├── roles ├── kvm │ ├── vars │ │ ├── main.yml │ │ ├── .gitignore │ │ ├── Debian_x86_64.yml │ │ ├── Suse_x86_64.yml │ │ ├── Ubuntu_x86_64.yml │ │ ├── CentOS_x86_64.yml │ │ └── Fedora_x86_64.yml │ ├── files │ │ └── .gitignore │ ├── meta │ │ └── .gitignore │ ├── tasks │ │ ├── .gitignore │ │ ├── opensuse.yml │ │ ├── redhat.yml │ │ ├── debian.yml │ │ ├── ubuntu.yml │ │ └── main.yml │ ├── handlers │ │ └── .gitignore │ └── templates │ │ └── .gitignore ├── xen │ ├── vars │ │ ├── main.yml │ │ ├── CentOS_x86_64.yml │ │ ├── Debian_x86_64.yml │ │ ├── Ubuntu_x86_64.yml │ │ ├── Suse_x86_64.yml │ │ └── Fedora_x86_64.yml │ ├── files │ │ └── .gitignore │ ├── meta │ │ └── .gitignore │ ├── handlers │ │ └── .gitignore │ ├── templates │ │ └── .gitignore │ └── tasks │ │ ├── opensuse.yml │ │ ├── debian.yml │ │ ├── ubuntu.yml │ │ ├── redhat.yml │ │ └── main.yml ├── minimal │ ├── .gitignore │ ├── vars │ │ ├── main.yml │ │ ├── .gitignore │ │ ├── Ubuntu_x86_64.yml │ │ ├── openSUSE_x86_64.yml │ │ ├── Debian_x86_64.yml │ │ ├── CentOS_x86_64.yml │ │ └── Fedora_x86_64.yml │ ├── files │ │ ├── .gitignore │ │ ├── debian │ │ │ ├── usr-sbin-policy-rc.d │ │ │ ├── dracut-config │ │ │ └── dracut │ │ │ │ ├── module-setup.sh │ │ │ │ └── livenet-generator.sh │ │ ├── redhat │ │ │ ├── dracut-config │ │ │ └── dracut │ │ │ │ ├── module-setup.sh │ │ │ │ └── livenet-generator.sh │ │ ├── opensuse │ │ │ └── dracut-config │ │ └── ubuntu │ │ │ ├── dracut-config │ │ │ └── dracut │ │ │ ├── module-setup.sh │ │ │ └── livenet-generator.sh │ ├── handlers │ │ └── .gitignore │ ├── meta │ │ └── .gitignore │ ├── tasks │ │ ├── .gitignore │ │ ├── auth.yml │ │ ├── mounts.yml │ │ ├── main.yml │ │ ├── debian.yml │ │ ├── redhat.yml │ │ ├── opensuse.yml │ │ └── ubuntu.yml │ └── templates │ │ ├── .gitignore │ │ ├── authorized_keys.j2 │ │ └── ubuntu │ │ └── etc-apt-sources.list └── nova-compute │ ├── vars │ ├── main.yml │ ├── Debian_x86_64.yml │ ├── Suse_x86_64.yml │ ├── Ubuntu_x86_64.yml │ ├── CentOS_x86_64.yml │ └── Fedora_x86_64.yml │ ├── files │ └── openstack-nova-compute.service │ ├── templates │ └── build_nova_venv.sh.j2 │ └── tasks │ ├── opensuse.yml │ ├── ubuntu.yml │ ├── debian.yml │ ├── redhat.yml │ └── main.yml ├── .gitignore ├── ansible.cfg ├── utils ├── bootstrap │ ├── get_docker_pid.sh │ ├── dockerfiles │ │ ├── Dockerfile_debian_10 │ │ ├── Dockerfile_ubuntu_20.04 │ │ ├── Dockerfile_centos_7 │ │ ├── Dockerfile_centos_8 │ │ ├── Dockerfile_fedora_33 │ │ └── Dockerfile_opensuse_42.3 │ ├── travis_docker_install.yml │ ├── pre-bootstrap.yml │ ├── requirements-check.yml │ └── build_chroot_docker.yml └── packaging │ ├── cleanup_debian.yml │ ├── cleanup_ubuntu.yml │ ├── cleanup.yml │ ├── cleanup_opensuse.yml │ ├── packaging_opensuse.yml │ ├── cleanup_redhat.yml │ ├── packaging_debian.yml │ ├── packaging_redhat.yml │ ├── packaging_ubuntu.yml │ ├── packaging_xen.yml │ └── packaging.yml ├── .github └── workflows │ └── build.yml ├── run_squashible.sh ├── squashible.yml ├── squashible_kvm.yml ├── squashible_xen.yml ├── hosts_generator.py ├── group_vars └── all ├── README.md └── LICENSE /roles/kvm/vars/main.yml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/xen/vars/main.yml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/kvm/files/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/kvm/meta/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/kvm/tasks/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/kvm/vars/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/minimal/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/minimal/vars/main.yml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/xen/files/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/xen/meta/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/kvm/handlers/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/kvm/templates/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/minimal/files/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/minimal/handlers/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/minimal/meta/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/minimal/tasks/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/minimal/vars/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/nova-compute/vars/main.yml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/xen/handlers/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/xen/templates/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/minimal/templates/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | ansible.log 2 | live_chroot 3 | live_output 4 | .vscode 5 | -------------------------------------------------------------------------------- /roles/kvm/vars/Debian_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | kvm_packages: 3 | - qemu-kvm 4 | -------------------------------------------------------------------------------- /roles/kvm/vars/Suse_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | kvm_packages: 3 | - qemu-kvm 4 | -------------------------------------------------------------------------------- /roles/nova-compute/vars/Debian_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | nova_venv_packages: 3 | -------------------------------------------------------------------------------- /roles/nova-compute/vars/Suse_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | nova_venv_packages: 3 | -------------------------------------------------------------------------------- /ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | log_path=ansible.log 3 | display_skipped_hosts=False 4 | -------------------------------------------------------------------------------- /roles/xen/vars/CentOS_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | xen_packages: 3 | - xen-hypervisor 4 | -------------------------------------------------------------------------------- /roles/xen/vars/Debian_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | xen_packages: 3 | - xen-hypervisor-4.4 4 | -------------------------------------------------------------------------------- /roles/xen/vars/Ubuntu_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | xen_packages: 3 | - xen-hypervisor-4.5 4 | -------------------------------------------------------------------------------- /roles/xen/vars/Suse_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | xen_packages: 3 | - kernel-xen 4 | - xen 5 | -------------------------------------------------------------------------------- /utils/bootstrap/get_docker_pid.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | docker inspect --format "{{.State.Pid}}" $1 3 | -------------------------------------------------------------------------------- /roles/minimal/templates/authorized_keys.j2: -------------------------------------------------------------------------------- 1 | {% for key in user_ssh_keys %} 2 | {{ key }} 3 | {% endfor %} 4 | -------------------------------------------------------------------------------- /roles/minimal/files/debian/usr-sbin-policy-rc.d: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | echo "All runlevel operations denied by policy" >&2 3 | exit 101 4 | -------------------------------------------------------------------------------- /roles/minimal/files/redhat/dracut-config: -------------------------------------------------------------------------------- 1 | add_dracutmodules+="livenet nfs network base" 2 | install_items+="rsync df ctorrent" 3 | show_modules=yes 4 | hostonly="no" 5 | -------------------------------------------------------------------------------- /roles/minimal/files/debian/dracut-config: -------------------------------------------------------------------------------- 1 | # Added to enable live booting for wisp 2 | 3 | add_dracutmodules+="livenet nfs network base" 4 | install_items+="rsync df ctorrent" 5 | 6 | show_modules=yes 7 | hostonly="no" 8 | -------------------------------------------------------------------------------- /roles/kvm/tasks/opensuse.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Upgrade and install kvm package set 4 | shell: "{{item}}" 5 | with_items: 6 | - zypper -n update 7 | - zypper -n install {{ kvm_packages | join (" ") }} 8 | -------------------------------------------------------------------------------- /roles/minimal/files/opensuse/dracut-config: -------------------------------------------------------------------------------- 1 | # Added to enable live booting for wisp 2 | 3 | add_dracutmodules+="livenet nfs network base" 4 | install_items+="rsync df ctorrent" 5 | 6 | show_modules=yes 7 | hostonly="no" 8 | -------------------------------------------------------------------------------- /roles/xen/tasks/opensuse.