initial checkin

consolodated old role_lxc_deploy and role_lxdhost repos

README.md

@@ -0,0 +1,19 @@
+# Ansible Role: lxd-deploy
+
+## Introduction
+
+This role will deploy an LXD container or VM to a selected LXD host, either
+local or remote.
+
+Originally written to use the lxd_container module. Unfortunately, this module
+only seems reliable when deploying to the local host, or a target in a cluster.
+Deploying to a remote host (via the 'lxc remote' feature) seems to be
+problematic, so for now, deployment is accomplished using 'lxc launch' from a
+shell command. This does mean, however, that lxd must be installed on the host
+running the ansible deployment role, and any remote hosts to be deployed to
+must be configured as remotes, using the 'lxc remote' feature.
+
+
+This role will then configure network, sshd and selected packages on a newly deployed LXD
+container or VM.
+

files/10-lxdhost.j2

@@ -0,0 +1,12 @@
+network:
+  version: 2
+  ethernets:
+    {{ eth_name.stdout }}:
+      dhcp4: false
+      dhcp6: false
+      dhcp-identifier: mac
+      addresses: [{{ ip_addr }}/24]
+      gateway4: {{ ip_gw }}
+      nameservers:
+        addresses: [{{ ip_ns1 }},{{ ip_ns2 }}]
+

files/eth.network.j2

@@ -0,0 +1,11 @@
+[Match]
+Name={{ eth_name.stdout }}
+[Network]
+DHCP=false
+Address={{ ip_addr }}/24
+Gateway={{ ip_gw }}
+DNS={{ ip_ns1 }}
+DNS={{ ip_ns2 }}
+Domains=lan
+[DHCPv4]
+

meta/main.yml

@@ -0,0 +1,9 @@
+galaxy_info:
+  author: radar231
+
+  license: license (GPL-2.0-or-later, MIT, etc)
+  min_ansible_version: 2.1
+  galaxy_tags: []
+dependencies: []
+
+# EOF

