Skip to content

Commit

Permalink
[Refactor] Rework Packer Playbook (#197)
Browse files Browse the repository at this point in the history 
* rebase container.ops under roles root dir

* patch(playbook): updated docker.ops

* feat(playbook): added containerd-rootless.ops

* feat(playbook): added proxmox.packer.vm.ops role

* patch(playbook): updated apt.ops roles

* feat(packer/playbook): added var-files

* refactor(packer/playbook): removed roles from bootstrap playbook dir

* feat(playbook): added minio playbooks

* patch(playbook): updated apt.ops default vars

* refactor: tune playbook definitions

* refactor: removed ubuntu-2204-server config

refactor: remove config

* fix-up(playbook/apt.ops): fixed conflict vars

* refactor: rename maintenance vars to key vars

* feat(packer): used custom ansible role path

* refactor: only leave ubuntu-2204.json as standard config

* patch: updated bakery list

* refactor: rename minio packer template

* patch: added user to default admin group

* patch(packer/playbook): adapt new role referencing
  • Loading branch information
@piyoki
piyoki authored Sep 17, 2022
1 parent 13254d6 commit 4520a70
Show file tree
Hide file tree
Showing 70 changed files with 166 additions and 406 deletions.
6 changes: 5 additions & 1 deletion ansible-playbooks/roles/apt.ops/install-packages.ops/tasks/info.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,11 @@
----------------------------------------------
The following packages will be installed:
{% for pkg in packages %}
{% for pkg in base_packages %}
{{ pkg }}
{% endfor %}
{% for pkg in extra_packages %}
{{ pkg }}
{% endfor %}
----------------------------------------------
4 changes: 2 additions & 2 deletions ansible-playbooks/roles/apt.ops/install-packages.ops/tasks/install.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@
apt:
update_cache: yes

- name: Install packages defined in the list
- name: Install base packages defined in the list
ansible.builtin.apt:
pkg: "{{ packages }}"
pkg: "{{ base_packages }}"

- name: Install user-defined extra packages
ansible.builtin.apt:
Expand Down
1 change: 0 additions & 1 deletion ansible-playbooks/roles/apt.ops/install-packages.ops/tasks/main.yml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
---
- include_tasks: info.yml
- include_tasks: install.yml
- include_tasks: verify.yml
27 changes: 15 additions & 12 deletions ansible-playbooks/roles/apt.ops/install-packages.ops/tasks/verify.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,18 @@
package_facts:
manager: apt

- name: Check if the package is installed
apt:
name: "{{ item }}"
state: present
when: item not in ansible_facts.packages
loop: "{{ packages }}"

- name: (Post-ops) Print software versions
debug:
msg: |
version: {{ ansible_facts.packages[item|split('=')|first][0].version }}
loop: "{{ packages }}"
- name: Check if packages are installed
become: true
block:
- name: Check base_packages
apt:
name: "{{ item }}"
state: present
when: item not in ansible_facts.packages
loop: "{{ base_packages }}"
- name: Check extra_packages
apt:
name: "{{ item }}"
state: present
when: item not in ansible_facts.packages
loop: "{{ extra_packages }}"
30 changes: 30 additions & 0 deletions ansible-playbooks/roles/apt.ops/set-sources.ops/tasks/setup.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,36 @@
# Security Patches
deb {{ security_source_uri }} {{ release }}-security main restricted universe multiverse
- name: Remove apt lock files
block:
- name: Get apt process id
shell: "ps -ef | grep -v grep | grep -w apt | awk '{print $2}'"
register: processes

- name: Kill apt process
shell: "kill -9 {{ item }}"
with_items: "{{ processes.stdout_lines }}"
ignore_errors: yes

- name: Wait for kill process to be killed
wait_for:
path: "/proc/{{ item }}/status"
state: absent
with_items: "{{ processes.stdout_lines }}"
ignore_errors: yes

- name: Remove apt lock files
ansible.builtin.file:
path: "{{ item }}"
state: absent
loop:
- /var/lib/apt/lists/lock
- /var/cache/apt/archives/lock
- /var/lib/apt/lists/lock

- name: Reconfigure the packages
shell: "dpkg --configure -a"

