From: Chuck Lever <cel@kernel.org>
To: <kdevops@lists.linux.dev>
Cc: Chuck Lever <chuck.lever@oracle.com>
Subject: [PATCH v2 04/12] guestfs: Add a "bringup" tag to the guestfs role
Date: Fri, 30 May 2025 13:52:21 -0400 [thread overview]
Message-ID: <20250530175229.489925-5-cel@kernel.org> (raw)
In-Reply-To: <20250530175229.489925-1-cel@kernel.org>
From: Chuck Lever <chuck.lever@oracle.com>
Create a new "bringup" tag that bookends the existing "destroy" tag.
All guestfs bringup steps will get this tag.
Start by populating this new tag with the steps that provision
the kdevops storage pool for guestfs.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---
playbooks/roles/guestfs/defaults/main.yml | 2 +
.../tasks/bringup/storage-pool-path.yml | 78 +++++++++++++++++++
playbooks/roles/guestfs/tasks/main.yml | 8 ++
scripts/guestfs.Makefile | 6 +-
4 files changed, 93 insertions(+), 1 deletion(-)
create mode 100644 playbooks/roles/guestfs/defaults/main.yml
create mode 100644 playbooks/roles/guestfs/tasks/bringup/storage-pool-path.yml
diff --git a/playbooks/roles/guestfs/defaults/main.yml b/playbooks/roles/guestfs/defaults/main.yml
new file mode 100644
index 000000000000..6112b384bb57
--- /dev/null
+++ b/playbooks/roles/guestfs/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+libvirt_uri_system: false
diff --git a/playbooks/roles/guestfs/tasks/bringup/storage-pool-path.yml b/playbooks/roles/guestfs/tasks/bringup/storage-pool-path.yml
new file mode 100644
index 000000000000..50f804cc304c
--- /dev/null
+++ b/playbooks/roles/guestfs/tasks/bringup/storage-pool-path.yml
@@ -0,0 +1,78 @@
+---
+- name: Create storage pool path directory (libvirt session uri)
+ # noqa: risky-file-permissions
+ ansible.builtin.file:
+ path: "{{ libvirt_storage_pool_path }}"
+ state: directory
+ # mode: "u=rwx,g=rwx,o=rx"
+ when:
+ - not libvirt_uri_system|bool
+
+- name: Create storage pool path directory and set group (libvirt system uri)
+ become: true
+ become_flags: 'su - -c'
+ become_method: ansible.builtin.sudo
+ ansible.builtin.file:
+ path: "{{ libvirt_storage_pool_path }}"
+ state: directory
+ owner: root
+ group: "{{ libvirt_qemu_group }}"
+ mode: "u=rwx,g=rwx,o=rx"
+ when:
+ - libvirt_uri_system|bool
+
+- name: Create kdevops guestfs storage directory (libvirt session uri)
+ ansible.builtin.file:
+ path: "{{ guestfs_base_image_dir }}"
+ state: directory
+ mode: "u=rwx,g=rx,o=rx"
+ when:
+ - not libvirt_uri_system|bool
+
+- name: Create kdevops guestfs storage directory (libvirt system uri)
+ become: true
+ become_flags: 'su - -c'
+ become_method: ansible.builtin.sudo
+ ansible.builtin.file:
+ path: "{{ guestfs_base_image_dir }}"
+ state: directory
+ mode: "u=rwx,g=rwx,o=rx"
+ group: "{{ libvirt_qemu_group }}"
+ when:
+ - libvirt_uri_system|bool
+
+- name: Check if directory is owned by the correct group (libvirt system uri)
+ become: true
+ become_flags: 'su - -c'
+ become_method: ansible.builtin.sudo
+ ansible.builtin.command:
+ cmd: stat -c '%G' "{{ libvirt_storage_pool_path }}"
+ register: dir_group
+ changed_when: false
+ when:
+ - libvirt_uri_system|bool
+
+- name: Check if directory has group write permissions (libvirt system uri)
+ become: true
+ become_flags: 'su - -c'
+ become_method: ansible.builtin.sudo
+ ansible.builtin.command:
+ cmd: stat -c '%A' "{{ libvirt_storage_pool_path }}"
+ register: dir_perms
+ changed_when: false
+ when:
+ - libvirt_uri_system|bool
+
+- name: Verify storage pool path directory is group-writable (libvirt system uri)