tasks/main.yml

@@ -0,0 +1,206 @@
+---
+#####################################################################
+# tasks for lxd-deploy
+
+#####################################################################
+#
+# Note : This should be able to be used to deploy to remote hosts,
+# but sadly doesn't seem to work as advertised. Disabled for now, and
+# will use shell commands to create the container or VM, local or remote.
+#
+#####################################################################
+
+#- name: Create a new LXC container
+#  community.general.lxd_container:
+#    name: "{{ guest_name }}"
+#    state: started
+#    source:
+#      type: image
+#      mode: pull
+#      server: https://images.linuxcontainers.org
+#      protocol: simplestreams
+#      alias: "{{ image_name }}/{{ image_vers }}"
+#      profiles: ["default"]
+#      wait_for_ipv4_addresses: true
+#      timeout: 600
+
+#######################################
+- name: Create a new LXD container
+  shell:
+    cmd: "lxc launch {{ image_location }}:{{ image_name }}/{{ image_vers }} {{ remote_name }}:{{ guest_name }} --profile {{ profile }} -c limits.cpu={{ cpu_num }} -c limits.memory={{ mem_size }}GiB -d root,size={{ root_size }}GiB"
+  when: host_type == "Container"
+
+#######################################
+- name: Create a new LXD VM
+  shell:
+    cmd: "lxc launch {{ image_location }}:{{ image_name }}/{{ image_vers }} {{ remote_name }}:{{ guest_name }} --profile {{ profile }} --vm -c limits.cpu={{ cpu_num }} -c limits.memory={{ mem_size }}GiB -d root,size={{ root_size }}GiB"
+  when: host_type == "VM"
+
+#######################################################
+- debug: msg="Waiting 30 seconds to allow guest agent to start"
+
+#######################################################
+- name: Waited 30 seconds to allow guest agent to start
+  wait_for:
+      timeout: 30
+
+#######################################
+- name: Ensure python3 is installed on guest
+  shell:
+    cmd: "lxc exec {{ remote_name }}:{{ guest_name }} -- apt install -y python3"
+  when: image_name == "ubuntu" or image_name == "debian"
+
+#######################################
+- name: Ensure cloud-guest-utils and fdisk are installed on vm's
+  shell:
+    cmd: "lxc exec {{ remote_name }}:{{ guest_name }} -- apt install -y cloud-guest-utils fdisk"
+  when: host_type == "VM" and (image_name == "ubuntu" or image_name == "debian" )
+
+#######################################
+- name: Resize root filesystem on vm's
+  shell:
+    cmd: "lxc exec {{ remote_name }}:{{ guest_name }} -- {{ item }}"
+  with_items:
+    - growpart /dev/sda 2
+    - resize2fs /dev/sda2
+  when: host_type == "VM"
+
+#####################################################################
+# Switch to using the lxd connection plugin to first do an initial
+# network configuration on the guest, and then to make sure
+# openssh-server is installed and that the root user has a set of
+# management ssh keys in its 'authorized_keys' file.
+
+#######################################
+- name: Retrieve name of ethernet interface
+  vars:
+    ansible_connection: lxd
+    ansible_lxd_remote: "{{ remote_name }}"
+    ansible_host: "{{ guest_name }}"
+  shell: ls -1 /sys/class/net | grep "^e"
+  delegate_to: "{{ guest_name }}"
+  register: eth_name
+
+#######################################
+- debug:
+    msg: "Setting up guest IP address"
+
+#######################################
+- name: Remove any existing netplan files (Ubuntu)
+  vars:
+    ansible_connection: lxd
+    ansible_lxd_remote: "{{ remote_name }}"
+    ansible_host: "{{ guest_name }}"
+  shell: rm /etc/netplan/*.yaml
+  delegate_to: "{{ guest_name }}"
+  when: guest_distro == "ubuntu"
+
+#######################################
+- name: Remove any existing eth0.network file (Debian)
+  vars:
+    ansible_connection: lxd
+    ansible_lxd_remote: "{{ remote_name }}"
+    ansible_host: "{{ guest_name }}"
+  shell: rm /etc/systemd/network/*.network
