summaryrefslogtreecommitdiff
path: root/roles/vmware/tasks
diff options
context:
space:
mode:
Diffstat (limited to 'roles/vmware/tasks')
-rw-r--r--roles/vmware/tasks/build_image.yml122
-rw-r--r--roles/vmware/tasks/convert.yml69
-rw-r--r--roles/vmware/tasks/install_packages.yml22
-rw-r--r--roles/vmware/tasks/load_modules.yml2
-rw-r--r--roles/vmware/tasks/main.yml7
-rw-r--r--roles/vmware/tasks/setup_iso.yml57
-rw-r--r--roles/vmware/tasks/unmount.yml66
7 files changed, 345 insertions, 0 deletions
diff --git a/roles/vmware/tasks/build_image.yml b/roles/vmware/tasks/build_image.yml
new file mode 100644
index 0000000..7cfdadc
--- /dev/null
+++ b/roles/vmware/tasks/build_image.yml
@@ -0,0 +1,122 @@
+- name: Create the target disk image
+ command: qemu-img create -f raw "{{ vyos_raw_img }}" 1G
+
+- name: Find loopback
+ shell: losetup -f
+ register: loopback
+
+- name: Loopback attach
+ command: "losetup {{ loopback.stdout }} {{ vyos_raw_img }}"
+
+- name: Partition the target drive
+ parted:
+ device: "{{ loopback.stdout }}"
+ state: present
+ label: msdos
+ number: 1
+ part_type: primary
+ part_start: 0%
+ part_end: 100%
+ align: optimal
+ flags: [boot]
+
+- name: Create a filesystem on root partition
+ filesystem:
+ fstype: "{{ ROOT_FSTYPE }}"
+ device: "{{ loopback.stdout }}"
+ opts: "-L persistence"
+
+- name: Mount root partition
+ mount:
+ name: "{{ WRITE_ROOT }}"
+ src: "{{ loopback.stdout }}"
+ fstype: "{{ ROOT_FSTYPE }}"
+ state: mounted
+
+# ---- Install image from ISO ----
+- name: Create {{ WRITE_ROOT }} directories
+ file:
+ path: "{{ WRITE_ROOT }}/boot/{{ version_string.stdout }}/rw"
+ state: directory
+ register: RW_DIR
+
+- name: Create the work directory
+ file:
+ path: "{{ WRITE_ROOT }}/boot/{{ version_string.stdout }}/work/work"
+ state: directory
+
+- name: Copy squashfs image from ISO to root partition
+ command: cp -p {{ SQUASHFS_IMAGE }} {{ WRITE_ROOT }}/boot/{{ version_string.stdout }}/{{ version_string.stdout }}.squashfs
+ args:
+ creates: "{{ WRITE_ROOT }}/boot/{{ version_string.stdout }}/{{ version_string.stdout }}.squashfs"
+
+- name: Copy boot files (kernel and initrd images) from ISO to root partition
+ shell: find {{ CD_SQUASH_ROOT }}/boot -maxdepth 1 \( -type f -o -type l \) -print -exec cp -dp {} {{ WRITE_ROOT }}/boot/{{ version_string.stdout }}/ \;
+ args:
+ creates: "{{ WRITE_ROOT }}/boot/{{ version_string.stdout }}/vmlinuz"
+
+- name: Mount squashfs image from root partition
+ mount:
+ name: "{{ READ_ROOT }}"
+ src: "{{ WRITE_ROOT }}/boot/{{ version_string.stdout }}/{{ version_string.stdout }}.squashfs"
+ fstype: squashfs
+ opts: loop,ro
+ state: mounted
+
+- name: Set up union root for post installation tasks
+ mount:
+ name: "{{ INSTALL_ROOT }}"
+ src: none
+ fstype: aufs
+ opts: "noatime,dirs={{ RW_DIR.path }}=rw:{{ READ_ROOT }}=rr"
+ state: mounted
+
+# ---- Post image installation tasks ----
+
+## ---- VyOS configuration ----
+- name: Make sure that config partition marker exists
+ file:
+ path: "{{ INSTALL_ROOT }}/opt/vyatta/etc/config/.vyatta_config"
+ state: touch
+
+- name: Copy the default config for QEMU to the installed image
+ template:
+ src: files/config.boot
+ dest: "{{ INSTALL_ROOT }}/opt/vyatta/etc/config/config.boot"
+ mode: 0755
+
+## ---- Install GRUB boot loader ----
+- name: Create GRUB directory
+ file:
+ path: "{{ WRITE_ROOT }}/boot/grub"
+ state: directory
+
+# It is necessary to mount and bind /dev, /proc, /sys and /boot in order to execute grub-install
