debops.libvirtd default variables

libvirtd packages

libvirtd__base_packages

List of libvirtd packages which will be installed on all distribution releases, unless overridden.

libvirtd__base_packages:
  - 'libvirt-daemon-system'
  - 'libvirt-clients'
libvirtd__base_packages_map

Override list of base packages for specific distribution releases.

libvirtd__base_packages_map:
  'wheezy':  [ 'libvirt-bin' ]
  'precise': [ 'libvirt-bin' ]
  'trusty':  [ 'libvirt-bin' ]
libvirtd__kvm_packages

List of QEMU KVM packages to install. They will be installed on all hosts apart from KVM guests, to not create redundant support.

libvirtd__kvm_packages:
  - 'qemu-system-x86'
  - 'qemu-kvm'
  - 'qemu-utils'
libvirtd__network_packages

List of network-related packages to install with libvirtd.

libvirtd__network_packages:
  - 'dnsmasq-base'
  - 'bridge-utils'
  - 'ebtables'
libvirtd__packages

List of custom packages to install.

libvirtd__packages: []

Access control

libvirtd__admins

List of administrator accounts which should have access to libvirtd.

libvirtd__admins: [ '{{ (ansible_ssh_user
                        if (ansible_ssh_user | d() and
                            ansible_ssh_user != "root")
                        else lookup("env", "USER")) }}' ]
libvirtd__group_map

Mapping of default UNIX access group on different distributions.

libvirtd__group_map:
  'Debian': 'libvirt'
  'Ubuntu': 'libvirtd'

libvirtd connection URI

libvirtd__system_uri

Connection URI for the local libvirtd instance.

libvirtd__system_uri: 'qemu:///system'
libvirtd__connections

Dict with connections configured in /etc/libvirt/libvirt.conf.

Each key is an alias for a connection, each value should be a valid libvirt URI connection string. At the moment only local (qemu:///system, lxc:///) and SSH (qemu+ssh://<hostname>/system, lxc+ssh://<hostname>/) connections are supported by debops.libvirtd.

libvirtd__connections:
  'localhost': '{{ libvirtd__system_uri }}'
libvirtd__uri

Name of the connection from libvirtd__connections configured as default system-wide.

libvirtd__uri: 'localhost'

Role-dependent configuration

libvirtd__apt_preferences__dependent_list

Configuration for the debops.apt_preferences role.

libvirtd__apt_preferences__dependent_list:

  - package: 'libvirt0 libvirt0-dbg libvirt-* python-libvirt libspice-server1 libusb-1.0-0 qemu-* seabios ipxe-qemu'
    backports: [ 'wheezy' ]
    reason: 'Version parity with Debian Jessie'
    by_role: 'debops.libvirtd'
libvirtd__ferm__dependent_rules

Configuration for debops.ferm firewall.

libvirtd__ferm__dependent_rules:

  - type: 'custom'
    filename: 'bootpc_checksum'
    weight: '30'
    rules: |
      # Add checksums to BOOTP packets from virtual machines and containers.
      # https://www.redhat.com/archives/libvir-list/2010-August/msg00035.html
      @hook post "iptables -A POSTROUTING -t mangle -p udp --dport bootpc -j CHECKSUM --checksum-fill";

  - type: 'custom'
    filename: 'reload_libvirt'
    weight: 'zz'
    rules: '@hook post "type libvirtd > /dev/null && (systemctl reload libvirtd || true)";'
libvirtd__ferm__forward

Enable/disable IP forwarding on the host.

libvirtd__ferm__forward: True