Add a first cut at a virthost ansible playbook/group. Still needs some work.

2013-06-24 20:01:51 +00:00 · 2013-06-24 20:01:51 +00:00 · c5e716c346
commit c5e716c346
parent ae4745501f
4 changed files with 67 additions and 0 deletions
--- a/files/virthost/libvirtd.conf
+++ b/files/virthost/libvirtd.conf
@ -0,0 +1,3 @@
+unix_sock_group = "sysadmin-main"
+unix_sock_rw_perms = "0770"
+auth_unix_rw = "none"
--- a/handlers/restart_services.yml
+++ b/handlers/restart_services.yml
@ -32,6 +32,9 @@
 - name: restart jenkins
  action: service name=jenkins state=restarted

+- name: restart libvirtd
+  action: service name=libvirtd state=restarted
+
 - name: restart lighttpd
  action: service name=lighttpd state=restarted

--- a/playbooks/groups/virthost.yml
+++ b/playbooks/groups/virthost.yml
@ -0,0 +1,33 @@
+# create a new virthost server system
+# NOTE: should be used with --limit most of the time
+# NOTE: most of these vars come from group_vars/backup_server or from hostvars
+
+- name: make virthost server system
+  hosts: virthost
+  user: root
+  gather_facts: False
+
+  vars_files: 
+   - /srv/web/infra/ansible/vars/global.yml
+   - ${private}/vars.yml
+   - ${vars}/${ansible_distribution}.yml
+
+  tasks:
+  tasks:
+  - include: $tasks/hosts.yml
+  - include: $tasks/yumrepos.yml
+  - include: $tasks/base.yml
+  - include: $tasks/fas_client.yml
+  - include: $tasks/2fa_client.yml
+  - include: $tasks/motd.yml
+  - include: $tasks/sudo.yml
+  - include: $tasks/rkhunter.yml
+  - include: $tasks/denyhosts.yml
+  - include: $tasks/nagios_client.yml
+  - include: $tasks/collectd/client.yml
+  - include: $tasks/virthost.yml
+
+# TODO: add iscsi task
+
+  handlers:
+  - include: $handlers/restart_services.yml
--- a/tasks/virthost.yml
+++ b/tasks/virthost.yml
@ -0,0 +1,28 @@
+---
+# tasklist for setting up the virthost server.
+
+- name: set selinux to enforcing
+  selinux: policy=targeted state=enforcing
+
+- name: install libvirt packages
+  yum: pkg=$item state=installed
+  with_items:
+  - qemu-kvm
+  - libvirtd
+  - python-virtinst
+  tags:
+  - packages
+
+# install libvirtd.conf 
+#
+# This provides us with the ability to use virt-manager from non root accounts. 
+#
+- name: install libvirtd.conf
+  copy: src=$files/virthost/libvirtd.conf dest=/etc/libvirt/libvirtd.conf
+  notify:
+  - restart libvirtd
+  tags:
+  - config
+
+- name: enable libvirtd
+  service: name=libvirtd state=started enabled=yes