ptoal/toallab-automation
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update roles

Browse Source
This commit is contained in:
Patrick Toal
2021-04-20 12:14:42 -04:00
parent 8005080b8b
commit 595021d449
131 changed files with 4144 additions and 3018 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
roles/oatakan.windows_ovirt_template/README.md
View File

@@ -25,6 +25,8 @@ A description of the settable variables for this role should go here, including
Dependencies
------------
Import ovirt.ovirt collections.
A list of roles that this role utilizes, make sure to call this out in requirements.yml file under roles directory or download manually:
- oatakan.windows_template_build
@@ -34,6 +36,7 @@ Example Playbook
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
# import ovirt.ovirt collections
- name: create a ovirt windows template
hosts: all
gather_facts: False

6
roles/oatakan.windows_ovirt_template/defaults/main.yml
View File

@@ -1,5 +1,6 @@
---
install_updates: yes
instance_wait_retry_limit: 300
instance_wait_connection_timeout: 400
@@ -14,9 +15,14 @@ enable_auto_logon: yes
remove_vm_on_error: yes
vm_failed: no
custom_efi_enabled: no
custom_efi_path: /usr/share/edk2.git/ovmf-x64/OVMF_CODE-pure-efi.fd
virtio_iso_url: https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/archive-virtio/virtio-win-0.1.173-2/virtio-win.iso
winrm_enable_script_url: https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1
set_network_to_private: '([Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}"))).GetNetworkConnections() | % {$_.GetNetwork().SetCategory(1)}'
windows_build_role: oatakan.windows_template_build
local_administrator_password: Chang3MyP@ssw0rd21

2
roles/oatakan.windows_ovirt_template/meta/.galaxy_install_info
View File

@@ -1,2 +1,2 @@
install_date: Wed Jun 24 18:44:33 2020
install_date: Tue Apr 20 16:13:50 2021
version: master

2
roles/oatakan.windows_ovirt_template/tasks/convert_to_template.yml
View File

@@ -1,6 +1,6 @@
---
- name: convert to template
ovirt_template:
ovirt.ovirt.ovirt_template:
auth: "{{ ovirt_auth }}"
name: "{{ template.name }}"
vm: "{{ template.name }}"

4
roles/oatakan.windows_ovirt_template/tasks/datastore_iso_remove.yml
View File

@@ -2,7 +2,7 @@
- block:
- name: remove iso file from data_domain
ovirt_disk:
ovirt.ovirt.ovirt_disk:
auth: "{{ ovirt_auth }}"
name: "{{ iso_file }}"
storage_domain: "{{ providers.ovirt.data_domain | default('data_domain') }}"
@@ -15,7 +15,7 @@
when: ansible_version.full is version('2.9', '>=')
- name: remove iso file from data_domain
ovirt_disk:
ovirt.ovirt.ovirt_disk:
auth: "{{ ovirt_auth }}"
name: "{{ iso_file }}"
storage_domain: "{{ providers.ovirt.data_domain | default('data_domain') }}"

13
roles/oatakan.windows_ovirt_template/tasks/datastore_upload.yml
View File

@@ -1,18 +1,25 @@
---
- name: validate file
stat:
path: "{{ playbook_dir }}/{{ temp_directory }}/windows_{{ windows_distro_name }}_autounattend_autogen.iso"
get_checksum: no
register: iso_file_check
- name: upload iso file to data_domain
ovirt_disk:
ovirt.ovirt.ovirt_disk:
auth: "{{ ovirt_auth }}"
name: "{{ iso_file }}"
upload_image_path: "{{ playbook_dir }}/{{ temp_directory }}/windows_{{ windows_distro_name }}_autounattend_autogen.iso"
upload_image_path: "{{ iso_file_check.stat.path }}"
storage_domain: "{{ providers.ovirt.data_domain | default('data_domain') }}"
size: 20MiB
size: "{{ (iso_file_check.stat.size/1024/1024)|round(0, 'ceil')|int|string }}MiB"
wait: true
bootable: true
format: raw
content_type: iso
force: yes
register: disk_iso_file
when: iso_file_check.stat.exists
- name: set iso file disk id
set_fact:

2
roles/oatakan.windows_ovirt_template/tasks/export_ovf.yml
View File

@@ -1,7 +1,7 @@
---
- name: export template to export domain
ovirt_template:
ovirt.ovirt.ovirt_template:
auth: "{{ ovirt_auth }}"
state: exported
name: "{{ template.name }}"

