diff options
| author | Christian Poessinger <christian@poessinger.com> | 2020-04-23 22:11:33 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-04-23 22:11:33 +0200 |
| commit | 4e0f2e4c6a648343a8132f1eadc0cdb89bda8c4a (patch) | |
| tree | 21b2dbe849d325099fd2e32418b56b7ddad23edc | |
| parent | 88832a6324731f9357aa301adc70ef8448d6bc9f (diff) | |
| parent | 6f037298fc0c48f2ffb4ba0780f1cfdbb1fa4acf (diff) | |
| download | vyos-vm-images-4e0f2e4c6a648343a8132f1eadc0cdb89bda8c4a.tar.gz vyos-vm-images-4e0f2e4c6a648343a8132f1eadc0cdb89bda8c4a.zip | |
Merge pull request #4 from zdc/fix-qemu-01
Multiple fixes and improvements in QEMU image building
44 files changed, 630 insertions, 199 deletions
@@ -2,6 +2,28 @@ [Ansible](https://www.ansible.com/) playbooks to build VyOS VM images. +## Requirements + +You need a machine with at least 20 GB free space with Debian 10 (bare-metal, virtual, Docker container with --privileged flag). Also, you need to install ansible and python packages: + +``` +sudo apt update +sudo apt install -y ansible python +``` + +If you want to build an OVA image, you also need `ovftool` from VMware. It should be downloaded from the [VMware site](https://code.vmware.com/tool/ovf). Also, you need a private key to sign an OVA file. It can be generated with the next command: + +``` +openssl req -x509 -nodes -sha256 -days 365 -newkey rsa:1024 -keyout myself.pem -out myself.pem +``` + +All other requirements will be installed by ansible-playbook. + + +## Prepare + +You need to copy the ISO image with VyOS to /tmp/vyos.iso before running ansible-playbook. Resulting images also will be located inside /tmp/ directory. + ## Supported Platforms - QEMU @@ -13,7 +35,6 @@ - VMware ``` - ansible-playbook vmware.yml ansible-playbook vmware.yml -e vyos_vmware_private_key_path=path_to_private_key ``` @@ -28,3 +49,80 @@ ``` ansible-playbook vagrant-libvirt.yml ``` + +## Additional (optional) parameters + +- Path to local ISO image (default: /tmp/vyos.iso): + + ``` + -e iso_local=path + ``` + + Example: + + ``` + -e iso_local=/tmp/vyos/custom_image.iso + ``` + +- Disk size (default: 10GB): + + ``` + -e disk_size=size + ``` + + Example for 2 GB: + + ``` + -e disk_size=2 + ``` + +- Enable Cloud-init (default: according to platform): + + ``` + -e cloud_init=true + ``` + +- Configure custom Cloud-init datasources (default: according to platform): + + ``` + -e cloud_init_ds=datasources + ``` + + Example: + ``` + -e cloud_init_ds=NoCloud,ConfigDrive,None + ``` + +- Install guest agent. It can be `qemu`, `vmware` (default: none): + + ``` + -e guest_agent=agent + ``` + + Example: + ``` + -e guest_agent=qemu + ``` + +- Disable configuration stage modules in Cloud-init. Mostly useful when you are building for non-cloud environments, where Cloud-init meta-data is not available (default: false): + ``` + -e cloud_init_disable_config=true + ``` + +- Create an archive with files required to PXE boot (default: false): + + ``` + -e pxe=true + ``` + +- Keep default `vyos` user with password `vyos` in configuration when building an image with Cloud-init (default: false): + + ``` + -e keep_user=true + ``` + +- Create an image with empty configuration, do not add any default settings like eth0 address, SSH service (default: false): + + ``` + -e empty_config=true + ```
\ No newline at end of file diff --git a/group_vars/all.yml b/group_vars/all.yml index 2e1c25b..41ec804 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -1,8 +1,8 @@ ansible_host_key_checking: False vyos_iso_url: "" -vyos_iso_local: /tmp/vyos.iso -vyos_key_url: http://packages.vyos.net/vyos-release.gpg +vyos_iso_local: "{{ iso_local | default('/tmp/vyos.iso') }}" +vyos_key_url: https://downloads.vyos.io/vyos-release.gpg vyos_key_local: /tmp/vyos-release.gpg vyos_cd_root: /mnt/cdrom @@ -12,8 +12,9 @@ vyos_write_root: /mnt/wroot vyos_read_root: /mnt/squashfs vyos_install_root: /mnt/inst_root -vyos_disk_size: 10 +vyos_disk_size: "{{ disk_size | default(10) }}" vyos_root_fstype: ext4 vyos_target_drive: "" vyos_raw_img: /tmp/vyos_raw_image.img +grub_console: "kvm"
\ No newline at end of file @@ -8,6 +8,9 @@ vyos_format: vhd vyos_hyperv_img: /tmp/vyos_hyperv_image.vhd vyos_output_img: "{{ vyos_hyperv_img }}" + cloud_init: "true" + cloud_init_ds_string: "{{ cloud_init_ds | default('NoCloud, ConfigDrive, None') }}" + cloud_init_ds_list: "{{ cloud_init_ds_string.split(',') }}" roles: - install-packages - load-modules @@ -22,7 +25,8 @@ - install-config - install-grub - install-persistence-conf - - install-cloud-init + - install-cloud-init-wrapper + - unmount-pre - unmount-all - hyperv-vhd - release @@ -5,8 +5,11 @@ vars: vyos_platform: QEMU vyos_format: qcow2 - vyos_qemu_img: /tmp/vyos_qemu_image.qcow2 + vyos_qemu_img: "/tmp/vyos-{{ vyos_version }}{{ ci_tag | default() }}-qemu.qcow2" vyos_output_img: "{{ vyos_qemu_img }}" + cloud_init: "false" + cloud_init_ds_string: "{{ cloud_init_ds | default('NoCloud,ConfigDrive,None') }}" + cloud_init_ds_list: "{{ cloud_init_ds_string.split(',') }}" roles: - install-packages - load-modules @@ -21,7 +24,12 @@ - install-config - install-grub - install-persistence-conf - - install-cloud-init + - install-cloud-init-wrapper + - install-guest-agent-wrapper + - fstrim + - unmount-pre + - create-pxe-archive - unmount-all - qemu-qcow2 + - cleanup-ending - release diff --git a/roles/cleanup-ending/tasks/main.yml b/roles/cleanup-ending/tasks/main.yml new file mode 100644 index 0000000..3a84b98 --- /dev/null +++ b/roles/cleanup-ending/tasks/main.yml @@ -0,0 +1,17 @@ +- name: Delete RAW image + file: + path: "{{ vyos_raw_img }}" + state: absent + +- name: Delete PXE folder + file: + path: "/tmp/vyos-pxe-{{ vyos_version }}{{ ci_tag | default() }}" + state: absent + when: + - pxe is defined + - pxe == "true" + +- name: Delete Release key + file: + path: "{{ vyos_key_local }}" + state: absent diff --git a/roles/create-pxe-archive/tasks/main.yml b/roles/create-pxe-archive/tasks/main.yml new file mode 100644 index 0000000..147dd45 --- /dev/null +++ b/roles/create-pxe-archive/tasks/main.yml @@ -0,0 +1,46 @@ +# Create an archive with files, required for PXE +- name: Create directory for PXE files + become: true + file: + path: "/tmp/vyos-pxe-{{ vyos_version }}{{ ci_tag | default() }}" + state: directory + when: + - pxe is defined + - pxe == "true" + +- name: Save files required for PXE boot + become: true + copy: + src: "{{ vyos_write_root }}/boot/{{ vyos_version }}/{{ item }}" + dest: "/tmp/vyos-pxe-{{ vyos_version }}{{ ci_tag | default() }}/{{ item }}" + with_items: + - initrd.img + - vmlinuz + when: + - pxe is defined + - pxe == "true" + +# We need to skip boot directory (it contain too much unneeded items) and cc_vyos.py (optionally - may conflict with User-Data handler) +- name: Create new squashfs image + become: true + command: "mksquashfs {{ vyos_install_root }} /tmp/vyos-pxe-{{ vyos_version }}{{ ci_tag | default() }}/filesystem.squashfs -comp gzip -no-progress -Xcompression-level 9 -e {{ vyos_install_root }}/boot" + when: + - pxe is defined + - pxe == "true" + +- name: Add the /boot directory + become: true + command: "mksquashfs {{ vyos_read_root }}/boot /tmp/vyos-pxe-{{ vyos_version }}{{ ci_tag | default() }}/filesystem.squashfs -keep-as-directory -comp gzip -no-progress -Xcompression-level 9" + when: + - pxe is defined + - pxe == "true" + +- name: Create an archive with files for PXE + become: true + archive: + path: "/tmp/vyos-pxe-{{ vyos_version }}{{ ci_tag | default() }}" + format: gz + dest: "/tmp/vyos-pxe-{{ vyos_version }}{{ ci_tag | default() }}.tgz" + when: + - pxe is defined + - pxe == "true" diff --git a/roles/fstrim/tasks/main.yml b/roles/fstrim/tasks/main.yml new file mode 100644 index 0000000..e7230a7 --- /dev/null +++ b/roles/fstrim/tasks/main.yml @@ -0,0 +1,8 @@ +# Trim filesystems to minimize resulted image +- name: Trim {{ vyos_install_root }}/boot + become: true + command: fstrim {{ vyos_install_root }}/boot + +- name: Trim {{ vyos_write_root }} + become: true + command: fstrim {{ vyos_write_root }} diff --git a/roles/install-cloud-init-wrapper/tasks/main.yml b/roles/install-cloud-init-wrapper/tasks/main.yml new file mode 100644 index 0000000..7ab9705 --- /dev/null +++ b/roles/install-cloud-init-wrapper/tasks/main.yml @@ -0,0 +1,12 @@ +- name: Check if we need to install Cloud-Init + include_role: + name: install-cloud-init + when: cloud_init == "true" +- name: Set Cloud-Init tag for image file name + set_fact: + ci_tag: "-cloud-init" + when: cloud_init == "true" +# - name: Set empty Cloud-Init tag for image file name +# set_fact: +# ci_tag: "" +# when: cloud_init == "false" diff --git a/roles/install-cloud-init-wrapper/tests/inventory b/roles/install-cloud-init-wrapper/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/install-cloud-init-wrapper/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/install-cloud-init-wrapper/tests/test.yml b/roles/install-cloud-init-wrapper/tests/test.yml new file mode 100644 index 0000000..6002afa --- /dev/null +++ b/roles/install-cloud-init-wrapper/tests/test.yml @@ -0,0 +1,4 @@ +--- +- hosts: localhost + roles: + - install-cloud-init-wrapper diff --git a/roles/install-cloud-init/files/90_disable_config_stage.cfg b/roles/install-cloud-init/files/90_disable_config_stage.cfg new file mode 100644 index 0000000..867621d --- /dev/null +++ b/roles/install-cloud-init/files/90_disable_config_stage.cfg @@ -0,0 +1,2 @@ +# Disable all config-stage modules +cloud_config_modules: diff --git a/roles/install-cloud-init/files/debian.list.buster b/roles/install-cloud-init/files/debian.list.buster new file mode 100644 index 0000000..fd5a770 --- /dev/null +++ b/roles/install-cloud-init/files/debian.list.buster @@ -0,0 +1,7 @@ +deb http://deb.debian.org/debian buster main contrib non-free +deb-src http://deb.debian.org/debian buster main contrib non-free +deb http://security.debian.org/debian-security/ buster/updates main contrib non-free +deb-src http://security.debian.org/debian-security/ buster/updates main contrib non-free +deb http://deb.debian.org/debian buster-updates main contrib non-free +deb-src http://deb.debian.org/debian buster-updates main contrib non-free +deb http://dev.packages.vyos.net/repositories/current current main diff --git a/roles/install-cloud-init/files/debian.list b/roles/install-cloud-init/files/debian.list.jessie index f657759..0750699 100644 --- a/roles/install-cloud-init/files/debian.list +++ b/roles/install-cloud-init/files/debian.list.jessie @@ -4,4 +4,5 @@ deb http://security.debian.org/debian-security/ jessie/updates main contrib non- deb-src http://security.debian.org/debian-security/ jessie/updates main contrib non-free deb http://deb.debian.org/debian jessie-updates main contrib non-free deb-src http://deb.debian.org/debian jessie-updates main contrib non-free -deb http://deb.debian.org/debian jessie-backports main +deb http://dev.packages.vyos.net/repositories/crux/vyos crux main +deb http://dev.packages.vyos.net/repositories/crux/debian crux main diff --git a/roles/install-cloud-init/files/hyper-v.cfg b/roles/install-cloud-init/files/hyper-v.cfg deleted file mode 100644 index f66d7c0..0000000 --- a/roles/install-cloud-init/files/hyper-v.cfg +++ /dev/null @@ -1 +0,0 @@ -datasource_list: [ NoCloud, ConfigDrive, None ] diff --git a/roles/install-cloud-init/files/qemu.cfg b/roles/install-cloud-init/files/qemu.cfg deleted file mode 100644 index f66d7c0..0000000 --- a/roles/install-cloud-init/files/qemu.cfg +++ /dev/null @@ -1 +0,0 @@ -datasource_list: [ NoCloud, ConfigDrive, None ] diff --git a/roles/install-cloud-init/files/resolv.conf b/roles/install-cloud-init/files/resolv.conf new file mode 100644 index 0000000..81027f8 --- /dev/null +++ b/roles/install-cloud-init/files/resolv.conf @@ -0,0 +1 @@ +nameserver 1.1.1.1
