├── .gitignore ├── .travis.yml ├── .yamllint ├── LICENSE ├── README.md ├── automation.yaml ├── automation ├── README.md ├── build-artifacts-manual.req ├── build-artifacts-manual.sh ├── build-artifacts.packages ├── build-artifacts.sh ├── check-patch.packages └── check-patch.sh ├── build.sh ├── examples ├── cluster_upgrade.yml ├── manageiq.yml ├── ovirt_image_template.yml ├── ovirt_infra.yml ├── ovirt_infra_vars.yml ├── ovirt_vm_infra.yml └── passwords.yml ├── meta └── main.yml ├── ovirt-ansible-roles.spec.in └── tox.ini /.gitignore: -------------------------------------------------------------------------------- 1 | *retry 2 | .tox 3 | *.tar.gz 4 | output/ 5 | ovirt-ansible-roles.spec 6 | exported-artifacts/ 7 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | sudo: required 3 | language: python 4 | python: 5 | - "2.7" 6 | 7 | services: 8 | - docker 9 | 10 | env: 11 | global: 12 | - ANSIBLE_HOST_KEY_CHECKING="False" 13 | 14 | # Install python-pip 15 | addons: 16 | apt: 17 | packages: 18 | - python-pip 19 | 20 | install: 21 | - pip install tox ansible docker-py yamllint 22 | 23 | # Check ansible version 24 | - ansible --version 25 | 26 | script: 27 | # Run sytax checks and linters 28 | - tox 29 | 30 | notifications: 31 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ 32 | -------------------------------------------------------------------------------- /.yamllint: -------------------------------------------------------------------------------- 1 | --- 2 | extends: default 3 | 4 | rules: 5 | line-length: disable 6 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | 2 | Apache License 3 | Version 2.0, January 2004 4 | http://www.apache.org/licenses/ 5 | 6 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 7 | 8 | 1. Definitions. 9 | 10 | "License" shall mean the terms and conditions for use, reproduction, 11 | and distribution as defined by Sections 1 through 9 of this document. 12 | 13 | "Licensor" shall mean the copyright owner or entity authorized by 14 | the copyright owner that is granting the License. 15 | 16 | "Legal Entity" shall mean the union of the acting entity and all 17 | other entities that control, are controlled by, or are under common 18 | control with that entity. For the purposes of this definition, 19 | "control" means (i) the power, direct or indirect, to cause the 20 | direction or management of such entity, whether by contract or 21 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 22 | outstanding shares, or (iii) beneficial ownership of such entity. 23 | 24 | "You" (or "Your") shall mean an individual or Legal Entity 25 | exercising permissions granted by this License. 26 | 27 | "Source" form shall mean the preferred form for making modifications, 28 | including but not limited to software source code, documentation 29 | source, and configuration files. 30 | 31 | "Object" form shall mean any form resulting from mechanical 32 | transformation or translation of a Source form, including but 33 | not limited to compiled object code, generated documentation, 34 | and conversions to other media types. 35 | 36 | "Work" shall mean the work of authorship, whether in Source or 37 | Object form, made available under the License, as indicated by a 38 | copyright notice that is included in or attached to the work 39 | (an example is provided in the Appendix below). 40 | 41 | "Derivative Works" shall mean any work, whether in Source or Object 42 | form, that is based on (or derived from) the Work and for which the 43 | editorial revisions, annotations, elaborations, or other modifications 44 | represent, as a whole, an original work of authorship. For the purposes 45 | of this License, Derivative Works shall not include works that remain 46 | separable from, or merely link (or bind by name) to the interfaces of, 47 | the Work and Derivative Works thereof. 48 | 49 | "Contribution" shall mean any work of authorship, including 50 | the original version of the Work and any modifications or additions 51 | to that Work or Derivative Works thereof, that is intentionally 52 | submitted to Licensor for inclusion in the Work by the copyright owner 53 | or by an individual or Legal Entity authorized to submit on behalf of 54 | the copyright owner. For the purposes of this definition, "submitted" 55 | means any form of electronic, verbal, or written communication sent 56 | to the Licensor or its representatives, including but not limited to 57 | communication on electronic mailing lists, source code control systems, 58 | and issue tracking systems that are managed by, or on behalf of, the 59 | Licensor for the purpose of discussing and improving the Work, but 60 | excluding communication that is conspicuously marked or otherwise 61 | designated in writing by the copyright owner as "Not a Contribution." 