From: cel@kernel.org
To: <kdevops@lists.linux.dev>
Cc: Chuck Lever <chuck.lever@oracle.com>
Subject: [RFC PATCH 4/5] guestfs: Move check-config, network, and storage-pool tags
Date: Thu, 22 May 2025 09:31:36 -0400 [thread overview]
Message-ID: <20250522133137.989457-5-cel@kernel.org> (raw)
In-Reply-To: <20250522133137.989457-1-cel@kernel.org>
From: Chuck Lever <chuck.lever@oracle.com>
These steps are relocated because my plan is to remove the
bringup_guestfs role eventually.
I'm not sure the config-check steps are absolutely necessary, but
are retained for now.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---
playbooks/roles/guestfs/defaults/main.yml | 1 +
.../roles/guestfs/tasks/config-check.yml | 34 ++++++++
playbooks/roles/guestfs/tasks/main.yml | 18 ++++
playbooks/roles/guestfs/tasks/network.yml | 83 +++++++++++++++++++
.../roles/guestfs/tasks/storage-pool-path.yml | 77 +++++++++++++++++
scripts/guestfs.Makefile | 4 +-
6 files changed, 215 insertions(+), 2 deletions(-)
create mode 100644 playbooks/roles/guestfs/tasks/config-check.yml
create mode 100644 playbooks/roles/guestfs/tasks/network.yml
create mode 100644 playbooks/roles/guestfs/tasks/storage-pool-path.yml
diff --git a/playbooks/roles/guestfs/defaults/main.yml b/playbooks/roles/guestfs/defaults/main.yml
index 0d1e2ef82ae9..dc955d915d70 100644
--- a/playbooks/roles/guestfs/defaults/main.yml
+++ b/playbooks/roles/guestfs/defaults/main.yml
@@ -1,3 +1,4 @@
# SPDX-License-Identifier GPL-2.0+
---
libvirt_uri_system: false
+distro_debian_based: false
diff --git a/playbooks/roles/guestfs/tasks/config-check.yml b/playbooks/roles/guestfs/tasks/config-check.yml
new file mode 100644
index 000000000000..e8cbb9b623a7
--- /dev/null
+++ b/playbooks/roles/guestfs/tasks/config-check.yml
@@ -0,0 +1,34 @@
+---
+- name: Verify kdevops .config exists
+ ansible.builtin.stat:
+ path: "{{ topdir_path }}/.config"
+ register: config_file
+
+- name: Fail if kdevops .config is not present
+ ansible.builtin.fail:
+ msg: "kdevops is not confgured. You must run 'make menuconfig'"
+ when: not config_file.stat.exists or not config_file.stat.isreg
+
+- name: Check if guestfs directory exists
+ ansible.builtin.stat:
+ path: "{{ topdir_path }}/guestfs"
+ register: guestfs_dir_stat
+
+- name: Fail if guestfs directory does not exist
+ ansible.builtin.fail:
+ msg: "The guestfs directory does not exist. You must run make first."
+ when: not guestfs_dir_stat.stat.exists
+
+- name: Check for directories in guestfs/
+ ansible.builtin.find:
+ paths: "{{ topdir_path }}/guestfs"
+ file_type: directory
+ recurse: false
+ depth: 1
+ register: guestfs_subdirectories
+ when: guestfs_dir_stat.stat.exists
+
+- name: Fail if no directories found in guestfs/
+ ansible.builtin.fail:
+ msg: "No directories found in guestfs. You must run make first."
+ when: guestfs_subdirectories.matched == 0
diff --git a/playbooks/roles/guestfs/tasks/main.yml b/playbooks/roles/guestfs/tasks/main.yml
index a469d48a082b..bda91de79983 100644
--- a/playbooks/roles/guestfs/tasks/main.yml
+++ b/playbooks/roles/guestfs/tasks/main.yml
@@ -5,6 +5,24 @@
ansible.builtin.import_tasks:
file: "{{role_path }}/tasks/install-deps/main.yml"
+- name: Check basic guestfs configuration
+ tags:
+ - config-check
+ ansible.builtin.import_tasks:
+ file: "{{role_path }}/tasks/config-check.yml"
+
+- name: Configure libvirt storage pool
+ tags:
+ - storage-pool-path
+ ansible.builtin.import_tasks:
+ file: "{{role_path }}/tasks/storage-pool-path.yml"
+
+- name: Configure libvirt networking
+ tags:
+ - network
+ ansible.builtin.import_tasks:
+ file: "{{role_path }}/tasks/network.yml"
+
- name: Set up target node console permissions
tags:
- console-permissions
diff --git a/playbooks/roles/guestfs/tasks/network.yml b/playbooks/roles/guestfs/tasks/network.yml
new file mode 100644
index 000000000000..8e7c9f1df7f3
--- /dev/null
+++ b/playbooks/roles/guestfs/tasks/network.yml
@@ -0,0 +1,83 @@
+---
+- name: Check for dnsmasq configuration files
+ ansible.builtin.stat:
+ path: "{{ item }}"
+ loop:
+ - /etc/dnsmasq.conf
+ - /etc/dnsmasq.d
+ register: dnsmasq_config_files
+ when:
+ - distro_debian_based|bool
+
+- name: Fail if dnsmasq configuration files exist
+ ansible.builtin.fail:
+ msg: |
+ dnsmasq configuration files or directories still exist.