- name: Keep apt up-to-date with custom source
ansible.builtin.apt:
update_cache: yes
Expand Down
0 ...oles/apt.ops/update.ops/defaults/main.yml → ...oles/apt.ops/update.ops/defaults/main.yml
View file
File renamed without changes.
1 change: 1 addition & 0 deletions ...ops/update.ops/tasks/dist-apt-upgrade.yml → ...ops/update.ops/tasks/apt-dist-upgrade.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
---
- name: Remove apt lock files
become: true
block:
- name: Get apt process id
shell: "ps -ef | grep -v grep | grep -w apt | awk '{print $2}'"
Expand Down
31 changes: 31 additions & 0 deletions ansible-playbooks/roles/apt.ops/update.ops/tasks/apt-upgrade.yml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,35 @@
---
- name: Remove apt lock files
become: true
block:
- name: Get apt process id
shell: "ps -ef | grep -v grep | grep -w apt | awk '{print $2}'"
register: processes

- name: Kill apt process
shell: "kill -9 {{ item }}"
with_items: "{{ processes.stdout_lines }}"
ignore_errors: yes

- name: Wait for kill process to be killed
wait_for:
path: "/proc/{{ item }}/status"
state: absent
with_items: "{{ processes.stdout_lines }}"
ignore_errors: yes

- name: Remove apt lock files
ansible.builtin.file:
path: "{{ item }}"
state: absent
loop:
- /var/lib/apt/lists/lock
- /var/cache/apt/archives/lock
- /var/lib/apt/lists/lock

- name: Reconfigure the packages
shell: "dpkg --configure -a"

- name: Keep apt up-to-date
ansible.builtin.apt:
update_cache: yes
Expand Down
5 changes: 0 additions & 5 deletions ansible-playbooks/roles/apt.ops/update.ops/tasks/dist-apt-upgrade.yml
View file

This file was deleted.

4 changes: 2 additions & 2 deletions ansible-playbooks/roles/apt.ops/update.ops/tasks/main.yml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
---
# dist upgrade
# normal upgrade
- include_tasks: apt-upgrade.yml
when: not dist_upgrade
# normal upgrade
# dist upgrade
- include_tasks: disk-apt-upgrade.yml
when: dist_upgrade
14 changes: 0 additions & 14 deletions ansible-playbooks/roles/container.ops/docker.ops/tasks/docker-compose-install.yml
View file

This file was deleted.

27 changes: 0 additions & 27 deletions ansible-playbooks/roles/container.ops/docker.ops/tasks/docker-install.yml
View file

This file was deleted.

0 ...ks/roles/containerd.ops/defaults/main.yml → ...containerd-rootless.ops/defaults/main.yml
View file
File renamed without changes.
0 ...ops/containerd.ops/tasks/ipv4_forward.yml → ...inerd-rootless.ops/tasks/ipv4_forward.yml
View file
File renamed without changes.
0 ...books/roles/containerd.ops/tasks/main.yml → ...es/containerd-rootless.ops/tasks/main.yml
View file
File renamed without changes.
0 ...containerd.ops/tasks/rootless-install.yml → ...d-rootless.ops/tasks/rootless-install.yml
View file
File renamed without changes.
0 ...es/container.ops/containerd.ops/README.md → ...-playbooks/roles/containerd.ops/README.md
View file
File renamed without changes.
0 ...containerd.ops/tasks/buildkit-install.yml → ...containerd.ops/tasks/buildkit-install.yml
View file
File renamed without changes.
0 ...ntainerd.ops/tasks/containerd-install.yml → ...ntainerd.ops/tasks/containerd-install.yml
View file
File renamed without changes.
0 ...les/containerd.ops/tasks/ipv4_forward.yml → ...les/containerd.ops/tasks/ipv4_forward.yml
View file
File renamed without changes.
0 ...ntainer.ops/containerd.ops/tasks/main.yml → ...books/roles/containerd.ops/tasks/main.yml
View file
File renamed without changes.
0 .../containerd.ops/tasks/nerdctl-install.yml → .../containerd.ops/tasks/nerdctl-install.yml
View file
File renamed without changes.
0 ...ainer.ops/containerd.ops/tasks/reboot.yml → ...oks/roles/containerd.ops/tasks/reboot.yml
View file
File renamed without changes.
0 ...containerd.ops/tasks/rootless-install.yml → ...containerd.ops/tasks/rootless-install.yml
View file
File renamed without changes.
0 ...ps/containerd.ops/tasks/rootless-user.yml → ...es/containerd.ops/tasks/rootless-user.yml
View file
File renamed without changes.
0 ...ontainer.ops/containerd.ops/vars/main.yml → ...ybooks/roles/containerd.ops/vars/main.yml
View file
File renamed without changes.
0 ...ybooks/roles/docker.ops/defaults/main.yml → ...ybooks/roles/docker.ops/defaults/main.yml
View file
File renamed without changes.
16 changes: 16 additions & 0 deletions ansible-playbooks/roles/docker.ops/tasks/docker-compose-install.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
---
- name: Check if docker-compose is installed
stat:
path: "/usr/local/bin/docker-compose"
register: is_compose_installed
become: yes