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Upgrade and install xen package set 4 | shell: "{{item}}" 5 | with_items: 6 | - zypper -n update 7 | - zypper -n install {{ xen_packages | join (" ") }} 8 | -------------------------------------------------------------------------------- /roles/minimal/files/ubuntu/dracut-config: -------------------------------------------------------------------------------- 1 | # Added to enable live booting for wisp 2 | 3 | add_dracutmodules+="livenet nfs network base systemd" 4 | install_items+="rsync df ctorrent" 5 | 6 | show_modules=yes 7 | hostonly="no" 8 | -------------------------------------------------------------------------------- /roles/nova-compute/vars/Ubuntu_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | nova_venv_packages: 3 | - gcc 4 | - git 5 | - python-dev 6 | - python-setuptools 7 | - libssl-dev 8 | - libffi-dev 9 | - libxml2-dev 10 | - libxslt-dev 11 | - patch 12 | -------------------------------------------------------------------------------- /roles/kvm/tasks/redhat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Set kvm_packages 4 | set_fact: 5 | kvm_packages: "{{ kvm_packages | join (' ') }}" 6 | 7 | - name: Install kvm package set 8 | shell: "{{ ansible_pkg_mgr }} -y install {{ kvm_packages }}" 9 | -------------------------------------------------------------------------------- /roles/kvm/tasks/debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Upgrade all packages in chroot 4 | apt: update_cache=yes upgrade=dist 5 | 6 | - name: Install kvm packages 7 | apt: pkg={{item}} state=latest force=yes 8 | with_items: 9 | - "{{ kvm_packages }}" 10 | -------------------------------------------------------------------------------- /roles/kvm/tasks/ubuntu.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Upgrade all packages in chroot 4 | apt: update_cache=yes upgrade=dist 5 | 6 | - name: Install kvm packages 7 | apt: pkg={{item}} state=latest force=yes 8 | with_items: 9 | - "{{ kvm_packages }}" 10 | -------------------------------------------------------------------------------- /roles/xen/tasks/debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Upgrade all packages in chroot 4 | apt: update_cache=yes upgrade=dist 5 | 6 | - name: Install xen packages 7 | apt: pkg={{item}} state=latest force=yes 8 | with_items: 9 | - "{{ xen_packages }}" 10 | -------------------------------------------------------------------------------- /roles/xen/tasks/ubuntu.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Upgrade all packages in chroot 4 | apt: update_cache=yes upgrade=dist 5 | 6 | - name: Install xen packages 7 | apt: pkg={{item}} state=latest force=yes 8 | with_items: 9 | - "{{ xen_packages }}" 10 | -------------------------------------------------------------------------------- /roles/nova-compute/vars/CentOS_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | nova_venv_packages: 3 | - gcc 4 | - git 5 | - python-devel 6 | - python-setuptools 7 | - openssl-devel 8 | - openssl-static 9 | - libffi-devel 10 | - libxml2-devel 11 | - libxslt-devel 12 | - patch 13 | -------------------------------------------------------------------------------- /utils/packaging/cleanup_debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Clean apt cache 4 | command: apt-get -y clean 5 | 6 | - name: Remove apt lists 7 | command: rm -rf /var/lib/apt/lists/* 8 | 9 | - name: Regenerate initramfs using dracut 10 | command: dracut --force --regenerate-all 11 | -------------------------------------------------------------------------------- /utils/packaging/cleanup_ubuntu.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Clean apt cache 4 | command: apt-get -y clean 5 | 6 | - name: Remove apt lists 7 | command: rm -rf /var/lib/apt/lists/* 8 | 9 | - name: Regenerate initramfs using dracut 10 | command: dracut --force --regenerate-all 11 | -------------------------------------------------------------------------------- /roles/minimal/vars/Ubuntu_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | minimal_packages: 3 | - apt-utils 4 | - dracut 5 | - dracut-network 6 | - initramfs-tools-bin 7 | - initramfs-tools-core 8 | - logrotate 9 | - openssh-client 10 | - openssh-server 11 | - rsync 12 | - squashfs-tools 13 | - sudo 14 | - wget 15 | -------------------------------------------------------------------------------- /roles/nova-compute/vars/Fedora_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | nova_venv_packages: 3 | - gcc 4 | - git 5 | - python-devel 6 | - python-setuptools 7 | - openssl-devel 8 | - openssl-static 9 | - libffi-devel 10 | - libxml2-devel 11 | - libxslt-devel 12 | - patch 13 | - redhat-rpm-config 14 | -------------------------------------------------------------------------------- /roles/minimal/tasks/auth.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create .ssh directory 3 | file: 4 | path: /root/.ssh 5 | state: directory 6 | mode: 0755 7 | 8 | - name: Inject authorized_keys file 9 | template: 10 | src: authorized_keys.j2 11 | dest: /root/.ssh/authorized_keys 12 | mode: 0755 13 | -------------------------------------------------------------------------------- /utils/bootstrap/dockerfiles/Dockerfile_debian_10: -------------------------------------------------------------------------------- 1 | FROM debian:buster 2 | 3 | ENV DEBIAN_FRONTEND noninteractive 4 | RUN apt-get update 5 | RUN apt-get -y install debootstrap 6 | 7 | RUN mkdir /tmp/bootstrap 8 | 9 | CMD ["/usr/sbin/debootstrap", "--variant=minbase", "--arch=amd64", "--include=python", "buster", "/tmp/bootstrap", "http://mirror.rackspace.com/debian/"] 10 | -------------------------------------------------------------------------------- /utils/bootstrap/dockerfiles/Dockerfile_ubuntu_20.04: -------------------------------------------------------------------------------- 1 | FROM ubuntu:focal 2 | 3 | ENV DEBIAN_FRONTEND noninteractive 4 | RUN apt-get update 5 | RUN apt-get -y install debootstrap 6 | 7 | RUN mkdir /tmp/bootstrap 8 | 9 | CMD ["/usr/sbin/debootstrap", "--variant=minbase", "--arch=amd64", "--include=python3", "focal", "/tmp/bootstrap", "http://mirror.rackspace.com/ubuntu/"] 10 | -------------------------------------------------------------------------------- /utils/bootstrap/dockerfiles/Dockerfile_centos_7: -------------------------------------------------------------------------------- 1 | FROM centos:centos7 2 | 3 | # Add a directory to hold our chroot 4 | RUN mkdir /tmp/bootstrap 5 | 6 | # Build the chroot as soon as the docker container starts 7 | CMD ["yum", "install", "-y", "--installroot=/tmp/bootstrap", "--releasever=7", "--nogpg", "systemd", "passwd", "yum", "centos-release", "vim-minimal", "openssh-server", "procps-ng"] 8 | -------------------------------------------------------------------------------- /utils/bootstrap/dockerfiles/Dockerfile_centos_8: -------------------------------------------------------------------------------- 1 | FROM centos:centos8 2 | 3 | # Add a directory to hold our chroot 4 | RUN mkdir /tmp/bootstrap 5 | 6 | # Build the chroot as soon as the docker container starts 7 | CMD ["dnf", "install", "-y", "--installroot=/tmp/bootstrap", "--releasever=8", "--nogpg", "systemd", "passwd", "yum", "centos-release", "vim-minimal", "openssh-server", "procps-ng"] 8 | -------------------------------------------------------------------------------- /utils/bootstrap/dockerfiles/Dockerfile_fedora_33: -------------------------------------------------------------------------------- 1 | FROM fedora:33 2 | 3 | # Add a directory to hold our chroot 4 | RUN mkdir /tmp/bootstrap 5 | 6 | # Build the chroot as soon as the docker container starts 7 | CMD ["dnf", "install", "-y", "--installroot=/tmp/bootstrap", "--releasever=33", "--nogpg", "systemd", "passwd", "yum", "fedora-release", "vim-minimal", "openssh-server", "procps-ng","grubby"] 8 | -------------------------------------------------------------------------------- /roles/minimal/vars/openSUSE_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | minimal_packages: 3 | - binutils 4 | - curl 5 | - dhcp 6 | - dhcp-client 7 | - dracut 8 | - dracut-tools 9 | - hostname 10 | - iproute2 11 | - kernel-default 12 | - logrotate 13 | - net-tools 14 | - nfs-client 15 | - openssh 16 | - patch 17 | - rsync 18 | - squashfs 19 | - sudo 20 | - tar 21 | - wget 22 | - wicked 23 | -------------------------------------------------------------------------------- /roles/nova-compute/files/openstack-nova-compute.