forked from ethernity-cloud/mvp-pox-node
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathplaybook.yml
126 lines (125 loc) · 5.59 KB
/
playbook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
#
# Copyright (C) 2018, 2019 Ethernity HODL UG
#
# This file is part of ETHERNITY NODE.
#
# ETHERNITY SC is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
#
- name: Ethernity NODE
hosts: all
connection: local
become: yes
gather_facts: yes
roles:
- role: crivetimihai.virtualization.kvm
- role: crivetimihai.virtualization.vagrant
- role: uoi-io.libvirt
libvirt_firewalld: false
libvirt_selinux: false
libvirt_config:
- { option: 'listen_tls', value: 'listen_tls = 0' }
- { option: 'listen_tcp', value: 'listen_tcp = 0' }
libvirt_qemu_config:
- { option: 'user', value: 'user = "+0"' }
- { option: 'cgroup_device_acl', value: 'cgroup_device_acl = [ "/dev/null", "/dev/full", "/dev/zero", "/dev/random", "/dev/urandom", "/dev/ptmx", "/dev/kvm", "/dev/kqemu", "/dev/rtc", "/dev/hpet", "/dev/sgx_virt" ]' }
tasks:
- name: apparmor - enable sgx support for libvirt qemu
copy:
src: ubuntu/etc/apparmor.d/libvirt/TEMPLATE.qemu
dest: /etc/apparmor.d/libvirt/TEMPLATE.qemu
- name: kernel SGX - Ubuntu 18.04
when: (ansible_facts['distribution'] == "Ubuntu" and ansible_facts['distribution_major_version'] == "18" and ansible_kernel is version('5.0.0-050000-generic','!='))
apt: deb={{item}}
with_items:
- ubuntu/linux-modules-5.0.0-050000-generic_5.0.0-050000.201903032031_amd64.deb
- ubuntu/linux-image-unsigned-5.0.0-050000-generic_5.0.0-050000.201903032031_amd64.deb
- ubuntu/linux-headers-5.0.0-050000_5.0.0-050000.201903032031_all.deb
- ubuntu/linux-modules-extra-5.0.0-050000-generic_5.0.0-050000.201903032031_amd64.deb
- ubuntu/linux-headers-5.0.0-050000-generic_5.0.0-050000.201903032031_amd64.deb
- name: reboot - Ubuntu 18.04
when: (ansible_facts['distribution'] == "Ubuntu" and ansible_facts['distribution_major_version'] == "18" and ansible_kernel is version('5.0.0-050000-generic','!='))
debug:
msg: The kernel has been updated, a reboot is required
- name: exit - Ubuntu 18.04
when: (ansible_facts['distribution'] == "Ubuntu" and ansible_facts['distribution_major_version'] == "18" and ansible_kernel is version('5.0.0-050000-generic','!='))
meta: end_play
- name: qemu SGX cleanup - Ubuntu 18.04
when: (ansible_facts['distribution'] == "Ubuntu" and ansible_facts['distribution_major_version'] == "18" and ansible_kernel is version('5.0.0-050000-generic','=='))
apt:
pkg:
- qemu-kvm
- qemu-utils
- qemu-system-x86
- qemu-system-common
- qemu-block-extra
- libcacard0
- qemu-user-binfmt
- qemu-user
state: absent
- name: qemu SGX remove unused packages - Ubuntu 18.04
apt:
autoremove: yes
- name: qemu SGX - Ubuntu 18.04
when: (ansible_facts['distribution'] == "Ubuntu" and ansible_facts['distribution_major_version'] == "18" and ansible_kernel is version('5.0.0-050000-generic','=='))
apt: deb={{item}}
with_items:
- ubuntu/libcacard0_2.5.1-etny_amd64.deb
- ubuntu/qemu-block-extra_3.1.0r1-etny_amd64.deb
- ubuntu/qemu-system-common_3.1.0r1-etny_amd64.deb
- ubuntu/qemu-system-data_3.1.0r1-etny_all.deb
- ubuntu/qemu-system-mips_3.1.0r1-etny_amd64.deb
- ubuntu/qemu-system-misc_3.1.0r1-etny_amd64.deb
- ubuntu/qemu-system-ppc_3.1.0r1-etny_amd64.deb
- ubuntu/qemu-system-x86_3.1.0r1-etny_amd64.deb
- ubuntu/qemu-system-s390x_3.1.0r1-etny_amd64.deb
- ubuntu/qemu-system-sparc_3.1.0r1-etny_amd64.deb
- ubuntu/qemu-system-arm_3.1.0r1-etny_amd64.deb
- ubuntu/qemu-kvm_3.1.0r1-etny_amd64.deb
- ubuntu/qemu-system_3.1.0r1-etny_amd64.deb
- ubuntu/qemu-user_3.1.0r1-etny_amd64.deb
- ubuntu/qemu-user-binfmt_3.1.0r1-etny_amd64.deb
- ubuntu/qemu-utils_3.1.0r1-etny_amd64.deb
- ubuntu/qemu_3.1.0r1-etny_amd64.deb
- name: vagrant-libvirt package dependencies - install
when: (ansible_facts['distribution'] == "Ubuntu" and ansible_facts['distribution_major_version'] == "18" and ansible_kernel is version('5.0.0-050000-generic','=='))
apt:
pkg:
- ebtables
- dnsmasq-base
- libxslt-dev
- libxml2-dev
- libvirt-dev
- zlib1g-dev
- ruby-dev
- name: vagrant-libvirt - install
shell: vagrant plugin install vagrant-libvirt
- name: vagrant-preload - install
shell: vagrant plugin install vagrant-reload
- name: vagrant - cleanup VM
shell: vagrant destroy -f
- name: vagrant - provision VM
shell: vagrant up --provider=libvirt
- name: startup - set etny-vagrant configuration
shell: echo "ETNY_PATH=${PWD}" > /etc/default/etny-vagrant
- name: startup - create etny-vagrant.service
copy:
src: etc/systemd/system/etny-vagrant.service
dest: /etc/systemd/system/etny-vagrant.service
- name: startup - enable etny-vagrant.service
shell: systemctl enable etny-vagrant.service
- name: startup - start etny-vagrant.service
shell: systemctl restart etny-vagrant.service
- name: finished
debug:
msg: Ethernity NODE installation successful