62 | 63 | "Contributor" shall mean Licensor and any individual or Legal Entity 64 | on behalf of whom a Contribution has been received by Licensor and 65 | subsequently incorporated within the Work. 66 | 67 | 2. Grant of Copyright License. Subject to the terms and conditions of 68 | this License, each Contributor hereby grants to You a perpetual, 69 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 70 | copyright license to reproduce, prepare Derivative Works of, 71 | publicly display, publicly perform, sublicense, and distribute the 72 | Work and such Derivative Works in Source or Object form. 73 | 74 | 3. Grant of Patent License. Subject to the terms and conditions of 75 | this License, each Contributor hereby grants to You a perpetual, 76 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 77 | (except as stated in this section) patent license to make, have made, 78 | use, offer to sell, sell, import, and otherwise transfer the Work, 79 | where such license applies only to those patent claims licensable 80 | by such Contributor that are necessarily infringed by their 81 | Contribution(s) alone or by combination of their Contribution(s) 82 | with the Work to which such Contribution(s) was submitted. If You 83 | institute patent litigation against any entity (including a 84 | cross-claim or counterclaim in a lawsuit) alleging that the Work 85 | or a Contribution incorporated within the Work constitutes direct 86 | or contributory patent infringement, then any patent licenses 87 | granted to You under this License for that Work shall terminate 88 | as of the date such litigation is filed. 89 | 90 | 4. Redistribution. You may reproduce and distribute copies of the 91 | Work or Derivative Works thereof in any medium, with or without 92 | modifications, and in Source or Object form, provided that You 93 | meet the following conditions: 94 | 95 | (a) You must give any other recipients of the Work or 96 | Derivative Works a copy of this License; and 97 | 98 | (b) You must cause any modified files to carry prominent notices 99 | stating that You changed the files; and 100 | 101 | (c) You must retain, in the Source form of any Derivative Works 102 | that You distribute, all copyright, patent, trademark, and 103 | attribution notices from the Source form of the Work, 104 | excluding those notices that do not pertain to any part of 105 | the Derivative Works; and 106 | 107 | (d) If the Work includes a "NOTICE" text file as part of its 108 | distribution, then any Derivative Works that You distribute must 109 | include a readable copy of the attribution notices contained 110 | within such NOTICE file, excluding those notices that do not 111 | pertain to any part of the Derivative Works, in at least one 112 | of the following places: within a NOTICE text file distributed 113 | as part of the Derivative Works; within the Source form or 114 | documentation, if provided along with the Derivative Works; or, 115 | within a display generated by the Derivative Works, if and 116 | wherever such third-party notices normally appear. The contents 117 | of the NOTICE file are for informational purposes only and 118 | do not modify the License. You may add Your own attribution 119 | notices within Derivative Works that You distribute, alongside 120 | or as an addendum to the NOTICE text from the Work, provided 121 | that such additional attribution notices cannot be construed 122 | as modifying the License. 123 | 124 | You may add Your own copyright statement to Your modifications and 125 | may provide additional or different license terms and conditions 126 | for use, reproduction, or distribution of Your modifications, or 127 | for any such Derivative Works as a whole, provided Your use, 128 | reproduction, and distribution of the Work otherwise complies with 129 | the conditions stated in this License. 130 | 131 | 5. Submission of Contributions. Unless You explicitly state otherwise, 132 | any Contribution intentionally submitted for inclusion in the Work 133 | by You to the Licensor shall be under the terms and conditions of 134 | this License, without any additional terms or conditions. 135 | Notwithstanding the above, nothing herein shall supersede or modify 136 | the terms of any separate license agreement you may have executed 137 | with Licensor regarding such Contributions. 138 | 139 | 6. Trademarks. This License does not grant permission to use the trade 140 | names, trademarks, service marks, or product names of the Licensor, 141 | except as required for reasonable and customary use in describing the 142 | origin of the Work and reproducing the content of the NOTICE file. 143 | 144 | 7. Disclaimer of Warranty. Unless required by applicable law or 145 | agreed to in writing, Licensor provides the Work (and each 146 | Contributor provides its Contributions) on an "AS IS" BASIS, 147 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 148 | implied, including, without limitation, any warranties or conditions 149 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 150 | PARTICULAR PURPOSE. You are solely responsible for determining the 151 | appropriateness of using or redistributing the Work and assume any 152 | risks associated with Your exercise of permissions under this License. 