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=OpenStack Nova Compute Server 3 | After=syslog.target network.target 4 | 5 | [Service] 6 | Environment=LIBGUESTFS_ATTACH_METHOD=appliance 7 | Type=notify 8 | NotifyAccess=all 9 | TimeoutStartSec=0 10 | Restart=always 11 | User=nova 12 | ExecStart=/opt/openstack/nova/current/bin/nova-compute 13 | 14 | [Install] 15 | WantedBy=multi-user.target 16 | -------------------------------------------------------------------------------- /roles/xen/tasks/redhat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Set xen_packages 4 | set_fact: 5 | xen_packages: "{{ xen_packages | join (' ') }}" 6 | 7 | - name: Install centos-release-xen repo 8 | shell: "{{ ansible_pkg_mgr }} -y install centos-release-xen 9 | when: ansible_distribution == "CentOS" 10 | 11 | - name: Install xen package set 12 | shell: "{{ ansible_pkg_mgr }} -y install {{ xen_packages }}" 13 | -------------------------------------------------------------------------------- /utils/bootstrap/dockerfiles/Dockerfile_opensuse_42.3: -------------------------------------------------------------------------------- 1 | FROM opensuse:tumbleweed 2 | 3 | # Add a directory to hold our chroot 4 | RUN mkdir /tmp/bootstrap 5 | 6 | # Add Repositories 7 | RUN zypper --root /tmp/bootstrap ar http://download.opensuse.org/tumbleweed/repo/oss/ repo-oss 8 | 9 | CMD ["zypper", "-n", "--gpg-auto-import-keys", "--root", "/tmp/bootstrap", "install", "rpm", "zypper", "wget", "vim", "systemd", "python"] 10 | -------------------------------------------------------------------------------- /roles/minimal/vars/Debian_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | minimal_packages: 3 | - apt-utils 4 | - ctorrent 5 | - dracut 6 | - dracut-network 7 | - iputils-ping 8 | - libpath-class-file-stat-perl 9 | - logrotate 10 | - nano 11 | - openssh-client 12 | - openssh-server 13 | - rsync 14 | - squashfs-tools 15 | - sudo 16 | - vim 17 | - wget 18 | 19 | selinux_packages: 20 | - auditd 21 | - selinux-basics 22 | - selinux-utils 23 | -------------------------------------------------------------------------------- /roles/xen/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Import OS specific variables 4 | include_vars: "{{ ansible_distribution }}_{{ ansible_architecture }}.yml" 5 | 6 | - include: debian.yml 7 | when: ansible_distribution == 'Debian' 8 | 9 | - include: redhat.yml 10 | when: ansible_os_family == "RedHat" 11 | 12 | - include: opensuse.yml 13 | when: ansible_os_family == "Suse" 14 | 15 | - include: ubuntu.yml 16 | when: ansible_distribution == "Ubuntu" 17 | -------------------------------------------------------------------------------- /roles/kvm/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Import OS specific variables 4 | include_vars: "{{ ansible_distribution }}_{{ ansible_architecture }}.yml" 5 | 6 | - include: debian.yml 7 | when: ansible_distribution == 'Debian' 8 | 9 | - include: redhat.yml 10 | when: ansible_os_family == "RedHat" 11 | 12 | - include: opensuse.yml 13 | when: ansible_os_family == "Suse" 14 | 15 | - include: ubuntu.yml 16 | when: ansible_distribution == "Ubuntu" 17 | -------------------------------------------------------------------------------- /.github/workflows/build.yml: -------------------------------------------------------------------------------- 1 | name: build 2 | 3 | on: [push, pull_request] 4 | jobs: 5 | build: 6 | runs-on: ubuntu-latest 7 | steps: 8 | - uses: actions/checkout@v1 9 | - name: Build 10 | run: | 11 | sudo apt-get update -qq 12 | sudo apt-get install -qq squashfs-tools uuid python-apt python-pycurl 13 | sudo pip install ansible docker PyYAML 14 | sudo ansible-playbook -i hosts_generator.py squashible.yml -e "live_os=debian_10" 15 | -------------------------------------------------------------------------------- /roles/minimal/vars/CentOS_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | minimal_packages: 3 | - binutils 4 | - dracut 5 | - dracut-live 6 | - dracut-tools 7 | - dracut-network 8 | - dracut-config-generic 9 | - kernel 10 | - logrotate 11 | - nfs-utils 12 | - openssh-clients 13 | - openssh-server 14 | - patch 15 | - rsync 16 | - squashfs-tools 17 | - sudo 18 | - tar 19 | - wget 20 | 21 | selinux_packages: 22 | - policycoreutils 23 | - selinux-policy-targeted 24 | -------------------------------------------------------------------------------- /roles/minimal/vars/Fedora_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | minimal_packages: 3 | - binutils 4 | - dracut 5 | - dracut-live 6 | - dracut-tools 7 | - dracut-network 8 | - dracut-config-generic 9 | - kernel 10 | - logrotate 11 | - nfs-utils 12 | - openssh-clients 13 | - openssh-server 14 | - patch 15 | - rsync 16 | - squashfs-tools 17 | - sudo 18 | - tar 19 | - wget 20 | 21 | selinux_packages: 22 | - policycoreutils 23 | - selinux-policy-targeted 24 | -------------------------------------------------------------------------------- /roles/minimal/tasks/mounts.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Mount proc inside the chroot 4 | command: mount -t proc none /proc 5 | 6 | - name: Ensure /sys/fs/selinux mount path exists 7 | file: > 8 | path=/sys/fs/selinux 9 | state=directory 10 | when: selinux_enabled 11 | 12 | - name: Mount selinuxfs in chroot 13 | mount: > 14 | name=sys/fs/selinux 15 | src=none 16 | fstype=selinuxfs 17 | state=present 18 | when: selinux_enabled 19 | -------------------------------------------------------------------------------- /roles/kvm/vars/Ubuntu_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | kvm_packages: 3 | - bridge-utils 4 | - genisoimage 5 | - kpartx 6 | - libvirt-bin 7 | - open-iscsi 8 | - python-libguestfs 9 | - python-libvirt 10 | - qemu 11 | - qemu-utils 12 | - sysfsutils 13 | - vlan 14 | - nfs-common 15 | - dosfstools 16 | - dosfstools-dbg 17 | - multipath-tools 18 | - qemu-system 19 | - qemu-system-arm 20 | - qemu-system-mips 21 | - qemu-system-ppc 22 | - qemu-system-sparc 23 | - qemu-system-x86 24 | - qemu-system-misc 25 | - qemu-block-extra 26 | - qemu-utils 27 | - qemu-user 28 | -------------------------------------------------------------------------------- /run_squashible.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Let's not get too crazy 4 | export ANSIBLE_NOCOWS=1 5 | 6 | cat << "EOF" 7 | 8 | __ _ __ __ 9 | _________ ___ ______ ______/ /_ (_) /_ / /__ 10 | / ___/ __ `/ / / / __ `/ ___/ __ \/ / __ \/ / _ \ 11 | (__ ) /_/ / /_/ / /_/ (__ ) / / / / /_/ / / __/ 12 | /____/\__, /\__,_/\__,_/____/_/ /_/_/_.___/_/\___/ 13 | /_/CROSS-PLATFORM LINUX LIVE IMAGE BUILDER 14 | 15 | EOF 16 | 17 | ansible-playbook -i hosts_generator.py squashible.yml 18 | -------------------------------------------------------------------------------- /roles/nova-compute/templates/build_nova_venv.sh.j2: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # generates nova virtualenv 3 | virtualenv /opt/openstack/nova/{{ openstack_nova_hash }} 4 | 5 | # Hop into the virtualenv and install nova 6 | cd /opt/openstack/nova/{{ openstack_nova_hash }} 7 | source bin/activate 8 | cd /opt/nova/ 9 | python setup.py install 10 | 11 | # Ensure we have all of our requirements in the virtualenv 12 | pip install --build /opt/tmp -r requirements.txt 13 | 14 | # Hop out of the virtualenv 15 | deactivate 16 | 17 | # Make the virtualenv relocatable 18 | virtualenv --relocatable /opt/openstack/nova/{{ openstack_nova_hash }} 19 | -------------------------------------------------------------------------------- /roles/xen/vars/Fedora_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | xen_packages: 3 | - dosfstools 4 | - e2fsprogs 5 | - gdisk 6 | - genisoimage 7 | - libffi 8 | - libvirt 9 | - libvirt-client 10 | - libvirt-daemon 11 | - libvirt-daemon-driver-interface 12 | - libvirt-daemon-driver-network 13 | - libvirt-daemon-driver-storage 14 | - libvirt-daemon-xen 15 | - libvirt-python 16 | - libxml2-devel 17 | - libxslt-devel 18 | - MySQL-python 19 | - python-pip 20 | - python-setuptools 21 | - setroubleshoot-server 22 | - squashfs-tools 23 | - sysfsutils 24 | - tmux 25 | - tuned 26 | - vim 27 | - xen 28 | -------------------------------------------------------------------------------- /roles/minimal/files/debian/dracut/module-setup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # module-setup.sh for livenet 3 | 4 | # called by dracut 5 | check() { 6 | return 255 7 | } 8 | 9 | # called by dracut 10 | depends() { 11 | echo network url-lib dmsquash-live img-lib 12 | return 0 13 | } 14 | 15 | # called by dracut 16 | install() { 17 | inst_hook cmdline 29 "$moddir/parse-livenet.sh" 18 | inst_hook initqueue/online 95 "$moddir/fetch-liveupdate.sh" 19 | inst_script "$moddir/livenetroot.sh" "/sbin/livenetroot" 20 | inst_script "$moddir/livenet-generator.sh" $systemdutildir/system-generators/dracut-livenet-generator 21 | dracut_need_initqueue 22 | } 23 | -------------------------------------------------------------------------------- /roles/minimal/files/redhat/dracut/module-setup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # module-setup.sh for livenet 3 | 4 | # called by dracut 5 | check() { 6 | return 255 7 | } 8 | 9 | # called by dracut 10 | depends() { 11 | echo network url-lib dmsquash-live img-lib 12 | return 0 13 | } 14 | 15 | # called by dracut 16 | install() { 17 | inst_hook cmdline 29 "$moddir/parse-livenet.sh" 18 | inst_hook initqueue/online 95 "$moddir/fetch-liveupdate.sh" 19 | inst_script "$moddir/livenetroot.sh" "/sbin/livenetroot" 20 | inst_script "$moddir/livenet-generator.sh" $systemdutildir/system-generators/dracut-livenet-generator 21 | dracut_need_initqueue 22 | } 23 | -------------------------------------------------------------------------------- /roles/minimal/files/ubuntu/dracut/module-setup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # module-setup.sh for livenet 3 | 4 | # called by dracut 5 | check() { 6 | return 255 7 | } 8 | 9 | # called by dracut 10 | depends() { 11 | echo network url-lib dmsquash-live img-lib 12 | return 0 13 | } 14 | 15 | # called by dracut 16 | install() { 17 | inst_hook cmdline 29 "$moddir/parse-livenet.sh" 18 | inst_hook initqueue/online 95 "$moddir/fetch-liveupdate.sh" 19 | inst_script "$moddir/livenetroot.sh" "/sbin/livenetroot" 20 | inst_script "$moddir/livenet-generator.sh" $systemdutildir/system-generators/dracut-livenet-generator 21 | dracut_need_initqueue 22 | } 23 | -------------------------------------------------------------------------------- /utils/packaging/cleanup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - include: cleanup_debian.yml 4 | when: ansible_distribution == "Debian" 5 | 6 | - include: cleanup_redhat.yml 7 | when: ansible_os_family == "RedHat" 8 | 9 | - include: cleanup_opensuse.yml 10 | when: ansible_os_family == "Suse" 11 | 12 | - include: cleanup_ubuntu.yml 13 | when: ansible_distribution == "Ubuntu" 14 | 15 | - name: Unmount filesystems left over from a failed build 16 | mount: 17 | path: "{{ item }}" 18 | state: "unmounted" 19 | with_items: 20 | - "{{ chrootpath }}/proc" 21 | - "{{ chrootpath }}/sys/fs/selinux" 22 | - "{{ chrootpath }}/dev/pts" 23 | - "{{ chrootpath }}/dev" 24 | -------------------------------------------------------------------------------- /squashible.