\ No newline at end of file diff --git a/roles/install-cloud-init/files/vmware.cfg b/roles/install-cloud-init/files/vmware.cfg deleted file mode 100644 index 76a5efd..0000000 --- a/roles/install-cloud-init/files/vmware.cfg +++ /dev/null @@ -1 +0,0 @@ -datasource_list: [ NoCloud, ConfigDrive, OVF, None ] diff --git a/roles/install-cloud-init/tasks/main.yml b/roles/install-cloud-init/tasks/main.yml index c9d5d07..2ae314b 100644 --- a/roles/install-cloud-init/tasks/main.yml +++ b/roles/install-cloud-init/tasks/main.yml @@ -1,17 +1,36 @@ +- name: Get Debian version + become: true + command: chroot {{ vyos_install_root }} awk 'match($0, /VERSION=.*\((\w+)\)/, version) { print version[1] }' /etc/os-release + register: debian_version +- name: Set VyOS branch name crux + set_fact: + vyos_branch: "crux" + when: vyos_version is regex("^1\.2.*$") - name: Put debian.list become: true copy: - src: files/debian.list + src: "files/debian.list.{{ debian_version.stdout }}" dest: "{{ vyos_install_root }}/etc/apt/sources.list.d/debian.list" +- name: backup resolv.conf + become: true + command: mv {{ vyos_install_root }}/etc/resolv.conf /tmp/resolv.conf +- name: add nameserver settings to chroot + become: true + copy: + src: "files/resolv.conf" + dest: "{{ vyos_install_root }}/etc/resolv.conf" - name: apt-get update become: true command: chroot {{ vyos_install_root }} apt-get update - name: Install cloud-init become: true - command: chroot {{ vyos_install_root }} apt-get install -y cloud-init cloud-utils + command: chroot {{ vyos_install_root }} apt-get -t {{ vyos_branch | default('current') }} install -y cloud-init cloud-utils - name: apt-get clean become: true command: chroot {{ vyos_install_root }} apt-get clean +- name: delete apt lists from cache + become: true + command: chroot {{ vyos_install_root }} rm -rf /var/lib/apt/lists/ - name: Delete debian.list become: true file: @@ -25,9 +44,24 @@ mode: 0755 - name: Put datasource_list.cfg become: true - copy: - src: "files/{{ vyos_platform | lower }}.cfg" + template: + src: 90_dpkg.cfg.j2 dest: "{{ vyos_install_root }}/etc/cloud/cloud.cfg.d/90_dpkg.cfg" - name: run dpkg-reconfigure cloud-init become: true command: chroot {{ vyos_install_root }} dpkg-reconfigure -f noninteractive cloud-init +- name: Disable config-stage modules + become: true + copy: + src: "files/90_disable_config_stage.cfg" + dest: "{{ vyos_install_root }}/etc/cloud/cloud.cfg.d/90_disable_config_stage.cfg" + when: + - cloud_init_disable_config is defined + - cloud_init_disable_config == "true" +- name: restore original resolv.conf + become: true + command: mv /tmp/resolv.conf {{ vyos_install_root }}/etc/resolv.conf +- name: change /etc/network/interfaces to include config from Cloud-Init + become: true + command: chroot {{ vyos_install_root }} sed -i 's/source-directory \/etc\/network\/interfaces.d/source \/etc\/network\/interfaces.d\/*/g' /etc/network/interfaces + when: vyos_version is regex("^1\.2.*$") diff --git a/roles/install-cloud-init/templates/90_dpkg.cfg.j2 b/roles/install-cloud-init/templates/90_dpkg.cfg.j2 new file mode 100644 index 0000000..69d2461 --- /dev/null +++ b/roles/install-cloud-init/templates/90_dpkg.cfg.j2 @@ -0,0 +1 @@ +datasource_list: [ {{ cloud_init_ds_list|join(', ') }} ] diff --git a/roles/install-config/tasks/main.yml b/roles/install-config/tasks/main.yml index 4447f87..0715fa1 100644 --- a/roles/install-config/tasks/main.yml +++ b/roles/install-config/tasks/main.yml @@ -4,9 +4,9 @@ path: "{{ vyos_install_root }}/opt/vyatta/etc/config/.vyatta_config" state: touch -- name: Copy the default config for QEMU to the installed image +- name: Copy config to the installed image become: true - copy: - src: files/config.boot + template: + src: config.boot.j2 dest: "{{ vyos_install_root }}/opt/vyatta/etc/config/config.boot" mode: 0755 diff --git a/roles/install-config/files/config.boot b/roles/install-config/templates/config.boot.j2 index f1ec4f5..30506f8 100644 --- a/roles/install-config/files/config.boot +++ b/roles/install-config/templates/config.boot.j2 @@ -1,14 +1,13 @@ -service { - ssh { - port 22 - } -} system { host-name vyos login { user vyos { authentication { +{% if cloud_init == "true" and not ( keep_user is defined and keep_user == "true" ) %} + encrypted-password "*" +{% else %} encrypted-password "$6$MjV2YvKQ56q$QbL562qhRoyUu8OaqrXagicvcsNpF1HssCY06ZxxghDJkBCfSfTE/4FlFB41xZcd/HqYyVBuRt8Zyq3ozJ0dc." +{% endif %} plaintext-password "" } level admin @@ -34,8 +33,18 @@ system { } } interfaces { +{% if cloud_init == "true" and not ( empty_config is defined and empty_config == "true" ) %} ethernet eth0 { address dhcp } - loopback lo +{% endif %} + loopback lo { + } +} +{% if cloud_init == "true" and not ( empty_config is defined and empty_config == "true" ) %} +service { + ssh { + port 22 + } } +{% endif %} diff --git a/roles/install-grub/tasks/main.yml b/roles/install-grub/tasks/main.yml index 2a20271..33a1049 100644 --- a/roles/install-grub/tasks/main.yml +++ b/roles/install-grub/tasks/main.yml @@ -20,7 +20,7 @@ - name: Install GRUB in the boot sector of {{ vyos_target_drive }} become: true - command: chroot {{ vyos_install_root }} grub-install --no-floppy --root-directory=/boot {{ vyos_target_drive }} --force + command: chroot {{ vyos_install_root }} grub-install --no-floppy --root-directory=/boot {{ vyos_target_drive }} --force --target=i386-pc args: creates: "{{ vyos_install_root }}/boot/grub/grubenv" diff --git a/roles/install-grub/templates/boot/grub/grub.cfg.j2 b/roles/install-grub/templates/boot/grub/grub.cfg.j2 index 45f48ab..6cfea8f 100644 --- a/roles/install-grub/templates/boot/grub/grub.cfg.j2 +++ b/roles/install-grub/templates/boot/grub/grub.cfg.j2 @@ -1,7 +1,29 @@ +{% if grub_console == "kvm" %} set default=0 -set timeout=0 +{% elif grub_console == "serial" %} +set default=1 +{% endif %} +set timeout=5 +serial --unit=0 +terminal_output --append serial +terminal_input serial console -menuentry "VyOS {{ vyos_platform }} Image {{ vyos_version }}" { - linux /boot/{{ vyos_version }}/vmlinuz boot=live selinux=0 vyos-union=/boot/{{ vyos_version }} console=tty1 +menuentry "VyOS {{ vyos_version }} for {{ vyos_platform }} (KVM console)" { + linux /boot/{{ vyos_version }}/vmlinuz boot=live rootdelay=5 noautologin net.ifnames=0 biosdevname=0 vyos-union=/boot/{{ vyos_version }} console=ttyS0 console=tty0 + initrd /boot/{{ vyos_version }}/initrd.img +} + +menuentry "VyOS {{ vyos_version }} for {{ vyos_platform }} (Serial console)" { + linux /boot/{{ vyos_version }}/vmlinuz boot=live rootdelay=5 noautologin net.ifnames=0 biosdevname=0 vyos-union=/boot/{{ vyos_version }} console=tty0 console=ttyS0 + initrd /boot/{{ vyos_version }}/initrd.img +} + +menuentry "VyOS {{ vyos_version }} for {{ vyos_platform }} - password reset (KVM console)" { + linux /boot/{{ vyos_version }}/vmlinuz boot=live rootdelay=5 noautologin net.ifnames=0 biosdevname=0 