153 | 154 | 8. Limitation of Liability. In no event and under no legal theory, 155 | whether in tort (including negligence), contract, or otherwise, 156 | unless required by applicable law (such as deliberate and grossly 157 | negligent acts) or agreed to in writing, shall any Contributor be 158 | liable to You for damages, including any direct, indirect, special, 159 | incidental, or consequential damages of any character arising as a 160 | result of this License or out of the use or inability to use the 161 | Work (including but not limited to damages for loss of goodwill, 162 | work stoppage, computer failure or malfunction, or any and all 163 | other commercial damages or losses), even if such Contributor 164 | has been advised of the possibility of such damages. 165 | 166 | 9. Accepting Warranty or Additional Liability. While redistributing 167 | the Work or Derivative Works thereof, You may choose to offer, 168 | and charge a fee for, acceptance of support, warranty, indemnity, 169 | or other liability obligations and/or rights consistent with this 170 | License. However, in accepting such obligations, You may act only 171 | on Your own behalf and on Your sole responsibility, not on behalf 172 | of any other Contributor, and only if You agree to indemnify, 173 | defend, and hold each Contributor harmless for any liability 174 | incurred by, or claims asserted against, such Contributor by reason 175 | of your accepting any such warranty or additional liability. 176 | 177 | END OF TERMS AND CONDITIONS 178 | 179 | Copyright 2014 Red Hat, Inc. 180 | 181 | Licensed under the Apache License, Version 2.0 (the "License"); 182 | you may not use this file except in compliance with the License. 183 | You may obtain a copy of the License at 184 | 185 | http://www.apache.org/licenses/LICENSE-2.0 186 | 187 | Unless required by applicable law or agreed to in writing, software 188 | distributed under the License is distributed on an "AS IS" BASIS, 189 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 190 | See the License for the specific language governing permissions and 191 | limitations under the License. 192 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | [![Build Status](https://travis-ci.org/oVirt/ovirt-ansible.svg?branch=master)](https://travis-ci.org/oVirt/ovirt-ansible) 2 | 3 | # oVirt Ansible Roles 4 | 5 | oVirt maintains multiple Ansible roles that can be deployed to easily configure and manage various parts of the oVirt infrastructure. Ansible roles provide a method of modularizing your Ansible code, in other words; it enables you to break up large playbooks into smaller reusable files. This enables you to have a separate role for each component of the infrustructure, and allows you to reuse and share roles with other users. For more information about roles, see [Creating Reusable Playbooks] in the Ansible Documentation. 6 | 7 | Currently we have implemented following Ansible roles: 8 | 9 | * [oVirt.cluster-upgrade] - easily upgrade your oVirt clusters, host by host. 10 | * [oVirt.disaster-recovery] - plan, failover and failback oVirt in Disaster Recovery scenarios. 11 | * [oVirt.engine-setup] - setup your oVirt Engine via Ansible. 12 | * [oVirt.infra] - setup a complete oVirt setup (data centers, clusters, hosts, networks...) via this role. 13 | * [oVirt.image-template] - easily create VM templates (via Glance or QCOW2 download) 14 | * [oVirt.manageiq] - install and configure a ManageIQ (or CloudForms) VM appliance on your oVirt! 15 | * [oVirt.repositories] - set up the required oVirt repositories on your hosts. 16 | * [oVirt.vm-infra] - configure a complete VM setup (create and configure VMs and their properties) 17 | * [oVirt.v2v-conversion-host] - define a host as a target for VMware to oVirt migration. 18 | * [oVirt.hosted_engine_setup] - setup your oVirt Hosted-Engine via Ansible. 19 | * [oVirt.shutdown_env] - shutdown the whole environment in a clean and ordered way. 20 | 21 | ## Installing the oVirt Roles 22 | 23 | There are multiple methods to install the Ansible roles on your Ansible server. 24 | 25 | ### Installing from a Package 26 | 27 | __Note:__ You must have the official oVirt repository enabled. For more information see the [oVirt Deployment Options]. 28 | 29 | The Ansible roles are packaged into an RPM file that can be installed from the command line. 30 | 31 | Run the following command to install all roles: 32 | ``` 33 | # yum install ovirt-ansible-roles 34 | ``` 35 | Run the following command to install specific role: 36 | ``` 37 | # yum install ovirt-ansible-infra 38 | ``` 39 | To search all available roles you can execute following command: 40 | ``` 41 | # yum search ovirt-ansible 42 | ``` 43 | By default the roles will be installed to `/usr/share/ansible/roles`. 