dustin
/
configpolicy
1
1
Fork 0
Code Issues Releases Activity
configpolicy/roles/vmhost/tasks/main.yml

182 lines
4.0 KiB
YAML
Raw Blame History

- name: ensure required packages are installed
package:
name: '{{ vmhost_required_packages }}'
state: present
tags:
- install
- name: ensure libvirt can use nfs
seboolean:
name: virt_use_nfs
state: true
persistent: true
- name: ensure libvirt runtime configuration directories exists
file:
path: /var/lib/libvirt/config/{{ item }}
mode: '0700'
state: directory
with_items:
- qemu
- storage
- name: ensure libvirt runtime directory bind mounts are set
mount:
path: /etc/libvirt/{{ item }}
src: /var/lib/libvirt/config/{{ item }}
fstype: none
opts: bind
state: mounted
with_items:
- qemu
- storage
- name: ensure libvirt console log directory exists
file:
path: /var/log/libvirt/console
owner: root
group: root
mode: u=rwx,go=
state: directory
tags:
- log-dir
- name: ensure virtnetworkd.service drop-in directory exists
file:
path: /etc/systemd/system/virtnetworkd.service.d
owner: root
group: root
mode: u=rwx,go=rx
state: directory
tags:
- systemd
- virtnetworkd-selinux-bug
- 'rhbz#2362040'
- name: 'ensure virtnetworkd selinux bug work-around is in place (rhbz#2362040)'
copy:
src: fix-run-libvirt-network.conf
dest: /etc/systemd/system/virtnetworkd.service.d/
owner: root
group: root
mode: u=rw,go=r
notify:
- reload systemd
tags:
- systemd
- virtnetworkd-selinux-bug
- 'rhbz#2362040'
- name: ensure libvirtd starts at boot
service:
name: '{{ item }}'
enabled: true
loop:
- virtqemud.socket
- virtnetworkd.socket
- virtstoraged.socket
tags:
- service
- name: ensure libvirtd is running
service:
name: '{{ item }}'
state: started
loop:
- virtqemud.socket
- virtnetworkd.socket
- virtstoraged.socket
tags:
- service
- name: ensure libvirt networks are defined
virt_net:
command: define
name: '{{ item.name }}'
xml: '{{ lookup("template", "net-" + item.type + ".xml.j2") }}'
with_items: '{{ libvirt_networks }}'
- name: ensure libvirt networks are active
virt_net:
name: '{{ item.name }}'
state: active
with_items: '{{ libvirt_networks }}'
- name: ensure libvirt networks start at boot
virt_net:
name: '{{ item.name }}'
autostart: true
with_items: '{{ libvirt_networks }}'
- name: ensure libvirtd migration port is allowed in the firewall
firewalld:
port: 49152/tcp
permanent: false
immediate: true
state: enabled
notify: save firewalld configuration
- name: ensure systemd ksm unit is installed
copy:
src: ksm.service
dest: /etc/systemd/system/ksm.service
mode: '0644'
notify: reload systemd
- name: ensure systemd ksm unit starts at boot
service:
name: ksm
enabled: true
- name: ensure systemd ksm unit is running
service:
name: ksm
state: started
- name: ensure required mount helper utilities are installed
package:
name: '{{ shared_volume_mount_packages }}'
state: present
tags: install
- name: ensure storage volumes are mounted
mount:
path: '{{ item.mountpoint }}'
src: '{{ item.host }}:{{ item.share }}'
fstype: '{{ item.fstype|d("nfs") }}'
opts: '{{ item.opts|d(omit) }}'
state: mounted
with_items: '{{ mount_shared_volumes }}'
tags: mount
- name: ensure vm-autostart script is installed
copy:
src: vm-autostart.sh
dest: /usr/local/libexec/vm-autostart.sh
mode: u=rwx,go=rx
owner: root
group: root
tags:
- install
- vm-autostart
- name: ensure vm-autostart is configured
template:
src: vm-autostart.j2
dest: /etc/vm-autostart
mode: u=rw,go=r
owner: root
group: root
tags:
- vm-autostart
- name: ensure vm-autostart.service unit file is installed
copy:
src: vm-autostart.service
dest: /etc/systemd/system/vm-autostart.service
mode: u=rw,go=r
owner: root
group: root
notify:
- reload systemd
tags:
- vm-autostart
- systemd
- name: ensure vm-autostart.service is enabled
service:
name: vm-autostart
enabled: true
tags:
- service
Reference in New Issue View Git Blame Copy Permalink