vyos-union=/boot/{{ vyos_version }} console=ttyS0 console=tty0 init=/opt/vyatta/sbin/standalone_root_pw_reset + initrd /boot/{{ vyos_version }}/initrd.img +} + +menuentry "VyOS {{ vyos_version }} for {{ vyos_platform }} - password reset (Serial console)" { + linux /boot/{{ vyos_version }}/vmlinuz boot=live rootdelay=5 noautologin net.ifnames=0 biosdevname=0 vyos-union=/boot/{{ vyos_version }} console=tty0 console=ttyS0 init=/opt/vyatta/sbin/standalone_root_pw_reset initrd /boot/{{ vyos_version }}/initrd.img } diff --git a/roles/install-guest-agent-wrapper/tasks/main.yml b/roles/install-guest-agent-wrapper/tasks/main.yml new file mode 100644 index 0000000..f41e111 --- /dev/null +++ b/roles/install-guest-agent-wrapper/tasks/main.yml @@ -0,0 +1,4 @@ +- name: Check if we need to install VM guest agents + include_role: + name: install-guest-agent + when: guest_agent is defined diff --git a/roles/install-guest-agent-wrapper/tests/inventory b/roles/install-guest-agent-wrapper/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/install-guest-agent-wrapper/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/install-guest-agent-wrapper/tests/test.yml b/roles/install-guest-agent-wrapper/tests/test.yml new file mode 100644 index 0000000..1c75a3b --- /dev/null +++ b/roles/install-guest-agent-wrapper/tests/test.yml @@ -0,0 +1,4 @@ +--- +- hosts: localhost + roles: + - install-guest-agent-wrapper diff --git a/roles/install-guest-agent/files/debian.list.buster b/roles/install-guest-agent/files/debian.list.buster new file mode 100644 index 0000000..4950c4e --- /dev/null +++ b/roles/install-guest-agent/files/debian.list.buster @@ -0,0 +1,4 @@ +deb http://deb.debian.org/debian buster main contrib non-free +deb http://security.debian.org/debian-security/ buster/updates main contrib non-free +deb http://deb.debian.org/debian buster-updates main contrib non-free +deb http://dev.packages.vyos.net/repositories/current current main diff --git a/roles/install-guest-agent/files/debian.list.jessie b/roles/install-guest-agent/files/debian.list.jessie new file mode 100644 index 0000000..885e26b --- /dev/null +++ b/roles/install-guest-agent/files/debian.list.jessie @@ -0,0 +1,5 @@ +deb http://deb.debian.org/debian jessie main contrib non-free +deb http://security.debian.org/debian-security/ jessie/updates main contrib non-free +deb http://deb.debian.org/debian jessie-updates main contrib non-free +deb http://dev.packages.vyos.net/repositories/crux/vyos crux main +deb http://dev.packages.vyos.net/repositories/crux/debian crux main diff --git a/roles/install-guest-agent/files/resolv.conf b/roles/install-guest-agent/files/resolv.conf new file mode 100644 index 0000000..81027f8 --- /dev/null +++ b/roles/install-guest-agent/files/resolv.conf @@ -0,0 +1 @@ +nameserver 1.1.1.1
\ No newline at end of file diff --git a/roles/install-guest-agent/tasks/main.yml b/roles/install-guest-agent/tasks/main.yml new file mode 100644 index 0000000..f636f53 --- /dev/null +++ b/roles/install-guest-agent/tasks/main.yml @@ -0,0 +1,46 @@ +- name: Get Debian version + become: true + command: chroot {{ vyos_install_root }} awk 'match($0, /VERSION=.*\((\w+)\)/, version) { print version[1] }' /etc/os-release + register: debian_version +- name: Set VyOS branch name crux + set_fact: + vyos_branch: "crux" + when: vyos_version is regex("^1\.2.*$") +- name: Put debian.list + become: true + copy: + src: "files/debian.list.{{ debian_version.stdout }}" + dest: "{{ vyos_install_root }}/etc/apt/sources.list.d/debian.list" +- name: backup resolv.conf + become: true + command: mv {{ vyos_install_root }}/etc/resolv.conf /tmp/resolv.conf +- name: add nameserver settings to chroot + become: true + copy: + src: "files/resolv.conf" + dest: "{{ vyos_install_root }}/etc/resolv.conf" +- name: apt-get update + become: true + command: chroot {{ vyos_install_root }} apt-get update +- name: Install qemu-guest-agent + become: true + command: chroot {{ vyos_install_root }} apt-get -t {{ vyos_branch | default('current') }} install -y qemu-guest-agent + when: guest_agent == "qemu" +- name: Install open-vm-tools + become: true + command: chroot {{ vyos_install_root }} apt-get -t {{ vyos_branch | default('current') }} install -y open-vm-tools + when: guest_agent == "vmware" +- name: apt-get clean + become: true + command: chroot {{ vyos_install_root }} apt-get clean +- name: delete apt lists from cache + become: true + command: chroot {{ vyos_install_root }} rm -rf /var/lib/apt/lists/ +- name: Delete debian.list + become: true + file: + path: "{{ vyos_install_root }}/etc/apt/sources.list.d/debian.list" + state: absent +- name: restore original resolv.conf + become: true + command: mv /tmp/resolv.conf {{ vyos_install_root }}/etc/resolv.conf diff --git a/roles/install-guest-agent/tests/inventory b/roles/install-guest-agent/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/install-guest-agent/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/install-guest-agent/tests/test.yml b/roles/install-guest-agent/tests/test.yml new file mode 100644 index 0000000..79b8c2d --- /dev/null +++ b/roles/install-guest-agent/tests/test.yml @@ -0,0 +1,4 @@ +--- +- hosts: localhost + roles: + - install-guest-agent diff --git a/roles/install-open-vmdk/tasks/main.yml b/roles/install-open-vmdk/tasks/main.yml index dedece0..8d19da4 100644 --- a/roles/install-open-vmdk/tasks/main.yml +++ b/roles/install-open-vmdk/tasks/main.yml @@ -7,14 +7,27 @@ url: https://github.com/vmware/open-vmdk/archive/master.zip dest: /tmp/master.zip when: stat_result.stat.exists == False -- name: Extract master.zip into /var/lib/foo +- name: Extract master.zip into /tmp unarchive: src: /tmp/master.zip dest: /tmp when: stat_result.stat.exists == False +- name: Build open-vmdk + become: true + make: + chdir: /tmp/open-vmdk-master/vmdk + when: stat_result.stat.exists == False - name: Install open-vmdk become: true make: - chdir: /tmp/open-vmdk-master + chdir: /tmp/open-vmdk-master/vmdk target: install when: stat_result.stat.exists == False +- name: Delete installation directory and archive + file: + path: "{{ item }}" + state: absent + loop: + - "/tmp/open-vmdk-master" + - "/tmp/master.zip" + when: stat_result.stat.exists == False