From 9dbe5bcfcbaeddae9004b0798ec3dc221a3421a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Fri, 4 Dec 2020 16:21:52 +0100 Subject: [PATCH] Deploy a script to create new VMs It uses `virt-install` with the official Ubuntu 20.04 cloud image as a starting point, with cloud-init to add our SSH keys to the ubuntu user and set up Zerotier. USAGE: create_vm VMNAME Closes #244 --- site-cookbooks/kosmos_kvm/.gitignore | 22 ++++ site-cookbooks/kosmos_kvm/CHANGELOG.md | 5 + site-cookbooks/kosmos_kvm/LICENSE | 21 ++++ site-cookbooks/kosmos_kvm/README.md | 4 + site-cookbooks/kosmos_kvm/chefignore | 110 +++++++++++++++++++ site-cookbooks/kosmos_kvm/files/create_vm | 91 +++++++++++++++ site-cookbooks/kosmos_kvm/kitchen.yml | 32 ++++++ site-cookbooks/kosmos_kvm/metadata.rb | 20 ++++ site-cookbooks/kosmos_kvm/recipes/default.rb | 32 ++++++ 9 files changed, 337 insertions(+) create mode 100644 site-cookbooks/kosmos_kvm/.gitignore create mode 100644 site-cookbooks/kosmos_kvm/CHANGELOG.md create mode 100644 site-cookbooks/kosmos_kvm/LICENSE create mode 100644 site-cookbooks/kosmos_kvm/README.md create mode 100644 site-cookbooks/kosmos_kvm/chefignore create mode 100644 site-cookbooks/kosmos_kvm/files/create_vm create mode 100644 site-cookbooks/kosmos_kvm/kitchen.yml create mode 100644 site-cookbooks/kosmos_kvm/metadata.rb create mode 100644 site-cookbooks/kosmos_kvm/recipes/default.rb diff --git a/site-cookbooks/kosmos_kvm/.gitignore b/site-cookbooks/kosmos_kvm/.gitignore new file mode 100644 index 0000000..9abf29f --- /dev/null +++ b/site-cookbooks/kosmos_kvm/.gitignore @@ -0,0 +1,22 @@ +.vagrant +*~ +*# +.#* +\#*# +.*.sw[a-z] +*.un~ + +# Bundler +Gemfile.lock +gems.locked +bin/* +.bundle/* + +# test kitchen +.kitchen/ +kitchen.local.yml + +# Chef +Berksfile.lock +.zero-knife.rb +Policyfile.lock.json diff --git a/site-cookbooks/kosmos_kvm/CHANGELOG.md b/site-cookbooks/kosmos_kvm/CHANGELOG.md new file mode 100644 index 0000000..79223d6 --- /dev/null +++ b/site-cookbooks/kosmos_kvm/CHANGELOG.md @@ -0,0 +1,5 @@ +# kosmos_kvm CHANGELOG + +# 0.1.0 + +Initial release. diff --git a/site-cookbooks/kosmos_kvm/LICENSE b/site-cookbooks/kosmos_kvm/LICENSE new file mode 100644 index 0000000..dd321fd --- /dev/null +++ b/site-cookbooks/kosmos_kvm/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2020 Kosmos Developers + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/site-cookbooks/kosmos_kvm/README.md b/site-cookbooks/kosmos_kvm/README.md new file mode 100644 index 0000000..650ceaf --- /dev/null +++ b/site-cookbooks/kosmos_kvm/README.md @@ -0,0 +1,4 @@ +# kosmos_kvm + +TODO: Enter the cookbook description here. + diff --git a/site-cookbooks/kosmos_kvm/chefignore b/site-cookbooks/kosmos_kvm/chefignore new file mode 100644 index 0000000..5039e1c --- /dev/null +++ b/site-cookbooks/kosmos_kvm/chefignore @@ -0,0 +1,110 @@ +# Put files/directories that should be ignored in this file when uploading +# to a Chef Infra Server or Supermarket. +# Lines that start with '# ' are comments. + +# OS generated files # +###################### +.DS_Store +ehthumbs.db +Icon? +nohup.out +Thumbs.db + +# SASS # +######## +.sass-cache + +# EDITORS # +########### +.#* +.project +.settings +*_flymake +*_flymake.