M #-: Improve infra role

roles/infra/README.md

@@ -6,36 +6,41 @@ A role that pre-deploys Front-end VMs directly in Libvirt.
 Requirements
 ------------
 
-Pre-installed Libvirt software.
+Pre-installed Libvirt software. Use `infra_install_opennebula_node_kvm` if Libvirt is not pre-installed and you want to use `opennebula-node-kvm` to install it.
 
 Role Variables
 --------------
 
-| Name                     | Type   | Default            | Example             | Description                                                       |
-|--------------------------|--------|--------------------|---------------------|-------------------------------------------------------------------|
-| `frontend_group`         | `str`  | `frontend`         |                     | Custom name of the Frontend group in the inventory.               |
-| `infra_group`            | `str`  | `infra`            |                     | Custom name of the Infra group in the inventory.                  |
-|                          |        |                    |                     |                                                                   |
-| `runtime_dir`            | `str`  | `/var/one-deploy/` |                     | Directory used to store QCOW2 and ISO images.                     |
-| `os_image_url`           | `str`  | (check below)      |                     | HTTP(S) link to Debian/RedHat-like image running `one-contextd`.  |
-| `os_image_size`          | `str`  | `20G`              |                     | The size to which one-deploy will **try** to adjust the OS image. |
-| `memory_KiB`             | `str`  | `2097152`          |                     | Memory amount to be set in XML in Libvirt.                        |
-| `vcpu_static`            | `str`  | `1`                |                     | VCPU amount to be set in XML in Libvirt.                          |
-| `vnc_max_port`           | `str`  | `65535`            |                     | Upper limit for VNC ports to start counting-down from.            |
-| `infra_bridge`           | `str`  | `br0`              |                     | Pre-defined bridge interface to insert VM NICs to.                |
-| `passthrough_fs`         | `list` | `[]`               | (check below)       | Shared HV filesystems to attach to the Front-end VMs.             |
-|                          |        |                    |                     |                                                                   |
-| `infra_hostname`         | `str`  |                    | `n1a1`              | Defines on which HV machine the Front-end VM should be deployed.  |
-| `context.ETH0_DNS`       | `str`  |                    | `1.1.1.1`           | DNS server.                                                       |
-| `context.ETH0_GATEWAY`   | `str`  |                    | `10.2.50.1`         | Gateway.                                                          |
-| `context.ETH0_IP`        | `str`  |                    | `10.2.50.100`       | IPv4 address to be set on eth0.                                   |
-| `context.ETH0_MAC`       | `str`  |                    | `02:01:0a:02:32:64` | MAC address to be set on eth0 (**MUST** match MAC set in XML.)    |
-| `context.ETH0_MASK`      | `str`  |                    | `255.255.255.0`     | Network mask.                                                     |
-| `context.ETH0_NETWORK`   | `str`  |                    | `10.2.50.0`         | Network address.                                                  |
-| `context.GROW_FS`        | `str`  | `/`                |                     | Filesystems to grow.                                              |
-| `context.PASSWORD`       | `str`  | `opennebula`       |                     | Root's password.                                                  |
-| `context.SET_HOSTNAME`   | `str`  | name of the FE VM  |                     | Hostname.                                                         |
-| `context.SSH_PUBLIC_KEY` | `str`  |                    | (check below)       | Root's extra authorized keys.                                     |
+| Name                                 | Type   | Default            | Example             | Description                                                       |
+|--------------------------------------|--------|--------------------|---------------------|-------------------------------------------------------------------|
+| `frontend_group`                     | `str`  | `frontend`         |                     | Custom name of the Frontend group in the inventory.               |
+| `infra_group`                        | `str`  | `infra`            |                     | Custom name of the Infra group in the inventory.                  |
+|                                      |        |                    |                     |                                                                   |
+| `runtime_dir`                        | `str`  | `/var/one-deploy/` |                     | Directory used to store QCOW2 and ISO images.                     |
+| `os_image_url`                       | `str`  | (check below)      |                     | HTTP(S) link to Debian/RedHat-like image running `one-contextd`.  |
+| `os_image_size`                      | `str`  | `20G`              |                     | The size to which one-deploy will **try** to adjust the OS image. |
+| `memory_KiB`                         | `str`  | `2097152`          |                     | Memory amount to be set in XML in Libvirt.                        |
+| `vcpu_static`                        | `str`  | `1`                |                     | VCPU amount to be set in XML in Libvirt.                          |
+| `vnc_max_port`                       | `str`  | `65535`            |                     | Upper limit for VNC ports to start counting-down from.            |
+| `passthrough_fs`                     | `list` | `[]`               | (check below)       | Shared HV filesystems to attach to the Front-end VMs.             |
+|                                      |        |                    |                     |                                                                   |
+| `infra_bridge`                       | `str`  | `br0`              |                     | Pre-defined bridge interface to insert VM NICs to.                |
+| `infra_bridge_type`                  | `str`  | `bridge`           |                     | Supported values: bridge, openvswitch, openvswitch_dpdk           |
+| `infra_dpdk_socket_path`             | `str`  |                    |                     | Path for existing socket when using OVS with DPDK.                |
+| `infra_vlan_id`                      | `str`  |                    |                     | Optionally set the VLAN ID for the bridge.                        |
+| `infra_hostname`                     | `str`  |                    | `n1a1`              | Defines on which HV machine the Front-end VM should be deployed.  |
+| `infra_install_opennebula_node_kvm`  | `bool` | `false`            |                     | Installs opennebula-node-kvm package in HV before deploying VMs.  |
+| `context.ETH0_DNS`                   | `str`  |                    | `1.1.1.1`           | DNS server.                                                       |
+| `context.ETH0_SEARCH_DOMAIN`         | `str`  |                    | `1.1.1.1`           | DNS search domain.                                                |
+| `context.ETH0_GATEWAY`               | `str`  |                    | `10.2.50.1`         | Gateway.                                                          |
+| `context.ETH0_IP`                    | `str`  |                    | `10.2.50.100`       | IPv4 address to be set on eth0.                                   |
+| `context.ETH0_MAC`                   | `str`  |                    | `02:01:0a:02:32:64` | MAC address to be set on eth0 (**MUST** match MAC set in XML.)    |
+| `context.ETH0_MASK`                  | `str`  |                    | `255.255.255.0`     | Network mask.                                                     |
+| `context.ETH0_NETWORK`               | `str`  |                    | `10.2.50.0`         | Network address.                                                  |
+| `context.GROW_FS`                    | `str`  | `/`                |                     | Filesystems to grow.                                              |
+| `context.PASSWORD`                   | `str`  | `opennebula`       |                     | Root's password.                                                  |
+| `context.SET_HOSTNAME`               | `str`  | name of the FE VM  |                     | Hostname.                                                         |
+| `context.SSH_PUBLIC_KEY`             | `str`  |                    | (check below)       | Root's extra authorized keys.                                     |
 