10
roles/oatakan.windows_ovirt_template/tasks/main.yml
View File

@@ -1,7 +1,7 @@
---
- name: obtain SSO token with using username/password credentials
ovirt_auth:
ovirt.ovirt.ovirt_auth:
url: "{{ lookup('env', 'OVIRT_URL')|default(ovirt.url) }}"
username: "{{ lookup('env', 'OVIRT_USERNAME')|default(ovirt.username) }}"
password: "{{ lookup('env', 'OVIRT_PASSWORD')|default(ovirt.password) }}"
@@ -62,7 +62,7 @@
delegate_to: template_host
- name: refresh SSO credentials
ovirt_auth:
ovirt.ovirt.ovirt_auth:
url: "{{ lookup('env', 'OVIRT_URL')|default(ovirt.url) }}"
username: "{{ lookup('env', 'OVIRT_USERNAME')|default(ovirt.username) }}"
password: "{{ lookup('env', 'OVIRT_PASSWORD')|default(ovirt.password) }}"
@@ -77,7 +77,7 @@
rescue:
- name: refresh SSO credentials
ovirt_auth:
ovirt.ovirt.ovirt_auth:
url: "{{ lookup('env', 'OVIRT_URL')|default(ovirt.url) }}"
username: "{{ lookup('env', 'OVIRT_USERNAME')|default(ovirt.username) }}"
password: "{{ lookup('env', 'OVIRT_PASSWORD')|default(ovirt.password) }}"
@@ -92,7 +92,7 @@
always:
- name: refresh SSO credentials
ovirt_auth:
ovirt.ovirt.ovirt_auth:
url: "{{ lookup('env', 'OVIRT_URL')|default(ovirt.url) }}"
username: "{{ lookup('env', 'OVIRT_USERNAME')|default(ovirt.username) }}"
password: "{{ lookup('env', 'OVIRT_PASSWORD')|default(ovirt.password) }}"
@@ -109,7 +109,7 @@
state: absent
- name: logout from oVirt
ovirt_auth:
ovirt.ovirt.ovirt_auth:
state: absent
ovirt_auth: "{{ ovirt_auth }}"

9
roles/oatakan.windows_ovirt_template/tasks/make_iso.yml
View File

@@ -10,6 +10,15 @@
src: "{{ windows_sysprep_template_folder }}/Autounattend.xml.j2"
dest: "{{ temp_directory }}/ks_iso/Autounattend.xml"
- name: download ConfigureRemotingForAnsible.ps1 script
get_url:
url: "{{ winrm_enable_script_url }}"
dest: "{{ temp_directory }}/ks_iso/ConfigureRemotingForAnsible.ps1"
register: download_script
until: download_script is success
delay: 3
retries: 5
- name: include virtio drivers
include_tasks: virtio_drivers.yml

8
roles/oatakan.windows_ovirt_template/tasks/preflight_check.yml
View File

@@ -1,13 +1,13 @@
---
- name: get the datacenter name
ovirt_datacenter_info:
ovirt.ovirt.ovirt_datacenter_info:
auth: "{{ ovirt_auth }}"
pattern: "Clusters.name = {{ providers.ovirt.cluster }}"
register: datacenter_info
- name: get storage information
ovirt_storage_domain_info:
ovirt.ovirt.ovirt_storage_domain_info:
auth: "{{ ovirt_auth }}"
pattern: "datacenter={{ datacenter_info.ovirt_datacenters[0].name }}"
register: storage_info
@@ -29,7 +29,7 @@
the_query: "[?type=='iso']"
- name: check if template already exists
ovirt_template_info:
ovirt.ovirt.ovirt_template_info:
auth: "{{ ovirt_auth }}"
pattern: "name={{ template.name }} and datacenter={{ datacenter_info.ovirt_datacenters[0].name }}"
register: template_info
@@ -48,7 +48,7 @@
- template_info.ovirt_templates | length > 0
- name: check iso file on data domain
ovirt_disk_info:
ovirt.ovirt.ovirt_disk_info:
auth: "{{ ovirt_auth }}"
pattern: "name={{ iso_file_name }}"
register: ovirt_disk_main_iso

8
roles/oatakan.windows_ovirt_template/tasks/preflight_check_pre29.yml
View File

@@ -1,12 +1,12 @@
---
- name: get the datacenter name (<2.9)
ovirt_datacenter_facts:
ovirt.ovirt.ovirt_datacenter_facts:
auth: "{{ ovirt_auth }}"
pattern: "Clusters.name = {{ providers.ovirt.cluster }}"
- name: get storage information (<2.9)
ovirt_storage_domain_facts:
ovirt.ovirt.ovirt_storage_domain_facts:
auth: "{{ ovirt_auth }}"
pattern: "datacenter={{ ovirt_datacenters[0].name }}"
when:
@@ -27,7 +27,7 @@
the_query: "[?type=='iso']"
- name: check if template already exists (<2.9)
ovirt_template_facts:
ovirt.ovirt.ovirt_template_facts:
auth: "{{ ovirt_auth }}"
pattern: "name={{ template.name }} and datacenter={{ ovirt_datacenters[0].name }}"
@@ -45,7 +45,7 @@
- ovirt_templates | length > 0
- name: check iso file on data domain
ovirt_disk_facts:
ovirt.ovirt.ovirt_disk_facts:
auth: "{{ ovirt_auth }}"
pattern: "name={{ iso_file_name }}"
when: iso_file_name is defined