- name: Install docker-compose
when: "not is_compose_installed.stat.exists"
get_url:
url: "https://github.com/docker/compose/releases/download/{{ compose_version }}/docker-compose-Linux-x86_64"
dest: /usr/local/bin/docker-compose
owner: root
group: root
mode: +x
become: yes
3 changes: 3 additions & 0 deletions ...roles/docker.ops/tasks/docker-install.yml → ...roles/docker.ops/tasks/docker-install.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,19 +4,22 @@
register: installation_result
args:
warn: false
become: yes

- name: Enable docker to start at boot
ansible.builtin.service:
name: docker
enabled: yes
when: installation_result.rc == 0
become: yes

- name: Add user to docker group
ansible.builtin.user:
name: packer
groups: docker
append: yes
when: installation_result.rc == 0
become: yes

- name: "Post installation message"
debug:
Expand Down
0 ...s/container.ops/docker.ops/tasks/main.yml → ...playbooks/roles/docker.ops/tasks/main.yml
View file
File renamed without changes.
0 ...roles/proxmox.bootstrap/defaults/main.yml → ...p.ops/proxmox.bootstrap/defaults/main.yml
View file
File renamed without changes.
0 ...xmox.bootstrap/tasks/clean-audit-logs.yml → ...xmox.bootstrap/tasks/clean-audit-logs.yml
View file
File renamed without changes.
0 ...ks/roles/proxmox.bootstrap/tasks/main.yml → ...trap.ops/proxmox.bootstrap/tasks/main.yml
View file
File renamed without changes.
0 ...roles/proxmox.bootstrap/tasks/openssh.yml → ...p.ops/proxmox.bootstrap/tasks/openssh.yml
View file
File renamed without changes.
0 .../proxmox.bootstrap/tasks/post-actions.yml → .../proxmox.bootstrap/tasks/post-actions.yml
View file
File renamed without changes.
0 ...xmox.bootstrap/tasks/reset-cloud-init.yml → ...xmox.bootstrap/tasks/reset-cloud-init.yml
View file
File renamed without changes.
0 ...es/apt.ops/set-sources.ops/tasks/main.yml → ...ox.packer.vm.ops/minio.ops/tasks/main.yml
View file
File renamed without changes.
0 ...playbooks/roles/minio.ops/tasks/setup.yml → ...x.packer.vm.ops/minio.ops/tasks/setup.yml
View file
File renamed without changes.
0 .../roles/minio.ops/templates/config.json.j2 → ...vm.ops/minio.ops/templates/config.json.j2
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion packer-templates/bake
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@ done
[[ ! $(jq -c 'keys' bakery-config.json | cat) =~ .*\"${vm_type}\".* ]] && { echo "[Error]: VM template: '${vm_type}' not found in bakery-config.json"; exit 1; }
[[ ! -z "$vm_id" ]] && vm_id=$vm_id || vm_id=9000
[[ ! -z "$vm_name" ]] && vm_name=$vm_name || vm_name=$vm_type
[[ ! -z "$build_type" ]] && template="custom-${template}" || template=$template
[[ ! -z "$build_type" ]] && template="${build_type}-custom-${template}" || template=$template
[[ ! -z "$build_type" ]] && build_type=$build_type || build_type="base"
[[ ! -z "$var_file" ]] && var_file=$var_file || var_file="./vars/ubuntu-2204.json"

Expand Down
16 changes: 3 additions & 13 deletions packer-templates/bakery-config.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,33 +6,23 @@
},
"ubuntu-2204-server": {
"image_name": "ubuntu-2204-server",
"iso": "ubuntu-22.04-live-server-amd64.iso",
"playbook": "ubuntu-2204-server.yml"
},
"ubuntu-2204-1-server": {
"image_name": "ubuntu-2204-1-server",
"iso": "ubuntu-22.04.1-live-server-amd64.iso",
"playbook": "ubuntu-2204-1-server.yml"
},
"docker-ubuntu-2204-server": {
"image_name": "docker-ubuntu-2204-server",
"iso": "ubuntu-22.04-live-server-amd64.iso",
"iso": "ubuntu-22.04.1-live-server-amd64.iso",
"playbook": "docker-2204-ubuntu-server.yml"
},
"containerd-ubuntu-2204-server": {
"image_name": "containerd-ubuntu-2204-server",
"iso": "ubuntu-22.04-live-server-amd64.iso",
"iso": "ubuntu-22.04.1-live-server-amd64.iso",
"playbook": "containerd-ubuntu-2204-server.yml"
},
"cn-ubuntu-2204-server": {
"image_name": "cn-ubuntu-2204-server",
"iso": "ubuntu-22.04-live-server-amd64.iso",
"playbook": "cn-ubuntu-2204-server.yml"
},
"cn-ubuntu-2204-1-server": {
"image_name": "cn-ubuntu-2204-1-server",
"iso": "ubuntu-22.04.1-live-server-amd64.iso",
"playbook": "cn-ubuntu-2204-1-server.yml"
"playbook": "cn-ubuntu-2204-server.yml"
},
"custom": {
"image_name": "custom-server",
Expand Down
2 changes: 1 addition & 1 deletion packer-templates/http/user-data
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ autoinstall:
users:
- name: packer
passwd: $6$xyz$JJbmTJ7EzYLxcBOnv3bwWLhpQZ.WuX8yJkNaLKgtS747n2zUNPh8LZKhQPBnLAptBG429x5r0RJ.ZFIXiIMPw/ #packer
groups: [adm, cdrom, dip, plugdev, lxd]
groups: [sudo, wheel, adm, cdrom, dip, plugdev, lxd, users]
lock-passwd: false
sudo: ALL=(ALL) NOPASSWD:ALL
shell: /bin/bash
2 changes: 2 additions & 0 deletions ...es/custom-proxmox-packer-template.pkr.hcl → ...io-custom-proxmox-packer-template.pkr.hcl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,7 @@ build {
provisioner "ansible-local" {
playbook_dir = "./playbooks"
playbook_file = "./playbooks/minio.yml"
role_paths = ["../ansible-playbooks/roles/"]
clean_staging_directory = true
extra_arguments = [
# "--vault-password-file=/tmp/.vault_pass",
Expand All @@ -127,6 +128,7 @@ build {
pause_before = "5s"
playbook_dir = "./playbooks"
playbook_file = var.playbook_file
role_paths = ["../ansible-playbooks/roles/"]
clean_staging_directory = true
extra_arguments = [
"--extra-vars \"ansible_user=packer\""
Expand Down
23 changes: 0 additions & 23 deletions packer-templates/playbooks/cn-ubuntu-2204-1-server.yml
View file

This file was deleted.

14 changes: 6 additions & 8 deletions packer-templates/playbooks/cn-ubuntu-2204-server.yml
View file
Original file line number Diff line number Diff line change
@@ -1,23 +1,21 @@
---
# Bake cn-ubuntu-2204-server

- name: "Bake proxmox cn ubuntu 22.04 server"
- name: "Bake proxmox cn ubuntu 22.04.1 server"
hosts: localhost
become: yes

vars_files:
- ./vars/apt.yml
- ./vars/maintenance.yml
- ./vars/keys.yml

roles:
- role: ./roles/apt.ops/set-sources.ops/
- role: roles/apt.ops/set-sources.ops/
vars:
release: "jammy"
- role: ./roles/apt.ops/install-packages.ops/
- role: roles/apt.ops/install-packages.ops/
vars:
extra_packages:
- neofetch

- role: ./roles/maintenance.ops/key.ops/

- role: ./roles/proxmox.bootstrap/
- role: roles/maintenance.ops/key.ops/
- role: roles/proxmox.packer.vm.ops/bootstrap.ops/
15 changes: 6 additions & 9 deletions packer-templates/playbooks/containerd-ubuntu-2204-server.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,17 +8,14 @@
vars_files:
- ./vars/apt.yml
- ./vars/containerd.yml
- ./vars/maintenance.yml
- ./vars/keys.yml

roles:
- role: ./roles/apt.ops/update.ops/
- role: ./roles/apt.ops/install-packages.ops/
- role: roles/apt.ops/update.ops/
- role: roles/apt.ops/install-packages.ops/
vars:
extra_packages:
- neofetch

- role: ./roles/maintenance.ops/key.ops/

- role: ./roles/containerd.ops/

- role: ./roles/proxmox.bootstrap/
- role: roles/maintenance.ops/key.ops/
- role: roles/containerd.ops/
- role: roles/proxmox.packer.vm.ops/bootstrap.ops/
Loading

0 comments on commit 4520a70

Please sign in to comment.