diff --git a/roles/install-packages/tasks/main.yml b/roles/install-packages/tasks/main.yml index ffb0bbf..8d526b5 100644 --- a/roles/install-packages/tasks/main.yml +++ b/roles/install-packages/tasks/main.yml @@ -9,4 +9,9 @@ - qemu-utils - python-lxml - aufs-tools + - grub2 + - python-requests + - unzip + - zlib1g-dev + - squashfs-tools state: present diff --git a/roles/qemu-qcow2/tasks/main.yml b/roles/qemu-qcow2/tasks/main.yml index c91c75b..c3893ef 100644 --- a/roles/qemu-qcow2/tasks/main.yml +++ b/roles/qemu-qcow2/tasks/main.yml @@ -1,2 +1,2 @@ - name: Convert raw to qcow2 - command: qemu-img convert -f raw "{{ vyos_raw_img }}" -O qcow2 "{{ vyos_qemu_img }}" + command: qemu-img convert -f raw "{{ vyos_raw_img }}" -O qcow2 -c "{{ vyos_qemu_img }}" diff --git a/roles/unmount-all/tasks/main.yml b/roles/unmount-all/tasks/main.yml index 1ff6daa..253ffe9 100644 --- a/roles/unmount-all/tasks/main.yml +++ b/roles/unmount-all/tasks/main.yml @@ -16,24 +16,6 @@ fstype: none state: absent -- name: Unmount {{ vyos_install_root }}/sys, {{ vyos_install_root }}/proc, {{ vyos_install_root }}/dev - become: true - mount: - name: "{{ vyos_install_root }}/{{ item }}" - src: "/{{ item }}" - fstype: none - state: unmounted - with_items: [ 'sys', 'proc', 'dev' ] - -- name: Unmount {{ vyos_install_root }}/sys, {{ vyos_install_root }}/proc, {{ vyos_install_root }}/dev - become: true - mount: - name: "{{ vyos_install_root }}/{{ item }}" - src: "/{{ item }}" - fstype: none - state: absent - with_items: [ 'sys', 'proc', 'dev' ] - - name: Unmount {{ vyos_install_root }} become: true mount: @@ -58,6 +40,10 @@ fstype: "{{ vyos_root_fstype }}" state: absent +- name: Detach {{ vyos_target_drive }} + become: true + command: "losetup -d {{ vyos_target_drive }}" + - name: Unmount {{ vyos_cd_squash_root }} become: true mount: diff --git a/roles/unmount-pre/tasks/main.yml b/roles/unmount-pre/tasks/main.yml new file mode 100644 index 0000000..12c9ae7 --- /dev/null +++ b/roles/unmount-pre/tasks/main.yml @@ -0,0 +1,18 @@ +# Unmount /sys /proc /dev +- name: Unmount {{ vyos_install_root }}/sys, {{ vyos_install_root }}/proc, {{ vyos_install_root }}/dev + become: true + mount: + name: "{{ vyos_install_root }}/{{ item }}" + src: "/{{ item }}" + fstype: none + state: unmounted + with_items: [ 'sys', 'proc', 'dev' ] + +- name: Unmount {{ vyos_install_root }}/sys, {{ vyos_install_root }}/proc, {{ vyos_install_root }}/dev + become: true + mount: + name: "{{ vyos_install_root }}/{{ item }}" + src: "/{{ item }}" + fstype: none + state: absent + with_items: [ 'sys', 'proc', 'dev' ] diff --git a/roles/unmount-pre/tests/inventory b/roles/unmount-pre/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/unmount-pre/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/unmount-pre/tests/test.yml b/roles/unmount-pre/tests/test.yml new file mode 100644 index 0000000..105c5e6 --- /dev/null +++ b/roles/unmount-pre/tests/test.yml @@ -0,0 +1,4 @@ +--- +- hosts: localhost + roles: + - unmount-pre diff --git a/roles/vmware-ova/tasks/main.yml b/roles/vmware-ova/tasks/main.yml index 53c4989..0146a15 100644 --- a/roles/vmware-ova/tasks/main.yml +++ b/roles/vmware-ova/tasks/main.yml @@ -2,6 +2,10 @@ command: qemu-img convert -f raw "{{ vyos_raw_img }}" -O vmdk -o adapter_type=lsilogic "{{ vyos_vmware_tmp_vmdk }}" - name: Fix vmdk with open-vmdk command: vmdk-convert "{{ vyos_vmware_tmp_vmdk }}" "{{ vyos_vmware_vmdk }}" +- name: Delete temporary image + file: + path: "{{ vyos_vmware_tmp_vmdk }}" + state: absent - name: Get vmdk_file_size shell: du --bytes "{{ vyos_vmware_vmdk }}" | cut -f1 register: vmdk_file_size @@ -26,42 +30,14 @@ copy: dest: "{{ vyos_vmware_mf }}" content: "{{ result.stdout }}" -- name: Create OVA without private key +- name: Converting the OVF to signed OVA become: false - archive: - path: - - "{{ vyos_vmware_ovf }}" - - "{{ vyos_vmware_mf }}" - - "{{ vyos_vmware_vmdk }}" - dest: "{{ vyos_vmware_ova }}" - format: tar - when: vyos_vmware_private_key_path is not defined -- name: Sign MF - shell: openssl dgst -sha256 -sign "{{ vyos_vmware_private_key_path }}" -hex "{{ vyos_vmware_mf | basename }}" | sed 's/^RSA-//' - args: - chdir: /tmp - register: signature - when: vyos_vmware_private_key_path is defined -- name: Get certificate - shell: openssl x509 -in "{{ vyos_vmware_private_key_path }}" - register: certificate - when: vyos_vmware_private_key_path is defined -- name: Create cert file for OVA - become: false - copy: - dest: "{{ vyos_vmware_cert }}" - content: | - {{ signature.stdout }} - {{ certificate.stdout }} - when: vyos_vmware_private_key_path is defined -- name: Create OVA with private key - become: false - archive: - path: - - "{{ vyos_vmware_ovf }}" - - "{{ vyos_vmware_mf }}" - - "{{ vyos_vmware_cert }}" - - "{{ vyos_vmware_vmdk }}" - dest: "{{ vyos_vmware_ova }}" - format: tar - when: vyos_vmware_private_key_path is defined + command: "ovftool --compress=9 --privateKey={{ vyos_vmware_private_key_path }} {{ vyos_vmware_ovf }} {{ vyos_vmware_ova }}" +- name: Delete temporary files for VMware + file: + path: "{{ item }}" + state: absent + loop: + - "{{ vyos_vmware_ovf }}" + - "{{ vyos_vmware_mf }}" + - "{{ vyos_vmware_vmdk }}" diff --git a/roles/vmware-ova/templates/vyos_vmware_image.ovf.j2 b/roles/vmware-ova/templates/vyos_vmware_image.ovf.j2 index c3d6145..7f58678 100644 --- a/roles/vmware-ova/templates/vyos_vmware_image.ovf.j2 +++ b/roles/vmware-ova/templates/vyos_vmware_image.ovf.j2 @@ -1,148 +1,223 @@ <?xml version="1.0" encoding="UTF-8"?