From bec517fb49e349f58850d729fa117c6ab9f1b443 Mon Sep 17 00:00:00 2001 From: William Graef Date: Wed, 20 Nov 2024 10:54:52 -0500 Subject: [PATCH 1/6] init oci provider tasks --- ocne2/default_vars.yml | 3 + ocne2/deploy_ocne_oci.yml | 277 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 280 insertions(+) create mode 100644 ocne2/deploy_ocne_oci.yml diff --git a/ocne2/default_vars.yml b/ocne2/default_vars.yml index c0e2c7b..ba38c13 100644 --- a/ocne2/default_vars.yml +++ b/ocne2/default_vars.yml @@ -22,6 +22,9 @@ use_ingress_lb: false ocne_type: libvirt install_ocne_rpm: false create_ocne_cluster: false +create_oci_cluster: false ocne_cluster_node_options: "" ocne_cluster_name: "ocne" +num_cp_nodes: 3 +num_wk_nodes: 3 update_all: false \ No newline at end of file diff --git a/ocne2/deploy_ocne_oci.yml b/ocne2/deploy_ocne_oci.yml new file mode 100644 index 0000000..709107e --- /dev/null +++ b/ocne2/deploy_ocne_oci.yml @@ -0,0 +1,277 @@ +--- +# Copyright (c) 2024 Oracle and/or its affiliates. +# This software is made available to you under the terms of the Universal Permissive License (UPL), Version 1.0. +# The Universal Permissive License (UPL), Version 1.0 (see COPYING or https://oss.oracle.com/licenses/upl) +# See LICENSE.TXT for details. + +- name: Install a KVM server + hosts: server + vars_files: + - default_vars.yml + - oci_vars.yml + become: true + + tasks: + + - name: Install Oracle Linux 8 virtualization packages + ansible.builtin.dnf: + name: + - "@virt" + - virt-install + - virt-viewer + - containers-common + - cockpit + - cockpit-machines + state: present + when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '8' + + - name: Install Oracle Linux 9 virtualization packages + ansible.builtin.dnf: + name: + - qemu-kvm + - libvirt + - virt-install + - virt-viewer + - containers-common + - cockpit + - cockpit-machines + state: present + when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '9' + + - name: Start and enable Oracle Linux 8 monolithic virtualization services + ansible.builtin.systemd: + state: started + name: libvirtd.service + enabled: true + when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '8' + + - name: Start and enable Oracle Linux 9 modular 'ro' virtualization services + ansible.builtin.systemd: + state: started + name: "virt{{ item }}d-ro.socket" + enabled: true + loop: + - qemu + - network + - nodedev + - nwfilter + - secret + - storage + - interface + - proxy + when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '9' + + - name: Start and enable Oracle Linux 9 modular 'admin' virtualization services + ansible.builtin.systemd: + state: started + name: "virt{{ item }}d-admin.socket" + enabled: true + loop: + - qemu + - network + - nodedev + - nwfilter + - secret + - storage + - interface + - proxy + when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '9' + + - name: Start and enable cockpit + ansible.builtin.systemd: + state: started + name: cockpit.socket + enabled: true + + - name: Open firewall for cockpit and virsh + ansible.posix.firewalld: + zone: public + service: "{{ item }}" + permanent: true + state: enabled + immediate: true + loop: + - libvirt + - libvirt-tls + + - name: Add user to libvirt and qemu group + ansible.builtin.user: + name: "{{ username }}" + groups: libvirt,qemu + append: true + + - name: Reset ssh connection to allow user changes to affect 'current login user' + ansible.builtin.meta: reset_connection + + - name: Install repository and packages + when: + - install_ocne_rpm + block: + - name: Install ocne repository + ansible.builtin.dnf: + name: oracle-olcne-release-el8 + state: present + when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '8' + + - name: Enable ocne repository + ansible.builtin.command: + cmd: dnf config-manager --enable ol8_ocne + register: dnf_result + changed_when: dnf_result.rc == 0 + when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '8' + + - name: Install ocne repository + ansible.builtin.dnf: + name: oracle-olcne-release-el9 + state: present + when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '9' + + - name: Enable ocne repository + ansible.builtin.command: + cmd: dnf config-manager --enable ol9_ocne + register: dnf_result + changed_when: dnf_result.rc == 0 + when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '9' + + - name: Install ocne package + ansible.builtin.dnf: + name: + - ocne + - kubectl + state: present + + - name: Create an ocne cluster + when: + - install_ocne_rpm + - create_ocne_oci_cluster + block: + - name: Create