From 1cb6bc10ed9981a8aff683972bbab3f1a61d5053 Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Fri, 20 Jun 2025 13:57:08 -0400 Subject: [PATCH 1/9] guestfs: "make destroy" can be more surgical The libvirt.virt module isn't idempotent. To work around that, I simply set "failed_when: false" to ignore cases where a target node was already shut down or undefined. But that means "make destroy" ignores real failures. Instead of squelching all failures when shutting down and undefining target node, make a list of nodes in each state, and compare it against the inventory. Only take action when there is something to do. And, mark the target node as changed when that action is taken. Signed-off-by: Chuck Lever --- playbooks/roles/guestfs/tasks/destroy.yml | 34 ++++++++++++++++++----- 1 file changed, 27 insertions(+), 7 deletions(-) diff --git a/playbooks/roles/guestfs/tasks/destroy.yml b/playbooks/roles/guestfs/tasks/destroy.yml index e26aacde4..a89aabc23 100644 --- a/playbooks/roles/guestfs/tasks/destroy.yml +++ b/playbooks/roles/guestfs/tasks/destroy.yml @@ -1,18 +1,38 @@ --- -- name: Destroy each target node +- name: Gather the list of running libvirt guests + run_once: true community.libvirt.virt: - name: "{{ inventory_hostname }}" - command: "destroy" + command: list_vms + state: running uri: "{{ libvirt_uri }}" - failed_when: false # Do not fail if the target node is not currently running + register: running_vms -- name: Undefine each target node +- name: Shut down each running target node community.libvirt.virt: name: "{{ inventory_hostname }}" - command: "undefine" + command: destroy + uri: "{{ libvirt_uri }}" + changed_when: true + when: + - inventory_hostname in running_vms.list_vms + +- name: Gather the list of stopped libvirt guests + run_once: true + community.libvirt.virt: + command: list_vms + state: shutdown uri: "{{ libvirt_uri }}" + register: shutdown_vms + +- name: Undefine each stopped target node + community.libvirt.virt: + command: "undefine" force: true - failed_when: false # Do not fail if the target node is not currently defined + name: "{{ inventory_hostname }}" + uri: "{{ libvirt_uri }}" + changed_when: true + when: + - inventory_hostname in shutdown_vms.list_vms - name: Remove per-node configuration files ansible.builtin.file: From c9399fe34d909310d994f5433eac46eec389ebf7 Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Sun, 22 Jun 2025 17:52:13 -0400 Subject: [PATCH 2/9] guestfs: Remove unnecessary gather_facts task During the development of guestfs playbook, the top-level playbook yaml was changed from gather_facts: false to gather_facts: true An explicit gather_facts: step in install-deps/main.yml is no longer needed. Signed-off-by: Chuck Lever --- playbooks/roles/guestfs/tasks/install-deps/main.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/playbooks/roles/guestfs/tasks/install-deps/main.yml b/playbooks/roles/guestfs/tasks/install-deps/main.yml index 5cbc55dcb..0009019b4 100644 --- a/playbooks/roles/guestfs/tasks/install-deps/main.yml +++ b/playbooks/roles/guestfs/tasks/install-deps/main.yml @@ -1,7 +1,4 @@ --- -- name: Gathering facts - ansible.builtin.gather_facts: - - name: Debian-specific setup ansible.builtin.import_tasks: file: debian/main.yml From 194752c7b0bc5af348ac0cc2f9bce9cb541f98b8 Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Sun, 22 Jun 2025 19:12:36 -0400 Subject: [PATCH 3/9] guestfs: Ensure network set-up runs on controller host I haven't been completely happy with invoking parts of guestfs set-up via "delegate_to: localhost". Ensure that the "make bringup_guestfs" target runs the guestfs