Last active
March 24, 2024 13:33
-
-
Save platu/f6fa79855e21e5c1f50c50d1282f2b3d to your computer and use it in GitHub Desktop.
IaC Lab 3 Ansible prepare stage playbook
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: PREPARE LAB ENVIRONMENT | |
| hosts: hypervisors | |
| tasks: | |
| - name: ENSURE SYMLINK TO MASTERS DIRECTORY EXISTS | |
| ansible.builtin.file: | |
| src: /var/cache/kvm/masters | |
| dest: "{{ ansible_env.HOME }}/masters" | |
| state: link | |
| - name: ENSURE VM DIRECTORY EXISTS | |
| ansible.builtin.file: | |
| path: "{{ ansible_env.HOME }}/vm" | |
| state: directory | |
| mode: "0755" | |
| - name: ENSURE SYMLINK TO SCRIPTS DIRECTORY EXISTS | |
| ansible.builtin.file: | |
| src: /var/cache/kvm/masters/scripts | |
| dest: "{{ ansible_env.HOME }}/vm/scripts" | |
| state: link | |
| - name: ENSURE LAB DIRECTORY EXISTS | |
| ansible.builtin.file: | |
| path: "{{ ansible_env.HOME }}/vm/{{ lab_name }}" | |
| state: directory | |
| mode: "0755" | |
| - name: CHECK IF TAP INTERFACES ARE ALREADY USED BY ANOTHER USER | |
| ansible.builtin.shell: | |
| cmd: | | |
| set -o pipefail | |
| if $(pgrep -vafu $USER | grep -q "={{ item.name }},"); then | |
| echo "{{ item.name }} is already in use by another user." | |
| exit 1 | |
| fi | |
| exit 0 | |
| executable: /bin/bash | |
| register: result | |
| failed_when: result.stdout.find("already in use") >= 0 | |
| changed_when: result.rc != 0 | |
| when: | |
| # only run the task if the tap interface already exists on hypervisor | |
| - item.name in ansible_facts.interfaces | |
| with_items: | |
| - "{{ hostvars[inventory_hostname].taps }}" | |
| - name: CONFIGURE TAP INTERFACES SWITCH CONNECTION | |
| ansible.builtin.shell: | |
| cmd: | | |
| # exit if the defined switch does not exist | |
| switches_list=$(sudo ovs-vsctl list-br) | |
| if ! grep -q "{{ item.switch }}" <<< "${switches_list}"; then | |
| exit 1 | |
| fi | |
| # Check if the port is already connected to the defined switch | |
| actual_switch=$(sudo ovs-vsctl port-to-br {{ item.name }}) | |
| if [[ ${actual_switch} != "{{ item.switch }}" ]]; then | |
| sudo ovs-vsctl del-port ${actual_switch} {{ item.name }} | |
| sudo ovs-vsctl add-port {{ item.switch }} {{ item.name }} | |
| echo "Port {{ item.name }} connected to {{ item.switch }}" | |
| fi | |
| exit 0 | |
| executable: /bin/bash | |
| register: result | |
| when: | |
| # only run the task if the tap interface already exists on hypervisor | |
| - item.name in ansible_facts.interfaces | |
| # changed when the "connected to" message is found in the output | |
| changed_when: result.stdout.find("connected to") != -1 | |
| failed_when: result.rc != 0 or item.name not in ansible_facts.interfaces | |
| with_items: | |
| - "{{ hostvars[inventory_hostname].taps }}" | |
| - name: CONFIGURE TAP INTERFACES IN ACCESS MODE | |
| ansible.builtin.shell: | |
| cmd: | | |
| # Check if the port is already configured with the defined vlan mode | |
| actual_mode=$(sudo ovs-vsctl get port {{ item.name }} vlan_mode) | |
| if [[ ${actual_mode} != "{{ item.vlan_mode }}" ]]; then | |
| sudo ovs-vsctl set port {{ item.name }} vlan_mode="{{ item.vlan_mode }}" | |
| echo "Port {{ item.name }} vlan mode changed to {{ item.vlan_mode }}" | |
| fi | |
| # Check if the port is already configured with the defined vlan tag | |
| actual_tag=$(sudo ovs-vsctl get port {{ item.name }} tag) | |
| if [[ ${actual_tag} != "{{ item.tag }}" ]]; then | |
| sudo ovs-vsctl set port {{ item.name }} tag="{{ item.tag }}" | |
| echo "Port {{ item.name }} tag changed to {{ item.tag }}" | |
| fi | |
| exit 0 | |
| executable: /bin/bash | |
| register: result | |
| # changed when the "changed to" message is found in the output | |
| changed_when: result.stdout.find("changed to") != -1 | |
| # tag attribute is mandatory for access mode | |
| failed_when: item.tag is not defined | |
| when: | |
| # only run the task if the tap interface already exists | |
| - item.name in ansible_facts.interfaces | |
| # access mode is selected | |
| - item.vlan_mode is defined and item.vlan_mode == "access" | |
| - item.tag is defined | |
| with_items: | |
| - "{{ hostvars[inventory_hostname].taps }}" | |
| - name: CONFIGURE TAP INTERFACES IN TRUNK MODE | |
| ansible.builtin.shell: | |
| cmd: | | |
| # Check if the port is already configured with the defined vlan mode | |
| actual_mode=$(sudo ovs-vsctl get port {{ item.name }} vlan_mode) | |
| if [[ ${actual_mode} != "{{ item.vlan_mode }}" ]]; then | |
| sudo ovs-vsctl set port {{ item.name }} vlan_mode="{{ item.vlan_mode }}" | |
| echo "Port {{ item.name }} vlan mode changed to {{ item.vlan_mode }}" | |
| fi | |
| # Check if the port is already configured with the defined vlan tag | |
| actual_trunks=$(sudo ovs-vsctl get port {{ item.name }} trunks) | |
| if [[ "${actual_trunks}" != "{{ item.trunks }}" ]]; then | |
| sudo ovs-vsctl set port {{ item.name }} trunks="{{ item.trunks }}" | |
| echo "Port {{ item.name }} vlan list changed to {{ item.trunks }}" | |
| fi | |
| exit 0 | |
| executable: /bin/bash | |
| register: result | |
| # changed when the "changed to" message is found in the output | |
| changed_when: result.stdout.find("changed to") != -1 | |
| # trunks attribute is mandatory for trunk mode | |
| failed_when: item.trunks is not defined | |
| when: | |
| # only run the task if the tap interface already exists | |
| - item.name in ansible_facts.interfaces | |
| # trunk mode is selected | |
| - item.vlan_mode is defined and item.vlan_mode == "trunk" | |
| - item.trunks is defined | |
| with_items: | |
| - "{{ hostvars[inventory_hostname].taps }}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment