local +short'
register: ip_resolved
- debug:
msg: "{{ ip_resolved }}"
- name: Ensure ip resolved to dns virtual machine ip
assert:
that:
- "'{{ dns_ip }}' == ip_resolved.stdout"
- name: Should container-registry.sandbox.okd.local on {{ vm_name }} virtual machine resolve to container-registry.sandbox.okd.local
block:
- name: Execute Host resolution
shell: ssh {{ ansible_user_id }}@{{ ip }} 'dig container-registry.sandbox.okd.local +short'
register: ip_resolved
- debug:
msg: "{{ ip_resolved }}"
- name: Ensure ip resolved to container registry virtual machine ip
assert:
that:
- "'10.0.5.10' == ip_resolved.stdout"
- name: Should external dns resolution is working in {{ vm_name }} virtual machine
block:
- name: Execute external DNS resolution
shell: ssh {{ ansible_user_id }}@{{ ip }} 'dig google.fr +short'
register: ips_resolved
- debug:
msg: "{{ ips_resolved }}"
- name: Ensure external host is resolved
assert:
that:
- "ips_resolved is defined"
- "ips_resolved.stdout_lines is defined"
- "ips_resolved.stdout_lines|length > 0"
#
# - name: Restart machine-config-daemon-firstboot.service if it has failed to start on {{ vm_name }} virtual machine
# block:
# - name: Retrieve machine-config-daemon-firstboot.service status
# shell: ssh {{ ansible_user_id }}@{{ ip }} 'sudo systemctl is-failed machine-config-daemon-firstboot.service'
# register: task_retrieve_status_result
# until: task_retrieve_status_result.rc == 0
# retries: 120
# delay: 5
# - name: Restart machine-config-daemon-firstboot.service
# shell: ssh {{ ansible_user_id }}@{{ ip }} 'sudo systemctl restart machine-config-daemon-firstboot.service'
# register: task_restart_result
# until: task_restart_result.rc == 0
# retries: 120
# delay: 5
# when: task_retrieve_status_result.stdout == 'failed'