playbook's network tag only on the controller host. This reverts a tiny part of commit 9831f59cd059 ("guestfs: Copy "network" tag steps to guestfs role"). Signed-off-by: Chuck Lever --- playbooks/roles/guestfs/tasks/main.yml | 6 ++---- scripts/guestfs.Makefile | 5 +++++ 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/playbooks/roles/guestfs/tasks/main.yml b/playbooks/roles/guestfs/tasks/main.yml index 0cc9dc43c..13a1abc44 100644 --- a/playbooks/roles/guestfs/tasks/main.yml +++ b/playbooks/roles/guestfs/tasks/main.yml @@ -14,12 +14,10 @@ file: "{{role_path }}/tasks/bringup/storage-pool-path.yml" - name: Ensure libvirt networking has started - delegate_to: localhost - run_once: true tags: - - bringup + - network ansible.builtin.import_tasks: - file: "{{role_path }}/tasks/bringup/network.yml" + file: "{{ role_path }}/tasks/bringup/network.yml" - name: Set the pathname of storage pool directory tags: diff --git a/scripts/guestfs.Makefile b/scripts/guestfs.Makefile index ebd7f53d1..00459f9ba 100644 --- a/scripts/guestfs.Makefile +++ b/scripts/guestfs.Makefile @@ -75,6 +75,11 @@ install_libguestfs: --tags install-deps bringup_guestfs: $(GUESTFS_BRINGUP_DEPS) + $(Q)ansible-playbook $(ANSIBLE_VERBOSE) \ + --connection=local --inventory localhost, \ + $(KDEVOPS_PLAYBOOKS_DIR)/guestfs.yml \ + --extra-vars=@./extra_vars.yaml \ + --tags network $(Q)ansible-playbook $(ANSIBLE_VERBOSE) \ -i hosts playbooks/guestfs.yml \ --extra-vars=@./extra_vars.yaml \ From c59b1c5dac3880db7ad58014e347bd36ef6a7c13 Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Sun, 22 Jun 2025 19:30:22 -0400 Subject: [PATCH 4/9] guestfs: Ensure storage pool set-up runs on controller host I haven't been completely happy with invoking parts of guestfs set-up via "delegate_to: localhost". Ensure that the "make bringup_guestfs" target runs the guestfs playbook's storage pool tag only on the controller host. This reverts a tiny part of commit 8993c72bf960 ("guestfs: Add a "bringup" tag to the guestfs role"). Signed-off-by: Chuck Lever --- playbooks/roles/guestfs/tasks/main.yml | 8 +++----- scripts/guestfs.Makefile | 2 +- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/playbooks/roles/guestfs/tasks/main.yml b/playbooks/roles/guestfs/tasks/main.yml index 13a1abc44..f5bdb12cc 100644 --- a/playbooks/roles/guestfs/tasks/main.yml +++ b/playbooks/roles/guestfs/tasks/main.yml @@ -3,15 +3,13 @@ tags: - install-deps ansible.builtin.import_tasks: - file: "{{role_path }}/tasks/install-deps/main.yml" + file: "{{ role_path }}/tasks/install-deps/main.yml" - name: Ensure a storage pool for guestfs exists - delegate_to: localhost - run_once: true tags: - - bringup + - pool ansible.builtin.import_tasks: - file: "{{role_path }}/tasks/bringup/storage-pool-path.yml" + file: "{{ role_path }}/tasks/bringup/storage-pool-path.yml" - name: Ensure libvirt networking has started tags: diff --git a/scripts/guestfs.Makefile b/scripts/guestfs.Makefile index 00459f9ba..d8530c962 100644 --- a/scripts/guestfs.Makefile +++ b/scripts/guestfs.Makefile @@ -79,7 +79,7 @@ bringup_guestfs: $(GUESTFS_BRINGUP_DEPS) --connection=local --inventory localhost, \ $(KDEVOPS_PLAYBOOKS_DIR)/guestfs.yml \ --extra-vars=@./extra_vars.yaml \ - --tags network + --tags network,pool $(Q)ansible-playbook $(ANSIBLE_VERBOSE) \ -i hosts playbooks/guestfs.yml \ --extra-vars=@./extra_vars.yaml \ From 11732dd03628ced2561704d885216a2a8ee6a289 Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Sun, 22 Jun 2025 19:42:59 -0400 Subject: [PATCH 5/9] guestfs: Ensure base image creation runs on controller host I haven't been completely happy with invoking