[PVE-User] Proxmox VE 5.x deployments with Ansible (now with clustering/acl management)

Musee Ullah lae at lae.is
Mon Oct 16 11:36:36 CEST 2017 

A new version of this Ansible role has been published. It now supports
creating and adding nodes to a PVE cluster, as well as managing groups,
users and access control lists either within a single node or within a
PVE cluster.

See release notes for a full list of changes:
https://github.com/lae/ansible-role-proxmox/releases/tag/v1.4.0

As always, this can be installed/updated from Galaxy (pass --force if
updating):

ansible-galaxy install lae.proxmox

To enable clustering, set "pve_cluster_enabled" to yes in your group
variables. If you need to specify a separate ring0 (or extra ring1)
address, refer to the README:
https://github.com/lae/ansible-role-proxmox/blob/master/README.md

A quick configuration of users/groups/ACLs:

pve_groups:
  - name: Admins
pve_users:
  - name: admin@pam
    groups: [ "Admins" ]
pve_acls:
  - path: /
    roles: [ "Administrator" ]
    groups: [ "Admins" ]

This'll create a user "admin@pam" in the group "Admins", with
Administrator level access to the entire cluster (or node). For more
examples, refer to the README.

As always, I'm open to any feedback, bug reports, and feature requests.

Hope you'll try it out!

-- 
Musee Ullah <lae at lae.is>

2017-10-03 (火) の 17:19 -0700 に Musee Ullah さんは書きました:
> Hey all,

It's been a while. I just a cut a release of an Ansible role that now
supports deploying PVE 5.x nodes (it still supports 4.x), as well as
configuring HTTPS certificates for the nodes. Most of the requests
from the previous email thread (back in March) were also implemented
long ago, but I happened to not cut a release for them until now.
(For more info, check the releases page:
https://github.com/lae/ansible-role-proxmox/releases.)

You can see a successful test deployment of 5.x/Debian Stretch here: 
https://travis-ci.org/lae/ansible-role-proxmox/jobs/282937447#L4975 -
I've also successfully tested creating a cluster with pvecm locally
using this (I'll eventually add this functionality into the Ansible
role).

Anyway, if any of you have time to do a 5.x deployment (or even
manage an existing 4.x deployment) using this role, I'd love to get
your input as to what could be improved.

The role is available on Ansible Galaxy at
https://galaxy.ansible.com/lae/proxmox/ (the README tab has a
quickstart section with an example single host deployment).

Also one more thing to note - this can easily be used to keep 4.x and
5.x clusters up to date (it'll upgrade to the latest in their series)
- but it can't be used for automating an upgrade from 4.x to 5.x (too
many variables to consider, honestly).
-- 
Musee Ullah <lae at lae.is>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part
URL: <http://lists.proxmox.com/pipermail/pve-user/attachments/20171016/55cf6aa2/attachment.sig>

More information about the pve-user mailing list