+ become: true
+ become_flags: 'su - -c'
+ become_method: ansible.builtin.sudo
+ ansible.builtin.fail:
+ msg: |
+ The permissions for {{ libvirt_storage_pool_path }} should be group
+ writeable by the group used by libvirt: {{ libvirt_qemu_group }}
+ Current group: {{ dir_group.stdout }}
+ Current permissions: {{ dir_perms.stdout }}
+ when:
+ - libvirt_uri_system|bool
+ - (dir_group.stdout != libvirt_qemu_group) or (dir_perms.stdout[5] != 'w')
diff --git a/playbooks/roles/guestfs/tasks/main.yml b/playbooks/roles/guestfs/tasks/main.yml
index ba38a67c4baf..12064cb91d73 100644
--- a/playbooks/roles/guestfs/tasks/main.yml
+++ b/playbooks/roles/guestfs/tasks/main.yml
@@ -5,6 +5,14 @@
ansible.builtin.import_tasks:
file: "{{role_path }}/tasks/install-deps/main.yml"
+- name: Ensure a storage pool for guestfs exists
+ delegate_to: localhost
+ run_once: true
+ tags:
+ - bringup
+ ansible.builtin.import_tasks:
+ file: "{{role_path }}/tasks/bringup/storage-pool-path.yml"
+
- name: Shut down and destroy each target node
tags:
- destroy
diff --git a/scripts/guestfs.Makefile b/scripts/guestfs.Makefile
index 7f5fb6334846..571662d187ae 100644
--- a/scripts/guestfs.Makefile
+++ b/scripts/guestfs.Makefile
@@ -75,11 +75,15 @@ install_libguestfs:
--tags install-deps
bringup_guestfs: $(GUESTFS_BRINGUP_DEPS)
+ $(Q)ansible-playbook $(ANSIBLE_VERBOSE) \
+ -i hosts playbooks/guestfs.yml \
+ --extra-vars=@./extra_vars.yaml \
+ --tags bringup
$(Q)ansible-playbook $(ANSIBLE_VERBOSE) --connection=local \
--inventory localhost, \
playbooks/bringup_guestfs.yml \
--extra-vars=@./extra_vars.yaml \
- --tags network,storage-pool-path
+ --tags network
$(Q)$(TOPDIR)/scripts/bringup_guestfs.sh
$(Q)ansible-playbook $(ANSIBLE_VERBOSE) --connection=local \
--inventory localhost, \
--
2.49.0
next prev parent reply other threads:[~2025-05-30 17:52 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-30 17:52 [PATCH v2 00/12] Convert bringup_guestfs to a single Ansible role Chuck Lever
2025-05-30 17:52 ` [PATCH v2 01/12] guestfs: Replace scripts/destroy_guestfs.sh with an Ansible playbook Chuck Lever
2025-05-30 17:52 ` [PATCH v2 02/12] Move the guestfs install-deps to the guestfs playbook Chuck Lever
2025-05-30 17:52 ` [PATCH v2 03/12] guestfs: Do not use the config-check tag Chuck Lever
2025-05-30 17:52 ` Chuck Lever [this message]
2025-05-30 17:52 ` [PATCH v2 05/12] guestfs: Copy "network" tag steps to guestfs role Chuck Lever
2025-05-30 17:52 ` [PATCH v2 06/12] guestfs: Move the QEMU_GROUP check Chuck Lever
2025-05-30 17:52 ` [PATCH v2 07/12] Add a base-image role Chuck Lever
2025-05-30 17:52 ` [PATCH v2 08/12] guestfs: Convert scripts/bringup_guestfs.sh to Ansible Chuck Lever
2025-05-30 17:52 ` [PATCH v2 09/12] guestfs: Move console-related steps to guestfs role Chuck Lever
2025-05-30 17:52 ` [PATCH v2 10/12] bringup_guestfs: Remove the role Chuck Lever
2025-05-30 17:52 ` [PATCH v2 11/12] scripts: Remove the bringup_guestfs.sh script Chuck Lever
2025-05-30 17:52 ` [PATCH v2 12/12] scripts: Remove the destroy_guestfs.sh script Chuck Lever
2025-06-03 19:29 ` [PATCH v2 00/12] Convert bringup_guestfs to a single Ansible role Luis Chamberlain
2025-06-04 14:29 ` Chuck Lever
2025-06-04 17:02 ` Luis Chamberlain
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250530175229.489925-5-cel@kernel.org \
--to=cel@kernel.org \
--cc=chuck.lever@oracle.com \
--cc=kdevops@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox