engonzal.proxmoxct

Ansible Roles: Proxmox

This role helps set up a new container on Proxmox. To use it, you need root SSH access to a Proxmox node and API access to your Proxmox host or cluster.

This role mainly runs on the local Ansible machine. Some tasks will use the "delegate_to" option to run directly on the remote Proxmox node.

Role Variables

There are many variables you can use to set up a container. Some are required, depending on your needs, while most are optional.

Simple Container Example:

pve_node: pve1
pve_apiuser: root@pam
pve_apipass: myAPIpassword
pve_hostname: "newhostname"
pve_template: local:vztmpl/debian-9.0-standard_9.5-1_amd64.tar.gz

Detailed Example with Bind Mounts:

If you have a cephfs mount in your cluster, here's an example:

pve_node: pve1
pve_vmid: 114
pve_apiuser: engonzal@pve
pve_apipass: myAPIpassword
pve_api_host: pve1.domain.com
pve_hostname: "newhostname"
pve_template: local:vztmpl/debian-9.0-standard_9.5-1_amd64.tar.gz
pve_netif:
  net0: "name=eth0,gw=192.168.84.1,ip=192.168.84.20/24,bridge=vmbr0"
pve_cores: 2
pve_mem: 2048
pve_swap: "{{ pve_mem }}"
pve_guest_pass: myContainerRootPassword
pve_search: domain.com
pve_dns: '192.168.84.1'
pve_storage: ceph_storage_ct
pve_unprivileged: yes
pve_ssh: "ssh-rsa myPublicKey engonzal@hostname"
pve_custom_mounts:
  mp0: "/mnt/pve/cephfs_data/downloads/,mp=/downloads"
  mp1: "/mnt/pve/cephfs_data/media,mp=/media"

Example Playbooks

Ansible Hosts Inventory File

# hosts
[proxmox_containers]
test_server

Ansible Playbook

# proxmox.yml
---
- hosts: plex_app
  connection: local
  user: root
  vars:
    pve_node: pve1
    pve_apiuser: root@pam
    pve_apipass: myAPIpassword
    pve_api_host: pve1.domain.com
    pve_hostname: "newhostname"
    pve_template: local:vztmpl/debian-9.0-standard_9.5-1_amd64.tar.gz
  roles:
    - engonzal.proxmoxct

Ansible Run Command

ansible-playbook -i hosts -l test_server proxmox.yml

Advanced Example Playbook

You can add a delay in your playbooks:

---
- hosts: plex_app
  connection: local
  user: root
  pre_tasks:
  - name: Get current python interpreter
    command: which python
    register: which_interpreter
    tags: always
    changed_when: False

  - name: Use current python path
    set_fact:
      ansible_python_interpreter: "{{ which_interpreter.stdout }}"
    tags: always

  roles:
    - name: engonzal.proxmoxct
      tags: pve
  post_tasks:
    - name: Wait for container to boot
      pause:
        seconds: 20
      when: pve_info_state.changed

- hosts: plex_app
  user: root
  vars:
    ansible_python_interpreter: /usr/bin/python3
    package_list:
      - vim
  roles:
    - engonzal.package

Other Examples

DHCP Example:

pve_node: pve1
pve_vmid: 114
pve_apiuser: engonzal@pve
pve_apipass: myAPIpassword
pve_api_host: pve1.domain.com
pve_state: present
pve_hostname: "newhostname"
pve_template: local:vztmpl/debian-9.0-standard_9.5-1_amd64.tar.gz
pve_netif:
  net0: "name=eth0,ip=dhcp,ip6=dhcp,bridge=vmbr0"
pve_storage: local-lvm
pve_custom_mounts:
  mp0: "/mnt/pve/cephfs_data/downloads/,mp=/downloads"
  mp1: "/mnt/pve/cephfs_data/media,mp=/media"

Variable Organization

For better organization, you can store variables like this (using Ansible vault for passwords):

# group_vars/all
pve_apiuser: engonzal@pve
pve_apipass: myAPIpassword
pve_api_host: pve1.domain.com
pve_guest_pass: myContainerRootPassword
pve_search: domain.com
pve_dns: '192.168.84.1'
pve_unprivileged: yes
pve_ssh: "ssh-rsa myPublicKey engonzal@hostname"

# group_vars/plex
pve_node: pve3
pve_vmid: 114
pve_hostname: "plex"
pve_netif:
  net0: "name=eth0,gw=192.168.84.1,ip=192.168.84.20/24,bridge=vmbr0"
pve_template: local:vztmpl/ubuntu-18.10-standard_18.10-1_amd64.tar.gz
pve_cores: 8
pve_mem: 4096
pve_custom_mounts:
  mp0: "/mnt/pve/cephfs_data/media,mp=/media"