ansible-role-kvm/tasks/main.yml

---

- name: Read cpuinfo from kernel
  ansible.builtin.command:
    cmd: cat /proc/cpuinfo
  register: cpu_info
  changed_when: false

- name: Verify if Intel VMX or AMD SVM is enabled
  ansible.builtin.fail:
    msg: "Intel VMX or AMD SVE not enabled"
  when: "'vmx' not in cpu_info.stdout and 'svm' not in cpu_info.stdout"

- name: Include OS-specific variables
  ansible.builtin.include_vars: "{{ ansible_os_family }}.yml"

- name: Add virt-manager to list of kvm packages
  ansible.builtin.set_fact:
    kvm_package_names: "{{ kvm_package_names + kvm_vm_manager_package_names }}"
  when: kvm_virtual_machine_manager

- name: Install kvm packages
  ansible.builtin.package:
    name: "{{ item }}"
    state: present
  with_items:
  - "{{ kvm_package_names }}"

- name: Load and persist kernel module "kvm_amd"
  when: cpu_info.stdout.find('sev') != -1
  block:
  - name: Load kernel module "kvm_amd" temporarily
    community.general.modprobe:
      name: "kvm_amd"
      params: "sev=1"
      state: present
  - name: Load kernel module "kvm_amd" persistently
    ansible.builtin.template:
      src: "etc/modules-load.d/10-amd-sve.conf.j2"
      dest: "/etc/modules-load.d/10-amd-sve.conf"
      owner: root
      group: root
      mode: "0644"

- name: Append unix user to unix groups to interact with qemu/kvm
  ansible.builtin.user:
    name: "{{ item.name }}"
    append: true
    groups: "{{ kvm_unix_groups }}"
  with_items: "{{ kvm_users }}"

- name: Start and enable {{ kvm_service_name }}
  ansible.builtin.systemd:
    name: "{{ kvm_service_name }}"
    state: started
    enabled: true

# FIXME:
# Create btrfs subvolume /var/lib/libvirt/images and execute `chattr +C` if subvolume was successfullt created. Check if
# directory exists. If not check if filesystem type of /var/lib/libvirt/images is btrfs via `stat -f --format=%T <path>`
# and if the inode is 256 or 2 with `stat --format="%i" <path>`.

# - name: ...
Initial Commit 2022-02-26 17:46:02 +00:00			`---`

			`- name: Read cpuinfo from kernel`
fix: add linter 2023-02-08 17:23:50 +00:00			`ansible.builtin.command:`
			`cmd: cat /proc/cpuinfo`
Initial Commit 2022-02-26 17:46:02 +00:00			`register: cpu_info`
			`changed_when: false`

fix: enable check for vmx and svm 2022-02-26 17:58:51 +00:00			`- name: Verify if Intel VMX or AMD SVM is enabled`
fix: add linter 2023-02-08 17:23:50 +00:00			`ansible.builtin.fail:`
fix: enable check for vmx and svm 2022-02-26 17:58:51 +00:00			`msg: "Intel VMX or AMD SVE not enabled"`
			`when: "'vmx' not in cpu_info.stdout and 'svm' not in cpu_info.stdout"`
Initial Commit 2022-02-26 17:46:02 +00:00
fix: use better name for task 2022-12-28 21:02:46 +00:00			`- name: Include OS-specific variables`
style(kvm): name of tasks, use built in module 2023-02-12 13:46:34 +00:00			`ansible.builtin.include_vars: "{{ ansible_os_family }}.yml"`
Initial Commit 2022-02-26 17:46:02 +00:00
fix: task description 2022-03-11 11:48:06 +00:00			`- name: Add virt-manager to list of kvm packages`
fix: add linter 2023-02-08 17:23:50 +00:00			`ansible.builtin.set_fact:`
Initial Commit 2022-02-26 17:46:02 +00:00			`kvm_package_names: "{{ kvm_package_names + kvm_vm_manager_package_names }}"`
			`when: kvm_virtual_machine_manager`

fix: task description 2022-03-11 11:48:06 +00:00			`- name: Install kvm packages`
fix: add linter 2023-02-08 17:23:50 +00:00			`ansible.builtin.package:`
Initial Commit 2022-02-26 17:46:02 +00:00			`name: "{{ item }}"`
			`state: present`
			`with_items:`
			`- "{{ kvm_package_names }}"`

			`- name: Load and persist kernel module "kvm_amd"`
			`when: cpu_info.stdout.find('sev') != -1`
			`block:`
			`- name: Load kernel module "kvm_amd" temporarily`
fix: add linter 2023-02-08 17:23:50 +00:00			`community.general.modprobe:`
Initial Commit 2022-02-26 17:46:02 +00:00			`name: "kvm_amd"`
			`params: "sev=1"`
			`state: present`
			`- name: Load kernel module "kvm_amd" persistently`
fix: add linter 2023-02-08 17:23:50 +00:00			`ansible.builtin.template:`
Initial Commit 2022-02-26 17:46:02 +00:00			`src: "etc/modules-load.d/10-amd-sve.conf.j2"`
			`dest: "/etc/modules-load.d/10-amd-sve.conf"`
			`owner: root`
			`group: root`
style(lint): quote mode 2023-02-26 21:20:44 +00:00			`mode: "0644"`
Initial Commit 2022-02-26 17:46:02 +00:00
fix: task description 2022-03-11 11:48:06 +00:00			`- name: Append unix user to unix groups to interact with qemu/kvm`
fix: add linter 2023-02-08 17:23:50 +00:00			`ansible.builtin.user:`
Initial Commit 2022-02-26 17:46:02 +00:00			`name: "{{ item.name }}"`
fix: add linter 2023-02-08 17:23:50 +00:00			`append: true`
Initial Commit 2022-02-26 17:46:02 +00:00			`groups: "{{ kvm_unix_groups }}"`
			`with_items: "{{ kvm_users }}"`

			`- name: Start and enable {{ kvm_service_name }}`
fix: add linter 2023-02-08 17:23:50 +00:00			`ansible.builtin.systemd:`
Initial Commit 2022-02-26 17:46:02 +00:00			`name: "{{ kvm_service_name }}"`
			`state: started`
fix: add linter 2023-02-08 17:23:50 +00:00			`enabled: true`
doc: add note about btrfs subvolume 2024-01-13 21:46:11 +00:00
			`# FIXME:`
			# Create btrfs subvolume /var/lib/libvirt/images and execute `chattr +C` if subvolume was successfullt created. Check if
			# directory exists. If not check if filesystem type of /var/lib/libvirt/images is btrfs via `stat -f --format=%T <path>`
			# and if the inode is 256 or 2 with `stat --format="%i" <path>`.

			`# - name: ...`