44 | 45 | The structure of the ovirt-ansible-roles package is as follows: 46 | * `/usr/share/ansible/roles` - stores the roles. 47 | * `/usr/share/ansible/roles/{role_name}` - stores the specific role. 48 | * `/usr/share/doc/ovirt-ansible-roles/` - stores the examples, a basic overview and the licence. 49 | * `/usr/share/doc/{role_name}` - stores the documentation and examples specific to the role. 50 | 51 | ### Installing using Galaxy 52 | 53 | Ansible provides a command line utility to install Roles directory from the Galaxy Repository. See the [Galaxy] website for more information about Galaxy. 54 | 55 | To install the roles using Galaxy, run the following from the command line: 56 | ``` 57 | # ansible-galaxy install oVirt.ovirt-ansible-roles 58 | ``` 59 | To install the specific role using Galaxy, run the following from the command line: 60 | ``` 61 | # ansible-galaxy install oVirt.infra 62 | ``` 63 | All roles are available under [oVirt organization] on Ansible Galaxy. 64 | 65 | By default the roles will be installed to `/etc/ansible/roles`. 66 | 67 | The structure of ovirt.ovirt-ansible-roles is as follows: 68 | * `/etc/ansible/roles/` - stores the roles. 69 | * `/etc/ansible/roles/{role_name}` - stores the specifc role. 70 | * `/etc/ansible/roles/{role_name}/examples` - stores the examples, a basic overview 71 | 72 | ## Getting Started 73 | 74 | This section will guide you through creating and running your playbook against the engine. 75 | The following example connects to the engine on the local host and creates a new data center. The current working directory is `/tmp`. 76 | 77 | **Note:** Ensure you have Python SDK installed on the machine running the playbook. 78 | 79 | 1) Create a file in your working directory to store the engine's user password: 80 | ``` 81 | $ cat passwords.yml 82 | --- 83 | engine_password: youruserpassword 84 | ``` 85 | 86 | 2) Encrypt the user password. You will be asked for a vault password. 87 | ``` 88 | $ ansible-vault encrypt passwords.yml 89 | New Vault password: 90 | Confirm New Vault password: 91 | ``` 92 | 3) Create a file that contains engine details such as the hostname, certificate, and user. 93 | ``` 94 | $ cat engine_vars.yml 95 | --- 96 | engine_fqdn: example.engine.redhat.com 97 | engine_user: admin@internal 98 | engine_cafile: /etc/pki/ovirt-engine/ca.pem 99 | ``` 100 | **Note:** If you prefer, these variables can be added directly to the playbook instead. 101 | 102 | 4) Create your playbook. To simplify this, you can copy and modify an example in `/etc/ansible/roles/ovirt.ovirt-ansible-roles/examples` or `/usr/share/doc/ovirt-ansible-roles/examples` depending on the method used to install the roles: 103 | ```yaml 104 | $ cat ovirt_infra.yml 105 | --- 106 | - name: oVirt infra 107 | hosts: localhost 108 | connection: local 109 | gather_facts: false 110 | 111 | vars_files: 112 | # Contains variables to connect to the engine 113 | - engine_vars.yml 114 | # Contains encrypted `engine_password` variable using ansible-vault 115 | - passwords.yml 116 | 117 | pre_tasks: 118 | - name: Login to oVirt 119 | ovirt_auth: 120 | hostname: "{{ engine_fqdn }}" 121 | username: "{{ engine_user }}" 122 | password: "{{ engine_password }}" 123 | ca_file: "{{ engine_cafile | default(omit) }}" 124 | insecure: "{{ engine_insecure | default(true) }}" 125 | tags: 126 | - always 127 | 128 | vars: 129 | data_center_name: mydatacenter 130 | data_center_description: mydatacenter 131 | data_center_local: false 132 | compatibility_version: 4.2 133 | 134 | roles: 135 | - oVirt.infra 136 | 137 | post_tasks: 138 | - name: Logout from oVirt 139 | ovirt_auth: 140 | state: absent 141 | ovirt_auth: "{{ ovirt_auth }}" 142 | tags: 143 | - always 144 | ``` 145 | 146 | 5) Run the playbook. 147 | ``` 148 | $ ansible-playbook --ask-vault-pass ovirt_infra.yml 149 | ``` 150 | After the ansible-playbook playbook completes you will have a new data center named `mydatacenter`. 