9
roles/oatakan.windows_ovirt_template/tasks/provision_vm.yml
View File

@@ -1,7 +1,7 @@
---
- name: provision a new vm
ovirt_vm:
ovirt.ovirt.ovirt_vm:
auth: "{{ ovirt_auth }}"
name: "{{ template.name }}"
cluster: "{{ providers.ovirt.cluster|default('Default') }}"
@@ -9,6 +9,7 @@
wait: yes
memory: "{{ template.memory }}MiB"
cpu_sockets: "{{ template.cpu }}"
bios_type: "{{ template.bios_type | default(omit) }}"
boot_devices:
- hd
- cdrom
@@ -34,7 +35,7 @@
delay: 10
- name: create a disk
ovirt_disk:
ovirt.ovirt.ovirt_disk:
auth: "{{ ovirt_auth }}"
name: "{% if item.name_prefix | default(false) %}{{ template.name }}_{% endif %}{{ item.name }}"
vm_name: "{{ template.name }}"
@@ -82,7 +83,7 @@
- disks_creation.results is defined
- name: assign tags to provisioned vms
ovirt_tag:
ovirt.ovirt.ovirt_tag:
name: "{{ item }}_{{ instance.item.item[item] }}"
vms: ["{{ instance.item.item.name }}"]
state: attached
@@ -96,7 +97,7 @@
- instance.item.item[item] is defined
- name: start vm
ovirt_vm:
ovirt.ovirt.ovirt_vm:
auth: "{{ ovirt_auth }}"
name: "{{ template.name }}"
cluster: "{{ providers.ovirt.cluster|default('Default') }}"

2
roles/oatakan.windows_ovirt_template/tasks/remove_template.yml
View File

@@ -1,7 +1,7 @@
---
- name: remove template
ovirt_template:
ovirt.ovirt.ovirt_template:
auth: "{{ ovirt_auth }}"
cluster: "{{ providers.ovirt.cluster }}"
name: "{{ template.name }}"

2
roles/oatakan.windows_ovirt_template/tasks/remove_vm.yml
View File

@@ -1,7 +1,7 @@
---
- name: remove vm
ovirt_vm:
ovirt.ovirt.ovirt_vm:
auth: "{{ ovirt_auth }}"
cluster: "{{ providers.ovirt.cluster }}"
name: "{{ template.name }}"

4
roles/oatakan.windows_ovirt_template/tasks/stop_vm.yml
View File

@@ -22,14 +22,14 @@
msg: "ignoring error..."
- name: reconfigure vm
ovirt_vm:
ovirt.ovirt.ovirt_vm:
auth: "{{ ovirt_auth }}"
cluster: "{{ providers.ovirt.cluster }}"
name: "{{ template.name }}"
boot_devices:
- hd
cd_iso: ""
custom_properties: "{{ custom_properties_efi if template_vm_efi|bool else '' }}"
custom_properties: "{{ custom_properties_efi if (template_vm_efi|bool and custom_efi_enabled|bool) else ([{}]) }}"
force: yes
state: present
when: template is defined

2
roles/oatakan.windows_ovirt_template/tasks/wait_disk_unlock.yml
View File

@@ -1,7 +1,7 @@
---
- name: wait until the image is unlocked by the oVirt engine
ovirt_disk_info:
ovirt.ovirt.ovirt_disk_info:
auth: "{{ ovirt_auth }}"
pattern: "name={% if item.name_prefix | default(false) %}{{ template.name }}_{% endif %}{{ item.name }}"
register: ovirt_disk_info

2
roles/oatakan.windows_ovirt_template/tasks/wait_iso_disk_unlock.yml
View File

@@ -1,7 +1,7 @@
---
- name: wait until the disk is unlocked by the oVirt engine
ovirt_disk_info:
ovirt.ovirt.ovirt_disk_info:
auth: "{{ ovirt_auth }}"
pattern: "name={{ iso_file }}"
register: ovirt_disk_info

2
roles/oatakan.windows_ovirt_template/tasks/wait_vm_poweredoff.yml
View File

@@ -1,7 +1,7 @@
---
- name: wait for vm status to be poweredoff
ovirt_vm_info:
ovirt.ovirt.ovirt_vm_info:
auth: "{{ ovirt_auth }}"
pattern: name={{ template.name }} and cluster={{ providers.ovirt.cluster }}
register: ovirt_vm_info_result

