copr: aarch64 hypervisor setup

This is for documentation purposes only (at least for now).  The
stuff I'm adding now will be referenced by Copr SOP to some extent
(especially the way how to prepare copr builder image for aarch64)

inventory/inventory

@@ -1248,6 +1248,10 @@ copr_back_dev
 copr_keygen_dev
 copr_dist_git_dev
 
+[copr_hypervisors_aarch64]
+virthost-aarch64-os01.fedorainfracloud.org
+virthost-aarch64-os02.fedorainfracloud.org
+
 [libravatar]
 libravatar.fedorainfracloud.org
 

playbooks/groups/copr-aarch64-hypervisors.yml

@@ -0,0 +1,11 @@
+- name: provision aarch64 box
+  hosts: copr_hypervisors_aarch64
+  gather_facts: false
+  user: copr
+
+  vars_files:
+   - /srv/web/infra/ansible/vars/global.yml
+   - /srv/private/ansible/vars.yml
+
+  roles:
+  - copr_hypervisor_aarch64

roles/copr_hypervisor_aarch64/files/builder-repositories.repo

@@ -0,0 +1,26 @@
+[infrastructure-tags]
+name=Fedora Infrastructure tag $releasever - $basearch
+baseurl=https://kojipkgs.fedoraproject.org/repos-dist/f$releasever-infra/latest/$basearch/
+enabled=1
+gpgcheck=1
+gpgkey=https://infrastructure.fedoraproject.org/repo/infra/RPM-GPG-KEY-INFRA-TAGS
+exclude=mock
+
+[infrastructure-tags-stg]
+name=Fedora Infrastructure staging tag $releasever - $basearch
+baseurl=https://kojipkgs.fedoraproject.org/repos-dist/f$releasever-infra-stg/latest/$basearch/
+enabled=0
+gpgcheck=1
+gpgkey=https://infrastructure.fedoraproject.org/repo/infra/RPM-GPG-KEY-INFRA-TAGS
+exclude=mock
+
+# [group_copr-copr]
+# name=Copr repo for copr owned by @copr
+# baseurl=https://copr-be.cloud.fedoraproject.org/results/@copr/copr/fedora-$releasever-x86_64/
+# type=rpm-md
+# skip_if_unavailable=False
+# gpgcheck=1
+# gpgkey=https://copr-be.cloud.fedoraproject.org/results/@copr/copr/pubkey.gpg
+# repo_gpgcheck=0
+# enabled=0
+# enabled_metadata=1

roles/copr_hypervisor_aarch64/files/prepare-disk

@@ -0,0 +1,40 @@
+#! /bin/sh -x
+
+set -e
+
+sourcedir=$(dirname "$(readlink -f "$0")")
+
+src_img=$1
+dst_img=/tmp/newdisk.qcow2
+
+cp "$src_img" "$dst_img"
+
+# We could be using 'virt-resize --expand /dev/sda2' instead, but we are
+# running too old hypervisor to handle Fedora images:
+# e2fsck: Get a newer version of e2fsck!
+
+guestfish -a "$dst_img" <<EOF
+run
+mount /dev/sda2 /
+write        /etc/rc.d/rc.local "#! /bin/sh\n"
+write-append /etc/rc.d/rc.local "set -e\n"
+write-append /etc/rc.d/rc.local "mkdir -p /config\n"
+write-append /etc/rc.d/rc.local "mount /dev/disk/by-label/copr_config /config\n"
+write-append /etc/rc.d/rc.local "sh -x /config/pre-network-script.sh\n"
+write-append /etc/rc.d/rc.local "mkswap /dev/vdc && swapon /dev/vdc\n"
+chmod 0755   /etc/rc.d/rc.local
+EOF
+
+install_packages=copr-builder
+install() { install_packages="$install_packages,$1" ; }
+
+install cloud-utils-growpart    # growpart called in pre-network-script.sh
+install qemu-guest-agent        # allow VM inspect from the outside
+
+virt-customize -a "$dst_img" \
+    --copy-in "$sourcedir/builder-repositories.repo":/etc/yum.repos.d \
+    --update \
+    --install "$install_packages" \
+    --uninstall cloud-init \
+    --ssh-inject root:string:"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCeTO0ddXuhDZYM9HyM0a47aeV2yIVWhTpddrQ7/RAIs99XyrsicQLABzmdMBfiZnP0FnHBF/e+2xEkT8hHJpX6bX81jjvs2bb8KP18Nh8vaXI3QospWrRygpu1tjzqZT0Llh4ZVFscum8TrMw4VWXclzdDw6x7csCBjSttqq8F3iTJtQ9XM9/5tCAAOzGBKJrsGKV1CNIrfUo5CSzY+IUVIr8XJ93IB2ZQVASK34T/49egmrWlNB32fqAbDMC+XNmobgn6gO33Yq5Ly7Dk4kqTUx2TEaqDkZfhsVu0YcwV81bmqsltRvpj6bIXrEoMeav7nbuqKcPLTxWEY/2icePF copr-backend" \
+    --selinux-relabel

roles/copr_hypervisor_aarch64/files/upload-disk

@@ -0,0 +1,24 @@
+#! /bin/sh -x
+
+die() { echo >&2 "$*" ; exit 1 ; }
+image=$1
+
+volume=copr-builder
+pool=images
+backup_volume=copr-builder-$(date +"%Y%m%d_%H%M%S")
+
+connections='
+    qemu:///system
+    qemu+ssh://copr@virthost-aarch64-os02.fedorainfracloud.org/system
+'
+
+export VIRSH_DEFAULT_CONNECT_URI=
+
+test -n "$image" || die "first argument (image) required"
+test -f "$image" || die "image $image not found"
+
+for connection in $connections; do
+    export VIRSH_DEFAULT_CONNECT_URI=$connection
+    virsh vol-clone "$volume" "$backup_volume" --pool "$pool"
+    virsh vol-upload "$volume" --sparse --pool "$pool" "$image"
+done

roles/copr_hypervisor_aarch64/tasks/main.yml

@@ -0,0 +1,49 @@
+## Note that this is mostly for documentation purposes;  nobody executed
+## this playbook so far (all was setup manually, and I wouldn't probably
+## have rights to do execute this)
+
+- name: assure that copr-be can ssh there as copr@...
+  authorized_key: user=copr key="{{ item }}"
+  with_file:
+  - "provision/files/buildsys.pub"
+
+# todo: generate it's own key
+- name: make sure hostA can ssh to hostB
+  copy:
+    src: "{{ private }}/files/copr/buildsys.priv"
+    dest: /home/copr/.ssh/id_rsa
+    owner: copr
+    group: copr
+    mode: 0600
+
+- name: "check that 'images' pool exists"
+  shell: virsh --connect=qemu:///system pool-list
+  register: images_pool_check
+  changed_when:
+  - images_pool_check.rc == 0
+  - '" images " not in images_pool_check.stdout'
+  failed_when:
+  - images_pool_check.rc != 0
+
+- name: "create 'images' pool"
+  shell: \
+      virsh --connect=qemu:///system pool-define-as --name images --target /var/lib/libvirt/images --type dir --help
+      virsh --connect=qemu:///system pool-autostart images
+      virsh --connect=qemu:///system pool-start images
+  when: images_pool_check.changed
+
+- name: create directory image management
+  file:
+    path=/home/copr/vm-manage
+    owner=copr
+    group=copr
+    state=directory
+
+- name: copy the helper scripts
+  copy:
+      src={{ item }}
+      dest=/home/copr/vm-manage/{{ item }}
+  with_items:
+  - builder-repositories.repo
+  - prepare-disk
+  - upload-disk