151 | 152 | [oVirt.infra]: https://github.com/oVirt/ovirt-ansible-infra/blob/master/README.md 153 | [oVirt.image-template]: https://github.com/oVirt/ovirt-ansible-image-template/blob/master/README.md 154 | [oVirt.vm-infra]: https://github.com/oVirt/ovirt-ansible-vm-infra/blob/master/README.md 155 | [oVirt.cluster-upgrade]: https://github.com/oVirt/ovirt-ansible-cluster-upgrade/blob/master/README.md 156 | [oVirt.manageiq]: https://github.com/oVirt/ovirt-ansible-manageiq/blob/master/README.md 157 | [Creating Reusable Playbooks]: http://docs.ansible.com/ansible/latest/playbooks_reuse.html 158 | [oVirt Deployment Options]: https://www.ovirt.org/download/ 159 | [Galaxy]: https://galaxy.ansible.com/ 160 | [oVirt organization]: https://galaxy.ansible.com/oVirt/ 161 | [oVirt.disaster-recovery]: https://github.com/oVirt/ovirt-ansible-disaster-recovery/blob/master/README.md 162 | [oVirt.engine-setup]: https://github.com/oVirt/ovirt-ansible-engine-setup/blob/master/README.md 163 | [oVirt.repositories]: https://github.com/oVirt/ovirt-ansible-repositories/blob/master/README.md 164 | [oVirt.v2v-conversion-host]: https://github.com/oVirt/ovirt-ansible-v2v-conversion-host/blob/master/README.md 165 | [oVirt.hosted_engine_setup]: https://github.com/oVirt/ovirt-ansible-hosted-engine-setup/blob/master/README.md 166 | [oVirt.shutdown_env]: https://github.com/oVirt/ovirt-ansible-shutdown-env/blob/master/README.md 167 | -------------------------------------------------------------------------------- /automation.yaml: -------------------------------------------------------------------------------- 1 | distros: 2 | - fc30 3 | - el7 4 | - el8 5 | release_branches: 6 | master: [ "ovirt-master" ] 7 | -------------------------------------------------------------------------------- /automation/README.md: -------------------------------------------------------------------------------- 1 | Continuous Integration Scripts 2 | ============================== 3 | 4 | This directory contains scripts for Continuous Integration provided by 5 | [oVirt Jenkins](http://jenkins.ovirt.org/) 6 | system and follows the standard defined in 7 | [Build and test standards](http://www.ovirt.org/CI/Build_and_test_standards) 8 | wiki page. 9 | -------------------------------------------------------------------------------- /automation/build-artifacts-manual.req: -------------------------------------------------------------------------------- 1 | build-artifacts.req -------------------------------------------------------------------------------- /automation/build-artifacts-manual.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -xe 2 | 3 | # remove any previous artifacts 4 | rm -rf output 5 | make clean 6 | 7 | # Get the tarball 8 | ./build.sh dist 9 | 10 | # create the src.rpm, assuming the tarball is in the project's directory 11 | rpmbuild \ 12 | -D "_srcrpmdir $PWD/output" \ 13 | -D "_topmdir $PWD/rpmbuild" \ 14 | -ts ./*.gz 15 | 16 | # install any build requirements 17 | yum-builddep output/*src.rpm 18 | 19 | # create the rpms 20 | rpmbuild \ 21 | -D "_rpmdir $PWD/output" \ 22 | -D "_topmdir $PWD/rpmbuild" \ 23 | --rebuild output/*.src.rpm 24 | 25 | # Store any relevant artifacts in exported-artifacts for the ci system to 26 | # archive 27 | [[ -d exported-artifacts ]] || mkdir -p exported-artifacts 28 | find output -iname \*rpm -exec mv "{}" exported-artifacts/ \; 29 | mv ./*tar.gz exported-artifacts/ 30 | -------------------------------------------------------------------------------- /automation/build-artifacts.packages: -------------------------------------------------------------------------------- 1 | yum-utils 2 | ansible 3 | git 4 | -------------------------------------------------------------------------------- /automation/build-artifacts.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -xe 2 | 3 | # remove any previous artifacts 4 | rm -rf output 5 | rm -f ./*tar.gz 6 | 7 | # Get the tarball 8 | ./build.sh dist 9 | 10 | # create the src.rpm 11 | rpmbuild \ 12 | -D "_srcrpmdir $PWD/output" \ 13 | -D "_topmdir $PWD/rpmbuild" \ 14 | -ts ./*.gz 15 | 16 | # install any build requirements 17 | yum-builddep output/*src.rpm 18 | 19 | # create the rpms 20 | rpmbuild \ 21 | -D "_rpmdir $PWD/output" \ 22 | -D "_topmdir $PWD/rpmbuild" \ 23 | --rebuild output/*.src.rpm 24 | 25 | # Store any relevant artifacts in exported-artifacts for the ci system to 26 | # archive 27 | [[ -d exported-artifacts ]] || mkdir -p exported-artifacts 28 | find output -iname \*rpm -exec mv "{}" exported-artifacts/ \; 29 | mv ./*tar.gz exported-artifacts/ 30 | -------------------------------------------------------------------------------- /automation/check-patch.packages: -------------------------------------------------------------------------------- 1 | yum-utils 2 | git 3 | ansible 4 | -------------------------------------------------------------------------------- /automation/check-patch.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -xe 2 | 3 | # remove any previous artifacts 4 | rm -rf output 5 | rm -f ./*tar.gz 6 | 7 | # Get the tarball 8 | ./build.sh dist 9 | 10 | # create the src.rpm 11 | rpmbuild \ 12 | -D "_srcrpmdir $PWD/output" \ 13 | -D "_topmdir $PWD/rpmbuild" \ 14 | -ts ./*.gz 15 | 16 | # install any build requirements 17 | yum-builddep output/*src.rpm 18 | 19 | # create the rpms 20 | rpmbuild \ 21 | -D "_rpmdir $PWD/output" \ 22 | -D "_topmdir $PWD/rpmbuild" \ 23 | --rebuild output/*.src.rpm 24 | 25 | [[ -d exported-artifacts ]] || mkdir -p exported-artifacts 26 | find output -iname \*rpm -exec mv "{}" exported-artifacts/ \; 27 | mv *.tar.gz exported-artifacts 28 | -------------------------------------------------------------------------------- /build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | VERSION="1.2.4" 4 | MILESTONE=master 5 | RPM_RELEASE="0.1.