35
roles/oatakan.windows_ovirt_template/templates/windows_server/Autounattend.xml.j2
View File

@@ -61,6 +61,7 @@
<Format>NTFS</Format>
<PartitionID>1</PartitionID>
<Label>WINRE</Label>
<TypeID>de94bba4-06d1-4d40-a16a-bfd50179d6ac</TypeID>
</ModifyPartition>
<ModifyPartition wcm:action="modify">
<Order>2</Order>
@@ -131,9 +132,9 @@
<Organization>Your Org.</Organization>
<ProductKey>
{% if unattend.product_key is defined and unattend.product_key|length %}
<Key>{{ unattend.product_key }}</Key>
<Key>{{ unattend.product_key | trim }}</Key>
{% endif %}
<WillShowUI>OnError</WillShowUI>
<WillShowUI>Never</WillShowUI>
</ProductKey>
</UserData>
</component>
@@ -213,18 +214,25 @@
{% endif %}
<FirstLogonCommands>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c powershell -Command "Set-NetConnectionProfile -NetworkCategory Private"</CommandLine>
<Description>Set network connection profile to private</Description>
<CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
<Description>Set Execution Policy 64 Bit</Description>
<Order>1</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
{% if not '2008' in windows_distro_name %}
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
<Description>Set Execution Policy 64 Bit</Description>
<CommandLine>cmd.exe /c powershell -Command "Set-NetConnectionProfile -NetworkCategory Private"</CommandLine>
<Description>Set network connection profile to private</Description>
<Order>2</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
{% else %}
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c powershell EncodedCommand {{ set_network_to_private | b64encode(encoding='utf-16-le') }}</CommandLine>
<Description>Set network connection profile to private</Description>
<Order>2</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
{% if '2008' in windows_distro_name %}
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c winrm quickconfig -q</CommandLine>
<Description>winrm quickconfig -q</Description>
@@ -298,8 +306,16 @@
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
{% endif %}
{% if '2016' in windows_distro_name %}
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c powershell -Command "& $([scriptblock]::Create((New-Object Net.WebClient).DownloadString('{{ winrm_enable_script_url }}'))) -ForceNewSSLCert -EnableCredSSP"</CommandLine>
<CommandLine>cmd.exe /c reg add HKLM\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 /v SchUseStrongCrypto /t REG_DWORD /d 1 /reg:64 /f</CommandLine>
<Description>Configure security protocol</Description>
<Order>19</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
{% endif %}
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c powershell -ExecutionPolicy ByPass -File E:\ConfigureRemotingForAnsible.ps1 -ForceNewSSLCert -EnableCredSSP</CommandLine>
<Description>Enable winrm</Description>
<Order>20</Order>
<RequiresUserInput>true</RequiresUserInput>
@@ -395,6 +411,9 @@
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<SkipAutoActivation>{{ settings.skip_auto_activation | default('true') }}</SkipAutoActivation>
</component>
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ComputerName>*</ComputerName>
</component>
</settings>
<settings pass="offlineServicing">
<component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">

7
roles/oatakan.windows_ovirt_template/vars/main.yml
View File

@@ -42,6 +42,7 @@ template:
storage_domain: "{{ providers.ovirt.data_domain | default('data_domain') }}"
memory: "{{ template_vm_memory }}"
cpu: "{{ template_vm_cpu }}"
bios_type: "{{ ('q35_ovmf') if (template_vm_efi|bool and not custom_efi_enabled|bool) else (omit) }}"
networks:
- name: "{{ template_vm_network_name }}"
ip: "{{ template_vm_ip_address }}"
@@ -60,12 +61,12 @@ qemu_cmdline_second_iso:
qemu_cmdline_efi:
- -drive
- if=pflash,format=raw,readonly,file=/usr/share/edk2.git/ovmf-x64/OVMF_CODE-pure-efi.fd
- if=pflash,format=raw,readonly,file={{ custom_efi_path }}
custom_properties:
- name: qemu_cmdline
value: "{{ ((qemu_cmdline_second_iso + qemu_cmdline_efi) | to_json) if template_vm_efi|bool else (qemu_cmdline_second_iso | to_json) }}"
value: "{{ ((qemu_cmdline_second_iso + qemu_cmdline_efi) | to_json) if (template_vm_efi|bool and custom_efi_enabled|bool) else (qemu_cmdline_second_iso | to_json) }}"
custom_properties_efi:
- name: qemu_cmdline
value: "{{ qemu_cmdline_efi | to_json }}"
value: "{{ (qemu_cmdline_efi | to_json) if (template_vm_efi|bool and custom_efi_enabled|bool) else ('[]') }}"