oci config + ansible.builtin.copy: + src: "{{ lookup('env', 'HOME') + '/.oci/' }}" + dest: ~/.oci/ + owner: "{{ username }}" + group: "{{ usergroup }}" + mode: "preserve" + become: true + become_user: "{{ username }}" + + - name: Update oci_config + ansible.builtin.lineinfile: + path: ~/.oci/config + regexp: '^key_file=' + line: "key_file=/home/{{ username }}/.oci/oci.key" + owner: "{{ username }}" + group: "{{ usergroup }}" + mode: "0600" + become: true + become_user: "{{ username }}" + + - name: Install ol developer repository + ansible.builtin.dnf: + name: oraclelinux-developer-release-el8 + state: present + when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '8' + + - name: Enable ol developer repository + ansible.builtin.command: + cmd: dnf config-manager --enable ol8_developer + register: dnf_result + changed_when: dnf_result.rc == 0 + when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '8' + + - name: Install oci cli + ansible.builtin.dnf: + name: + - python36-oci-cli + state: present + when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '8' + + - name: Install ol developer repository + ansible.builtin.dnf: + name: oraclelinux-developer-release-el9 + state: present + when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '9' + + - name: Enable ol developer repository + ansible.builtin.command: + cmd: dnf config-manager --enable ol9_developer + register: dnf_result + changed_when: dnf_result.rc == 0 + when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '9' + + - name: Install oci cli + ansible.builtin.dnf: + name: + - python36-oci-cli + state: present + when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '9' + + - name: Generate random hex string + vars: + hex_chars: '0123456789abcdef' + ansible.builtin.set_fact: + rnd_str: "{{ query('community.general.random_string', upper=false, lower=false, override_special=hex_chars, numbers=false) }}" + + - name: Print random hex string + ansible.builtin.debug: + msg: "{{ rnd_str }}" + when: debug_enabled + + - name: Get oci namespace name + oracle.oci.oci_object_storage_namespace_facts: + register: obj_namespace + + - name: Create oci os bucket + oracle.oci.oci_object_storage_bucket: + compartment_id: "{{ my_compartment_id }}" + namespace_name: "{{ obj_namespace }}" + name: "ocne-images-{{ rnd_str }}" + + - name: Get all the buckets in the namespace + oracle.oci.oci_object_storage_bucket_facts: + compartment_id: "{{ my_compartment_id }}" + namespace_name: "{{ obj_namespace }}" + register: ocibuckets + when: debug_enabled + + - name: Print oci os bucket details + ansible.builtin.debug: + msg: "{{ ocibuckets }}" + when: debug_enabled + + - name: Create cluster config file + ansible.builtin.copy: + dest: ~/myconfig.yaml + content: | + provider: oci + name: "{{ ocne_cluster_name }}" + controlPlaneNodes: "{{ num_cp_nodes }}" + workerNodes: "{{ num_wk_nodes }}" + providers: + oci: + imageBucket: ocne-images-{{ rnd_str }} + compartment: {{ my_compartment_id }} + become: true + become_user: "{{ username }}" + + - name: Provision the cluster + ansible.builtin.shell: | + ocne cluster start -u false -c myconfig.yaml + args: + chdir: ~/ + become: true + become_user: "{{ username }}" + register: provision_cluster + changed_when: provision_cluster.rc == 0 + + - name: Print cluster provision output + ansible.builtin.debug: + var: provision_cluster + when: debug_enabled + + - name: Add kubeconfig to .bashrc file + ansible.builtin.lineinfile: + path: ~/.bashrc + line: "export KUBECONFIG=$HOME/.kube/kubeconfig.{{ ocne_cluster_name | default('ocne') }}.local" + become: true + become_user: "{{ username }}" From aaeafbac2a1a81667c954632739c1ccbe0a47fe2 Mon Sep 17 00:00:00 2001 From: William Graef Date: Wed, 20 Nov 2024 11:19:16 -0500 Subject: [PATCH 2/6] add instance idempotence keys and missing var --- ocne2/build.yml | 1 + ocne2/default_vars.yml | 2 +- ocne2/deploy_ocne_oci.yml | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/ocne2/build.yml b/ocne2/build.yml index 410f528..7d4799a 100644 --- a/ocne2/build.yml +++ b/ocne2/build.yml @@ -31,6 +31,7 @@ - name: "OS Management Service Agent" desired_state: DISABLED + key_by: [compartment_id, availability_domain, display_name] register: result vars: timestamp: "{{ now().strftime('%Y%m%d-%H%M%S') }}" diff --git a/ocne2/default_vars.yml b/ocne2/default_vars.yml index ba38c13..edbd636 100644 --- a/ocne2/default_vars.yml +++ b/ocne2/default_vars.yml @@ -22,7 +22,7 @@ use_ingress_lb: false ocne_type: libvirt install_ocne_rpm: false create_ocne_cluster: false -create_oci_cluster: false +create_ocne_oci_cluster: false ocne_cluster_node_options: "" ocne_cluster_name: "ocne" num_cp_nodes: 3 diff --git a/ocne2/deploy_ocne_oci.yml b/ocne2/deploy_ocne_oci.yml index 709107e..a17963d 100644 --- a/ocne2/deploy_ocne_oci.yml +++ b/ocne2/deploy_ocne_oci.yml @@ -251,6 +251,7 @@ oci: imageBucket: ocne-images-{{ rnd_str }} compartment: {{ my_compartment_id }} + mode: "0644" become: true become_user: "{{ username }}" From c898d395212d00fe48d365abbabfa23b33c64445 Mon Sep 17 00:00:00 2001 From: William Graef Date: Wed, 20 Nov 2024 11:36:51 -0500 Subject: [PATCH 3/6] add user to oci commands --- ocne2/deploy_ocne_oci.