> -<Envelope vmw:buildId="build-3018522" xmlns="http://schemas.dmtf.org/ovf/envelope/1" xmlns:cim="http://schemas.dmtf.org/wbem/wscim/1/common" xmlns:ovf="http://schemas.dmtf.org/ovf/envelope/1" xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData" xmlns:vmw="http://www.vmware.com/schema/ovf" xmlns:vssd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_VirtualSystemSettingData" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<ovf:Envelope xmlns="http://schemas.dmtf.org/ovf/envelope/1" xmlns:ovf="http://schemas.dmtf.org/ovf/envelope/1" xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData" xmlns:vmw="http://www.vmware.com/schema/ovf" xmlns:vssd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_VirtualSystemSettingData" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <References> <File ovf:href="vyos_vmware_image.vmdk" ovf:id="file1" ovf:size="{{ vmdk_file_size.stdout }}"/> </References> + <ovf:NetworkSection> + <ovf:Info>The list of logical networks</ovf:Info> + <ovf:Network ovf:name="WAN"> + <ovf:Description>WAN network</ovf:Description> + </ovf:Network> + <ovf:Network ovf:name="LAN"> + <ovf:Description>LAN network</ovf:Description> + </ovf:Network> + </ovf:NetworkSection> + <DeploymentOptionSection> + <Info>List of profiles</Info> + <Configuration ovf:default="true" ovf:id="1CPU-512MB"> + <Label ovf:msgid="Small.label">Small</Label> + <Description ovf:msgid="Small.description">Minimal hardware profile - 1 vCPU, 512 MB RAM</Description> + </Configuration> + <Configuration ovf:id="4CPU-16GB"> + <Label ovf:msgid="Medium.label">Medium</Label> + <Description ovf:msgid="Medium.description">Medium hardware profile - 4 vCPUs, 16 GB RAM</Description> + </Configuration> + <Configuration ovf:id="8CPU-32GB"> + <Label ovf:msgid="Large.label">Large</Label> + <Description ovf:msgid="Large.description">Large hardware profile - 8 vCPUs, 32 GB RAM</Description> + </Configuration> + </DeploymentOptionSection> + <vmw:IpAssignmentSection ovf:required="false" vmw:protocols="IPv4 IPv6" vmw:schemes="ovfenv dhcp"> + <Info>Supported IP assignment schemes</Info> + </vmw:IpAssignmentSection> <DiskSection> <Info>Virtual disk information</Info> - <Disk ovf:capacity="{{ vyos_vmdk_size }}" ovf:capacityAllocationUnits="byte * 2^30" ovf:diskId="vmdisk1" ovf:fileRef="file1" ovf:format="http://www.vmware.com/interfaces/specifications/vmdk.html#streamOptimized" ovf:populatedSize="{{ vmdk_populated_size }}"/> + <Disk ovf:capacity="10" ovf:capacityAllocationUnits="byte * 2^30" ovf:diskId="vmdisk1" ovf:fileRef="file1" ovf:format="http://www.vmware.com/interfaces/specifications/vmdk.html#streamOptimized" ovf:populatedSize="{{ vmdk_populated_size }}"/> </DiskSection> - <NetworkSection> - <Info>The list of logical networks</Info> - <Network ovf:name="VM Network"> - <Description>The VM Network network</Description> - </Network> - </NetworkSection> - <VirtualSystem ovf:id="vm"> + <VirtualSystem ovf:id="VyOS"> <Info>A virtual machine</Info> - <Name>vyos</Name> - <OperatingSystemSection ovf:id="1" vmw:osType="other26xLinux64Guest"> - <Info>The kind of installed guest operating system</Info> + <ProductSection ovf:required="false"> + <Info>VyOS is a Linux-based network operating system that provides software-based network routing, firewall, and VPN functionality.</Info> + <Product>VyOS</Product> + <Vendor>Sentrium S.L.</Vendor> + <Version>{{ vyos_version }}</Version> + <ProductUrl>https://www.vyos.io</ProductUrl> + <VendorUrl>https://sentrium.io/</VendorUrl> + <AppUrl/> + <Category>Appliance user Settings</Category> + <Property ovf:key="password" ovf:password="true" ovf:qualifiers="MinLen(8)" ovf:type="string" ovf:userConfigurable="true" ovf:value=""> + <Label ovf:msgid="Password.label">Password</Label> + <Description ovf:msgid="Password.description">The password for the appliance 'vyos' account. Passwords must be at least 8 characters in length.</Description> + </Property> + <Property ovf:key="public-keys" ovf:type="string" ovf:userConfigurable="true" ovf:value=""> + <Label>Public key</Label> + <Description>The public ssh key for the appliance 'vyos' account.</Description> + </Property> + <Category>Appliance IPv4 Network Settings (WAN interface)</Category> + <Property ovf:key="local-hostname" ovf:qualifiers="MinLen(0),MaxLen(65535)" ovf:type="string" ovf:userConfigurable="true" ovf:value=""> + <Label>Hostname</Label> + <Description>The host name for this virtual machine.</Description> + </Property> + <Property ovf:key="ip0" ovf:type="string" ovf:userConfigurable="true"> + <Label>Network IPv4 Address</Label> + <Description>The IPv4 address. Leave blank if DHCP is desired.</Description> + </Property> + <Property ovf:key="netmask0" ovf:type="string" ovf:userConfigurable="true"> + <Label>Network IPv4 Netmask</Label> + <Description>The IPv4 netmask or prefix for this interface. Leave blank if DHCP is desired.</Description> + </Property> + <Property ovf:key="gateway" ovf:type="string" ovf:userConfigurable="true"> + <Label>Default Gateway v4</Label> + <Description>Default gateway address. Leave blank if DHCP is desired.</Description> + </Property> + <Property ovf:key="DNS" ovf:type="string" ovf:userConfigurable="true"> + <Label>Domain Name Servers</Label> + <Description>The domain name server IP Addresses for this VM (comma separated). Leave blank if DHCP is desired.</Description> + </Property> + <Property ovf:key="NTP" ovf:type="string" ovf:userConfigurable="true"> + <Label>Domain Time Servers</Label> + <Description>NTP servers for this VM (comma separated). Leave blank if DHCP is desired.</Description> + </Property> + <Category>Appliance API Settings</Category> + <Property ovf:key="APIKEY" ovf:type="string" ovf:userConfigurable="true"> + <Label>API key</Label> + <Description>API key to access the VyOS api. If left blank the api wil not be enabled.</Description> + </Property> + <Property ovf:key="APIPORT" ovf:value="443" ovf:type="int" ovf:userConfigurable="true"> + <Label>API listening port</Label> + <Description>API port to listen on for calls. Leave blank to keep it default '443'.</Description> + </Property> + <Property ovf:key="APIDEBUG" ovf:value="false" ovf:type="boolean" ovf:userConfigurable="true"> + <Label>API debug logging</Label> + <Description>Enable API debug logging</Description> + </Property> + <Property ovf:key="user-data" ovf:type="string" ovf:userConfigurable="true" ovf:value=""> + <Label>Cloud-init User-Data</Label> + <Description>User-Data, encoded with base64.