Implement netboot VM with macvtap interface.

2023-11-28 11:17:12 +01:00 · 2023-11-28 11:17:12 +01:00 · 25c9a4db4b
commit 25c9a4db4b
parent 70b5a51565
4 changed files with 38 additions and 5 deletions
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@ -27,6 +27,7 @@
      - elpa-color-theme-modern
      - elpa-magit
      - emacs
+      - filezilla
      - freeplane
      - git
      - gitg
--- a/roles/lmn_vm/files/create-vm.sh
+++ b/roles/lmn_vm/files/create-vm.sh
@ -41,8 +41,8 @@ fi

 # hardware addresses need to be removed, libvirt will assign
 # new addresses automatically
-sed -i /uuid/d "${VM_NAME}-${VM_CLONE}.xml"
-sed -i '/mac address/d' "${VM_NAME}-${VM_CLONE}.xml"
-
 # and actually rename the vm: (this also updates the storage path)
-sed -i "s/${VM_NAME}/${VM_NAME}-${VM_CLONE}/" "${VM_NAME}-${VM_CLONE}.xml"
+sed -i -E \
+    -e '/<uuid>.+<\/uuid>/d' \
+    -e '/.+mac address.+[[:xdigit:]:]{17}.+/d' \
+    -e "s/${VM_NAME}/${VM_NAME}-${VM_CLONE}/" "${VM_NAME}-${VM_CLONE}.xml"
--- a/roles/lmn_vm/files/run-vm.sh
+++ b/roles/lmn_vm/files/run-vm.sh
@ -97,6 +97,11 @@ create-clone() {
    sed -i "s/${VM_NAME}/${VM_NAME}-clone/" "${VM_XML}"
    # set virtiofs-Socket
    sed -i "s:VIRTIOFSSOCKET:/run/user/${UID}/virtiofs-${VM_NAME}.sock:" "${VM_XML}"
+
+    # find macvtap interface MAC address:
+    MAC="$(ip link | grep -A1 "vm-macvtap" |
+              sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
+    sed -i -E -e "s/MACMACVTAP/$MAC/" "${VM_XML}"
 }

 QEMU='qemu:///session'
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@ -177,12 +177,39 @@
    create: True
    mode: '0600'

-# FIXME #691138
+
+# FIXME #691138, better: prepare interfaces ready to use, c.f. below
 - name: Allow users to attach to bridge
  file:
    path: /usr/lib/qemu/qemu-bridge-helper
    mode: '4755'

+- name: Configure macvtap interface
+  ansible.builtin.copy:
+    dest: /etc/NetworkManager/system-connections/macvlan-vm-macvtap.nmconnection
+    mode: '0600'
+    content: |
+      [connection]
+      id=macvlan-vm-macvtap
+      type=macvlan
+      interface-name=vm-macvtap
+      [macvlan]
+      mode=2
+      parent={{ ansible_default_ipv4['interface'] }}
+      tap=true
+      [ipv4]
+      method=disabled
+      [ipv6]
+      method=disabled
+      [proxy]
+
+- name: Adjust interface permissions for user mode VMs
+  ansible.builtin.copy:
+    dest: /etc/udev/rules.d/80-macvlan.rules
+    content: |
+      SUBSYSTEMS=="net", KERNELS=="vm-macvtap", MODE="0666"
+
+
 - name: Create directory for local .desktop-Files
  ansible.builtin.file:
    path: "{{ item }}"