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ocne2/deploy_ocne_oci.yml b/ocne2/deploy_ocne_oci.yml index a17963d..4d7e7e8 100644 --- a/ocne2/deploy_ocne_oci.yml +++ b/ocne2/deploy_ocne_oci.yml @@ -219,6 +219,8 @@ - name: Get oci namespace name oracle.oci.oci_object_storage_namespace_facts: + become: true + become_user: "{{ username }}" register: obj_namespace - name: Create oci os bucket @@ -226,12 +228,16 @@ compartment_id: "{{ my_compartment_id }}" namespace_name: "{{ obj_namespace }}" name: "ocne-images-{{ rnd_str }}" + become: true + become_user: "{{ username }}" - name: Get all the buckets in the namespace oracle.oci.oci_object_storage_bucket_facts: compartment_id: "{{ my_compartment_id }}" namespace_name: "{{ obj_namespace }}" register: ocibuckets + become: true + become_user: "{{ username }}" when: debug_enabled - name: Print oci os bucket details From 0e38d0cb5e358c267aef38be3faa585c2a2ec83e Mon Sep 17 00:00:00 2001 From: William Graef Date: Wed, 20 Nov 2024 11:59:40 -0500 Subject: [PATCH 4/6] fix obj namespace var --- ocne2/deploy_ocne_oci.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/ocne2/deploy_ocne_oci.yml b/ocne2/deploy_ocne_oci.yml index 4d7e7e8..27ebd88 100644 --- a/ocne2/deploy_ocne_oci.yml +++ b/ocne2/deploy_ocne_oci.yml @@ -223,10 +223,15 @@ become_user: "{{ username }}" register: obj_namespace + - name: Print oci namespace facts + ansible.builtin.debug: + msg: "{{ obj_namespace.namespace }}" + when: debug_enabled + - name: Create oci os bucket oracle.oci.oci_object_storage_bucket: compartment_id: "{{ my_compartment_id }}" - namespace_name: "{{ obj_namespace }}" + namespace_name: "{{ obj_namespace.namespace }}" name: "ocne-images-{{ rnd_str }}" become: true become_user: "{{ username }}" @@ -234,7 +239,7 @@ - name: Get all the buckets in the namespace oracle.oci.oci_object_storage_bucket_facts: compartment_id: "{{ my_compartment_id }}" - namespace_name: "{{ obj_namespace }}" + namespace_name: "{{ obj_namespace.namespace }}" register: ocibuckets become: true become_user: "{{ username }}" From b28b5dcc82bcac688b8cde06b668d45fa384d383 Mon Sep 17 00:00:00 2001 From: William Graef Date: Wed, 20 Nov 2024 12:22:50 -0500 Subject: [PATCH 5/6] grab item 0 for random string --- ocne2/deploy_ocne_oci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ocne2/deploy_ocne_oci.yml b/ocne2/deploy_ocne_oci.yml index 27ebd88..0720ab1 100644 --- a/ocne2/deploy_ocne_oci.yml +++ b/ocne2/deploy_ocne_oci.yml @@ -214,7 +214,7 @@ - name: Print random hex string ansible.builtin.debug: - msg: "{{ rnd_str }}" + msg: "{{ rnd_str.0 }}" when: debug_enabled - name: Get oci namespace name @@ -232,7 +232,7 @@ oracle.oci.oci_object_storage_bucket: compartment_id: "{{ my_compartment_id }}" namespace_name: "{{ obj_namespace.namespace }}" - name: "ocne-images-{{ rnd_str }}" + name: "ocne-images-{{ rnd_str.0 }}" become: true become_user: "{{ username }}" @@ -260,7 +260,7 @@ workerNodes: "{{ num_wk_nodes }}" providers: oci: - imageBucket: ocne-images-{{ rnd_str }} + imageBucket: ocne-images-{{ rnd_str.0 }} compartment: {{ my_compartment_id }} mode: "0644" become: true From 662cf7842f8d82a776bf6632258a60c9f5ae56ee Mon Sep 17 00:00:00 2001 From: William Graef Date: Wed, 20 Nov 2024 12:33:52 -0500 Subject: [PATCH 6/6] remove quotes in yaml cluster config file --- ocne2/deploy_ocne_oci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ocne2/deploy_ocne_oci.yml b/ocne2/deploy_ocne_oci.yml index 0720ab1..8c2e954 100644 --- a/ocne2/deploy_ocne_oci.yml +++ b/ocne2/deploy_ocne_oci.yml @@ -255,9 +255,9 @@ dest: ~/myconfig.yaml content: | provider: oci - name: "{{ ocne_cluster_name }}" - controlPlaneNodes: "{{ num_cp_nodes }}" - workerNodes: "{{ num_wk_nodes }}" + name: {{ ocne_cluster_name }} + controlPlaneNodes: {{ num_cp_nodes }} + workerNodes: {{ num_wk_nodes }} providers: oci: imageBucket: ocne-images-{{ rnd_str.0 }}