</Description> + </Property> + </ProductSection> + <ProductSection ovf:class="vm" ovf:required="false"> + <Info>VM specific properties</Info> + <Property ovf:key="vmname" ovf:type="string" ovf:value="VyOS"/> + </ProductSection> + <AnnotationSection> + <Info/> + <Annotation>VyOS</Annotation> + </AnnotationSection> + <OperatingSystemSection ovf:id="96" ovf:version="6" vmw:osType="debian8_64Guest"> + <Info>The operating system installed</Info> + <Description>Debian GNU/Linux 8 (64-bit)</Description> </OperatingSystemSection> - <VirtualHardwareSection ovf:transport="com.vmware.guestInfo" ovf:required="false"> - <Info>Virtual hardware requirements</Info> + <VirtualHardwareSection ovf:required="false" ovf:transport="com.vmware.guestInfo"> + <Info>Virtual Hardware Requirements</Info> <System> <vssd:ElementName>Virtual Hardware Family</vssd:ElementName> <vssd:InstanceID>0</vssd:InstanceID> - <vssd:VirtualSystemIdentifier>vyos</vssd:VirtualSystemIdentifier> - <vssd:VirtualSystemType>vmx-09</vssd:VirtualSystemType> + <vssd:VirtualSystemType>vmx-11</vssd:VirtualSystemType> </System> - <Item> + <Item configuration="1CPU-512MB"> <rasd:AllocationUnits>hertz * 10^6</rasd:AllocationUnits> - <rasd:Description>Number of Virtual CPUs</rasd:Description> - <rasd:ElementName>1 virtual CPU(s)</rasd:ElementName> - <rasd:InstanceID>1</rasd:InstanceID> + <rasd:Description>Number of virtual CPUs</rasd:Description> + <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">1 virtual CPU</rasd:ElementName> + <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">1</rasd:InstanceID> <rasd:ResourceType>3</rasd:ResourceType> <rasd:VirtualQuantity>1</rasd:VirtualQuantity> </Item> - <Item> - <rasd:AllocationUnits>byte * 2^30</rasd:AllocationUnits> + <Item configuration="4CPU-16GB"> + <rasd:AllocationUnits>hertz * 10^6</rasd:AllocationUnits> + <rasd:Description>Number of virtual CPUs</rasd:Description> + <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">4 virtual CPUs</rasd:ElementName> + <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">1</rasd:InstanceID> + <rasd:ResourceType>3</rasd:ResourceType> + <rasd:VirtualQuantity>4</rasd:VirtualQuantity> + </Item> + <Item configuration="8CPU-32GB"> + <rasd:AllocationUnits>hertz * 10^6</rasd:AllocationUnits> + <rasd:Description>Number of virtual CPUs</rasd:Description> + <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">8 virtual CPUs</rasd:ElementName> + <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">1</rasd:InstanceID> + <rasd:ResourceType>3</rasd:ResourceType> + <rasd:VirtualQuantity>8</rasd:VirtualQuantity> + </Item> + <Item configuration="1CPU-512MB"> + <rasd:AllocationUnits>byte * 2^20</rasd:AllocationUnits> <rasd:Description>Memory Size</rasd:Description> - <rasd:ElementName>1GB of memory</rasd:ElementName> - <rasd:InstanceID>2</rasd:InstanceID> + <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">512 MB of memory</rasd:ElementName> + <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">2</rasd:InstanceID> <rasd:ResourceType>4</rasd:ResourceType> - <rasd:VirtualQuantity>1</rasd:VirtualQuantity> + <rasd:VirtualQuantity>512</rasd:VirtualQuantity> + <rasd:Reservation>512</rasd:Reservation> + </Item> + <Item configuration="4CPU-16GB"> + <rasd:AllocationUnits>byte * 2^20</rasd:AllocationUnits> + <rasd:Description>Memory Size</rasd:Description> + <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">16 GB of memory</rasd:ElementName> + <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">2</rasd:InstanceID> + <rasd:ResourceType>4</rasd:ResourceType> + <rasd:VirtualQuantity>16384</rasd:VirtualQuantity> + <rasd:Reservation>16384</rasd:Reservation> + </Item> + <Item configuration="8CPU-32GB"> + <rasd:AllocationUnits>byte * 2^20</rasd:AllocationUnits> + <rasd:Description>Memory Size</rasd:Description> + <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">32 GB of memory</rasd:ElementName> + <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">2</rasd:InstanceID> + <rasd:ResourceType>4</rasd:ResourceType> + <rasd:VirtualQuantity>32768</rasd:VirtualQuantity> + <rasd:Reservation>32768</rasd:Reservation> </Item> <Item> - <rasd:Address>0</rasd:Address> - <rasd:Description>SCSI Controller</rasd:Description> - <rasd:ElementName>scsiController0</rasd:ElementName> - <rasd:InstanceID>3</rasd:InstanceID> - <rasd:ResourceSubType>lsilogic</rasd:ResourceSubType> + <rasd:Address xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">0</rasd:Address> + <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">SCSI Controller 0 - VMware Paravirtual SCSI</rasd:ElementName> + <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">3</rasd:InstanceID> + <rasd:ResourceSubType>VirtualSCSI</rasd:ResourceSubType> <rasd:ResourceType>6</rasd:ResourceType> </Item> <Item> - <rasd:Address>1</rasd:Address> - <rasd:Description>IDE Controller</rasd:Description> - <rasd:ElementName>ideController1</rasd:ElementName> - <rasd:InstanceID>4</rasd:InstanceID> - <rasd:ResourceType>5</rasd:ResourceType> + <rasd:AddressOnParent>0</rasd:AddressOnParent> + <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">disk0</rasd:ElementName> + <rasd:HostResource>ovf:/disk/vmdisk1</rasd:HostResource> + <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">4</rasd:InstanceID> + <rasd:Parent>3</rasd:Parent> + <rasd:ResourceType>17</rasd:ResourceType> </Item> - <Item ovf:required="false"> - <rasd:AutomaticAllocation>true</rasd:AutomaticAllocation> - <rasd:ElementName>serial0</rasd:ElementName> - <rasd:InstanceID>5</rasd:InstanceID> - <rasd:ResourceType>21</rasd:ResourceType> - <vmw:Config ovf:required="false" vmw:key="yieldOnPoll" vmw:value="false"/> + <Item> + <rasd:Address>0</rasd:Address> + <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">IDE Controller 0</rasd:ElementName> + <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">5</rasd:InstanceID> + <rasd:ResourceType>5</rasd:ResourceType> </Item> - <Item ovf:required="false"> + <Item> <rasd:AddressOnParent>0</rasd:AddressOnParent> <rasd:AutomaticAllocation>false</rasd:AutomaticAllocation> - <rasd:ElementName>cdrom0</rasd:ElementName> - <rasd:InstanceID>6</rasd:InstanceID> + <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">CD/DVD Drive 1</rasd:ElementName> + <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">6</rasd:InstanceID> <rasd:Parent>5</rasd:Parent> <rasd:ResourceType>15</rasd:ResourceType> </Item> - <Item> - <rasd:AddressOnParent>0</rasd:AddressOnParent> - <rasd:ElementName>disk0</rasd:ElementName> - <rasd:HostResource>ovf:/disk/vmdisk1</rasd:HostResource> + <ovf:Item> + <rasd:AddressOnParent>7</rasd:AddressOnParent> + <rasd:AutomaticAllocation>true</rasd:AutomaticAllocation> + <rasd:Connection>WAN</rasd:Connection> + <rasd:Description>NIC