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Initial setup and bootstrap 4 | hosts: builder 5 | tags: 6 | - bootstrap 7 | tasks: 8 | - include: utils/bootstrap/requirements-check.yml 9 | - include: utils/bootstrap/pre-bootstrap.yml 10 | - include: utils/bootstrap/build_chroot_docker.yml 11 | 12 | - name: Create minimal live image 13 | hosts: chroot 14 | tags: 15 | - minimal 16 | roles: 17 | - minimal 18 | 19 | - name: Cleanup 20 | hosts: chroot 21 | tags: 22 | - cleanup 23 | tasks: 24 | - include: utils/packaging/cleanup.yml 25 | 26 | - name: Packaging 27 | hosts: builder 28 | tags: 29 | - packaging 30 | tasks: 31 | - include: utils/packaging/packaging.yml 32 | -------------------------------------------------------------------------------- /utils/packaging/cleanup_opensuse.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Clean up zypper cache 4 | command: zypper clean 5 | 6 | - name: Really clean zypper cache 7 | shell: for i in `ls /var/lib/zypp/`; do rm -rfv /var/lib/zypp/${i}/*; done 8 | 9 | - name: Determine kernel version in chroot 10 | shell: ls /lib/modules/ 11 | register: kernel_version 12 | 13 | - name: Generate module dependencies with depmod for kernel 14 | shell: depmod -a {{ kernel_version.stdout }} 15 | 16 | - name: Regenerate initramfs using dracut 17 | command: dracut --force --regenerate-all 18 | 19 | # - name: Apply default SELinux contexts to the system 20 | # shell: restorecon -R / 21 | # when: selinux_enabled 22 | -------------------------------------------------------------------------------- /utils/packaging/packaging_opensuse.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Create temporary mount point 4 | file: dest=temp state=directory 5 | 6 | - name: Prepare a sparse file 7 | shell: "{{ item }}" 8 | args: 9 | warn: no 10 | with_items: 11 | - fallocate -l {{ rootfs_size }} rootfs.img 12 | - mkfs.ext4 -F rootfs.img 13 | - mount -t ext4 rootfs.img temp 14 | - rsync -a --xattrs {{ chrootpath }}/ temp/ 15 | - umount temp 16 | - tar czf {{ outputpath }}/rootfs.img.tgz rootfs.img 17 | - mv {{ outputpath }}/rootfs.img.tgz {{ outputpath }}/rootfs.img 18 | - rm rootfs.img 19 | 20 | - name: Remove temporary directory 21 | file: dest=temp state=absent 22 | -------------------------------------------------------------------------------- /roles/kvm/vars/CentOS_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | kvm_packages: 3 | - dosfstools 4 | - e2fsprogs 5 | - gdisk 6 | - genisoimage 7 | - ksm 8 | - libffi 9 | - libvirt 10 | - libvirt-client 11 | - libvirt-daemon 12 | - libvirt-daemon-driver-interface 13 | - libvirt-daemon-driver-network 14 | - libvirt-daemon-driver-storage 15 | - libvirt-daemon-kvm 16 | - libvirt-python 17 | - libxml2-devel 18 | - libxslt-devel 19 | - MySQL-python 20 | - puppet 21 | - python-pip 22 | - python-setuptools 23 | - qemu-kvm 24 | - qemu-kvm-tools 25 | - setroubleshoot-server 26 | - squashfs-tools 27 | - sysfsutils 28 | - tmux 29 | - tuned 30 | - vim 31 | - virt-top 32 | -------------------------------------------------------------------------------- /roles/kvm/vars/Fedora_x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | kvm_packages: 3 | - dosfstools 4 | - e2fsprogs 5 | - gdisk 6 | - genisoimage 7 | - ksm 8 | - libffi 9 | - libvirt 10 | - libvirt-client 11 | - libvirt-daemon 12 | - libvirt-daemon-driver-interface 13 | - libvirt-daemon-driver-network 14 | - libvirt-daemon-driver-storage 15 | - libvirt-daemon-kvm 16 | - libvirt-python 17 | - libxml2-devel 18 | - libxslt-devel 19 | - MySQL-python 20 | - puppet 21 | - python-pip 22 | - python-setuptools 23 | - qemu-kvm 24 | - qemu-kvm-tools 25 | - setroubleshoot-server 26 | - squashfs-tools 27 | - sysfsutils 28 | - tmux 29 | - tuned 30 | - vim 31 | - virt-top 32 | -------------------------------------------------------------------------------- /squashible_kvm.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Initial setup and bootstrap 4 | hosts: builder 5 | tags: 6 | - bootstrap 7 | tasks: 8 | - include: utils/bootstrap/requirements-check.yml 9 | - include: utils/bootstrap/pre-bootstrap.yml 10 | - include: utils/bootstrap/build_chroot_docker.yml 11 | 12 | - name: Create KVM live image 13 | hosts: chroot 14 | tags: 15 | - kvm 16 | roles: 17 | - minimal 18 | - kvm 19 | - nova-compute 20 | 21 | - name: Cleanup 22 | hosts: chroot 23 | tags: 24 | - cleanup 25 | tasks: 26 | - include: utils/packaging/cleanup.yml 27 | 28 | - name: Packaging 29 | hosts: builder 30 | tags: 31 | - packaging 32 | tasks: 33 | - include: utils/packaging/packaging.yml 34 | -------------------------------------------------------------------------------- /squashible_xen.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Initial setup and bootstrap 4 | hosts: builder 5 | tags: 6 | - bootstrap 7 | tasks: 8 | - include: utils/bootstrap/requirements-check.yml 9 | - include: utils/bootstrap/pre-bootstrap.yml 10 | - include: utils/bootstrap/build_chroot_docker.yml 11 | 12 | - name: Create Xen live image 13 | hosts: chroot 14 | tags: 15 | - xen 16 | roles: 17 | - minimal 18 | - xen 19 | - nova-compute 20 | 21 | - name: Cleanup 22 | hosts: chroot 23 | tags: 24 | - cleanup 25 | tasks: 26 | - include: utils/packaging/cleanup.yml 27 | 28 | - name: Packaging 29 | hosts: builder 30 | tags: 31 | - packaging 32 | tasks: 33 | - include: utils/packaging/packaging.yml 34 | -------------------------------------------------------------------------------- /roles/minimal/templates/ubuntu/etc-apt-sources.list: -------------------------------------------------------------------------------- 1 | # Set by squashible during build 2 | 3 | ###### Ubuntu Main Repos 4 | deb http://us.archive.ubuntu.com/ubuntu/ {{ ansible_distribution_release }} main universe 5 | deb-src http://us.archive.ubuntu.com/ubuntu/ {{ ansible_distribution_release }} main universe 6 | 7 | ###### Ubuntu Update Repos 8 | deb http://us.archive.ubuntu.com/ubuntu/ {{ ansible_distribution_release }}-security main universe 9 | deb http://us.archive.ubuntu.com/ubuntu/ {{ ansible_distribution_release }}-updates main universe 10 | deb-src http://us.archive.ubuntu.com/ubuntu/ {{ ansible_distribution_release }}-security main universe 11 | deb-src http://us.archive.ubuntu.com/ubuntu/ {{ ansible_distribution_release }}-updates main universe 12 | -------------------------------------------------------------------------------- /utils/packaging/cleanup_redhat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Clean up yum cache 4 | command: "{{ ansible_pkg_mgr }} clean all" 5 | args: 6 | warn: no 7 | 8 | - name: Really clean yum cache 9 | shell: for i in `ls /var/lib/{{ ansible_pkg_mgr }}/`; do rm -rfv /var/lib/{{ ansible_pkg_mgr }}/${i}/*; done 10 | 11 | - name: Determine kernel version in chroot 12 | shell: ls /lib/modules/ 13 | register: kernel_version 14 | 15 | - name: Generate module dependencies with depmod for kernel 16 | shell: depmod -a {{ kernel_version.stdout }} 17 | 18 | - name: Regenerate initramfs using dracut 19 | shell: dracut --force --regenerate-all 20 | 21 | - name: Apply default SELinux contexts to the system 22 | shell: restorecon -R / 23 | when: selinux_enabled 24 | -------------------------------------------------------------------------------- /utils/packaging/packaging_debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Create temporary mount point 4 | file: dest=temp state=directory 5 | 6 | - name: Prepare a sparse file 7 | shell: "{{ item }}" 8 | args: 9 | warn: no 10 | with_items: 11 | - umount {{ chrootpath }}/dev 12 | - umount -l {{ chrootpath }}/proc 13 | - fallocate -l {{ rootfs_size }} rootfs.img 14 | - mkfs.ext4 -F rootfs.img 15 | - mount -t ext4 rootfs.img temp 16 | - rsync -a --xattrs {{ chrootpath }}/ temp/ 17 | - umount temp 18 | - tar czf {{ outputpath }}/rootfs.img.tgz rootfs.img 19 | - mv {{ outputpath }}/rootfs.img.tgz {{ outputpath }}/rootfs.img 20 | - rm rootfs.img 21 | 22 | - name: Remove temporary directory 23 | file: dest=temp state=absent 24 | -------------------------------------------------------------------------------- /utils/packaging/packaging_redhat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Create temporary mount point 4 | file: dest=temp state=directory 5 | 6 | - name: Prepare a sparse file 7 | shell: "{{ item }}" 8 | args: 9 | warn: no 10 | with_items: 11 | - umount {{ chrootpath }}/dev 12 | - umount -l {{ chrootpath }}/proc 13 | - fallocate -l {{ rootfs_size }} rootfs.img 14 | - mkfs.ext4 -F rootfs.img 15 | - mount -t ext4 rootfs.img temp 16 | - rsync -a --xattrs {{ chrootpath }}/ temp/ 17 | - umount temp 18 | - tar czf {{ outputpath }}/rootfs.img.tgz rootfs.img 19 | - mv {{ outputpath }}/rootfs.img.tgz {{ outputpath }}/rootfs.img 20 | - rm rootfs.img 21 | 22 | - name: Remove temporary directory 23 | file: dest=temp state=absent 24 | -------------------------------------------------------------------------------- /utils/packaging/packaging_ubuntu.