parts of guestfs set-up via "delegate_to: localhost". Ensure that the "make bringup_guestfs" target does base OS image creation only on the controller host. Signed-off-by: Chuck Lever --- playbooks/roles/guestfs/tasks/main.yml | 8 ++++---- scripts/guestfs.Makefile | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/playbooks/roles/guestfs/tasks/main.yml b/playbooks/roles/guestfs/tasks/main.yml index f5bdb12cc..335962206 100644 --- a/playbooks/roles/guestfs/tasks/main.yml +++ b/playbooks/roles/guestfs/tasks/main.yml @@ -19,21 +19,21 @@ - name: Set the pathname of storage pool directory tags: + - base_image - bringup ansible.builtin.set_fact: storagedir: "{{ kdevops_storage_pool_path }}/guestfs" - name: Set the pathname of the OS base image tags: + - base_image - bringup ansible.builtin.set_fact: base_image: "{{ storagedir }}/base_images/{{ virtbuilder_os_version }}.raw" -- name: Ensure the base OS image exists - delegate_to: localhost - run_once: true +- name: Ensure the required base OS image exists tags: - - bringup + - base_image ansible.builtin.import_role: name: base_image vars: diff --git a/scripts/guestfs.Makefile b/scripts/guestfs.Makefile index d8530c962..d28f4e3e2 100644 --- a/scripts/guestfs.Makefile +++ b/scripts/guestfs.Makefile @@ -79,7 +79,7 @@ bringup_guestfs: $(GUESTFS_BRINGUP_DEPS) --connection=local --inventory localhost, \ $(KDEVOPS_PLAYBOOKS_DIR)/guestfs.yml \ --extra-vars=@./extra_vars.yaml \ - --tags network,pool + --tags network,pool,base_image $(Q)ansible-playbook $(ANSIBLE_VERBOSE) \ -i hosts playbooks/guestfs.yml \ --extra-vars=@./extra_vars.yaml \ From 4653ce8380e14f475b4ff9d72812ea3a496a3850 Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Sun, 22 Jun 2025 20:09:30 -0400 Subject: [PATCH 6/9] guestfs: Ensure console log set-up runs on controller host I haven't been completely happy with invoking parts of guestfs set-up via "delegate_to: localhost". Ensure that the "make bringup_guestfs" target runs the guestfs playbook's console tag only on the controller host. This reverts a tiny part of commit 336d79aab396 ("guestfs: Move console-related steps to guestfs role"). Signed-off-by: Chuck Lever --- playbooks/roles/guestfs/tasks/main.yml | 6 ++---- scripts/guestfs.Makefile | 5 +++++ 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/playbooks/roles/guestfs/tasks/main.yml b/playbooks/roles/guestfs/tasks/main.yml index 335962206..d6530f8ad 100644 --- a/playbooks/roles/guestfs/tasks/main.yml +++ b/playbooks/roles/guestfs/tasks/main.yml @@ -44,13 +44,11 @@ tags: - bringup ansible.builtin.import_tasks: - file: "{{role_path }}/tasks/bringup/main.yml" + file: "{{ role_path }}/tasks/bringup/main.yml" - name: Set up target node console permissions - delegate_to: localhost - run_once: true tags: - - bringup + - console ansible.builtin.import_tasks: file: "{{ role_path }}/tasks/bringup/console-permissions.yml" when: diff --git a/scripts/guestfs.Makefile b/scripts/guestfs.Makefile index d28f4e3e2..cad1bb335 100644 --- a/scripts/guestfs.Makefile +++ b/scripts/guestfs.Makefile @@ -84,6 +84,11 @@ bringup_guestfs: $(GUESTFS_BRINGUP_DEPS) -i hosts playbooks/guestfs.yml \ --extra-vars=@./extra_vars.yaml \ --tags bringup + $(Q)ansible-playbook $(ANSIBLE_VERBOSE) \ + --connection=local --inventory localhost, \ + $(KDEVOPS_PLAYBOOKS_DIR)/guestfs.yml \ + --extra-vars=@./extra_vars.yaml \ + --tags console PHONY += bringup_guestfs status_guestfs: From 680fc362d3392e257499084a5f94fb304ea32b52 Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Fri, 20 Jun 2025 14:47:33 -0400 Subject: [PATCH 7/9] terraform: Adjust the "name:" of the terraform role Follow the same style as the new guestfs role. Signed-off-by: Chuck Lever --- playbooks/terraform.