README.md

Ansible Role jm1.cloudy.initrd

This role helps with editing initial ramdisk / initramfs images from Ansible variables. Role variable initrd_config defines a list of tasks which will be run by this role. Each task calls an Ansible module similar to tasks in roles or playbooks except that only few keywords such as when are supported. For example, to enable DRM (Direct Rendering Manager) kernel mode setting with NVIDIA's proprietary graphics card driver at the earliest possible occasion, define variable initrd_config in group_vars or host_vars as such:

initrd_config:
- ansible.builtin.blockinfile:
    block: |
      # DRM kernel mode setting
      # Ref.: https://wiki.archlinux.org/title/Nvidia#DRM_kernel_mode_setting
      nvidia
      nvidia_modeset
      nvidia_uvm
      nvidia_drm
    path: /etc/initramfs-tools/modules

Once all tasks have been run and if anything has changed, then initramfs images will be (re)generated with initrd_cmd and the system will be rebooted automatically to apply the changes.

Tested OS images

• Cloud image (amd64) of Debian 10 (Buster)
• Cloud image (amd64) of Debian 11 (Bullseye)
• Cloud image (amd64) of Debian 12 (Bookworm)
• Cloud image (amd64) of Debian 13 (Trixie)
• Cloud image (amd64) of CentOS 7 (Core)
• Cloud image (amd64) of CentOS 8 (Stream)
• Cloud image (amd64) of CentOS 9 (Stream)
• Cloud image (amd64) of Fedora Cloud Base 40
• Cloud image (amd64) of Ubuntu 18.04 LTS (Bionic Beaver)
• Cloud image (amd64) of Ubuntu 20.04 LTS (Focal Fossa)
• Cloud image (amd64) of Ubuntu 22.04 LTS (Jammy Jellyfish)
• Cloud image (amd64) of Ubuntu 24.04 LTS (Noble Numbat)

Available on Ansible Galaxy in Collection jm1.cloudy.

Requirements

This role uses module(s) from collection jm1.ansible. To install this collection you may follow the steps described in README.md using the provided requirements.yml.

Variables

Name	Default value	Required	Description
distribution_id	depends on operating system	false	List which uniquely identifies a distribution release, e.g. [ 'Debian', '10' ] for Debian 10 (Buster)
initrd_cmd	depends on distribution_id	false	Command to generate initramfs images, e.g. update-initramfs -u -k all on Debian and dracut --regenerate-all --force on Red Hat Enterprise Linux
initrd_config	[]	false	List of tasks to run 1 2 3, e.g. to edit /etc/initramfs-tools/modules on Debian

Dependencies

None.

Example Playbook

To load kernel modules for PCI passthrough of NVIDIA and AMD GPUs to virtual machines (PCI passthrough via OVMF, GPU passthrough with libvirt qemu kvm):

- hosts: all
  become: true
  vars:
    # Variables are listed here for convenience and illustration.
    # In a production setup, variables would be defined e.g. in
    # group_vars and/or host_vars of an Ansible inventory.
    # Ref.:
    # https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html
    # https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html
    initrd_config:
    - ansible.builtin.blockinfile:
        block: |
          # 2021 Jakob Meng, <jakobmeng@web.de>
          # Load kernel modules for PCI passthrough
          # Ref.: https://wiki.archlinux.org/title/PCI_passthrough_via_OVMF
          vfio_pci
          vfio
          vfio_iommu_type1
          vfio_virqfd
        path: /etc/modules
    - ansible.builtin.blockinfile:
        block: |
          # 2021 Jakob Meng, <jakobmeng@web.de>
          # Add kernel modules for PCI passthrough to initrd
          # Ref.: https://wiki.archlinux.org/title/PCI_passthrough_via_OVMF
          vfio_pci
          vfio
          vfio_iommu_type1
          vfio_virqfd
        path: /etc/initramfs-tools/modules
    - ansible.builtin.copy:
        content: |
          # 2021 Jakob Meng, <jakobmeng@web.de>
          # VGA PCI IDs to allow PCI passthrough
          # Ref.: https://wiki.gentoo.org/wiki/GPU_passthrough_with_libvirt_qemu_kvm
          #
          # 03:00.0 VGA compatible controller [0300]: Advanced Micro Devices, Inc. [AMD/ATI] Device [1002:7341]
          # 04:00.0 VGA compatible controller [0300]: NVIDIA Corporation Device [10de:1c31] (rev a1)
          # 64:00.0 VGA compatible controller [0300]: ASPEED Technology, Inc. ASPEED Graphics Family [1a03:2000] (rev 41)
          # Ref.: lspci -nn | grep VGA
          options vfio-pci ids=1002:7341,10de:1c31
        dest: /etc/modprobe.d/vfio.conf
  roles:
  - name: Generate initial ramdisk / initramfs images
    role: jm1.cloudy.initrd
    tags: ["jm1.cloudy.initrd"]

For instructions on how to run Ansible playbooks have look at Ansible's Getting Started Guide.

License

GNU General Public License v3.0 or later

See LICENSE.md to see the full text.

Author

Jakob Meng @jm1 (github, galaxy, web)

Footnotes

1. Useful Ansible modules in this context could be blockinfile, copy, file, lineinfile and template. ↩

2. Tasks will be executed with jm1.ansible.execute_module which supports keyword when only. ↩

3. Tasks will be executed with jm1.ansible.execute_module which supports modules and action plugins only. Some Ansible modules such as ansible.builtin.meta and ansible.builtin.{include,import}_{playbook,role,tasks} are core features of Ansible, in fact not implemented as modules and thus cannot be called from jm1.ansible.execute_module. Doing so causes Ansible to raise errors such as MODULE FAILURE\nSee stdout/stderr for the exact error. In addition, Ansible does not support free-form parameters for arbitrary modules, so for example, change from - debug: msg="" to - debug: { msg: "" }. ↩