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Create temporary mount point 4 | file: dest=temp state=directory 5 | 6 | - name: Prepare a sparse file 7 | shell: "{{ item }}" 8 | args: 9 | warn: no 10 | with_items: 11 | - umount {{ chrootpath }}/dev 12 | - umount -l {{ chrootpath }}/proc 13 | - fallocate -l {{ rootfs_size }} rootfs.img 14 | - mkfs.ext4 -F rootfs.img 15 | - mount -t ext4 rootfs.img temp 16 | - rsync -a --xattrs {{ chrootpath }}/ temp/ 17 | - umount temp 18 | - tar czf {{ outputpath }}/rootfs.img.tgz rootfs.img 19 | - mv {{ outputpath }}/rootfs.img.tgz {{ outputpath }}/rootfs.img 20 | - rm rootfs.img 21 | 22 | - name: Remove temporary directory 23 | file: dest=temp state=absent 24 | -------------------------------------------------------------------------------- /utils/bootstrap/travis_docker_install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Add the docker apt signing key 3 | apt_key: 4 | url: 'https://download.docker.com/linux/ubuntu/gpg' 5 | state: present 6 | 7 | - name: Add the official docker repo 8 | apt_repository: 9 | repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable 10 | state: present 11 | 12 | - name: Refresh apt cache 13 | apt: 14 | update_cache: true 15 | 16 | - name: Install docker package 17 | apt: 18 | name: 'docker-ce' 19 | state: 'latest' 20 | 21 | - name: Install docker module 22 | pip: 23 | name: 'docker' 24 | state: 'latest' 25 | 26 | - name: Start the docker service 27 | service: 28 | name: 'docker' 29 | state: 'started' 30 | enabled: 'yes' 31 | -------------------------------------------------------------------------------- /utils/packaging/packaging_xen.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Grab full path to latest chroot xen 3 | shell: ls -dt live_chroot/boot/xen-4.*.*.gz | grep -v "d.gz" | head -1 4 | register: xen_path 5 | 6 | - name: Unzip Xen 7 | shell: gunzip {{ xen_path['stdout'] }} 8 | 9 | - name: Grab full path to latest extracted chroot xen 10 | shell: ls -dt {{ chrootpath }}/boot/xen-4.* | head -1 11 | register: xen_extracted_path 12 | 13 | - name: Rename xen file 14 | command: mv {{ xen_extracted_path['stdout'] }} {{ chrootpath }}/boot/xen 15 | 16 | - name: Grab full path to latest chroot unzipped xen 17 | shell: ls -dt {{ chrootpath }}/boot/xen 18 | register: xen_path 19 | 20 | - name: Copy xen to output directory 21 | shell: "cp {{ xen_path['stdout'] }} {{ outputpath }}/xen" 22 | -------------------------------------------------------------------------------- /roles/nova-compute/tasks/opensuse.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Upgrade and install packages to build nova_venv 3 | shell: "{{item}}" 4 | with_items: 5 | - zypper -n update 6 | - zypper -n install {{ nova_venv_packages | join (" ") }} 7 | 8 | - name: Add openstack-nova-compute service 9 | copy: 10 | src: openstack-nova-compute.service 11 | dest: /usr/lib/systemd/system/openstack-nova-compute.service 12 | owner: root 13 | group: root 14 | mode: 0644 15 | 16 | - name: Enable systemd services 17 | file: 18 | src: "{{ item.path }}" 19 | dest: "{{ item.dest }}" 20 | state: link 21 | with_items: 22 | - { path: '/usr/lib/systemd/system/openstack-nova-compute.service', dest: '/etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service' } 23 | -------------------------------------------------------------------------------- /roles/nova-compute/tasks/ubuntu.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Upgrade all packages in chroot 3 | apt: update_cache=yes upgrade=dist 4 | 5 | - name: Install packages to build nova_venv 6 | apt: pkg={{item}} state=latest force=yes 7 | with_items: 8 | - "{{ nova_venv_packages }}" 9 | 10 | - name: Add openstack-nova-compute service 11 | copy: 12 | src: openstack-nova-compute.service 13 | dest: /lib/systemd/system/openstack-nova-compute.service 14 | owner: root 15 | group: root 16 | mode: 0644 17 | 18 | - name: Enable systemd services 19 | file: 20 | src: "{{ item.path }}" 21 | dest: "{{ item.dest }}" 22 | state: link 23 | with_items: 24 | - { path: '/lib/systemd/system/openstack-nova-compute.service', dest: '/etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service' } 25 | -------------------------------------------------------------------------------- /roles/nova-compute/tasks/debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Upgrade all packages in chroot 3 | apt: update_cache=yes upgrade=dist 4 | 5 | - name: Install packages to build nova_venv 6 | apt: pkg={{item}} state=latest force=yes 7 | with_items: 8 | - "{{ nova_venv_packages }}" 9 | 10 | - name: Add openstack-nova-compute service 11 | copy: 12 | src: openstack-nova-compute.service 13 | dest: /usr/lib/systemd/system/openstack-nova-compute.service 14 | owner: root 15 | group: root 16 | mode: 0644 17 | 18 | - name: Enable systemd services 19 | file: 20 | src: "{{ item.path }}" 21 | dest: "{{ item.dest }}" 22 | state: link 23 | with_items: 24 | - { path: '/usr/lib/systemd/system/openstack-nova-compute.service', dest: '/etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service' } 25 | -------------------------------------------------------------------------------- /roles/nova-compute/tasks/redhat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Set nova_venv__packages 4 | set_fact: 5 | nova_venv_packages: "{{ nova_venv_packages | join (' ') }}" 6 | 7 | - name: Install nova_venv_packages 8 | shell: "{{ ansible_pkg_mgr }} -y install {{ nova_venv_packages }}" 9 | 10 | - name: Add openstack-nova-compute service 11 | copy: 12 | src: openstack-nova-compute.service 13 | dest: /usr/lib/systemd/system/openstack-nova-compute.service 14 | owner: root 15 | group: root 16 | mode: 0644 17 | 18 | - name: Enable systemd services 19 | file: 20 | src: "{{ item.path }}" 21 | dest: "{{ item.dest }}" 22 | state: link 23 | with_items: 24 | - { path: '/usr/lib/systemd/system/openstack-nova-compute.service', dest: '/etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service' } 25 | -------------------------------------------------------------------------------- /utils/bootstrap/pre-bootstrap.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Set uuid for this ansible run 4 | command: uuid 5 | register: ansible_run_uuid 6 | 7 | - name: Set uuid fact 8 | set_fact: 9 | ansible_run_uuid: "{{ ansible_run_uuid.stdout }}" 10 | 11 | - name: Unmount filesystems left over from a failed build 12 | mount: 13 | path: "{{ item }}" 14 | state: "unmounted" 15 | with_items: 16 | - "{{ chrootpath }}/proc" 17 | - "{{ chrootpath }}/sys/fs/selinux" 18 | - "{{ chrootpath }}/dev/pts" 19 | - "{{ chrootpath }}/dev" 20 | - "rootfs.img" 21 | 22 | - name: Clean up the chroot path 23 | file: 24 | path: "{{ chrootpath }}" 25 | state: "{{ item }}" 26 | owner: "root" 27 | group: "root" 28 | mode: "0755" 29 | with_items: 30 | - absent 31 | - directory 32 | ignore_errors: true 33 | -------------------------------------------------------------------------------- /roles/minimal/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Import OS specific variables 4 | include_vars: "{{ ansible_distribution }}_{{ ansible_architecture }}.yml" 5 | 6 | - name: Set /etc/resolv.conf 7 | lineinfile: 8 | dest: /etc/resolv.conf 9 | line: "{{ item }}" 10 | create: yes 11 | mode: 0644 12 | with_items: 13 | - 'nameserver 8.8.8.8' 14 | - 'nameserver 8.8.4.4' 15 | 16 | - name: Create /etc/fstab 17 | lineinfile: 18 | dest: /etc/fstab 19 | line: "# Added by squashible" 20 | create: yes 21 | mode: 0644 22 | 23 | - include: mounts.yml 24 | 25 | - include: auth.yml 26 | 27 | - include: debian.yml 28 | when: ansible_distribution == 'Debian' 29 | 30 | - include: redhat.yml 31 | when: ansible_os_family == "RedHat" 32 | 33 | - include: opensuse.yml 34 | when: ansible_os_family == "Suse" 35 | 36 | - include: ubuntu.yml 37 | when: ansible_distribution == "Ubuntu" 38 | -------------------------------------------------------------------------------- /roles/minimal/tasks/debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Disable daemon startup with policy-rc.d file 4 | copy: 5 | src: debian/usr-sbin-policy-rc.d 6 | dest: /usr/sbin/policy-rc.d 7 | owner: root 8 | group: root 9 | mode: 0755 10 | 11 | - name: Install minimum package set 12 | package: 13 | name: "{{ minimal_packages }}" 14 | state: present 15 | 16 | - name: Remove hostname file, let live-config take care of it 17 | file: 18 | path: /etc/hostname 19 | state: absent 20 | 21 | - name: Install the kernel and regenerate initramfs 22 | apt: 23 | pkg: linux-image-amd64 24 | state: present 25 | 26 | - name: Add live user (for testing) 27 | user: 28 | name: live 29 | shell: /bin/bash 30 | groups: sudo 31 | append: yes 32 | password: "$6$uf0amHdCN0H8PwWk$zKoAF4khAjunE/pnq0Q4iMU69t7gj2mvaKku3YE5k3/bVl.H9DcwOnlqBY23yTTcidp2CjknV38rgSro62vpC/" 33 | 34 | - name: Deny live user from ssh, only allow via console 35 | lineinfile: 36 | dest: /etc/ssh/sshd_config 37 | line: "DenyUsers live" 38 | 39 | - name: Add dracut config to enable livenet module 40 | copy: 41 | src: debian/dracut-config 42 | dest: /etc/dracut.conf 43 | owner: root 44 | group: root 45 | mode: 0644 -------------------------------------------------------------------------------- /hosts_generator.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | 3 | import argparse 4 | import json 5 | import sys 6 | import yaml 7 | 8 | # Pick up our group_vars file 9 | stream = open("group_vars/all", 'r') 10 | vars = yaml.load(stream, Loader=yaml.FullLoader) 11 | 12 | 13 | hosts = { 14 | "chroot": { 15 | "hosts": [ 16 | vars['chrootpath'] 17 | ], 18 | "vars": { 19 | "ansible_connection": "chroot" 20 | } 21 | }, 22 | "builder": { 23 | "hosts": [ 24 | "localhost" 25 | ], 26 | "vars": { 27 | "ansible_connection": "local" 28 | } 29 | } 30 | } 31 | 32 | def parse_args(): 33 | parser = argparse.ArgumentParser(description='Squashible inventory module') 34 | group = parser.add_mutually_exclusive_group(required=True) 35 | group.add_argument('--list', action='store_true', 36 | help='List active servers') 37 | group.add_argument('--host', help='List details about the specific host') 38 | return parser.parse_args() 39 | 40 | def main(): 41 | args = parse_args() 42 | if args.list: 43 | print(json.dumps(hosts, indent=2)) 44 | elif args.host: 45 | print(json.dumps(hosts, indent=2)) 46 | sys.exit(0) 47 | 48 | 49 | if __name__ == '__main__': 50 | main() 51 | 52 | -------------------------------------------------------------------------------- /utils/bootstrap/requirements-check.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Is the OS version on the build system supported? 3 | assert: 4 | that: 5 | - "'{{ansible_distribution | lower}}_{{ansible_distribution_major_version}}' in supported_builder_os" 6 | 7 | - name: Is the requested live OS version supported? 8 | assert: 9 | that: 10 | - "'{{live_os}}' in supported_live_os" 11 | 12 | - name: Install packages on builder node (Red Hat) 13 | dnf: 14 | pkg: ['{{builder_required_packages[ansible_os_family]}}'] 15 | state: present 16 | when: ansible_os_family == "RedHat" 17 | 18 | - name: Install packages on builder node (Debian) 19 | apt: 20 | pkg: "{{builder_required_packages[ansible_os_family]}}" 21 | state: present 22 | when: ansible_os_family == "Debian" 23 | ignore_errors: true 24 | 25 | - include: travis_docker_install.yml 26 | when: ansible_os_family == "Debian" 27 | 28 | - name: Install packages on builder node (Suse) 29 | zypper: 30 | pkg: ['{{builder_required_packages[ansible_os_family]}}'] 31 | state: present 32 | when: ansible_os_family == "Suse" 33 | 34 | # NOTE(major): Docker on Fedora/CentOS 7 uses socket activation with systemd, 35 | # so this check should always show Docker as being up as long as the docker 36 | # package is installed. 37 | - name: Ensure docker daemon is accessible 38 | command: docker version 39 | register: cmd_result 40 | failed_when: "'Cannot connect to the Docker daemon' in cmd_result.stderr" 41 | -------------------------------------------------------------------------------- /roles/minimal/files/debian/dracut/livenet-generator.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | type getarg >/dev/null 2>&1 || . /lib/dracut-lib.sh 4 | 5 | [ -z "$root" ] && root=$(getarg root=) 6 | 7 | # support legacy syntax of passing liveimg and then just the base root 8 | if getargbool 0 rd.live.image -d -y liveimg; then 9 | liveroot="live:$root" 10 | fi 11 | 12 | if [ "${root%%:*}" = "live" ] ; then 13 | liveroot=$root 14 | fi 15 | 16 | [ "${liveroot%%:*}" = "live" ] || exit 0 17 | 18 | case "$liveroot" in 19 | live:http://*|http://*) \ 20 | root="${root#live:}" 21 | rootok=1 ;; 22 | live:https://*|https://*) \ 23 | root="${root#live:}" 24 | rootok=1 ;; 25 | live:ftp://*|ftp://*) \ 26 | root="${root#live:}" 27 | rootok=1 ;; 28 | live:torrent://*|torrent://*) \ 29 | root="${root#live:}" 30 | rootok=1 ;; 31 | live:tftp://*|tftp://*) \ 32 | root="${root#live:}" 33 | rootok=1 ;; 34 | esac 35 | 36 | [ "$rootok" != "1" ] && exit 0 37 | 38 | GENERATOR_DIR="$2" 39 | [ -z "$GENERATOR_DIR" ] && exit 1 40 | 41 | [ -d "$GENERATOR_DIR" ] || mkdir "$GENERATOR_DIR" 42 | 43 | ROOTFLAGS="$(getarg rootflags)" 44 | { 45 | echo "[Unit]" 46 | echo "Before=initrd-root-fs.target" 47 | echo "[Mount]" 48 | echo "Where=/sysroot" 49 | echo "What=/dev/mapper/live-rw" 50 | [ -n "$ROOTFLAGS" ] && echo "Options=${ROOTFLAGS}" 51 | } > "$GENERATOR_DIR"/sysroot.mount 52 | 53 | mkdir -p "$GENERATOR_DIR/dev-mapper-live\x2drw.device.d" 54 | { 55 | echo "[Unit]" 56 | echo "JobTimeoutSec=3000" 57 | } > "$GENERATOR_DIR/dev-mapper-live\x2drw.device.d/timeout.conf" 58 | -------------------------------------------------------------------------------- /roles/minimal/files/redhat/dracut/livenet-generator.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | type getarg >/dev/null 2>&1 || . /lib/dracut-lib.sh 4 | 5 | [ -z "$root" ] && root=$(getarg root=) 6 | 7 | # support legacy syntax of passing liveimg and then just the base root 8 | if getargbool 0 rd.live.image -d -y liveimg; then 9 | liveroot="live:$root" 10 | fi 11 | 12 | if [ "${root%%:*}" = "live" ] ; then 13 | liveroot=$root 14 | fi 15 | 16 | [ "${liveroot%%:*}" = "live" ] || exit 0 17 | 18 | case "$liveroot" in 19 | live:http://*|http://*) \ 20 | root="${root#live:}" 21 | rootok=1 ;; 22 | live:https://*|https://*) \ 23 | root="${root#live:}" 24 | rootok=1 ;; 25 | live:ftp://*|ftp://*) \ 26 | root="${root#live:}" 27 | rootok=1 ;; 28 | live:torrent://*|torrent://*) \ 29 | root="${root#live:}" 30 | rootok=1 ;; 31 | live:tftp://*|tftp://*) \ 32 | root="${root#live:}" 33 | rootok=1 ;; 34 | esac 35 | 36 | [ "$rootok" != "1" ] && exit 0 37 | 38 | GENERATOR_DIR="$2" 39 | [ -z "$GENERATOR_DIR" ] && exit 1 40 | 41 | [ -d "$GENERATOR_DIR" ] || mkdir "$GENERATOR_DIR" 42 | 43 | ROOTFLAGS="$(getarg rootflags)" 44 | { 45 | echo "[Unit]" 46 | echo "Before=initrd-root-fs.target" 47 | echo "[Mount]" 48 | echo "Where=/sysroot" 49 | echo "What=/dev/mapper/live-rw" 50 | [ -n "$ROOTFLAGS" ] && echo "Options=${ROOTFLAGS}" 51 | } > "$GENERATOR_DIR"/sysroot.mount 52 | 53 | mkdir -p "$GENERATOR_DIR/dev-mapper-live\x2drw.device.d" 54 | { 55 | echo "[Unit]" 56 | echo "JobTimeoutSec=3000" 57 | } > "$GENERATOR_DIR/dev-mapper-live\x2drw.device.d/timeout.conf" 58 | -------------------------------------------------------------------------------- /roles/minimal/files/ubuntu/dracut/livenet-generator.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | type getarg >/dev/null 2>&1 || . /lib/dracut-lib.sh 4 | 5 | [ -z "$root" ] && root=$(getarg root=) 6 | 7 | # support legacy syntax of passing liveimg and then just the base root 8 | if getargbool 0 rd.live.image -d -y liveimg; then 9 | liveroot="live:$root" 10 | fi 11 | 12 | if [ "${root%%:*}" = "live" ] ; then 13 | liveroot=$root 14 | fi 15 | 16 | [ "${liveroot%%:*}" = "live" ] || exit 0 17 | 18 | case "$liveroot" in 19 | live:http://*|http://*) \ 20 | root="${root#live:}" 21 | rootok=1 ;; 22 | live:https://*|https://*) \ 23 | root="${root#live:}" 24 | rootok=1 ;; 25 | live:ftp://*|ftp://*) \ 26 | root="${root#live:}" 27 | rootok=1 ;; 28 | live:torrent://*|torrent://*) \ 29 | root="${root#live:}" 30 | rootok=1 ;; 31 | live:tftp://*|tftp://*) \ 32 | root="${root#live:}" 33 | rootok=1 ;; 34 | esac 35 | 36 | [ "$rootok" != "1" ] && exit 0 37 | 38 | GENERATOR_DIR="$2" 39 | [ -z "$GENERATOR_DIR" ] && exit 1 40 | 41 | [ -d "$GENERATOR_DIR" ] || mkdir "$GENERATOR_DIR" 42 | 43 | ROOTFLAGS="$(getarg rootflags)" 44 | { 45 | echo "[Unit]" 46 | echo "Before=initrd-root-fs.target" 47 | echo "[Mount]" 48 | echo "Where=/sysroot" 49 | echo "What=/dev/mapper/live-rw" 50 | [ -n "$ROOTFLAGS" ] && echo "Options=${ROOTFLAGS}" 51 | } > "$GENERATOR_DIR"/sysroot.mount 52 | 53 | mkdir -p "$GENERATOR_DIR/dev-mapper-live\x2drw.device.d" 54 | { 55 | echo "[Unit]" 56 | echo "JobTimeoutSec=3000" 57 | } > "$GENERATOR_DIR/dev-mapper-live\x2drw.device.d/timeout.conf" 58 | -------------------------------------------------------------------------------- /group_vars/all: -------------------------------------------------------------------------------- 1 | --- 2 | # Where should we put the chroot containing our filesystem? 