$MILESTONE.$(date -u +%Y%m%d%H%M%S)" 6 | 7 | ROLE_NAME="ovirt.ansible-roles" 8 | PACKAGE_NAME="ovirt-ansible-roles" 9 | PREFIX=/usr/local 10 | DATAROOT_DIR=$PREFIX/share 11 | ROLES_DATAROOT_DIR=$DATAROOT_DIR/ansible/roles 12 | DOC_DIR=$DATAROOT_DIR/doc 13 | PKG_DATA_DIR=${PKG_DATA_DIR:-$ROLES_DATAROOT_DIR/$PACKAGE_NAME} 14 | PKG_DATA_DIR_ORIG=${PKG_DATA_DIR_ORIG:-$PKG_DATA_DIR} 15 | PKG_DOC_DIR=${PKG_DOC_DIR:-$DOC_DIR/$PACKAGE_NAME} 16 | ROLENAME_LEGACY="${ROLENAME_LEGACY:-$ROLES_DATAROOT_DIR/ovirt-infra}" 17 | 18 | RPM_VERSION=$VERSION 19 | PACKAGE_VERSION=$VERSION 20 | [ -n "$MILESTONE" ] && PACKAGE_VERSION+="_$MILESTONE" 21 | DISPLAY_VERSION=$PACKAGE$VERSION 22 | 23 | TARBALL="$PACKAGE_NAME-$PACKAGE_VERSION.tar.gz" 24 | 25 | dist() { 26 | echo "Creating tar archive '$TARBALL' ... " 27 | sed \ 28 | -e "s|@RPM_VERSION@|$RPM_VERSION|g" \ 29 | -e "s|@RPM_RELEASE@|$RPM_RELEASE|g" \ 30 | -e "s|@PACKAGE_NAME@|$PACKAGE_NAME|g" \ 31 | -e "s|@PACKAGE_VERSION@|$PACKAGE_VERSION|g" \ 32 | < ovirt-ansible-roles.spec.in > ovirt-ansible-roles.spec 33 | 34 | git ls-files | tar --files-from /proc/self/fd/0 -czf "$TARBALL" ovirt-ansible-roles.spec 35 | echo "tar archive '$TARBALL' created." 36 | } 37 | 38 | $1 39 | -------------------------------------------------------------------------------- /examples/cluster_upgrade.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: oVirt cluster upgrade 3 | hosts: localhost 4 | connection: local 5 | gather_facts: false 6 | 7 | vars_files: 8 | # Contains encrypted `engine_password` varibale using ansible-vault 9 | - passwords.yml 10 | 11 | vars: 12 | engine_fqdn: ovirt.example.com 13 | engine_user: admin@internal 14 | 15 | stop_non_migratable_vms: true 16 | 17 | host_statuses: 18 | - up 19 | 20 | host_names: 21 | - host 22 | 23 | roles: 24 | - oVirt.cluster-upgrade 25 | -------------------------------------------------------------------------------- /examples/manageiq.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: oVirt ManageIQ deployment 3 | hosts: localhost 4 | connection: local 5 | gather_facts: false 6 | 7 | vars_files: 8 | # Contains encrypted `engine_password` and `metrics_password` 9 | # varibale using ansible-vault 10 | - passwords.yml 11 | 12 | vars: 13 | engine_fqdn: ovirt.example.com 14 | engine_user: admin@internal 15 | engine_cafile: /etc/pki/ovirt-engine/ca.pem 16 | 17 | metrics_fqdn: metrics.example.com 18 | metrics_port: 8443 19 | metrics_user: admin 20 | 21 | 22 | roles: 23 | - oVirt.manageiq 24 | -------------------------------------------------------------------------------- /examples/ovirt_image_template.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: oVirt image template 3 | hosts: localhost 4 | connection: local 5 | gather_facts: false 6 | 7 | vars_files: 8 | # Contains encrypted `engine_password` varibale using ansible-vault 9 | - passwords.yml 10 | 11 | vars: 12 | engine_fqdn: ovirt.example.com 13 | engine_user: admin@internal 14 | engine_cafile: /etc/pki/ovirt-engine/ca.pem 15 | 16 | qcow_url: https://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2 17 | template_cluster: production 18 | template_name: centos7_template 19 | template_memory: 2GiB 20 | template_cpu: 2 21 | template_disk_size: 10GiB 22 | template_disk_storage: nfs 23 | 24 | roles: 25 | - oVirt.image-template 26 | -------------------------------------------------------------------------------- /examples/ovirt_infra.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: oVirt infra 3 | hosts: localhost 4 | connection: local 5 | gather_facts: false 6 | 7 | vars_files: 8 | - ovirt_infra_vars.yml 9 | # Contains encrypted `engine_password` varibale using ansible-vault 10 | - passwords.yml 11 | 12 | pre_tasks: 13 | - name: Login to oVirt 14 | ovirt_auth: 15 | hostname: "{{ engine_fqdn }}" 16 | username: "{{ engine_user }}" 17 | password: "{{ engine_password }}" 18 | ca_file: "{{ engine_cafile | default(omit) }}" 19 | insecure: "{{ engine_insecure | default(true) }}" 20 | tags: 21 | - always 22 | 23 | roles: 24 | - oVirt.infra 25 | 26 | post_tasks: 27 | - name: Logout from oVirt 28 | ovirt_auth: 29 | state: absent 30 | ovirt_auth: "{{ ovirt_auth }}" 31 | tags: 32 | - always 33 | -------------------------------------------------------------------------------- /examples/ovirt_infra_vars.yml: -------------------------------------------------------------------------------- 1 | --- 2 | ########################### 3 | # REST API variables 4 | ########################### 5 | engine_fqdn: ovirt.example.com 6 | engine_user: admin@internal 7 | engine_cafile: /etc/pki/ovirt-engine/ca.pem 