+ Please remove the following to fully uninstall
+ dnsmasq:\n{{ dnsmasq_config_files | join('\n') }}
+ when:
+ - distro_debian_based|bool
+ - dnsmasq_config_files.results | selectattr('stat.exists') | list | length > 0
+
+- name: Check if dnsmasq service is enabled
+ # noqa: command-instead-of-module
+ become: true
+ become_flags: 'su - -c'
+ become_method: ansible.builtin.sudo
+ ansible.builtin.command:
+ cmd: "systemctl is-enabled dnsmasq"
+ register: dnsmasq_enabled
+ failed_when: false
+ changed_when: false
+ when:
+ - distro_debian_based|bool
+ - dnsmasq_config_files | length > 0
+
+- name: Check if dnsmasq service is active
+ # noqa: command-instead-of-module
+ become: true
+ become_flags: 'su - -c'
+ become_method: ansible.builtin.sudo
+ ansible.builtin.command:
+ cmd: "systemctl is-active dnsmasq"
+ register: dnsmasq_active
+ failed_when: false
+ changed_when: false
+ when:
+ - distro_debian_based|bool
+ - dnsmasq_config_files | length > 0
+
+- name: Fail if dnsmasq service is enabled or active
+ ansible.builtin.fail:
+ msg: |
+ dnsmasq service is
+ {{ 'enabled' if dnsmasq_enabled.rc == 0 else 'active' if dnsmasq_active.rc == 0 else 'present' }}.
+ Please ensure dnsmasq is fully uninstalled and disabled.
+ Run 'sudo systemctl disable dnsmasq' and 'sudo systemctl
+ stop dnsmasq' to disable and stop the service.
+ when:
+ - distro_debian_based|bool
+ - dnsmasq_config_files | length > 0
+ - (dnsmasq_enabled.rc == 0) or (dnsmasq_active.rc == 0)
+
+- name: Check if libvirt default network is running
+ become: true
+ become_flags: 'su - -c'
+ become_method: ansible.builtin.sudo
+ ansible.builtin.shell: virsh net-list | grep -q default
+ register: libvirt_default_net
+ ignore_errors: true
+ changed_when: false
+ when:
+ - libvirt_uri_system|bool
+
+- name: Start the libvirt default network
+ become: true
+ become_flags: 'su - -c'
+ become_method: ansible.builtin.sudo
+ ansible.builtin.command:
+ cmd: "virsh net-start default"
+ changed_when: true
+ when:
+ - libvirt_uri_system|bool
+ - libvirt_default_net.rc != 0
diff --git a/playbooks/roles/guestfs/tasks/storage-pool-path.yml b/playbooks/roles/guestfs/tasks/storage-pool-path.yml
new file mode 100644
index 000000000000..78781f0489c1
--- /dev/null
+++ b/playbooks/roles/guestfs/tasks/storage-pool-path.yml
@@ -0,0 +1,77 @@
+---
+- name: Create storage pool path directory (libvirt session uri)
+ ansible.builtin.file:
+ path: "{{ libvirt_storage_pool_path }}"
+ state: directory
+# mode: "u=rwx,g=rwx,o=rx"
+ when:
+ - not libvirt_uri_system|bool
+
+- name: Create storage pool path directory and set group (libvirt system uri)
+ become: true
+ become_flags: 'su - -c'
+ become_method: ansible.builtin.sudo
+ ansible.builtin.file:
+ path: "{{ libvirt_storage_pool_path }}"
+ state: directory
+ owner: root
+ group: "{{ libvirt_qemu_group }}"
+ mode: "u=rwx,g=rwx,o=rx"
+ when:
+ - libvirt_uri_system|bool
+
+- name: Create kdevops guestfs storage directory (libvirt session uri)
+ ansible.builtin.file:
+ path: "{{ guestfs_base_image_dir }}"
+ state: directory
+ mode: "u=rwx,g=rx,o=rx"
+ when:
+ - not libvirt_uri_system|bool
+
+- name: Create kdevops guestfs storage directory (libvirt system uri)