3 | chrootpath: live_chroot 4 | 5 | # Where should we put the kernel, initrd, and squashfs when we're done? 6 | outputpath: live_output 7 | 8 | # Which live OS should be build? Refer to "supported_live_os" variable below 9 | # for supported OS versions. 10 | live_os: fedora_33 11 | 12 | # Should we build live environments with SELinux enabled and proper contexts 13 | # applied? 14 | selinux_enabled: yes 15 | 16 | # Supported operating systems for builder machines. Add to this list once 17 | # you've written the necessary playbooks, tasks and variables to support new 18 | # operating systems as builders. 19 | supported_builder_os: 20 | - fedora_33 21 | - ubuntu_18 22 | - ubuntu_20 23 | 24 | # Supported live operating systems. Add to this list once you've written the 25 | # necessary playbooks, tasks and variables to support new operating systems 26 | # as live operating systems. 27 | supported_live_os: 28 | - centos_8 29 | - debian_10 30 | - fedora_33 31 | - opensuse_15.1 32 | - ubuntu_20.04 33 | 34 | # Builder systems must have these packages installed. 35 | builder_required_packages: 36 | RedHat: 37 | - docker-io 38 | - python-docker-py 39 | - uuid 40 | Debian: 41 | - apt-transport-https 42 | - ca-certificates 43 | - curl 44 | - mktorrent 45 | - software-properties-common 46 | - uuid 47 | Suse: 48 | - docker 49 | - python-docker-py 50 | - uuid 51 | 52 | # public keys put here will be populated into /root/.ssh/authorized_keys 53 | user_ssh_keys: 54 | - example_key_1 55 | - example_key_2 56 | 57 | # specify nova branch to use - https://github.com/openstack/nova 58 | openstack_nova_branch: master 59 | 60 | # specify size of rootfs.img (1G, 6G, etc...) 61 | rootfs_size: 4G 62 | -------------------------------------------------------------------------------- /utils/packaging/packaging.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Set up output directory 4 | file: path={{ outputpath }} state={{ item }} 5 | with_items: 6 | - absent 7 | - directory 8 | 9 | - name: Check if Xen exists 10 | stat: path={{ chrootpath }}/boot/xen.gz 11 | register: xen_present 12 | 13 | - include: packaging_xen.yml 14 | when: xen_present.stat.exists == True 15 | 16 | - name: Grab full path to latest chroot kernel 17 | shell: ls -dt {{ chrootpath }}/boot/vmlin* | grep -v "fallback" | head -1 18 | register: kernel_path 19 | 20 | - name: Grab full path to latest chroot initrd 21 | shell: ls -dt {{ chrootpath }}/boot/initr* | grep -v "fallback" | head -1 22 | register: initrd_path 23 | 24 | - name: Copy kernel/initrd to output directory 25 | shell: "{{ item }}" 26 | with_items: 27 | - cp {{ kernel_path['stdout'] }} {{ outputpath }}/vmlinuz 28 | - cp {{ initrd_path['stdout'] }} {{ outputpath }}/initrd.img 29 | 30 | - name: Remove resolv.conf to remove build server addresses 31 | file: 32 | path: "{{ chrootpath }}/etc/resolv.conf" 33 | state: absent 34 | 35 | - name: Regenerate /etc/resolv.conf 36 | lineinfile: 37 | dest: "{{ chrootpath }}/etc/resolv.conf" 38 | line: "{{ item }}" 39 | create: yes 40 | mode: 666 41 | with_items: 42 | - 'nameserver 8.8.8.8' 43 | - 'nameserver 8.8.4.4' 44 | - include: packaging_debian.yml 45 | when: hostvars[chrootpath]['ansible_distribution'] == "Debian" 46 | 47 | - include: packaging_redhat.yml 48 | when: hostvars[chrootpath]['ansible_os_family'] == "RedHat" 49 | 50 | - include: packaging_opensuse.yml 51 | when: hostvars[chrootpath]['ansible_os_family'] == "Suse" 52 | 53 | - include: packaging_ubuntu.yml 54 | when: hostvars[chrootpath]['ansible_distribution'] == "Ubuntu" 55 | -------------------------------------------------------------------------------- /roles/nova-compute/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Import OS specific variables 4 | include_vars: "{{ ansible_distribution }}_{{ ansible_architecture }}.yml" 5 | 6 | - include: debian.yml 7 | when: ansible_distribution == 'Debian' 8 | 9 | - include: redhat.yml 10 | when: ansible_os_family == "RedHat" 11 | 12 | - include: opensuse.yml 13 | when: ansible_os_family == "Suse" 14 | 15 | - include: ubuntu.yml 16 | when: ansible_distribution == "Ubuntu" 17 | 18 | - name: Checkout Openstack Nova 19 | git: 20 | repo: https://github.com/openstack/nova.git 21 | dest: /opt/nova 22 | version: "{{ openstack_nova_branch }}" 23 | depth: 1 24 | register: gitresult 25 | 26 | - name: Set openstack_nova_hash to git commit result 27 | set_fact: openstack_nova_hash={{ gitresult.after }} 28 | 29 | - name: Install pip 30 | easy_install: 31 | name: pip 32 | state: latest 33 | 34 | - name: Install modules 35 | pip: 36 | name: virtualenv 37 | 38 | - name: Create directories 39 | file: 40 | path: /opt/openstack/nova/{{ gitresult.after }} 41 | state: directory 42 | 43 | - name: Link to hash of latest commit 44 | file: 45 | src: /opt/openstack/nova/{{ gitresult.after }} 46 | dest: /opt/openstack/nova/current 47 | state: link 48 | 49 | - name: Install build_nova_venv.sh 50 | template: 51 | src: build_nova_venv.sh.j2 52 | dest: /opt/openstack/nova/build_nova_venv.sh 53 | mode: 0744 54 | 55 | - name: Run build_nova_venv.sh 56 | command: ./build_nova_venv.sh 57 | args: 58 | chdir: /opt/openstack/nova 59 | 60 | - name: Cleanup 61 | file: 62 | path: "{{ item }}" 63 | state: absent 64 | with_items: 65 | - /opt/nova 66 | - /opt/openstack/nova/build_nova_venv.sh 67 | - /root/.cache 68 | - /opt/tmp 69 | 70 | -------------------------------------------------------------------------------- /utils/bootstrap/build_chroot_docker.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Copy Dockerfile into chroot path temporarily 4 | copy: 5 | src: "utils/bootstrap/dockerfiles/Dockerfile_{{ live_os }}" 6 | dest: "{{ chrootpath }}/Dockerfile" 7 | 8 | - name: Build a docker image based on our Dockerfile 9 | docker_image: 10 | build: 11 | path: "{{ chrootpath }}" 12 | name: "squashible-{{ansible_run_uuid}}" 13 | source: build 14 | state: present 15 | 16 | - name: Remove the Dockerfile 17 | file: path={{chrootpath}}/Dockerfile state=absent 18 | 19 | - name: Run docker container to create bootstrapped chroot 20 | docker_container: 21 | image: "squashible-{{ansible_run_uuid}}" 22 | name: "squashible-{{ansible_run_uuid}}" 23 | hostname: "squashible-{{ansible_run_uuid}}" 24 | container_default_behavior: no_defaults 25 | privileged: yes 26 | 27 | - name: Get pid of docker container we just started 28 | script: utils/bootstrap/get_docker_pid.sh squashible-{{ansible_run_uuid}} 29 | register: container_pid 30 | 31 | - name: Waiting for docker container to finish bootstrapping 32 | wait_for: path=/proc/{{container_pid.stdout | int}}/status state=absent timeout=800 33 | 34 | - name: Extract the filesystem to our chroot 35 | shell: docker cp squashible-{{ansible_run_uuid}}:/tmp/bootstrap/ {{ chrootpath }} 36 | 37 | - name: Destroy docker container 38 | docker_container: 39 | image: "squashible-{{ansible_run_uuid}}" 40 | name: "squashible-{{ansible_run_uuid}}" 41 | state: absent 42 | 43 | - name: Destroy docker image 44 | docker_image: 45 | name: "squashible-{{ansible_run_uuid}}" 46 | state: absent 47 | 48 | - name: Move the docker filesystem into the root of the chroot path 49 | shell: mv {{chrootpath}}/bootstrap/* {{chrootpath}} 50 | 51 | - name: Mount dev inside the chroot 52 | shell: mount -o bind /dev {{chrootpath}}/dev 53 | -------------------------------------------------------------------------------- /roles/minimal/tasks/redhat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install minimum package set 4 | package: 5 | name: "{{ minimal_packages }}" 6 | state: present 7 | 8 | - name: Install SELinux packages 9 | package: 10 | name: "{{ selinux_packages }}" 11 | state: present 12 | when: selinux_enabled 13 | 14 | - name: Set multi-user target as the default systemd target 15 | file: 16 | src: /lib/systemd/system/multi-user.target 17 | dest: "{{ item }}" 18 | state: link 19 | force: yes 20 | with_items: 21 | - /lib/systemd/system/default.target 22 | - /etc/systemd/system/default.target 23 | 24 | - name: Copy /etc/skel into /root 25 | shell: rsync -av /etc/skel/ /root/ 26 | 27 | - name: Store journald logs only in RAM 28 | lineinfile: 29 | dest: /etc/systemd/journald.conf 30 | line: "Storage=volatile" 31 | state: present 32 | 33 | - name: Add live user (for testing) 34 | user: 35 | name: live 36 | shell: /bin/bash 37 | groups: wheel 38 | append: yes 39 | password: "$6$uf0amHdCN0H8PwWk$zKoAF4khAjunE/pnq0Q4iMU69t7gj2mvaKku3YE5k3/bVl.H9DcwOnlqBY23yTTcidp2CjknV38rgSro62vpC/" 40 | 41 | - name: Deny live user from ssh, only allow via console 42 | lineinfile: 43 | dest: /etc/ssh/sshd_config 44 | line: "DenyUsers live" 45 | 46 | - name: Enable logrotate compression 47 | lineinfile: 48 | dest: /etc/logrotate.conf 49 | regexp: "^compress" 50 | insertafter: "^#compress" 51 | line: "compress" 52 | state: present 53 | 54 | - name: Enable daily log rotation 55 | lineinfile: 56 | dest: /etc/logrotate.conf 57 | regexp: "^weekly" 58 | line: "daily" 59 | backrefs: yes 60 | state: present 61 | 62 | - name: Add dracut config to enable livenet module 63 | copy: 64 | src: redhat/dracut-config 65 | dest: /etc/dracut.conf.d/dracut.conf 66 | owner: root 67 | group: root 68 | mode: 0644 69 | -------------------------------------------------------------------------------- /roles/minimal/tasks/opensuse.