8 | 9 | ########################### 10 | # Common 11 | ########################### 12 | compatibility_version: 4.1 13 | 14 | # Data center 15 | data_center_name: mydatacenter 16 | 17 | ########################### 18 | # Clusters 19 | ########################### 20 | clusters: 21 | - name: production 22 | cpu_type: Intel Conroe Family 23 | profile: production 24 | 25 | ########################### 26 | # Hosts 27 | ########################### 28 | hosts: 29 | - name: myhost 30 | address: 1.2.3.5 31 | cluster: production 32 | password: 123456 33 | - name: myhost1 34 | address: 1.2.3.6 35 | cluster: production 36 | password: 123456 37 | 38 | ########################### 39 | # Storage 40 | ########################### 41 | storages: 42 | mynfsstorage: 43 | master: true 44 | state: present 45 | nfs: 46 | address: 1.2.3.4 47 | path: /om02 48 | myiscsistorage: 49 | iscsi: 50 | target: iqn.2014-07.org.ovirt:storage 51 | port: 3260 52 | address: 192.168.200.3 53 | username: username 54 | password: password 55 | lun_id: 3600140551fcc8348ea74a99b6760fbb4 56 | mytemplates: 57 | domain_function: export 58 | nfs: 59 | address: 192.168.200.3 60 | path: /exports/nfs/exported 61 | myisostorage: 62 | domain_function: iso 63 | nfs: 64 | address: 192.168.200.3 65 | path: /exports/nfs/iso 66 | 67 | ########################### 68 | # Networks 69 | ########################### 70 | logical_networks: 71 | - name: mynetwork 72 | clusters: 73 | - name: development 74 | assigned: false 75 | required: true 76 | display: false 77 | migration: true 78 | gluster: false 79 | 80 | host_networks: 81 | - name: myhost1 82 | check: true 83 | save: true 84 | bond: 85 | name: bond0 86 | mode: 2 87 | interfaces: 88 | - eth2 89 | - eth3 90 | networks: 91 | - name: mynetwork 92 | boot_protocol: dhcp 93 | 94 | ########################### 95 | # Users & Groups 96 | ########################### 97 | users: 98 | - name: user1 99 | authz_name: internal-authz 100 | password: 1234568 101 | valid_to: "2018-01-01 00:00:00Z" 102 | - name: user2 103 | authz_name: internal-authz 104 | password: 1234568 105 | valid_to: "2018-01-01 00:00:00Z" 106 | 107 | user_groups: 108 | - name: group1 109 | authz_name: internal-authz 110 | users: 111 | - user1 112 | 113 | permissions: 114 | - state: present 115 | user_name: user1 116 | authz_name: internal-authz 117 | role: UserRole 118 | object_type: cluster 119 | object_name: production 120 | 121 | - state: present 122 | group_name: group1 123 | authz_name: internal-authz 124 | role: UserRole 125 | object_type: cluster 126 | object_name: production 127 | -------------------------------------------------------------------------------- /examples/ovirt_vm_infra.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: oVirt infra 3 | hosts: localhost 4 | connection: local 5 | gather_facts: false 6 | 7 | vars_files: 8 | # Contains encrypted `engine_password` varibale using ansible-vault 9 | - passwords.yml 10 | 11 | vars: 12 | engine_fqdn: ovirt.example.com 13 | engine_user: admin@internal 14 | engine_cafile: /etc/pki/ovirt-engine/ca.pem 15 | 16 | httpd_vm: 17 | cluster: production 18 | domain: example.com 19 | template: rhel7 20 | memory: 2GiB 21 | cores: 2 22 | ssh_key: ssh-rsa AAA...LGx user@fqdn 23 | disks: 24 | - size: 10GiB 25 | name: data 26 | storage_domain: mynfsstorage 27 | interface: virtio 28 | 29 | db_vm: 30 | cluster: production 31 | domain: example.com 32 | template: rhel7 33 | memory: 4GiB 34 | cores: 1 35 | ssh_key: ssh-rsa AAA...LGx user@fqdn 36 | disks: 37 | - size: 50GiB 38 | name: data 39 | storage_domain: mynfsstorage 40 | interface: virtio 41 | 42 | vms: 43 | - name: postgresql-vm-0 44 | tag: postgresql_vm 45 | profile: "{{ db_vm }}" 46 | - name: postgresql-vm-1 47 | tag: postgresql_vm 48 | profile: "{{ db_vm }}" 49 | - name: apache-vm 50 | tag: httpd_vm 51 | profile: "{{ httpd_vm }}" 52 | 53 | affinity_groups: 54 | - name: db-ag 55 | cluster: production 56 | vm_enforcing: true 57 | vm_rule: negative 58 | vms: 59 | - postgresql-vm-0 60 | - postgresql-vm-1 61 | 62 | roles: 63 | - oVirt.vm-infra 64 | -------------------------------------------------------------------------------- /examples/passwords.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # As an example this file is keep in plaintext, if you want to 3 | # encrypt this file, please execute following command: 4 | # 5 | # $ ansible-vault encrypt passwords.yml 6 | # 7 | # It will ask you for a password, which you must then pass to 8 | # ansible interactively when executing the playbook. 