--- # This playbook ensures that a base image is up to date with all of the required settings - name: Launch image build instance hosts: localhost connection: local gather_facts: no tasks: - name: Require openshift_gcp_root_image fail: msg: "A root OS image name or family is required for base image building. Please ensure `openshift_gcp_root_image` is defined." when: openshift_gcp_root_image is undefined - name: Create the image instance disk gce_pd: service_account_email: "{{ (lookup('file', openshift_gcp_iam_service_account_keyfile ) | from_json ).client_email }}" credentials_file: "{{ openshift_gcp_iam_service_account_keyfile }}" project_id: "{{ openshift_gcp_project }}" zone: "{{ openshift_gcp_zone }}" name: "{{ openshift_gcp_prefix }}build-image-instance" disk_type: pd-ssd image: "{{ openshift_gcp_root_image }}" size_gb: 10 state: present - name: Launch the image build instance gce: service_account_email: "{{ (lookup('file', openshift_gcp_iam_service_account_keyfile ) | from_json ).client_email }}" credentials_file: "{{ openshift_gcp_iam_service_account_keyfile }}" project_id: "{{ openshift_gcp_project }}" zone: "{{ openshift_gcp_zone }}" machine_type: n1-standard-1 instance_names: "{{ openshift_gcp_prefix }}build-image-instance" state: present tags: - build-image-instance disk_auto_delete: false disks: - "{{ openshift_gcp_prefix }}build-image-instance" register: gce - add_host: hostname: "{{ item.public_ip }}" groupname: build_instance_ips with_items: "{{ gce.instance_data }}" - name: Wait for instance to respond to SSH wait_for: delay: 1 host: "{{ item.public_ip }}" port: 22 state: started timeout: 120 with_items: "{{ gce.instance_data }}" - name: Prepare instance content sources pre_tasks: - set_fact: allow_rhel_subscriptions: "{{ rhsub_skip | default('no', True) | lower in ['no', 'false'] }}" - set_fact: using_rhel_subscriptions: "{{ (deployment_type in ['enterprise', 'atomic-enterprise', 'openshift-enterprise'] or ansible_distribution == 'RedHat') and allow_rhel_subscriptions }}" hosts: build_instance_ips roles: - role: rhel_subscribe when: using_rhel_subscriptions - role: openshift_repos vars: openshift_additional_repos: [] post_tasks: - name: Add custom repositories include_role: name: openshift_gcp tasks_from: add_custom_repositories.yml - name: Add the Google Cloud repo yum_repository: name: google-cloud description: Google Cloud Compute baseurl: https://packages.cloud.google.com/yum/repos/google-cloud-compute-el7-x86_64 gpgkey: https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg gpgcheck: yes repo_gpgcheck: yes state: present when: ansible_os_family == "RedHat" - name: Add the jdetiber-qemu-user-static copr repo yum_repository: name: jdetiber-qemu-user-static description: QEMU user static COPR baseurl: https://copr-be.cloud.fedoraproject.org/results/jdetiber/qemu-user-static/epel-7-$basearch/ gpgkey: https://copr-be.cloud.fedoraproject.org/results/jdetiber/qemu-user-static/pubkey.gpg gpgcheck: yes repo_gpgcheck: no state: present when: ansible_os_family == "RedHat" - name: Accept GPG keys for the repos command: yum -q makecache -y --disablerepo='*' --enablerepo='google-cloud,jdetiber-qemu-user-static' - name: Install qemu-user-static package: name: qemu-user-static state: present - name: Start and enable systemd-binfmt service systemd: name: systemd-binfmt state: started enabled: yes - name: Build image hosts: build_instance_ips pre_tasks: - name: Set up core host GCP configuration include_role: name: openshift_gcp tasks_from: configure_gcp_base_image.yml roles: - role: os_update_latest post_tasks: - name: Disable all repos on RHEL command: subscription-manager repos --disable="*" when: using_rhel_subscriptions - name: Enable repos for packages on RHEL command: subscription-manager repos --enable="rhel-7-server-rpms" --enable="rhel-7-server-extras-rpms" when: using_rhel_subscriptions - name: Install common image prerequisites package: name={{ item }} state=latest with_items: # required by Ansible - PyYAML - google-compute-engine - google-compute-engine-init - google-config - wget - git - net-tools - bind-utils - iptables-services - bridge-utils - bash-completion - name: Clean yum metadata command: yum clean all args: warn: no when: ansible_os_family == "RedHat" - name: Commit image hosts: localhost connection: local tasks: - name: Terminate the image build instance gce: service_account_email: "{{ (lookup('file', openshift_gcp_iam_service_account_keyfile ) | from_json ).client_email }}" credentials_file: "{{ openshift_gcp_iam_service_account_keyfile }}" project_id: "{{ openshift_gcp_project }}" zone: "{{ openshift_gcp_zone }}" instance_names: "{{ openshift_gcp_prefix }}build-image-instance" state: absent - name: Save the new image command: gcloud --project "{{ openshift_gcp_project}}" compute images create "{{ openshift_gcp_base_image_name | default(openshift_gcp_base_image + '-' + lookup('pipe','date +%Y%m%d-%H%M%S')) }}" --source-disk "{{ openshift_gcp_prefix }}build-image-instance" --source-disk-zone "{{ openshift_gcp_zone }}" --family "{{ openshift_gcp_base_image }}" - name: Remove the image instance disk gce_pd: service_account_email: "{{ (lookup('file', openshift_gcp_iam_service_account_keyfile ) | from_json ).client_email }}" credentials_file: "{{ openshift_gcp_iam_service_account_keyfile }}" project_id: "{{ openshift_gcp_project }}" zone: "{{ openshift_gcp_zone }}" name: "{{ openshift_gcp_prefix }}build-image-instance" state: absent