 **NOTE**: The `infra_hostname` and `context` dictionary should be set for members of the `frontend` group (please check the `inventory/infra.yml` example).
 

roles/infra/defaults/main.yml

@@ -6,4 +6,6 @@ memory_KiB: 2097152 # 2 GiB
 vcpu_static: 1
 vnc_max_port: 65535
 infra_bridge: br0
+infra_bridge_type: bridge
+infra_install_opennebula_node_kvm: false
 passthrough_fs: []

roles/infra/tasks/deploy.yml

@@ -34,7 +34,7 @@
     - name: Create context.sh files
       ansible.builtin.template:
         dest: "{{ tempfile.results[item].path }}/context.sh"
-        src: context.sh.j2
+        src: context.sh.jinja
         mode: ug=rw,o=
       vars:
         frontend: "{{ tempfile.results[item].frontend }}"
@@ -100,7 +100,7 @@
 - name: Define Front-end VMs
   community.libvirt.virt:
     command: define
-    xml: "{{ lookup('template', 'frontend.xml.j2') }}"
+    xml: "{{ lookup('template', 'frontend.xml.jinja') }}"
     autostart: true
   vars:
     context: "{{ hostvars[frontend].context }}"

roles/infra/tasks/main.yml

@@ -12,6 +12,32 @@
   retries: 12
   delay: 5
 
+- name: Install opennebula-node-kvm
+  when: infra_install_opennebula_node_kvm | bool
+  block:
+    - ansible.builtin.include_role:
+        name: repository
+      vars:
+        repos_enabled_defaults: [opennebula]
+      when: opennebula_repo is undefined
+
+    - name: Install OpenNebula KVM packages
+      ansible.builtin.package:
+        name: "{{ _common + _specific[ansible_os_family] }}"
+      vars:
+        _common: [opennebula-node-kvm]
+        _specific:
+          Debian: []
+          RedHat: []
+      register: package
+      until: package is success
+      retries: 12
+      delay: 5
+
+    - ansible.builtin.include_role:
+        name: kvm
+        tasks_from: libvirt
+
 - name: List defined VMs
   community.libvirt.virt:
     command: list_vms

roles/infra/templates/context.sh.j2 → roles/infra/templates/context.sh.jinja

@@ -1,6 +1,7 @@
 # Context variables generated by one-deploy
 DISK_ID='1'
 ETH0_DNS='{{ context.ETH0_DNS }}'
+ETH0_SEARCH_DOMAIN='{{ context.ETH0_SEARCH_DOMAIN }}'
 ETH0_GATEWAY='{{ context.ETH0_GATEWAY }}'
 ETH0_IP='{{ context.ETH0_IP }}'
 ETH0_MAC='{{ context.ETH0_MAC | d("02:01:%02x:%02x:%02x:%02x" | format(*(context.ETH0_IP.split(".") | map("int")))) }}'

roles/infra/templates/frontend.xml.jinja

@@ -0,0 +1,143 @@
+<domain type='kvm'>
+  <name>{{ frontend }}</name>
+  <title>{{ frontend }}</title>
+
+  <memory unit='KiB'>{{ memory_KiB }}</memory>
+  <vcpu placement='static'>{{ vcpu_static }}</vcpu>
+  <cpu mode='host-passthrough' check='none' migratable='on'/>
+
+  <resource>
+    <partition>/machine</partition>
+  </resource>
+  <os firmware='efi'>
+    <type arch='x86_64' machine='q35'>hvm</type>
+    <firmware>
+      <feature enabled='no' name='enrolled-keys'/>
+      <feature enabled='no' name='secure-boot'/>
+    </firmware>
+    <boot dev='hd'/>
+  </os>
+  <features>
+    <acpi/>
+  </features>
+  <clock offset='utc'/>
+
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+
+{% set use_dpdk = (infra_bridge_type is defined and infra_bridge_type == 'openvswitch_dpdk') %}
+{% set use_virtiofs = ('virtiofs' in (passthrough_fs | map(attribute='driver_type') | map('default', None) | select | map('lower'))) %}
+
+{% if use_dpdk or use_virtiofs %}
+  <memoryBacking>
+{% if use_dpdk %}
+    <hugepages/>
+{% endif %}
+{% if use_virtiofs and not use_dpdk %}
+    <source type='memfd'/>
+{% endif %}
+    <access mode='shared'/>
+  </memoryBacking>
+{% endif %}
+
+  <devices>
+    <disk type='file' device='cdrom'>
+      <driver name='qemu' type='raw'/>
+      <source file='{{ runtime_dir }}/{{ frontend }}.iso' index='1'/>
+      <backingStore/>
+      <target dev='sda' bus='sata'/>
+      <readonly/>
+      <alias name='sata0-0-0'/>
+    </disk>
+
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='qcow2' cache='none' discard='unmap'/>
+      <source file='{{ runtime_dir }}/{{ frontend }}.qcow2' index='2'/>
+      <backingStore/>
+      <target dev='vda' bus='virtio'/>
+      <alias name='virtio-disk0'/>
+    </disk>
+
+    <controller type='pci' index='0' model='pcie-root'>
+      <alias name='pcie.0'/>
+    </controller>
+
+    <controller type='pci' index='1' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='1' port='0x10'/>
+      <alias name='pcie-root-port-1'/>
+    </controller>
+
+    <controller type='sata' index='0'>
+      <alias name='sata'/>
+    </controller>
+
+    <controller type='usb' index='0' model='qemu-xhci'>
+      <alias name='usb'/>
+    </controller>
+
+{% for fs in passthrough_fs %}
+    <filesystem type='mount' accessmode='passthrough'>
+{% if fs.driver_type is defined and fs.driver_type is truthy %}
+      <driver type='{{ fs.driver_type }}'/>
+{% endif %}
+      <source dir='{{ fs.source_dir }}'/>
+      <target dir='{{ fs.target_dir }}'/>
+    </filesystem>
+{% endfor %}
+
+    <controller type='virtio-serial' index='0'>
+      <alias name='virtio-serial0'/>
+    </controller>
+
+{% if infra_bridge_type is defined and infra_bridge_type in ['bridge', 'openvswitch', 'openvswitch_dpdk'] %}
+{% if infra_bridge_type in ['bridge', 'openvswitch'] %}
+    <interface type='bridge'>
+      <source bridge='{{ infra_bridge }}'/>
+      <target dev='{{ frontend }}-nic0'/>
+{% elif infra_bridge_type == 'openvswitch_dpdk' %}
+    <interface type='vhostuser'>
+      <source type='unix' path='{{ infra_dpdk_socket_path }}' mode='server'/>
+      <driver name='vhost' queues='2'/>
+{% endif %}
+      <mac address='{{ context.ETH0_MAC | d("02:01:%02x:%02x:%02x:%02x" | format(*(context.ETH0_IP.split(".") | map("int")))) }}'/>
+{% if infra_bridge_type == 'openvswitch' %}
+      <virtualport type='openvswitch' />
+{% endif %}
+{% if infra_vlan_id is defined and infra_vlan_id %}
+      <vlan>
+        <tag id='{{ infra_vlan_id }}'/>
+      </vlan>
+{% endif %}
+      <model type='virtio'/>
+      <alias name='net0'/>
+    </interface>
+{% endif %}
+
+    <channel type='unix'>
+      <source mode='bind'/>
+      <target type='virtio' name='org.qemu.guest_agent.0'/>
+      <alias name='channel0'/>
+    </channel>
+
+    <input type='mouse' bus='usb'>
+      <alias name='input0'/>
+    </input>
+
+    <input type='keyboard' bus='usb'>
+      <alias name='input1'/>
+    </input>
+
+    <graphics type='vnc' port='{{ frontends_to_vnc_ports[frontend] }}' listen='0.0.0.0'>
+      <listen type='address' address='0.0.0.0'/>
+    </graphics>
+
+    <audio id='1' type='none'/>
+
+    <video>
+      <model type='virtio' vram='16384' heads='1' primary='yes'/>
+      <alias name='video0'/>
+    </video>
+  </devices>
+</domain>