525 iocage template ansible_init (class)

Use case

Use the iocage template ansible_init created in 524 iocage template ansible_init (hostname). Configure the repo ansible-conf-init to pull the jails’ configuration from the repo ansible-conf-test. Create jails from the template. Use class=test to select the configuration. Run ansible-pull asynchronously.

Tree

shell > tree .
.
├── ansible.cfg
├── group_vars
│   └── all
│       └── project.yml
├── hosts
│   └── 05_iocage.yml
└── iocage.ini

Synopsis

• At a managed node:

  • In the playbook vbotka.freebsd.pb_iocage_project_create_from_templates.yml create jails from the template ansible_init.

  • Wait for ansible-pull to configure the jails and display the test files.

Note

The only difference compared to 524 iocage template ansible_init (hostname) is the dictionary used for the jails’ configuration. In this example, the jails (baz and qux) are not included in the ai_db_host dictionary; instead, they are configured from the ai_db_class dictionary. See the repository ansible-conf-init.

Requirements

• template ansible_init created in 524 iocage template ansible_init (hostname)

• playbook vbotka.freebsd.pb_iocage_project_create_from_templates.yml

• inventory plugin vbotka.freebsd.iocage

• connection plugin vbotka.freebsd.jailexec

Note

• See Practical rc.d scripting in BSD

• See the option firstboot_sentinel in man rc.conf

• See the example 523 iocage template ansible_repos

• See the section Troubleshooting in 526 Log server and clients (ansible_init)

See also

GitHub repositories:

• ansible-conf-init

• ansible-conf-test

ansible.cfg

[defaults]
callback_result_format = yaml
deprecation_warnings = false
display_skipped_hosts = false
gathering = explicit
interpreter_python = auto_silent
log_path = /var/log/ansible.log

[connection]
pipelining = true

Inventory iocage.ini

iocage_05

[iocage]
iocage_05

[iocage:vars]
ansible_user=admin
ansible_become=true
ansible_python_interpreter=auto_silent

hosts

hosts/05_iocage.yml

plugin: vbotka.freebsd.iocage
host: iocage_05
user: admin
sudo: true
get_properties: true

compose:
  iocage_tags: dict(iocage_properties.notes | regex_findall('(\w+)=([\w\-]+)'))
  iocage_classes: iocage_properties.notes | regex_findall('(?<=class=)[\w\-]+|(?<=,)[\w\-]+')
# connection plugin vbotka.freebsd.jailexec
  ansible_connection: "'vbotka.freebsd.jailexec'"
  ansible_jail_host: dict(iocage_properties.notes | regex_findall('(\w+)=([\w\-]+)')).vmm | d('none')
  ansible_jail_name: iocage_jid
  ansible_jail_privilege_escalation: "'sudo'"
# ansible options
  ansible_python_interpreter: "'auto_silent'"

groups:
  pull_repos: iocage_classes is contains('repos')
  pull_test: iocage_classes is contains('test')

keyed_groups:
  - prefix: state
    key: iocage_state
  - prefix: vmm
    key: iocage_tags.vmm

group_vars

group_vars/all/project.yml

project:
  baz:
    class: [test]
    template: ansible_init
    custom_facts: class.fact.j2
    vmm: iocage_05
  qux:
    class: [test]
    template: ansible_init
    custom_facts: class.fact.j2
    vmm: iocage_05

properties:
  bpf: 1
  dhcp: 1
  vnet: 1
  boot: 1

vmm_groups: "{{ dict(project | dict2items | groupby('value.vmm')) }}"
vmm: "{{ dict(vmm_groups.keys() | zip(vmm_groups.values() | map('items2dict'))) }}"

Playbook output - Create project jails from iocage templates

(env) > ansible-playbook vbotka.freebsd.pb_iocage_project_create_from_templates.yml -i iocage.ini -i hosts

PLAY [Create and start project jails from iocage templates.] *******************

TASK [Setup: Get activated pool.] **********************************************
ok: [iocage_05]

TASK [Create jails.] ***********************************************************
ok: [iocage_05] => (item=baz)
ok: [iocage_05] => (item=qux)

TASK [Create custom facts dirs.] ***********************************************
changed: [iocage_05] => (item={'key': 'baz', 'value': {'class': ['test'], 'template': 'ansible_init', 'custom_facts': 'class.fact.j2', 'vmm': 'iocage_05'}})
changed: [iocage_05] => (item={'key': 'qux', 'value': {'class': ['test'], 'template': 'ansible_init', 'custom_facts': 'class.fact.j2', 'vmm': 'iocage_05'}})

TASK [Create custom facts files.] **********************************************
changed: [iocage_05] => (item={'key': 'baz', 'value': {'class': ['test'], 'template': 'ansible_init', 'custom_facts': 'class.fact.j2', 'vmm': 'iocage_05'}})
changed: [iocage_05] => (item={'key': 'qux', 'value': {'class': ['test'], 'template': 'ansible_init', 'custom_facts': 'class.fact.j2', 'vmm': 'iocage_05'}})

TASK [Set properties.] *********************************************************
ok: [iocage_05] => (item=baz)
ok: [iocage_05] => (item=qux)

TASK [Start jails.] ************************************************************
ok: [iocage_05]

PLAY RECAP *********************************************************************
iocage_05                  : ok=6    changed=2    unreachable=0    failed=0    skipped=6    rescued=0    ignored=0   

List jails

shell > ssh admin@iocage_05 sudo iocage list -l

+-----+-------------+------+-------+------+--------------+-----------------------+-----+---------------+----------+
| JID |    NAME     | BOOT | STATE | TYPE |   RELEASE    |          IP4          | IP6 |   TEMPLATE    | BASEJAIL |
+=====+=============+======+=======+======+==============+=======================+=====+===============+==========+
| 17  | bar         | on   | up    | jail | 15.0-RELEASE | epair0b|172.16.99.103 | -   | ansible_init  | no       |
+-----+-------------+------+-------+------+--------------+-----------------------+-----+---------------+----------+
| 18  | baz         | on   | up    | jail | 15.0-RELEASE | epair0b|172.16.99.107 | -   | ansible_init  | no       |
+-----+-------------+------+-------+------+--------------+-----------------------+-----+---------------+----------+
| 16  | foo         | on   | up    | jail | 15.0-RELEASE | epair0b|172.16.99.102 | -   | ansible_init  | no       |
+-----+-------------+------+-------+------+--------------+-----------------------+-----+---------------+----------+
| 19  | qux         | on   | up    | jail | 15.0-RELEASE | epair0b|172.16.99.104 | -   | ansible_init  | no       |
+-----+-------------+------+-------+------+--------------+-----------------------+-----+---------------+----------+
| 12  | repos       | on   | up    | jail | 15.0-RELEASE | vnet0|172.16.99.21/24 | -   | ansible_repos | no       |
+-----+-------------+------+-------+------+--------------+-----------------------+-----+---------------+----------+
| 13  | repos-devel | on   | up    | jail | 15.0-RELEASE | vnet0|172.16.99.22/24 | -   | ansible_repos | no       |
+-----+-------------+------+-------+------+--------------+-----------------------+-----+---------------+----------+

Display the test files

shell > ssh admin@iocage_05 sudo iocage exec baz "cat /tmp/ansible-hello-world.txt"

[ansible-test] Hello world!

shell > ssh admin@iocage_05 sudo iocage exec qux "cat /tmp/ansible-hello-world.txt"

[ansible-test] Hello world!