representing WAN</rasd:Description> + <rasd:ElementName>WAN</rasd:ElementName> <rasd:InstanceID>7</rasd:InstanceID> - <rasd:Parent>3</rasd:Parent> - <rasd:ResourceType>17</rasd:ResourceType> - </Item> - <Item> - <rasd:AddressOnParent>2</rasd:AddressOnParent> + <rasd:ResourceSubType>vmxnet3</rasd:ResourceSubType> + <rasd:ResourceType>10</rasd:ResourceType> + </ovf:Item> + <ovf:Item> + <rasd:AddressOnParent>8</rasd:AddressOnParent> <rasd:AutomaticAllocation>true</rasd:AutomaticAllocation> - <rasd:Connection>VM Network</rasd:Connection> - <rasd:Description>VmxNet3 ethernet adapter on "VM Network"</rasd:Description> - <rasd:ElementName>ethernet0</rasd:ElementName> + <rasd:Connection>LAN</rasd:Connection> + <rasd:Description>NIC representing LAN</rasd:Description> + <rasd:ElementName>LAN</rasd:ElementName> <rasd:InstanceID>8</rasd:InstanceID> - <rasd:ResourceSubType>VmxNet3</rasd:ResourceSubType> + <rasd:ResourceSubType>vmxnet3</rasd:ResourceSubType> <rasd:ResourceType>10</rasd:ResourceType> - <vmw:Config ovf:required="false" vmw:key="wakeOnLanEnabled" vmw:value="false"/> - </Item> - <Item ovf:required="false"> - <rasd:AutomaticAllocation>false</rasd:AutomaticAllocation> - <rasd:ElementName>video</rasd:ElementName> - <rasd:InstanceID>9</rasd:InstanceID> - <rasd:ResourceType>24</rasd:ResourceType> - </Item> - <Item ovf:required="false"> - <rasd:AutomaticAllocation>false</rasd:AutomaticAllocation> - <rasd:ElementName>vmci</rasd:ElementName> - <rasd:InstanceID>10</rasd:InstanceID> - <rasd:ResourceSubType>vmware.vmci</rasd:ResourceSubType> - <rasd:ResourceType>1</rasd:ResourceType> - </Item> + </ovf:Item> <vmw:Config ovf:required="false" vmw:key="cpuHotAddEnabled" vmw:value="true"/> <vmw:Config ovf:required="false" vmw:key="memoryHotAddEnabled" vmw:value="true"/> - <vmw:Config ovf:required="false" vmw:key="cpuHotRemoveEnabled" vmw:value="false"/> - <vmw:Config ovf:required="false" vmw:key="powerOpInfo.powerOffType" vmw:value="soft"/> - <vmw:Config ovf:required="false" vmw:key="powerOpInfo.resetType" vmw:value="soft"/> - <vmw:Config ovf:required="false" vmw:key="powerOpInfo.suspendType" vmw:value="soft"/> + <vmw:ExtraConfig ovf:required="false" vmw:key="sched.mem.pin" vmw:value="TRUE"/> </VirtualHardwareSection> - <ProductSection> - <Info>VyOS is a Linux-based network operating system that provides software-based network routing, firewall, and VPN functionality.</Info> - <Product>VyOS</Product> - <Vendor>VyOS maintainers and contributors</Vendor> - <Version>{{ vyos_version }}</Version> - <Property ovf:key="instance-id" ovf:type="string" ovf:userConfigurable="true" ovf:value="id-ovf"> - <Label>A Unique Instance ID for this instance</Label> - <Description>Specifies the instance id. This is required and used to determine if the machine should take "first boot" actions</Description> - </Property> - <Property ovf:key="hostname" ovf:type="string" ovf:userConfigurable="true" ovf:value="vyos"> - <Description>Specifies the hostname for the appliance</Description> - </Property> - <Property ovf:key="seedfrom" ovf:type="string" ovf:userConfigurable="true"> - <Label>Url to seed instance data from</Label> - <Description>This field is optional, but indicates that the instance should 'seed' user-data and meta-data from the given url. If set to 'http://tinyurl.com/sm-' is given, meta-data will be pulled from http://tinyurl.com/sm-meta-data and user-data from http://tinyurl.com/sm-user-data. Leave this empty if you do not want to seed from a url.</Description> - </Property> - <Property ovf:key="public-keys" ovf:type="string" ovf:userConfigurable="true" ovf:value=""> - <Label>ssh public keys</Label> - <Description>This field is optional, but indicates that the instance should populate the default user's 'authorized_keys' with this value</Description> - </Property> - <Property ovf:key="user-data" ovf:type="string" ovf:userConfigurable="true" ovf:value=""> - <Label>Encoded user-data</Label> - <Description>In order to fit into a xml attribute, this value is base64 encoded . It will be decoded, and then processed normally as user-data.</Description> - <!-- The following represents '#!/bin/sh\necho "hi world"' - ovf:value="IyEvYmluL3NoCmVjaG8gImhpIHdvcmxkIgo=" - --> - </Property> - <Property ovf:key="password" ovf:type="string" ovf:userConfigurable="true" ovf:value=""> - <Label>Default User's password</Label> - <Description>If set, the default user's password will be set to this value to allow password based login. The password will be good for only a single login. If set to the string 'RANDOM' then a random password will be generated, and written to the console.</Description> - </Property> - </ProductSection> </VirtualSystem> -</Envelope> +</ovf:Envelope>
\ No newline at end of file diff --git a/roles/vmware-ova/vars/main.yml b/roles/vmware-ova/vars/main.yml index 176f25c..598f592 100644 --- a/roles/vmware-ova/vars/main.yml +++ b/roles/vmware-ova/vars/main.yml @@ -2,5 +2,4 @@ vyos_vmware_ovf: /tmp/vyos_vmware_image.ovf vyos_vmware_tmp_vmdk: /tmp/vyos_vmware_image_tmp.vmdk vyos_vmware_mf: /tmp/vyos_vmware_image.mf vyos_vmware_vmdk: /tmp/vyos_vmware_image.vmdk -vyos_vmware_ova: /tmp/vyos_vmware_image.ova vyos_vmware_cert: /tmp/vyos_vmware_image.cert diff --git a/vagrant-libvirt.yml b/vagrant-libvirt.yml index 81d8e53..e5b9f8a 100644 --- a/vagrant-libvirt.yml +++ b/vagrant-libvirt.yml @@ -22,6 +22,7 @@ - install-config - install-grub - install-persistence-conf + - unmount-pre - unmount-all - vagrant-libvirt-box - release @@ -6,8 +6,11 @@ vyos_platform: VMware vyos_format: ova vyos_vmdk_size: 10 - vyos_vmware_ova: /tmp/vyos_vmware_image.ova + vyos_vmware_ova: "/tmp/vyos-{{ vyos_version }}{{ ci_tag | default() }}-vmware.ova" vyos_output_img: "{{ vyos_vmware_ova }}" + cloud_init: "true" + cloud_init_ds_string: "{{ cloud_init_ds | default('OVF,None') }}" + cloud_init_ds_list: "{{ cloud_init_ds_string.split(',') }}" roles: - install-packages - load-modules @@ -22,8 +25,11 @@ - install-config - install-grub - install-persistence-conf - - install-cloud-init + - install-cloud-init-wrapper + - fstrim + - unmount-pre - unmount-all - install-open-vmdk - vmware-ova + - cleanup-ending - release |