Add snapshot role — Proxmox and XCP-NG pre-patch snapshot with verification

2026-03-10 14:22:38 -07:00
parent a6029cd081
commit 379fc49331
2 changed files with 77 additions and 5 deletions
--- a/roles/snapshot/defaults/main.yml
+++ b/roles/snapshot/defaults/main.yml
@@ -1,2 +1,14 @@
 ---
-# snapshot default variables
+snapshot_name_prefix: "ansible-pre-patch"
+snapshot_retain_count: 3
+hypervisor_type: "proxmox"
+
+# Proxmox defaults — override in client inventory
+proxmox_api_host: ""
+proxmox_api_user: "ansible@pam"
+proxmox_api_password: ""
+proxmox_vmid: ""
+
+# XCP-NG defaults — override in client inventory
+xcpng_host: ""
+xcpng_vm_uuid: ""
--- a/roles/snapshot/tasks/main.yml
+++ b/roles/snapshot/tasks/main.yml
@@ -1,6 +1,66 @@
 ---
-# snapshot tasks
-# Implementation to follow
- name: Placeholder
+# Detect hypervisor type from inventory var: hypervisor_type (proxmox or xcpng)
+
+- name: Create pre-patch snapshot (Proxmox)
+  community.general.proxmox_snap:
+    api_host: "{{ proxmox_api_host }}"
+    api_user: "{{ proxmox_api_user }}"
+    api_password: "{{ proxmox_api_password }}"
+    vmid: "{{ proxmox_vmid }}"
+    state: present
+    snapname: "{{ snapshot_name_prefix }}-{{ ansible_date_time.date }}-{{ ansible_date_time.hour }}{{ ansible_date_time.minute }}"
+    description: "Ansible pre-patch snapshot {{ ansible_date_time.iso8601 }}"
+  register: proxmox_snapshot_result
+  when: hypervisor_type == "proxmox"
+  delegate_to: localhost
+
+- name: Store Proxmox snapshot name
+  ansible.builtin.set_fact:
+    snapshot_id: "{{ snapshot_name_prefix }}-{{ ansible_date_time.date }}-{{ ansible_date_time.hour }}{{ ansible_date_time.minute }}"
+  when: hypervisor_type == "proxmox"
+
+- name: Create pre-patch snapshot (XCP-NG)
+  ansible.builtin.shell: |
+    xe vm-snapshot vm={{ xcpng_vm_uuid }} new-name-label="{{ snapshot_name_prefix }}-{{ ansible_date_time.date }}-{{ ansible_date_time.hour }}{{ ansible_date_time.minute }}"
+  register: xcpng_snapshot_result
+  changed_when: xcpng_snapshot_result.rc == 0
+  when: hypervisor_type == "xcpng"
+  delegate_to: "{{ xcpng_host }}"
+
+- name: Store XCP-NG snapshot UUID
+  ansible.builtin.set_fact:
+    snapshot_id: "{{ xcpng_snapshot_result.stdout | trim }}"
+  when: hypervisor_type == "xcpng"
+
+- name: Verify snapshot was created (Proxmox)
+  community.general.proxmox_snap:
+    api_host: "{{ proxmox_api_host }}"
+    api_user: "{{ proxmox_api_user }}"
+    api_password: "{{ proxmox_api_password }}"
+    vmid: "{{ proxmox_vmid }}"
+    snapname: "{{ snapshot_id }}"
+    state: present
+  register: proxmox_snap_verify
+  when: hypervisor_type == "proxmox"
+  delegate_to: localhost
+
+- name: Verify snapshot was created (XCP-NG)
+  ansible.builtin.shell: |
+    xe snapshot-list uuid={{ snapshot_id }} | grep uuid
+  register: xcpng_snap_verify
+  changed_when: false
+  failed_when: xcpng_snap_verify.stdout == ""
+  when: hypervisor_type == "xcpng"
+  delegate_to: "{{ xcpng_host }}"
+
+- name: Assert snapshot exists before proceeding
+  ansible.builtin.assert:
+    that:
+      - snapshot_id is defined
+      - snapshot_id != ""
+    fail_msg: "SNAPSHOT: Failed to create or verify snapshot for {{ inventory_hostname }}. Aborting patch run."
+    success_msg: "Snapshot verified: {{ snapshot_id }}"
+
+- name: Log snapshot ID
  ansible.builtin.debug:
-    msg: "snapshot role - tasks to be implemented"
+    msg: "Pre-patch snapshot created: {{ snapshot_id }} for {{ inventory_hostname }}"