kosmos/chef
kosmos
/
chef
8
3
Fork 0
Code Issues 34 Pull Requests 1 Projects 1 Activity

Script creating new VMs #252

Merged
raucao merged 16 commits from feature/244-new_vm_script into master 2020-12-09 15:33:08 +00:00
Conversation 2 Commits 16 Files Changed 40 +842 -93
greg commented 2020-12-04 15:35:38 +00:00
Owner
Copy Link

It uses virt-install with the official Ubuntu 20.04 cloud image as a
starting point, with cloud-init to add our SSH keys to the ubuntu user
and set up Zerotier.

USAGE (RAM in megabytes)

create_vm VMNAME RAM CPUS

I have also extracted firewall rules to their own recipes, so they can be included on KVM hosts (see nodes files)

Closes #244

It uses `virt-install` with the official Ubuntu 20.04 cloud image as a starting point, with cloud-init to add our SSH keys to the ubuntu user and set up Zerotier. ``` USAGE (RAM in megabytes) create_vm VMNAME RAM CPUS ``` I have also extracted firewall rules to their own recipes, so they can be included on KVM hosts (see nodes files) Closes #244
greg added the
ops
kredits-2
feature
 labels 2020-12-04 15:35:38 +00:00
greg requested review from raucao 2020-12-04 15:35:44 +00:00
raucao reviewed 2020-12-07 15:15:42 +00:00
raucao left a comment
Owner
Copy Link

Cool. I left a few comments/questions.

Cool. I left a few comments/questions.
site-cookbooks/kosmos-bitcoin/recipes/firewall.rb
@ -0,0 +22,4 @@
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
raucao commented 2020-12-07 14:55:07 +00:00
Owner
Copy Link

I think adding a whole license text to every recipe is complete overkill. Why not have a single LICENSE file at the repo root, like with every other software repo these days? What's the benefit of adding the license to every recipe file (but not other files)?

I think adding a whole license text to every recipe is complete overkill. Why not have a single LICENSE file at the repo root, like with every other software repo these days? What's the benefit of adding the license to every recipe file (but not other files)?
greg commented 2020-12-08 15:38:25 +00:00
Author
Owner
Copy Link

I don't know why Chef's generator does it like this. I'm open to this idea

I don't know why Chef's generator does it like this. I'm open to this idea
site-cookbooks/kosmos_kvm/files/create_vm Outdated
@ -0,0 +3,4 @@
# The base VM was downloaded using the following commands:
# mkdir /var/lib/libvirt/images/base
# curl -o http://cloud-images.ubuntu.com/releases/focal/release/ubuntu-20.04-server-cloudimg-amd64-disk-kvm.img /var/lib/libvirt/images/base/ubuntu-20.04-server-cloudimg-amd64-disk-kvm.qcow2
raucao commented 2020-12-07 15:12:34 +00:00
Owner
Copy Link

This doesn't look right to me. It would attempt to download the path as a second file, no? The pathname should come after the -o flag.

However, why not just use a normal file download resource in the KVM host recipe in the first place? Same amount of characters as this extended comment, but then it's automated and handles existing files.

This doesn't look right to me. It would attempt to download the path as a second file, no? The pathname should come after the `-o` flag. However, why not just use a normal file download resource in the KVM host recipe in the first place? Same amount of characters as this extended comment, but then it's automated and handles existing files.
site-cookbooks/kosmos_kvm/files/create_vm Outdated
@ -0,0 +73,4 @@
virt-install \
--name cloudinit-1 \
--ram 2048 \
--vcpus 1\
raucao commented 2020-12-07 15:02:49 +00:00
Owner
Copy Link

We won't want to edit the script on the host all the time, so why not simply:

  --ram $2 \
  --vcpus $3 \
We won't want to edit the script on the host all the time, so why not simply: ```bash --ram $2 \ --vcpus $3 \ ```
site-cookbooks/kosmos_kvm/files/create_vm
@ -0,0 +77,4 @@
--cpu host \
--arch x86_64 \
--os-type linux \
--os-variant ubuntu16.04 \
raucao commented 2020-12-07 15:00:33 +00:00
Owner
Copy Link

I always set this to 20.04 when creating VMs in virt-manager.

I always set this to 20.04 when creating VMs in virt-manager.
greg commented 2020-12-08 15:36:45 +00:00
Author
Owner
Copy Link

When I set it to 20.04 virt-install would fail (while setting up SSH), I couldn't find a way to figure out what was going on

When I set it to 20.04 `virt-install` would fail (while setting up SSH), I couldn't find a way to figure out what was going on
site-cookbooks/kosmos_kvm/kitchen.yml Outdated
@ -0,0 +22,4 @@
platforms:
- name: ubuntu-18.04
- name: centos-7
raucao commented 2020-12-07 14:56:19 +00:00
Owner
Copy Link

Is this file actually used? We're on 20.04 now so it seems like this is some default template?

Is this file actually used? We're on 20.04 now so it seems like this is some default template?
site-cookbooks/kosmos_kvm/metadata.rb
@ -0,0 +5,4 @@
description 'Installs/Configures kosmos_kvm'
long_description 'Installs/Configures kosmos_kvm'
version '0.1.0'
chef_version '>= 14.0'
raucao commented 2020-12-07 14:56:50 +00:00
Owner
Copy Link

This whole file seems to not have been edited after being generated.

This whole file seems to not have been edited after being generated.
greg marked this conversation as resolved
site-cookbooks/kosmos_zerotier/metadata.rb
@ -0,0 +7,4 @@
version '0.1.0'
chef_version '>= 14.0'
depends 'kosmos-base'
raucao commented 2020-12-07 14:58:23 +00:00
Owner
Copy Link

Same as for the other cookbook, this seems to have been left unedited after being generated.

Same as for the other cookbook, this seems to have been left unedited after being generated.
greg marked this conversation as resolved
raucao commented 2020-12-08 12:15:47 +00:00
Owner
Copy Link

I randomly thought about this again earlier today, and I'm actually not sure why the PR had to include firewall rules and such.

If we don't run the basic cookbook against the host again, then it won't destroy the existing ones for example. So this could actually have been two different PRs, one for the script itself, and one for the firewall config, as they are two different features.

You can still split it up, of course, but maybe now it's not worth it anymore. So just putting this here as input, and perhaps for the next PRs to keep in mind what's actually necessary for a feature/PR.

I randomly thought about this again earlier today, and I'm actually not sure why the PR had to include firewall rules and such. If we don't run the basic cookbook against the host again, then it won't destroy the existing ones for example. So this could actually have been two different PRs, one for the script itself, and one for the firewall config, as they are two different features. You can still split it up, of course, but maybe now it's not worth it anymore. So just putting this here as input, and perhaps for the next PRs to keep in mind what's actually necessary for a feature/PR.
raucao approved these changes 2020-12-08 19:37:19 +00:00
raucao left a comment
Owner
Copy Link

👍

👍
raucao commented 2020-12-08 19:38:11 +00:00
Owner
Copy Link

Just one last thing: personally, I would move the KVM default recipe to an explicit host recipe, because it's not clear if it configures a host or a guest.

Just one last thing: personally, I would move the KVM `default` recipe to an explicit `host` recipe, because it's not clear if it configures a host or a guest.
raucao added a new dependency 2020-12-08 19:39:30 +00:00
#253 Upgrade Gitea to 1.13
raucao merged commit 623bb1e153 into master 2020-12-09 15:33:08 +00:00
raucao deleted branch feature/244-new_vm_script 2020-12-09 15:33:20 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
raucao
Labels
Clear labels   
service
accounts
Kosmos Accounts

  
service
discourse
Kosmos Community Forums

  
service
drone-ci
Kosmos Drone CI

  
service
email
mail.kosmos.org

  
service
garage
S3-compatible object storage

  
service
gitea
Kosmos Gitea

  
service
ipfs
Kosmos IPFS

  
service
mastodon
kosmos.social

  
service
postgres
Database cluster

  
service
remotestorage
Portable data storage for the Web

  
service
wiki
Kosmos Wiki

  
service
xmpp
Kosmos Chat

  
bug

Something is not working

  
design

Graphic/visual design

  
dev environment

Config, builds, CI, deployment, etc.

  
docs

Documentation

  
duplicate

This issue or pull request already exists

  
enhancement

Improving existing functionality

  
feature

New functionality

  
good first issue

Dive in, and start contributing

  
idea

Something to consider

  
invalid

Not a bug

  
kredits-1

Small contribution

  
kredits-2

Medium contribution

  
kredits-3

Large contribution

  
on hold

Currently not actionable

  
ops

Manual IT ops activities

  
question

Looking for an answer

  
release
major

  
release
minor

  
release
patch

  
security

All your base are belong to us

  
ui/ux

User interface, process design, etc.

  
wontfix

This won't be fixed

No Label
service
accounts
service
discourse
service
drone-ci
service
email
service
garage
service
gitea
service
ipfs
service
mastodon
service
postgres
service
remotestorage
service
wiki
service
xmpp
bug
design
dev environment
docs
duplicate
enhancement
feature
good first issue
idea
invalid
kredits-1
kredits-2
kredits-3
on hold
ops
question
release
major
release
minor
release
patch
security
ui/ux
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Blocks
#253 Upgrade Gitea to 1.13
kosmos/chef
Reference: kosmos/chef#252
No description provided.
Delete Branch "feature/244-new_vm_script"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?