+# and install GRUB correctly within the {{ volume_drive }} using chroot
+
+# XXX: ansible mount module requires fstype so it cannot be used for binding an already
+# mounted location, we get to use mount directly at least for /boot
+- name: Mount and bind /dev /proc /sys and {{ WRITE_ROOT }}/boot to {{ INSTALL_ROOT }}
+ shell: mount --bind /dev {{ INSTALL_ROOT }}/dev &&
+ mount --bind /proc {{ INSTALL_ROOT }}/proc &&
+ mount --bind /sys {{ INSTALL_ROOT }}/sys &&
+ mount --bind {{ WRITE_ROOT }} {{ INSTALL_ROOT }}/boot
+ args:
+ warn: no
+
+- name: Install GRUB in the boot sector of {{ loopback.stdout }}
+ command: chroot {{ INSTALL_ROOT }} grub-install --no-floppy --root-directory=/boot {{ loopback.stdout }} --force
+ args:
+ creates: "{{ INSTALL_ROOT }}/boot/grub/grubenv"
+
+- name: Configure GRUB
+ template:
+ src: templates/boot/grub/grub.cfg.j2
+ dest: "{{ WRITE_ROOT }}/boot/grub/grub.cfg"
+ mode: 0644
+
+- name: Create the persistence config
+ template:
+ src: files/persistence.conf
+ dest: "{{ WRITE_ROOT }}/persistence.conf"
+ mode: 0644
diff --git a/roles/vmware/tasks/convert.yml b/roles/vmware/tasks/convert.yml
new file mode 100644
index 0000000..39f4e8b
--- /dev/null
+++ b/roles/vmware/tasks/convert.yml
@@ -0,0 +1,69 @@
+- name: Convert raw to vmdk
+ command: qemu-img convert -f raw "{{ vyos_raw_img }}" -O vmdk -o adapter_type=lsilogic "{{ vyos_vmware_tmp_vmdk }}"
+- name: Fix vmdk with open-vmdk
+ command: vmdk-convert "{{ vyos_vmware_tmp_vmdk }}" "{{ vyos_vmware_vmdk }}"
+- name: Get vmdk_file_size
+ shell: du --bytes "{{ vyos_vmware_vmdk }}" | cut -f1
+ register: vmdk_file_size
+- name: Get vmdk_populated_size
+ shell: vmdk-convert -i "{{ vyos_vmware_vmdk }}"
+ register: result
+- name: Set vmdk_populated_size
+ set_fact:
+ vmdk_populated_size: "{{ (result.stdout | from_json).used }}"
+- name: Generate OVF
+ become: false
+ template:
+ src: templates/vyos_vmware_image.ovf.j2
+ dest: "{{ vyos_vmware_ovf }}"
+- name: Generate MF
+ shell: openssl sha1 "{{ vyos_vmware_vmdk | basename }}" "{{ vyos_vmware_ovf | basename }}"
+ args:
+ chdir: /tmp
+ register: result
+- name: Create MF
+ become: false
+ copy:
+ dest: "{{ vyos_vmware_mf }}"
+ content: "{{ result.stdout }}"
+- name: Create OVA without private key
+ become: false
+ archive:
+ path:
+ - "{{ vyos_vmware_ovf }}"
+ - "{{ vyos_vmware_mf }}"
+ - "{{ vyos_vmware_vmdk }}"
+ dest: "{{ vyos_vmware_ova }}"
+ format: tar
+ when: vyos_vmware_private_key_path is not defined
+- name: Sign MF
+ shell: openssl dgst -sha256 -sign "{{ vyos_vmware_private_key_path }}" -hex "{{ vyos_vmware_mf | basename }}" | sed 's/^RSA-//'
+ args:
+ chdir: /tmp
+ register: signature
+ when: vyos_vmware_private_key_path is defined
+- name: Get certificate
+ shell: openssl x509 -in "{{ vyos_vmware_private_key_path }}"
+ register: certificate
+ when: vyos_vmware_private_key_path is defined
+- name: Create cert file for OVA
+ become: false
+ copy:
+ dest: "{{ vyos_vmware_cert }}"
+ content: |
+ {{ signature.stdout }}
+ {{ certificate.stdout }}
+- name: Create OVA with private key
+ become: false
+ archive:
+ path:
+ - "{{ vyos_vmware_ovf }}"
+ - "{{ vyos_vmware_mf }}"
+ - "{{ vyos_vmware_cert }}"
+ - "{{ vyos_vmware_vmdk }}"
+ dest: "{{ vyos_vmware_ova }}"
+ format: tar
+ when: vyos_vmware_private_key_path is defined
+- name: Copy image
+ become: false
+ command: cp "{{ vyos_vmware_ova }}" .
