Update Debian cloud image for running on Proxmox

extravars/common.yml

@@ -1,6 +1,5 @@
 ---
 # linux_common
-ansible_user_id: "saadali"
 LC_CHANGE_HOSTNAME: False
 LC_SET_LOCALES: True
 LC_SETUP_SUDO: False
@@ -12,18 +11,16 @@ LC_DEFAULT_LOCALE: "en_US.UTF-8 UTF-8"
 LC_MODIFY_SYSTEM_SHELL_ENV: True
 LC_MODIFY_SKEL: True
 LC_MODIFY_ROOT_SHELL_ENV: True
-LC_MODIFY_USER_SHELL_ENV: True
-LC_DEBIAN_MIRROR: "deb.debian.org"
 LC_INSTALL_PACKAGES: True
-LC_REBOOT: True
-LC_CHANGE_TIMEZONE: True
-LC_ENABLE_SRC_REPOS: False
-LC_ENABLE_APT_BACKPORTS: False
 LC_CHANGES_APT_DEFAULT_SOURCES_LIST: True
+LC_DEBIAN_MIRROR: "deb.debian.org"
+LC_DEBIAN_REPOS: "main contrib non-free non-free-firmware"
+LC_CHANGE_TIMEZONE: True
 LC_TIMEZONE: "Asia/Karachi"
 LC_EXTRA_PACKAGES:
   - "gpg"
   - "apt-transport-https"
+  - "qemu-guest-agent"
 
 # motd variables
 memory_info: False

extravars/provision_vms.yml

@@ -1,6 +1,8 @@
 ---
+# pve_ci_tweak
+pve_ci_image: "{{ lookup('ansible.builtin.env', 'HOME') }}/Downloads/debian-12-generic-amd64-daily-20231117-1567.qcow2"
 # provision_proxmox_vms
-vm_provisioner_src_image: "{{ lookup('ansible.builtin.env', 'HOME') }}/Downloads/debian-12-generic-amd64-daily-20231117-1567.qcow2"
+vm_provisioner_src_image: "{{ pve_ci_image }}"
 vm_provisioner_dest_image: "/var/lib/vz/images/debian-12-generic-amd64-daily-20231117-1567.qcow2"
 vm_provisioner_cloudinit_username: "{{ lookup('ansible.builtin.env', 'USER') }}"
 vm_provisioner_local_user_ssh_public_key: "{{ lookup('ansible.builtin.env', 'HOME') }}/.ssh/id_rsa.pub"
@@ -10,8 +12,8 @@ vm_provisioner_proxmox_node: "KDRAIGO"
 vm_provisioner_cloudinit_search_domain: "h.nixknight.pk"
 vm_provisioner_default_proxmox_storage: "SSD-DATA"
 vm_provisioner_k8s_vms:
-  - name: "k8s-master-01"
-    tags: "k8s_nodes,master"
+  - name: "k8s-api-lb"
+    tags: "k8s_nodes,api-lb"
     vmid: 101
     sockets: 2
     cores: 1
@@ -30,8 +32,8 @@ vm_provisioner_k8s_vms:
     ipconfig:
       ipconfig0: "ip=192.168.1.21/24,gw=192.168.1.1"
     state: present
-  - name: "k8s-master-02"
-    tags: "k8s_nodes,master"
+  - name: "k8s-master-01"
+    tags: "k8s_nodes,masters"
     vmid: 102
     sockets: 2
     cores: 1
@@ -50,8 +52,8 @@ vm_provisioner_k8s_vms:
     ipconfig:
       ipconfig0: "ip=192.168.1.22/24,gw=192.168.1.1"
     state: present
-  - name: "k8s-lb"
-    tags: "k8s_nodes,lb"
+  - name: "k8s-master-02"
+    tags: "k8s_nodes,masters"
     vmid: 103
     sockets: 2
     cores: 1
@@ -70,8 +72,8 @@ vm_provisioner_k8s_vms:
     ipconfig:
       ipconfig0: "ip=192.168.1.23/24,gw=192.168.1.1"
     state: present
-  - name: "k8s-worker-01"
-    tags: "k8s_nodes,workers"
+  - name: "k8s-master-03"
+    tags: "k8s_nodes,masters"
     vmid: 104
     sockets: 2
     cores: 1
@@ -90,7 +92,7 @@ vm_provisioner_k8s_vms:
     ipconfig:
       ipconfig0: "ip=192.168.1.24/24,gw=192.168.1.1"
     state: present
-  - name: "k8s-worker-02"
+  - name: "k8s-worker-01"
     tags: "k8s_nodes,workers"
     vmid: 105
     sockets: 2
@@ -110,3 +112,43 @@ vm_provisioner_k8s_vms:
     ipconfig:
       ipconfig0: "ip=192.168.1.25/24,gw=192.168.1.1"
     state: present
+  - name: "k8s-worker-02"
+    tags: "k8s_nodes,workers"
+    vmid: 106
+    sockets: 2
+    cores: 1
+    memory: 2048
+    ostype: "l26"
+    disk_resize: "18G"
+    ciuser: "{{ vm_provisioner_cloudinit_username }}"
+    ide:
+      ide2: 'local:cloudinit,format=qcow2'
+    sshkeys: "{{ vm_provisioner_cloudinit_ssh_public_key }}"
+    searchdomains: "{{ vm_provisioner_cloudinit_search_domain }}"
+    nameservers:
+      - '192.168.1.1'
+    net:
+      net0: "virtio,bridge=vmbr0"
+    ipconfig:
+      ipconfig0: "ip=192.168.1.26/24,gw=192.168.1.1"
+    state: present
+  - name: "k8s-worker-03"
+    tags: "k8s_nodes,workers"
+    vmid: 106
+    sockets: 2
+    cores: 1
+    memory: 2048
+    ostype: "l26"
+    disk_resize: "18G"
+    ciuser: "{{ vm_provisioner_cloudinit_username }}"
+    ide:
+      ide2: 'local:cloudinit,format=qcow2'
+    sshkeys: "{{ vm_provisioner_cloudinit_ssh_public_key }}"
+    searchdomains: "{{ vm_provisioner_cloudinit_search_domain }}"
+    nameservers:
+      - '192.168.1.1'
+    net:
+      net0: "virtio,bridge=vmbr0"
+    ipconfig:
+      ipconfig0: "ip=192.168.1.27/24,gw=192.168.1.1"
+    state: present