9 | # 10 | # $ ansible-playbook myplaybook.yml --ask-vault-pass 11 | # 12 | engine_password: 123456 13 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | galaxy_info: 3 | author: "Ondra Machacek" 4 | description: "oVirt Ansible roles" 5 | company: Red Hat, Inc. 6 | license: Apache License 2.0 7 | min_ansible_version: 2.9 8 | platforms: 9 | - name: EL 10 | versions: 11 | - all 12 | - name: Fedora 13 | versions: 14 | - all 15 | galaxy_tags: [ovirt, rhv, rhev, virtualization] 16 | 17 | dependencies: 18 | - ovirt.cluster-upgrade 19 | - ovirt.disaster-recovery 20 | - ovirt.engine-setup 21 | - ovirt.image-template 22 | - ovirt.infra 23 | - ovirt.manageiq 24 | - ovirt.repositories 25 | - ovirt.vm-infra 26 | - ovirt.v2v-conversion-host 27 | - ovirt.hosted_engine_setup 28 | - ovirt.shutdown_env 29 | -------------------------------------------------------------------------------- /ovirt-ansible-roles.spec.in: -------------------------------------------------------------------------------- 1 | Name: @PACKAGE_NAME@ 2 | Summary: Set of Ansible roles for oVirt management 3 | Version: @RPM_VERSION@ 4 | Release: @RPM_RELEASE@%{?release_suffix}%{?dist} 5 | Source0: http://resources.ovirt.org/pub/src/@PACKAGE_NAME@/@PACKAGE_NAME@-@PACKAGE_VERSION@.tar.gz 6 | License: ASL 2.0 7 | Group: Virtualization/Management 8 | BuildArch: noarch 9 | Url: http://www.ovirt.org 10 | 11 | Requires: ansible >= 2.9.0 12 | Requires: ovirt-ansible-cluster-upgrade >= 1.2.0 13 | Requires: ovirt-ansible-disaster-recovery >= 1.3.0 14 | Requires: ovirt-ansible-engine-setup >= 1.2.0 15 | Requires: ovirt-ansible-image-template >= 1.2.0 16 | Requires: ovirt-ansible-infra >= 1.2.0 17 | Requires: ovirt-ansible-manageiq >= 1.2.0 18 | Requires: ovirt-ansible-repositories >= 1.2.0 19 | Requires: ovirt-ansible-vm-infra >= 1.2.0 20 | Requires: ovirt-ansible-hosted-engine-setup >= 1.0.0 21 | Requires: ovirt-ansible-shutdown-env >= 1.0.0 22 | %if 0%{?rhel} && 0%{?rhel} < 8 23 | Requires: python-ovirt-engine-sdk4 24 | %else 25 | Requires: python3-ovirt-engine-sdk4 26 | %endif 27 | 28 | %description 29 | Collection of Ansible roles to ease the management and automation of the oVirt engine. 30 | 31 | %prep 32 | %setup -c -q 33 | 34 | %build 35 | 36 | %install 37 | 38 | %files 39 | %doc examples/ 40 | %doc README.md 41 | 42 | %license LICENSE 43 | 44 | %changelog 45 | * Fri Mar 20 2020 Martin Necas - 1.2.3-1 46 | - Add ovirt-engine-sdk4 dependency. 47 | 48 | * Wed Feb 26 2020 Martin Necas - 1.2.2-1 49 | - Drop v2v-conversion-host-ansible dependency. 50 | 51 | * Mon Dec 2 2019 Martin Necas - 1.2.1-1 52 | - Add build for el8. 53 | 54 | * Mon Nov 25 2019 Martin Necas - 1.2.0-1 55 | - Bump ansible to version 2.9.0. 56 | 57 | * Thu May 30 2019 Ondra Machacek - 1.1.7-1 58 | - Fix ansible galaxy dependencies names. 59 | 60 | * Mon Dec 3 2018 Ondra Machacek - 1.1.6-1 61 | - Require Ansible 2.7.2. 62 | 63 | * Thu Oct 4 2018 Ondra Machacek - 1.1.5-1 64 | - Add hosted-engine role. 65 | - Add shutdown-env role. 66 | 67 | * Tue Apr 17 2018 Ondra Machacek - 1.1.4-1 68 | - Require Ansible 2.5. 69 | - Add v2v-conversion-host role. 70 | 71 | * Wed Jan 17 2018 Ondra Machacek - 1.1.3-1 72 | - Add requirment for new roles. 73 | 74 | * Mon Nov 27 2017 Ondra Machacek - 1.1.2-1 75 | - Split roles into multiple RPM packages. 76 | 77 | * Tue Oct 24 2017 Ondra Machacek - 1.1.1-1 78 | - ovirt-cluster-upgrade: Don't run check_for upgrade if not needed (#64) 79 | - ovirt-image-template: add image_cache_download option (#63) 80 | - Add new ovirt-host-deploy-facts role and use it in ovirt-host-deploy-firewalld role (#71) 81 | - oVirt provider OVN driver (#73) 82 | - Improve shutdown of non-migrable VMs (#76) 83 | - Fix ovirt-image-template parameters (#78) 84 | - Vm infra fix defaults (#80) 85 | - Add memory_guaranteed parameter to ovirt-vm-infra (#81) 86 | - Add sockets variable to ovirt-vm-infra role 87 | - Add nics to ovirt-vm-infra role (#83) 88 | - Add timeouts for ovirt-vm-infra role (#82) 89 | - Libvirt guests (#62) 90 | - Require Ansible 2.4 91 | - ovirt-ansible: roles: Add role to cleanup datacenter (#84) 92 | - Add host-upgrade role (#106) 93 | 94 | * Tue Aug 29 2017 Ondra Machacek - 1.1.0-1 95 | - ovirt-image-template: add glance as disk source (#30) 96 | - ovirt-vm-infra: allow set state and sd for vm (#37) 97 | - introduce ovirt set mac pool role (#24) 98 | - introduce ovirt-external-provider role (#20) 99 | - ovirt-host-deploy: Add firewalld role (#7) 100 | 101 | * Wed Aug 16 2017 Ondra Machacek - 1.0.1-1 102 | - Remove ovirt. prefix from role names. 103 | - Add affinity group role. 104 | - Documentation improvements. 105 | 106 | * Tue Jul 25 2017 Ondra Machacek - 1.0.0-1 107 | - Initial release. 108 | -------------------------------------------------------------------------------- /tox.ini: -------------------------------------------------------------------------------- 1 | [tox] 2 | skipsdist=True 3 | envlist = 4 | py27-{yamllint,ansible_syntax,generate_validation} 5 | skip_missing_interpreters=True 6 | 7 | [testenv] 8 | skip_install=True 9 | 10 | commands = 11 | yamllint: yamllint examples/ 12 | --------------------------------------------------------------------------------