diff --git a/roles/vmware/tasks/install_packages.yml b/roles/vmware/tasks/install_packages.yml
new file mode 100644
index 0000000..23e5f6f
--- /dev/null
+++ b/roles/vmware/tasks/install_packages.yml
@@ -0,0 +1,22 @@
+- name: Install required packages
+ become: yes
+ apt:
+ update_cache: yes
+ name:
+ - parted
+ - e2fsprogs
+ - gnupg
+ - qemu-utils
+ state: present
+- name: Download open-vmdk
+ get_url:
+ url: https://github.com/vmware/open-vmdk/archive/master.zip
+ dest: /tmp/master.zip
+- name: Extract master.zip into /var/lib/foo
+ unarchive:
+ src: /tmp/master.zip
+ dest: /tmp
+- name: Install open-vmdk
+ make:
+ chdir: /tmp/open-vmdk-master
+ target: install
diff --git a/roles/vmware/tasks/load_modules.yml b/roles/vmware/tasks/load_modules.yml
new file mode 100644
index 0000000..44295fe
--- /dev/null
+++ b/roles/vmware/tasks/load_modules.yml
@@ -0,0 +1,2 @@
+- name: Load aufs module
+ shell: modprobe aufs
diff --git a/roles/vmware/tasks/main.yml b/roles/vmware/tasks/main.yml
new file mode 100644
index 0000000..611a6d3
--- /dev/null
+++ b/roles/vmware/tasks/main.yml
@@ -0,0 +1,7 @@
+- include_tasks: install_packages.yml
+- include_tasks: load_modules.yml
+- include_tasks: setup_iso.yml
+- include_tasks: build_image.yml
+- include_tasks: unmount.yml
+- include_tasks: convert.yml
+
diff --git a/roles/vmware/tasks/setup_iso.yml b/roles/vmware/tasks/setup_iso.yml
new file mode 100644
index 0000000..18f1f5e
--- /dev/null
+++ b/roles/vmware/tasks/setup_iso.yml
@@ -0,0 +1,57 @@
+- name: Fetch VyOS ISO GPG signature
+ uri:
+ url: "{{ vyos_iso_url }}.asc"
+ dest: "{{ vyos_iso_local }}.asc"
+ status_code: 200,404,403
+ tags: verify
+ register: gpg_uri
+
+- name: Download VyOS ISO release
+ get_url:
+ url: "{{ vyos_iso_url }}"
+ dest: "{{ vyos_iso_local }}"
+
+- name: Fetch the VyOS release GPG key
+ get_url:
+ url: "{{ vyos_key_url}}"
+ dest: "{{ vyos_key_local }}"
+ tags: verify
+
+- name: Install the VyOS release GPG key
+ command: gpg --import {{ vyos_key_local }}
+ when: gpg_uri.status == 200
+ tags: verify
+
+- name: Validate ISO GPG signature
+ command: gpg --verify {{ vyos_iso_local }}.asc {{ vyos_iso_local }}
+ when: gpg_uri.status == 200
+ tags: verify
+
+- name: Mount ISO
+ mount:
+ name: "{{ CD_ROOT }}"
+ src: "{{ vyos_iso_local }}"
+ fstype: iso9660
+ opts: loop,ro
+ state: mounted
+
+- name: Verify checksums of all the files in the ISO image