* +*.bak +*.sw[a-z] +*.tmproj +*~ +\#* +mkmf.log +REVISION +TAGS* +tmtags + +## COMPILED ## +############## +*.class +*.com +*.dll +*.exe +*.o +*.pyc +*.so +*/rdoc/ +a.out + +# Testing # +########### +.circleci/* +.codeclimate.yml +.foodcritic +.kitchen* +.rspec +.rubocop.yml +.travis.yml +.watchr +azure-pipelines.yml +examples/* +features/* +Guardfile +kitchen.yml* +Procfile +Rakefile +spec/* +spec/* +spec/fixtures/* +test/* + +# SCM # +####### +.git +.gitattributes +.gitconfig +.github/* +.gitignore +.gitmodules +.svn +*/.bzr/* +*/.git +*/.hg/* +*/.svn/* + +# Berkshelf # +############# +Berksfile +Berksfile.lock +cookbooks/* +tmp + +# Bundler # +########### +vendor/* +Gemfile +Gemfile.lock + +# Policyfile # +############## +Policyfile.rb +Policyfile.lock.json + +# Cookbooks # +############# +CHANGELOG* +CONTRIBUTING* +TESTING* +CODE_OF_CONDUCT* + +# Vagrant # +########### +.vagrant +Vagrantfile diff --git a/site-cookbooks/kosmos_kvm/files/create_vm b/site-cookbooks/kosmos_kvm/files/create_vm new file mode 100644 index 0000000..4b83d01 --- /dev/null +++ b/site-cookbooks/kosmos_kvm/files/create_vm @@ -0,0 +1,91 @@ +#!/bin/bash +set -e + +# The base VM was downloaded using the following commands: +# mkdir /var/lib/libvirt/images/base +# curl -o http://cloud-images.ubuntu.com/releases/focal/release/ubuntu-20.04-server-cloudimg-amd64-disk-kvm.img /var/lib/libvirt/images/base/ubuntu-20.04-server-cloudimg-amd64-disk-kvm.qcow2 +# chown -R libvirt-qemu:root /var/lib/libvirt/images/base + +if [[ $# -eq 0 ]] ; then + echo 'USAGE: create_vm VMNAME' + exit 1 +fi +VMNAME=$1 + + +# Directory where image files will be stored +IMAGE_DIR=/var/lib/libvirt/images +IMAGE_FILE=${VMNAME}.qcow2 +IMAGE_PATH=$IMAGE_DIR/$IMAGE_FILE +CIDATA_PATH=${IMAGE_DIR}/cidata-${VMNAME}.iso +BASE_FILE=${IMAGE_DIR}/base/ubuntu-20.04-server-cloudimg-amd64-disk-kvm.qcow2 + +# Disk size assigned to the VM +DISKSIZE=10 # Unit: GB + +# Create the VM image if it does not already exist +if [ ! -f "$IMAGE_PATH" ]; then + echo "info: image file $IMAGE_PATH not found. creating new image" + # Important: -F qcow2 is required to set the image format + qemu-img create -b "$BASE_FILE" -f qcow2 -F qcow2 "$IMAGE_PATH" ${DISKSIZE}G + chmod 600 "$IMAGE_PATH" + if [ $? -ne 0 ]; then + echo "error: failed to create image" + exit 1 + fi +fi + +# Dump the image info +qemu-img info "$IMAGE_PATH" + +# Check if the cloud-init metadata file exists +# if not, generate it +if [ ! -r $CIDATA_PATH ]; then + pushd $(dirname $CIDATA_PATH) + mkdir -p $VMNAME + cd $VMNAME + + cat > user-data <<-EOS +#cloud-config +ssh_authorized_keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw0I82gT8R4tpsqWGovLyjm2SR2F863MqNz224h3h/wl0xA5Eu0eRro+ELLv2hoebqQbcMsb89X5+7ObhDRar+b7tzDlXq4x+ECkAy6WbDSmBp3kNVd7muT4c9Zw7UxKsIvIm1ven1TkJ3UG80o6PyGiAUlBj4puIQwhp7OVknVutBBe8Rpp4f6BEuWluwpnPxc3KSaGhhr9p10xeX69cfspH40r8vHpI0zp19O5GpfYSOEH64UbwRpN2QypNB8ISmDHFsNGwdz0Ba4qrEOSGU9GveyOcsvEtt630/0fHqtbPBovOYu/FJISQZya2tofDig4EngBCJNfsPCbXFHtlp greg@karekinian.com + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDyUDR7ZE6HWmjvlfKrG8Ci+q5E4adbyboKvyYVkUXaTYt+DgisPPAqfGkd0yAHgVnmOS/3f5c3D6RrIXcxFmzwpV2BtmGZztBnEYvC5q8XPQhmu6AFl6ZDjh9XzUeO52py8tt5ZJ9W1R2ob/rlgX8txNHi6XwzuvPxZ7NR/iNup7cruBzkHABhwTvTfwaErufr6eNmNjh5VatNTei1ld6yWtmvbYJqJlpq6YyPu9vYNYPg0AB7I+OqOJhzHXhelY28GSP9KF3GDcHDtN1bV21g9+COcdKhMShQaw1WIkfQKdiuFictZIOCP0/uYSiFhyyoSvISiC3eT8zIimRbDRj basti@skddc.local + +runcmd: + # Enable serial console (for virsh) + - systemctl enable serial-getty@ttyS0.service && systemctl start serial-getty@ttyS0.service + - curl -s 'https://raw.githubusercontent.com/zerotier/ZeroTierOne/master/doc/contact%40zerotier.com.gpg' | gpg --import + - if z=\$(curl -s 'https://install.zerotier.com/' | gpg"); then echo "$z" | sudo bash; fi +EOS + + cat > meta-data <<-EOS +instance-id: $VMNAME +local-hostname: $VMNAME +EOS + + genisoimage -output "$CIDATA_PATH" -volid cidata -joliet -rock user-data meta-data + chown libvirt-qemu:kvm "$CIDATA_PATH" + chmod 600 "$CIDATA_PATH" + popd +fi + +# setting --os-variant to ubuntu20.04 and ubuntu18.04 breaks SSH and networking +virt-install \ + --name cloudinit-1 \ + --ram 2048 \ + --vcpus 1\ + --cpu host \ + --arch x86_64 \ + --os-type linux \ + --os-variant ubuntu16.04 \ + --hvm \ + --virt-type kvm \ + --disk "$IMAGE_PATH" \ + --cdrom "$CIDATA_PATH" \ + --boot hd \ + --network=bridge=virbr0,model=virtio \ + --graphics none \ + --serial pty \ + --console pty \ + --autostart \ + --import diff --git a/site-cookbooks/kosmos_kvm/kitchen.yml b/site-cookbooks/kosmos_kvm/kitchen.yml new file mode 100644 index 0000000..e5bbf3c --- /dev/null +++ b/site-cookbooks/kosmos_kvm/kitchen.yml @@ -0,0 +1,32 @@ +--- +driver: + name: vagrant + +## The forwarded_port port feature lets you connect to ports on the VM guest via +## localhost on the host. +## see also: https://www.vagrantup.com/docs/networking/forwarded_ports.html + +# network: +# - ["forwarded_port", {guest: 80, host: 8080}] + +provisioner: + name: chef_zero + + ## product_name and product_version specifies a specific Chef product and version to install. + ## see the Chef documentation for more details: https://docs.chef.io/config_yml_kitchen.html + # product_name: chef + # product_version: 15 + +verifier: + name: inspec + +platforms: + - name: ubuntu-18.04 + - name: centos-7 + +suites: + - name: default + verifier: + inspec_tests: + - test/integration/default + attributes: diff --git a/site-cookbooks/kosmos_kvm/metadata.rb b/site-cookbooks/kosmos_kvm/metadata.rb new file mode 100644 index 0000000..ecf09da --- /dev/null +++ b/site-cookbooks/kosmos_kvm/metadata.rb @@ -0,0 +1,20 @@ +name 'kosmos_kvm' +maintainer 'Kosmos Developers' +maintainer_email 'mail@kosmos.org' +license 'MIT' +description 'Installs/Configures kosmos_kvm' +long_description 'Installs/Configures kosmos_kvm' +version '0.1.0' +chef_version '>= 14.0' + +# The `issues_url` points to the location where issues for this cookbook are +# tracked. A `View Issues` link will be displayed on this cookbook's page when +# uploaded to a Supermarket. +# +# issues_url 'https://github.com//kosmos_kvm/issues' + +# The `source_url` points to the development repository for this cookbook. A +# `View Source` link will be displayed on this cookbook's page when uploaded to +# a Supermarket. +# +# source_url 'https://github.com//kosmos_kvm' diff --git a/site-cookbooks/kosmos_kvm/recipes/default.rb b/site-cookbooks/kosmos_kvm/recipes/default.rb new file mode 100644 index 0000000..baba371 --- /dev/null +++ b/site-cookbooks/kosmos_kvm/recipes/default.rb @@ -0,0 +1,32 @@ +# +# Cookbook:: kosmos_kvm +# Recipe:: default +# +# The MIT License (MIT) +# +# Copyright:: 2020, Kosmos Developers +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +# THE SOFTWARE. + +package 'virtinst' + +cookbook_file "/usr/local/sbin/create_vm" do + source "create_vm" + mode "0750" +end