Reorganize and rejigger

roles/pvc/tasks/libvirt/bootstrap.yml

@@ -0,0 +1,3 @@
+---
+- name: create Libvirt keyring
+  command: ceph auth get-or-create client.libvirt mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=pvc*'

roles/pvc/tasks/libvirt/main.yml

@@ -0,0 +1,53 @@
+---
+- name: install libvirt packages
+  apt:
+    name:
+      - libvirt-daemon-system
+      - qemu-kvm
+      - qemu-utils
+      - qemu-block-extra
+      - vhostmd
+      - ceph-common
+      - libjemalloc2
+    state: latest
+
+- name: install libvirt configuration
+  template:
+    src: libvirt/{{ item }}.j2
+    dest: /etc/libvirt/{{ item }}
+  with_items:
+    - libvirtd.conf
+    - ceph-secret.xml
+  notify: restart libvirtd
+
+- include: libvirt/bootstrap.yml
+  when: bootstrap is defined and bootstrap
+  run_once: yes
+
+- name: get ceph libvirt secret key
+  command: ceph auth get-key client.libvirt
+  register: libvirt_key
+
+- name: define ceph secret
+  command: virsh secret-define /etc/libvirt/ceph-secret.xml
+  ignore_errors: true
+
+- name: set ceph libvirt secret value
+  command: virsh secret-set-value --secret {{ pvc_ceph_storage_secret_uuid }} --base64 {{ libvirt_key.stdout }}
+  ignore_errors: true
+
+- name: configure libvirt for listening
+  replace:
+    dest: /etc/default/libvirtd
+    regexp: '#libvirtd_opts=""'
+    replace: 'libvirtd_opts="--listen"'
+  notify: restart libvirtd
+
+- name: disable services
+  service:
+    name: "{{ item }}"
+    enabled: no
+  with_items:
+    - libvirtd
+
+- meta: flush_handlers