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Upgrade and install minimum package set 4 | shell: "{{ item }}" 5 | with_items: 6 | - zypper -n update 7 | - zypper -n install {{ minimal_packages | join (" ") }} 8 | 9 | # - name: Install SELinux packages 10 | # shell: yum -y install {{ selinux_packages['Suse'] | join (" ") }} 11 | # when: selinux_enabled 12 | 13 | # - name: Set multi-user target as the default systemd target 14 | # file: src=/lib/systemd/system/multi-user.target dest={{item}} 15 | # state=link force=yes 16 | # with_items: 17 | # - /lib/systemd/system/default.target 18 | # - /etc/systemd/system/default.target 19 | 20 | - name: Copy /etc/skel into /root 21 | shell: rsync -av /etc/skel/ /root/ 22 | 23 | - name: Store journald logs only in RAM 24 | lineinfile: 25 | dest: /etc/systemd/journald.conf 26 | line: "Storage=volatile" 27 | state: present 28 | 29 | - name: Add live user (for testing) 30 | user: 31 | name: live 32 | shell: /bin/bash 33 | groups: wheel 34 | append: yes 35 | password: "$6$uf0amHdCN0H8PwWk$zKoAF4khAjunE/pnq0Q4iMU69t7gj2mvaKku3YE5k3/bVl.H9DcwOnlqBY23yTTcidp2CjknV38rgSro62vpC/" 36 | 37 | - name: Deny live user from ssh, only allow via console 38 | lineinfile: 39 | dest: /etc/ssh/sshd_config 40 | line: "DenyUsers live" 41 | 42 | - name: Enable logrotate compression 43 | lineinfile: 44 | dest: /etc/logrotate.conf 45 | regexp: "^compress" 46 | insertafter: "^#compress" 47 | line: "compress" 48 | state: present 49 | 50 | - name: Enable daily log rotation 51 | lineinfile: 52 | dest: /etc/logrotate.conf 53 | regexp: "^weekly" 54 | line: "daily" 55 | backrefs: yes 56 | state: present 57 | 58 | - name: Add dracut config to enable livenet module 59 | copy: 60 | src: opensuse/dracut-config 61 | dest: /etc/dracut.conf 62 | owner: root 63 | group: root 64 | mode: 0644 65 | -------------------------------------------------------------------------------- /roles/minimal/tasks/ubuntu.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | # - name: Set /etc/apt/sources.list 4 | # template: 5 | # src: ubuntu/etc-apt-sources.list 6 | # dest: /etc/apt/sources.list 7 | # owner: root 8 | # group: root 9 | # mode: 0644 10 | 11 | - name: Disable daemon startup with policy-rc.d file 12 | copy: src=debian/usr-sbin-policy-rc.d dest=/usr/sbin/policy-rc.d 13 | owner=root group=root mode=0755 14 | 15 | - name: Set repo name to universe to pull in some live-boot packages 16 | apt_repository: repo='deb http://mirror.rackspace.com/ubuntu {{ ansible_distribution_release }} main universe' state=present 17 | 18 | - name: Upgrade all packages in chroot 19 | apt: update_cache=yes upgrade=dist 20 | 21 | - name: Install minimal packages 22 | apt: 23 | pkg: "{{ minimal_packages }}" 24 | state: present 25 | force: yes 26 | 27 | - name: Add support for DNS resolution in initramfs 28 | lineinfile: 29 | dest: /etc/live/boot.conf 30 | line: "LIVE_DNS=true" 31 | create: yes 32 | state: present 33 | mode: 0644 34 | 35 | - name: Remove hostname file, let live-config take care of it 36 | file: 37 | path: /etc/hostname 38 | state: absent 39 | 40 | - name: Install the kernel and regenerate initramfs 41 | apt: 42 | pkg: linux-generic 43 | state: present 44 | 45 | - name: Don't let live-config disable ssh password authentication 46 | lineinfile: 47 | dest: /lib/live/config/1160-openssh-server 48 | regexp: "PasswordAuthentication" 49 | state: absent 50 | 51 | - name: Add live user (for testing) 52 | user: 53 | name: live 54 | shell: /bin/bash 55 | groups: sudo 56 | append: yes 57 | password: "$6$uf0amHdCN0H8PwWk$zKoAF4khAjunE/pnq0Q4iMU69t7gj2mvaKku3YE5k3/bVl.H9DcwOnlqBY23yTTcidp2CjknV38rgSro62vpC/" 58 | 59 | - name: Deny live user from ssh, only allow via console 60 | lineinfile: 61 | dest: /etc/ssh/sshd_config 62 | line: "DenyUsers live" 63 | 64 | - name: Add dracut config to enable livenet module 65 | copy: 66 | src: ubuntu/dracut-config 67 | dest: /etc/dracut.conf 68 | owner: root 69 | group: root 70 | mode: 0644 71 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # squashible 2 | 3 | ### Cross-Platform Linux Live Image Builder 4 | 5 | ## What is this? 6 | 7 | Squashible is a tool created to generate a bootable LiveOS rapidly and consistently 8 | across multiple operating systems. It primarily relies on dracut to boot the 9 | LiveOS. 10 | 11 | It utilizes docker to create enough operating system for Ansible to function and 12 | apply all configuration changes from that point. It then packages up the build into 13 | a vmlinuz, an initrd.img, and a rootfs.img. 14 | 15 | This is a work in progress. Things will probably blow up. 16 | Pull requests and issues welcome! 17 | 18 | ## Getting Started 19 | 20 | ### Requirements 21 | 22 | Recommended Build Server Versions: 23 | 24 | Fedora 23 25 | Ubuntu 15.10 26 | 27 | Required Packages: 28 | 29 | Ansible >= 2.0.1.0 30 | Docker 31 | 32 | ### Building an image 33 | 34 | Edit the group_vars/all file and set the appropriate settings. Recommended 35 | settings to change are: 36 | 37 | |variable|description| 38 | |--------|-----------| 39 | | live_os | set to one of the listed supported_live_os | 40 | | user_ssh_keys | set the public ssh keys you'd like to inject | 41 | 42 | To run squashible: 43 | 44 | ansible-playbook -i hosts_generator.py 45 | 46 | Available playbooks to run: 47 | 48 | |type|description| 49 | |----|-----------| 50 | | squashible.yml | minimal install | 51 | | squashible_kvm.yml | minimal install + kvm + nova compute | 52 | | squashible_xen.yml | minimal install + xen + nova compute | 53 | 54 | Output of the build will be put into {{ outputpath }} which by default is 55 | ./live_output directory. 56 | 57 | ### Booting the images 58 | 59 | Here are some examples for booting the image once you've generated one: 60 | 61 | #### iPXE 62 | 63 | kernel http://$deployment_server/images/images/fedora-23-kvm/vmlinuz 64 | module http://$deployment_server/images/images/fedora-23-kvm/initrd.img 65 | imgargs vmlinuz root=live:http://$deployment_server/images/fedora-23-kvm/rootfs.img ip=dhcp nameserver=8.8.8.8 nomodeset rd.writable.fsimg rd.info rd.shell 66 | 67 | #### kexec 68 | 69 | kexec -l vmlinuz —initrd=initrd.img \ 70 | —command-line=“root=live:http://$deployment_server/images/fedora-23-kvm/rootfs.img \ 71 | ip=dhcp nameserver=8.8.8.8 rd.writable.fsimg rd.info rd.shell” 72 | kexec -e 73 | 74 | ### Logging into the image 75 | 76 | You can use the user live and the password live from the console. The user is disabled from remote ssh access. If you want to log in remotely, be sure to set a 77 | public ssh key in group_vars/all. 78 | 79 | ### Known Issues 80 | 81 | OpenSUSE currently has issues booting due to the DHCP daemon it uses. 82 | 83 | ### Test using iPXE Squashible Boot Images 84 | 85 | These iPXE disks will automatically load into boot.squashible.com. These contain live images that have been generated for demonstration puposes. Make sure you 86 | assign 4GB to 8GB of RAM for the images to load properly. If you run into any errors or kernel panics, usually the cause is not enough memory being available. 87 | 88 | | Type | Bootloader | Description | 89 | |------|------------|-------------| 90 | |ISO| [boot.squashible.com.iso](http://boot.squashible.com/ipxe/boot.squashible.com.iso)| Used for CD/DVD, Virtual CDs like DRAC/iLO, VMware, Virtual Box| 91 | |USB| [boot.squashible.com.usb](http://boot.squashible.com/ipxe/boot.squashible.com.usb)| Used for creation of USB Keys| 92 | |Kernel| [boot.squashible.com.lkrn](http://boot.squashible.com/ipxe/boot.squashible.com.lkrn)| Used for booting from GRUB/EXTLINUX| 93 | |DHCP| [boot.squashible.com.kpxe](http://boot.squashible.com/ipxe/boot.squashible.com.kpxe)| DHCP boot image file, uses built-in iPXE NIC drivers| 94 | |DHCP-undionly | [boot.squashible.com-undionly.kpxe](http://boot.squashible.com/ipxe/boot.squashible.com-undionly.kpxe)| DHCP boot image file, use if you have NIC issues| 95 | 96 | You can also chainload into boot.squashible.com if you already have [netboot.xyz](http://netboot.xyz): 97 | 98 | chain --autofree http://boot.squashible.com 99 | 100 | 101 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "{}" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright {yyyy} {name of copyright owner} 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | --------------------------------------------------------------------------------