fix: Partial fix for IBM#160 (RHEL support).

Disable openvpn and set to deprecated and will be removed
in upcoming releases.

Signed-off-by: Amadeuds Podvratnik <[email protected]>

README.md

@@ -3,6 +3,10 @@ The documentation for this project can be found [here](https://ibm.github.io/Ans
 
 ## What's new:
 
-###Variables renamed:
+### Variables renamed:
 
-####Rename the variable defining the name of the virtual network for clarity. **env.bridge_name** is renamed to **env.vnet_name**. 
+#### Rename the variable defining the name of the virtual network for clarity. **env.bridge_name** is renamed to **env.vnet_name**. 
+
+### Deprecated section:
+
+#### Support for openvpn is being deprecated due to issues with RHEL9. It will be removed in one of the upcoming releases. For the time being this feature is disabled by setting setup_openvpn variable to False. 

inventories/default/group_vars/all.yaml.template

@@ -227,6 +227,7 @@ env:
   network_mode:
   use_ipv6: True
   use_dhcp: False
+  setup_openvpn: False
 
 #jumphost if network mode is NAT
   jumphost:

playbooks/5_setup_bastion.yaml

@@ -87,8 +87,8 @@
     openvpn_role: "server"
   roles:
     #- { role: robertdebock.bootstrap, tags: openvpn, when: env.z.high_availability == True }
-    - { role: robertdebock.epel, tags: openvpn, when: env.z.high_availability == True }
-    - { role: robertdebock.openvpn, tags: openvpn, when: env.z.high_availability == True }
+    - { role: robertdebock.epel, tags: openvpn, when: env.setup_openvpn == True and env.z.high_availability == True }
+    - { role: robertdebock.openvpn, tags: openvpn, when: env.setup_openvpn == True and env.z.high_availability == True }
 
 - hosts: localhost
   tags: services, section_2, openvpn
@@ -99,7 +99,7 @@
       file:
         state: directory
         path: tmp
-      when: env.z.high_availability == True
+      when: env.setup_openvpn == True and env.z.high_availability == True
 
 - hosts: bastion
   tags: services, section_2, openvpn
@@ -116,7 +116,7 @@
         - issued/client.crt
         - private/client.key
         - ta.key
-      when: env.z.high_availability == True
+      when: env.setup_openvpn == True and env.z.high_availability == True
 
 - name: setup OpenVPN on KVM host(s).
   hosts: kvm_host
@@ -129,7 +129,7 @@
   pre_tasks:
     - name: Gather facts.
       setup:
-      when: env.z.high_availability == True
+      when: env.setup_openvpn == True and env.z.high_availability == True
 
     - name: Create landing directories for certificates and keys on KVM hosts.
       tags: openvpn
@@ -140,7 +140,7 @@
       loop:
         - issued
         - private
-      when: env.z.high_availability == True
+      when: env.setup_openvpn == True and env.z.high_availability == True
 
     - name: Copy certificates and keys from controller to KVM hosts.
       tags: openvpn
@@ -153,10 +153,10 @@
         - client.crt
         - client.key
         - ta.key
-      when: env.z.high_availability == True
+      when: env.setup_openvpn == True and env.z.high_availability == True
   roles:
-    - { role: robertdebock.epel, tags: openvpn, when: env.z.high_availability == True }
-    - { role: robertdebock.openvpn, tags: openvpn, when: env.z.high_availability == True }
+    - { role: robertdebock.epel, tags: openvpn, when: env.setup_openvpn == True and env.z.high_availability == True }
+    - { role: robertdebock.openvpn, tags: openvpn, when: env.setup_openvpn == True and env.z.high_availability == True }
 
 - hosts: localhost
   tags: services, section_2, openvpn
@@ -167,7 +167,7 @@
       file:
         state: absent
         path: tmp
-      when: env.z.high_availability == True
+      when: env.setup_openvpn == True and env.z.high_availability == True
 
 - hosts: bastion
   tags: get_ocp, section_3