NOTE:

This repository is no longer being updated - the role has moved to the Ansible collection now ➡️ https://github.com/stackhpc/ansible-collection-openstack

OpenStack Images

This role creates guest instance images using disk-image-builder and uploads them to OpenStack with the os_image module.

Requirements

The OpenStack APIs must be reachable from the target host. Client credentials should be set in the environment or using the clouds.yaml format.

You need to use a virtual environment with system site packages enabled since this role depends on Python packages installed by the package manager. For example:

virtualenv --system-site-packages ~/venvs/dib

Role Variables

• os_images_package_dependencies_extra: List of additional packages to install on the build host.

• os_images_cache: Path to a directory where build artifacts will be cached. Defaults to ~/disk_images. NOTE: New images will NOT be created if an image is already cached, even if config changes are made. Use force_rebuild to apply new config changes.

• os_images_auth_type: Authentication method for OpenStack. Defaults to password.

• os_images_auth: Authentication details for OpenStack, including:

  • auth_url: URL for Keystone auth endpoint. Defaults to OS_AUTH_URL.
  • project: OpenStack project/tenant name. Defaults to OS_TENANT_NAME.
  • username: OpenStack username. Defaults to OS_USERNAME.
  • password: OpenStack password. Defaults to OS_PASSWORD.

• os_images_region: Specify a region to upload images. Default is None.

• os_images_cacert: Optional path to a CA certificate bundle.

• os_images_interface: Type of endpoint URL to fetch from the service catalog. Can be public, admin, or internal.

• os_images_list: A list of YAML dictionaries containing information for each image:

  • name: Name of the image in OpenStack.
  • elements: List of diskimage-builder elements to include in the image.
  • image_url: URL for the image location on the internet.
  • checksum: Checksum to validate a downloaded image. Format: <algorithm>:<checksum|url>.
  • env: (optional) Environment variables for diskimage-builder parameters in the format KEY: VALUE.
  • packages: (optional) List of packages to install in the image.
  • size: (optional) Size of the image filesystem.
  • properties: (optional) Properties to set on the glance image. Common properties are available here.
  • type: (optional) Type of image. The default in DIB is qcow2. Available formats are here.
  • force_rebuild: (optional) Flag indicating whether to always build the image (even if an image with the same name already exists). If os_images_upload is set to True, existing images on glance will be replaced. Defaults to os_images_force_rebuild if unset.
  • is_public: (optional) Determines if the image is visible to all projects or kept private.
  • owner: (optional) ID of the project that will own the uploaded image.

• os_images_common: Set of elements included in every image listed. Defaults to cloud-init enable-serial-console stable-interface-names.

• os_images_dib_pkg_name: Optionally customize the name parameter for the ansible.builtin.pip module when installing diskimage-builder. This can be used to install specific versions.

• os_images_dib_version: Optionally specify the version of diskimage-builder to install. By default, there is no version constraint.

• os_images_git_elements: Optional list of elements to pull from GitHub and include in the images. Provide a list of dictionaries with:

  • repo: URL for the Git repository to clone (if not already present).
  • local: Local path for Git cloning.
  • version: Optional Git reference (branch, tag, hash) for cloning. Defaults to HEAD.
  • elements_path: Optional relative path to elements within the repository.

• os_images_elements: Optional list of site-specific DIB element paths.

• os_images_upload: Whether to upload built images to Glance. Defaults to True.

• os_images_force_rebuild: Whether to force a rebuild of the DIB image. If os_images_upload is set to True, existing images on Glance will be replaced with the newly built image. Defaults to False.

• os_images_public: Indicates if uploaded images are public. Defaults to True, but requires admin permissions.

• os_images_venv: Path to a virtual environment for installing Python dependencies for image uploads.

• os_images_dib_venv: Path to a virtual environment for installing DIB to build images.

• os_images_promote: Whether to retire old images and promote new ones. Defaults to False.

• os_images_build: Whether to build the images.

• os_images_name_suffix: Suffix to remove during image promotion (e.g., -rc, -dev, -test). Mandatory for promotion functionality. Defaults to empty.

• os_images_hide: Whether to hide images from the Glance list. This option is available in the image retirement and promotion process. Defaults to False.

Dependencies

Example Playbook

The following playbook generates a guest image and uploads it to OpenStack:

---
- name: Generate guest image and upload
  hosts: openstack
  roles:
    - role: stackhpc.os-images
      os_images_auth:
        auth_url:     "{{ lookup('env','OS_AUTH_URL') }}"
        username:     "{{ lookup('env','OS_USERNAME') }}"
        password:     "{{ lookup('env','OS_PASSWORD') }}"
        project_name: "{{ lookup('env','OS_TENANT_NAME') }}"
      os_images_list:
      - name: FedoraCore
        elements:
          - fedora
          - selinux-permissive
          - alaska-extras
        env:
          DIB_ALASKA_DELETE_REPO: "y"
          DIB_ALASKA_PKGLIST: "pam-python pam-keystone"
      - name: FedoraAtomic27
        image_url: https://ftp.icm.edu.pl/pub/Linux/dist/fedora-alt/atomic/stable/Fedora-Atomic-27-20180326.1/CloudImages/x86_64/images/Fedora-Atomic-27-20180326.1.x86_64.qcow2
        properties:
          os_distro: fedora-atomic
        type: qcow2

Author Information

• Stig Telfer (stig@stackhpc.com)