inventory/inventory.ini

@@ -0,0 +1,8 @@
+[proxmox]
+192.168.1.20
+
+[localhost]
+localhost
+
+[chroot]
+/mnt

mount_cloud_image.yml

@@ -0,0 +1,100 @@
+---
+- name: Mount/Unmount Cloud Image
+  connection: local
+  hosts: localhost
+  gather_facts: yes
+  become: True
+  vars:
+    cloud_image: "{{ lookup('ansible.builtin.env', 'HOME') }}/Downloads/debian-12-generic-amd64-daily-20231117-1567.qcow2"
+    mount_point: "/mnt"
+    mount_device: "/dev/nbd0"
+  tasks:
+    - name: Load NBD Module
+      community.general.modprobe:
+        name: "nbd"
+        params: "max_part=2"
+        state: present
+      tags:
+        - mount
+
+    - name: Connect Cloud Image Using NBD
+      ansible.builtin.shell:
+        cmd: "qemu-nbd --connect={{ mount_device }} {{ cloud_image }}"
+      args:
+        executable: /bin/bash
+      tags:
+        - mount
+
+    - name: Mount the NBD Exported Cloud Image
+      ansible.posix.mount:
+        src: "{{ mount_device }}p1"
+        path: "{{ mount_point }}"
+        fstype: auto
+        state: ephemeral
+      tags:
+        - mount
+
+    - name: Mount /sys and /dev into {{ mount_point }}
+      ansible.posix.mount:
+        src: "{{ item }}"
+        path: "{{ mount_point }}{{ item }}"
+        fstype: none
+        opts: bind
+        state: ephemeral
+      with_items:
+        - "/sys"
+        - "/dev"
+      tags:
+        - mount
+
+    - name: Remove Existing File {{ mount_point }}/etc/resolv.conf
+      ansible.builtin.file:
+        path: "{{ mount_point }}/etc/resolv.conf"
+        state: absent
+      tags:
+        - mount
+        - unmount
+
+    - name: Copy /etc/resolv.conf to {{ mount_point }}/etc/resolv.conf
+      ansible.builtin.copy:
+        src: "/etc/resolv.conf"
+        dest: "{{ mount_point }}/etc/resolv.conf"
+      tags:
+        - mount
+
+    - name: Restore Symlink {{ mount_point }}/etc/resolv.conf
+      ansible.builtin.file:
+        path: "/etc/resolv.conf"
+        state: absent
+      delegate_to: chroot
+      vars:
+        ansible_connection: community.general.chroot
+      tags:
+        - mount
+        - unmount
+
+    - name: Umount /sys, /dev and {{ mount_point }}
+      ansible.posix.mount:
+        path: "{{ item }}"
+        state: unmounted
+      with_items:
+        - "{{ mount_point }}/sys"
+        - "{{ mount_point }}/dev"
+        - "{{ mount_point }}"
+      tags:
+        - unmount
+
+    - name: Disconnect Cloud Image Using NBD
+      ansible.builtin.shell:
+        cmd: "qemu-nbd --disconnect {{ mount_device }}"
+      args:
+        executable: /bin/bash
+      tags:
+        - unmount
+
+    - name: Unload NBD Module
+      community.general.modprobe:
+        name: "nbd"
+        state: absent
+      tags:
+        - unmount