+  delegate_to: "{{ guest_name }}"
+  when: guest_distro == "debian"
+
+#######################################
+- name: Copy netplan file to /etc/netplan (Ubuntu)
+  vars:
+    ansible_connection: lxd
+    ansible_lxd_remote: "{{ remote_name }}"
+    ansible_host: "{{ guest_name }}"
+    ip_addr: "{{ guest_ip }}"
+  template:
+    src: files//10-lxdhost.j2
+    dest: "/etc/netplan/10-{{ guest_name }}.yaml"
+    mode: "0644"
+    owner: root
+    group: root
+  delegate_to: "{{ guest_name }}"
+  when: guest_distro == "ubuntu"
+
+#######################################
+- name: Copy eth0.network file to /etc/systemd/network/eth0.network (Debian)
+  vars:
+    ansible_connection: lxd
+    ansible_lxd_remote: "{{ remote_name }}"
+    ansible_host: "{{ guest_name }}"
+    ip_addr: "{{ guest_ip }}"
+  template:
+    src: files//eth.network.j2
+    dest: "/etc/systemd/network/{{ eth_name.stdout }}.network"
+    mode: "0644"
+    owner: root
+    group: root
+  delegate_to: "{{ guest_name }}"
+  when: guest_distro == "debian"
+
+#######################################
+- debug: msg="Rebooting new guest"
+
+#######################################
+- name: Rebooted new guest
+  vars:
+    ansible_connection: lxd
+    ansible_lxd_remote: "{{ remote_name }}"
+    ansible_host: "{{ guest_name }}"
+  reboot:
+  delegate_to: "{{ guest_name }}"
+
+- debug: msg="Waiting 30 seconds to allow guest to get IP"
+
+#######################################
+- name: Waited 30 seconds to allow guest to get IP
+  wait_for:
+    timeout: 30
+
+#######################################
+- debug:
+    msg: "Setting up guest for ansible management"
+
+#######################################
+- debug:
+    msg: "Installing openssh-server"
+
+#######################################
+- name: Installed openssh-server
+  vars:
+    ansible_connection: lxd
+    ansible_lxd_remote: "{{ remote_name }}"
+    ansible_host: "{{ guest_name }}"
+  apt:
+    name: openssh-server
+    state: latest
+  delegate_to: "{{ guest_name }}"
+
+#######################################
+- name: Configure sshd to allow root ssh key access
+  vars:
+    ansible_connection: lxd
+    ansible_lxd_remote: "{{ remote_name }}"
+    ansible_host: "{{ guest_name }}"
+  lineinfile:
+    dest: /etc/ssh/sshd_config
+    regexp: '^.*PermitRootLogin.*$'
+    line: "PermitRootLogin prohibit-password"
+    state: present
+  delegate_to: "{{ guest_name }}"
+
+#######################################
+- name: Add ssh key to root authorized_keys
+  vars:
+    ansible_connection: lxd
+    ansible_lxd_remote: "{{ remote_name }}"
+    ansible_host: "{{ guest_name }}"
+  ansible.posix.authorized_key:
+    user: root
+    state: present
+    key: "{{ item }}"
+  with_items:     
+    - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDMry9AQFLxX2QqqZLS/PDH/xRmK9CgGu3wDA/1+0lhLmqij/a125kHFwC16sdiwBfik1Tzj4yetZwzQ6xeNRZPevxhuB4FGVU/QHeDstCB9ASS0bM90DHEb205VrkVFz04VHN+7q9SvK23+xo5OvhOAwDuPJKNA62CJlgc46cvLaWup5an4xmir3lqUtI5N+oGwIBm36F/qZtvNwOhRkWbap50yrp60Ce3vdiugfQBliLzDMRKup4kjuCfYgwm0PHgRb796ttYmOXFKt+rnnD/MLaX5yRXAhbYZ/5jO+bAUu+kBWGt5hdeSk5m0Uu8mo9z4Xw5yNg6+DX9m+QL5HNwnz51PVMqCufGMz20430uL82fSjW1kGDe8I+5UyYjDfUUhwwAkxNdb8kGvU1OUYJxG7Kr/qN11W/kfsaJw/loK25Jwu5jg8ooJm6/9RiJEUmvP/0h4QDDWRZ9vORwIiRlLXZW8WAxP1KEuBxOuKp5Wt/fRTcdPU820Hp2v0IOX4E= rmorrow@delans"
+    - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCgNeo2NotlS/WPoB/YTiSovxzR/puknjqsVBc16zS0xwBUD1fFQEVNypUtzSlWKy36wxX6YJsT7fBNkLq6QoY0FPbWa7l5KlUvHYASeMmZAH81pYPcMwhQverwmNjPoABYyzTe0658Qz6qbB8CTD+r4xKYCqELlk8VkLPSgA1jJsNaurHZS6iN0EgdqyZ57h1/sZi8laVBKcU9yH0UOro2o7Phxo3/vT7w7px2pyExXwYGwhKxuOaitdq9Gv8qDIwt46Gj5Wm5CqU2zzT1VBgTpnv5RcCKTA6HZgBLekFhZj42yMntDF+tTP6te85u1u6f6CbalyXBng+eUsN4qvM3fW1sIXiVLnOxSdQgTDPbTCh52QXuF36rEU1aSNd4DRtUmpwItBJpIwREJQ64gor88fpTiGpkQL0r15bdFlIjf2XjFexpj258eGUSKDluQq1cX/qi3Okvby32HW9L18HcC1FNee6V2+lyxt3DKg8Zbfk2TAaEtqJf3KpCsFMpGVE= rmorrow@kryten"
+  delegate_to: "{{ guest_name }}"
+
+# EOF