+ become: true
+ become_flags: 'su - -c'
+ become_method: ansible.builtin.sudo
+ ansible.builtin.file:
+ path: "{{ guestfs_base_image_dir }}"
+ state: directory
+ mode: "u=rwx,g=rwx,o=rx"
+ group: "{{ libvirt_qemu_group }}"
+ when:
+ - libvirt_uri_system|bool
+
+- name: Check if directory is owned by the correct group (libvirt system uri)
+ become: true
+ become_flags: 'su - -c'
+ become_method: ansible.builtin.sudo
+ ansible.builtin.command:
+ cmd: stat -c '%G' "{{ libvirt_storage_pool_path }}"
+ register: dir_group
+ changed_when: false
+ when:
+ - libvirt_uri_system|bool
+
+- name: Check if directory has group write permissions (libvirt system uri)
+ become: true
+ become_flags: 'su - -c'
+ become_method: ansible.builtin.sudo
+ ansible.builtin.command:
+ cmd: stat -c '%A' "{{ libvirt_storage_pool_path }}"
+ register: dir_perms
+ changed_when: false
+ when:
+ - libvirt_uri_system|bool
+
+- name: Verify storage pool path directory is group-writable (libvirt system uri)
+ become: true
+ become_flags: 'su - -c'
+ become_method: ansible.builtin.sudo
+ ansible.builtin.fail:
+ msg: |
+ The permissions for {{ libvirt_storage_pool_path }} should be group
+ writeable by the group used by libvirt: {{ libvirt_qemu_group }}
+ Current group: {{ dir_group.stdout }}
+ Current permissions: {{ dir_perms.stdout }}
+ when:
+ - libvirt_uri_system|bool
+ - (dir_group.stdout != libvirt_qemu_group) or (dir_perms.stdout[5] != 'w')
diff --git a/scripts/guestfs.Makefile b/scripts/guestfs.Makefile
index 30bef9d17e99..290315ee9c9e 100644
--- a/scripts/guestfs.Makefile
+++ b/scripts/guestfs.Makefile
@@ -75,9 +75,9 @@ install_libguestfs:
--tags install-deps
bringup_guestfs: $(GUESTFS_BRINGUP_DEPS)
- $(Q)ansible-playbook $(ANSIBLE_VERBOSE) --connection=local \
+ $(Q)ansible-playbook $(ANSIBLE_VERBOSE) \
--inventory localhost, \
- playbooks/bringup_guestfs.yml \
+ playbooks/guestfs.yml \
--extra-vars=@./extra_vars.yaml \
--tags config-check,network,storage-pool-path
$(Q)$(TOPDIR)/scripts/bringup_guestfs.sh
--
2.49.0
next prev parent reply other threads:[~2025-05-22 13:31 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-22 13:31 [RFC PATCH 0/5] Convert bringup_guestfs to a single Ansible role cel
2025-05-22 13:31 ` [RFC PATCH 1/5] guestfs: Replace scripts/destroy_guestfs.sh with an Ansible playbook cel
2025-05-22 17:02 ` Luis Chamberlain
2025-05-22 17:03 ` Chuck Lever
2025-05-22 13:31 ` [RFC PATCH 2/5] Move the guestfs install-deps to the guestfs playbook cel
2025-05-22 17:07 ` Luis Chamberlain
2025-05-22 17:13 ` Chuck Lever
2025-05-22 17:16 ` Luis Chamberlain
2025-05-22 13:31 ` [RFC PATCH 3/5] guestfs: Move console-related steps to guestfs role cel
2025-05-22 17:09 ` Luis Chamberlain
2025-05-22 17:11 ` Chuck Lever
2025-05-22 17:15 ` Luis Chamberlain
2025-05-22 13:31 ` cel [this message]
2025-05-22 13:31 ` [RFC PATCH 5/5] guestfs: Convert part of scripts/bringup_guestfs.sh to Ansible cel
2025-05-22 17:14 ` Luis Chamberlain
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250522133137.989457-5-cel@kernel.org \
--to=cel@kernel.org \
--cc=chuck.lever@oracle.com \
--cc=kdevops@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.