+ command: md5sum -c md5sum.txt
+ args:
+ chdir: "{{ CD_ROOT }}"
+ changed_when: False
+
+- name: Mount squashfs image from ISO
+ mount:
+ name: "{{ CD_SQUASH_ROOT }}"
+ src: "{{ SQUASHFS_IMAGE }}"
+ fstype: squashfs
+ opts: loop,ro
+ state: mounted
+
+- name: Read version string from iso packages
+ shell: cat {{ CD_SQUASH_ROOT }}/opt/vyatta/etc/version | awk '{print $2}' | tr + -
+ register: version_string
+
+- name: Debug version string as read from ISO
+ debug: msg="This is version {{ version_string.stdout }}"
diff --git a/roles/vmware/tasks/unmount.yml b/roles/vmware/tasks/unmount.yml
new file mode 100644
index 0000000..39c3d52
--- /dev/null
+++ b/roles/vmware/tasks/unmount.yml
@@ -0,0 +1,66 @@
+# Unmount all mounts
+# If remove unmounted before absent, cannot unmount INSTALL_ROOT...
+- name: Unmount {{ INSTALL_ROOT }}/boot
+ mount:
+ name: "{{ INSTALL_ROOT }}/boot"
+ src: "{{ WRITE_ROOT }}"
+ fstype: none
+ state: unmounted
+
+- name: Unmount {{ INSTALL_ROOT }}/boot
+ mount:
+ name: "{{ INSTALL_ROOT }}/boot"
+ src: "{{ WRITE_ROOT }}"
+ fstype: none
+ state: absent
+
+- name: Unmount {{ INSTALL_ROOT }}/sys, {{ INSTALL_ROOT }}/proc, {{ INSTALL_ROOT }}/dev
+ mount:
+ name: "{{ INSTALL_ROOT }}/{{ item }}"
+ src: "/{{ item }}"
+ fstype: none
+ state: unmounted
+ with_items: [ 'sys', 'proc', 'dev' ]
+
+- name: Unmount {{ INSTALL_ROOT }}/sys, {{ INSTALL_ROOT }}/proc, {{ INSTALL_ROOT }}/dev
+ mount:
+ name: "{{ INSTALL_ROOT }}/{{ item }}"
+ src: "/{{ item }}"
+ fstype: none
+ state: absent
+ with_items: [ 'sys', 'proc', 'dev' ]
+
+- name: Unmount {{ INSTALL_ROOT }}
+ mount:
+ name: "{{ INSTALL_ROOT }}"
+ src: overlayfs
+ fstype: overlayfs
+ state: absent
+
+- name: Unmount {{ READ_ROOT }}
+ mount:
+ name: "{{ READ_ROOT }}"
+ src: "{{ WRITE_ROOT }}/boot/{{ version_string.stdout }}/{{ version_string.stdout }}.squashfs"
+ fstype: squashfs
+ state: absent
+
+- name: Unmount {{ WRITE_ROOT }}
+ mount:
+ name: "{{ WRITE_ROOT }}"
+ src: "{{ loopback.stdout }}"
+ fstype: "{{ ROOT_FSTYPE }}"
+ state: absent
+
+- name: Unmount {{ CD_SQUASH_ROOT }}
+ mount:
+ name: "{{ CD_SQUASH_ROOT }}"
+ src: "{{ SQUASHFS_IMAGE }}"
+ fstype: squashfs
+ state: absent
+
+- name: Unmount {{ CD_ROOT }}
+ mount:
+ name: "{{ CD_ROOT }}"
+ src: "{{ vyos_iso_local }}"
+ fstype: iso9660
+ state: absent
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-01 04:29:55 +0000