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/playbooks/terraform.yml b/playbooks/terraform.yml index 374a76fb0..15872a616 100644 --- a/playbooks/terraform.yml +++ b/playbooks/terraform.yml @@ -1,5 +1,6 @@ --- -- hosts: all +- name: Provision target nodes with terraform gather_facts: false + hosts: all roles: - role: terraform From 833e31716c34e3e2c1593c02f4a048321402bcf6 Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Fri, 20 Jun 2025 15:07:24 -0400 Subject: [PATCH 8/9] terraform/azure: Add RHEL 9.6 Signed-off-by: Chuck Lever --- terraform/azure/kconfigs/publishers/Kconfig.rhel | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/terraform/azure/kconfigs/publishers/Kconfig.rhel b/terraform/azure/kconfigs/publishers/Kconfig.rhel index 8cc629b18..16ec92903 100644 --- a/terraform/azure/kconfigs/publishers/Kconfig.rhel +++ b/terraform/azure/kconfigs/publishers/Kconfig.rhel @@ -27,6 +27,12 @@ config TERRAFORM_AZURE_IMAGE_LINUX_RHEL_9_5 This option sets the OS image to Red Hat Enterprise Linux release 9 update 5. +config TERRAFORM_AZURE_IMAGE_LINUX_RHEL_9_6 + bool "RHEL 9.6 x64" + help + This option sets the OS image to Red Hat Enterprise Linux + release 9 update 6. + endchoice config TERRAFORM_AZURE_IMAGE_OFFER @@ -35,6 +41,7 @@ config TERRAFORM_AZURE_IMAGE_OFFER default "RHEL" if TERRAFORM_AZURE_IMAGE_LINUX_RHEL_7_9 default "RHEL" if TERRAFORM_AZURE_IMAGE_LINUX_RHEL_8_9 default "RHEL" if TERRAFORM_AZURE_IMAGE_LINUX_RHEL_9_5 + default "RHEL" if TERRAFORM_AZURE_IMAGE_LINUX_RHEL_9_6 config TERRAFORM_AZURE_IMAGE_SKU string @@ -42,6 +49,7 @@ config TERRAFORM_AZURE_IMAGE_SKU default "7_9" if TERRAFORM_AZURE_IMAGE_LINUX_RHEL_7_9 default "8_9" if TERRAFORM_AZURE_IMAGE_LINUX_RHEL_8_9 default "9_5" if TERRAFORM_AZURE_IMAGE_LINUX_RHEL_9_5 + default "9_6" if TERRAFORM_AZURE_IMAGE_LINUX_RHEL_9_6 endif # TARGET_ARCH_X86_64 From 10a2a275e13f16573b9d23790afcf35e3cc53136 Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Sat, 21 Jun 2025 18:03:58 -0400 Subject: [PATCH 9/9] terraform/aws: Add image choices for Fedora 42 Signed-off-by: Chuck Lever --- terraform/aws/kconfigs/distros/Kconfig.fedora | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/terraform/aws/kconfigs/distros/Kconfig.fedora b/terraform/aws/kconfigs/distros/Kconfig.fedora index bf5833a9a..207abfdce 100644 --- a/terraform/aws/kconfigs/distros/Kconfig.fedora +++ b/terraform/aws/kconfigs/distros/Kconfig.fedora @@ -17,6 +17,9 @@ config TERRAFORM_AWS_FEDORA40_X86_64 config TERRAFORM_AWS_FEDORA41_X86_64 bool "Fedora 41 (x86_64)" +config TERRAFORM_AWS_FEDORA42_X86_64 + bool "Fedora 42 (x86_64)" + endchoice config TERRAFORM_AWS_NS @@ -24,6 +27,7 @@ config TERRAFORM_AWS_NS output yaml default "Fedora-Cloud-Base-AmazonEC2.x86_64-40-*" if TERRAFORM_AWS_FEDORA40_X86_64 default "Fedora-Cloud-Base-AmazonEC2.x86_64-41-*" if TERRAFORM_AWS_FEDORA41_X86_64 + default "Fedora-Cloud-Base-AmazonEC2.x86_64-42-*" if TERRAFORM_AWS_FEDORA42_X86_64 endif # TARGET_ARCH_X86_64 @@ -39,6 +43,9 @@ config TERRAFORM_AWS_FEDORA40_ARM64 config TERRAFORM_AWS_FEDORA41_ARM64 bool "Fedora 41 (arm64" +config TERRAFORM_AWS_FEDORA42_ARM64 + bool "Fedora 42 (arm64" + endchoice config TERRAFORM_AWS_NS @@ -46,6 +53,7 @@ config TERRAFORM_AWS_NS output yaml default "Fedora-Cloud-Base-AmazonEC2.aarch64-40-*" if TERRAFORM_AWS_FEDORA40_ARM64 default "Fedora-Cloud-Base-AmazonEC2.aarch64-41-*" if TERRAFORM_AWS_FEDORA41_ARM64 + default "Fedora-Cloud-Base-AmazonEC2.aarch64-42-*" if TERRAFORM_AWS_FEDORA42_ARM64 endif # TARGET_ARCH_ARM64