provision_proxmox_vms.yml

@@ -1,17 +1,7 @@
 ---
 - name: Create and Start Proxmox VMs
-  hosts: all
+  hosts: proxmox
   gather_facts: yes
   become: True
   roles:
     - provision_proxmox_vms
-  tags: create-and-start-vms
-
-- name: Run Common Roles
-  hosts: k8s_nodes
-  gather_facts: yes
-  become: True
-  roles:
-    - linux_common
-    - motd
-  tags: common-roles

roles/provision_proxmox_vms/tasks/vm_creation.yml

@@ -62,7 +62,7 @@
 
 - name: Resize Imported Disk(s)
   ansible.builtin.shell:
-    cmd: "qm resize {{ item }} virtio0 +10G"
+    cmd: "qm resize {{ item }} virtio0 +{{ disk_resize }}"
   args:
     executable: /bin/bash
   with_items: "{{ vms_without_attached_disk }}"

roles/pve_ci_tweak/defaults/main.yml

@@ -0,0 +1,15 @@
+---
+# defaults file for pve_ci_tweak
+pve_ci_image: ""
+pve_ci_update_grub_cmdline: True
+pve_ci_grub_config_path: "/etc/default/grub"
+pve_ci_grub_cmdline: 'GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1"'
+pve_ci_kernel_modules_override_path: "/etc/modules-load.d/override.conf"
+pve_ci_kernel_modules: |
+  nf_conntrack
+  br_netfilter
+pve_ci_sysctl_override_path: "/etc/sysctl.d/override.conf"
+pve_ci_sysctl_parameters:
+  vm.swappiness=1
+  net.ipv4.ip_forward=1
+  net.bridge.bridge-nf-call-iptables=1

roles/pve_ci_tweak/meta/main.yml

@@ -0,0 +1,9 @@
+---
+galaxy_info:
+  author: Saad Ali
+  description: Tweak PVE Cloud Image.
+  license: license (MIT)
+  platforms:
+  - name: Debian
+    versions:
+      - bookworm

roles/pve_ci_tweak/tasks/main.yml

@@ -0,0 +1,27 @@
+---
+# tasks file for pve_ci_tweak
+- name: Update Grub Configuration
+  ansible.builtin.lineinfile:
+    path: "{{ pve_ci_grub_config_path }}"
+    regexp: '^GRUB_CMDLINE_LINUX_DEFAULT='
+    line: "{{ pve_ci_grub_cmdline }}"
+    backrefs: yes
+  when: pve_ci_update_grub_cmdline
+
+- name: Add Kernel Modules
+  ansible.builtin.lineinfile:
+    path: "{{ pve_ci_kernel_modules_override_path }}"
+    line: "{{ pve_ci_kernel_modules }}"
+    create: yes
+
+- name: Update sysctl Parameters
+  ansible.builtin.lineinfile:
+    path: "{{ pve_ci_sysctl_override_path }}"
+    line: "{{ pve_ci_sysctl_parameters }}"
+    create: yes
+
+- name: Update Grub
+  ansible.builtin.shell:
+    cmd: "update-grub"
+  args:
+    executable: /bin/bash

tweak_cloud_image.yml

@@ -0,0 +1,10 @@
+---
+- name: Prepare PVE Cloud Image
+  connection: community.general.chroot
+  hosts: chroot
+  gather_facts: yes
+  become: True
+  roles:
+    - linux_common
+    - motd
+    - pve_ci_tweak