Fix for several issues (#323)

Add some fixes around 3 node cluster and lpar support, dns setting, ip_forward, etc. Include -initrd-inject "/{{ kvm_host_home.stdout }}/{{ env.file_server.cfgs_dir }}/{{ env.bastion.networking.hostname }}/bastion-ks.cfg" \ in case pf create bastion which works not consistent and env.file_server.cfgs_dir should contain the absolute path. Furthermore section 1 is being flatten. --------- Signed-off-by: Amadeuds Podvratnik <[email protected]>
IBM · Sep 4, 2024 · bf4d041 · bf4d041
1 parent ab75168
commit bf4d041
Show file tree

Hide file tree

Showing 7 changed files with 50 additions and 39 deletions.
diff --git a/docs/set-variables-group-vars.md b/docs/set-variables-group-vars.md
@@ -10,8 +10,8 @@
 ## 1 - Controller
 **Variable Name** | **Description** | **Example**
 :--- | :--- | :---
-**env.installation_type** | Can be of type kvm or lpar. Some packages will be ignored for installation in case of non lpar based installation. | kvm 
-**env.controller.sudo_pass** | The password to the machine running Ansible (localhost). This will only be used for two things. To ensure you've installed the pre-requisite packages if you're on Linux, and to add the login URL to your /etc/hosts file. | Pas$w0rd!
+**installation_type** | Can be of type kvm or lpar. Some packages will be ignored for installation in case of non lpar based installation. | kvm 
+**controller_sudo_pass** | The password to the machine running Ansible (localhost). This will only be used for two things. To ensure you've installed the pre-requisite packages if you're on Linux, and to add the login URL to your /etc/hosts file. | Pas$w0rd!
 
 ## 2 - LPAR(s)
 **Variable Name** | **Description** | **Example**

diff --git a/inventories/default/group_vars/all.yaml.template b/inventories/default/group_vars/all.yaml.template
@@ -4,15 +4,15 @@
 # https://ibm.github.io/Ansible-OpenShift-Provisioning/set-variables-group-vars/
 
 # Section 1 - Ansible Controller
+installation_type: kvm
+controller_sudo_pass: #X
+
 env:
- installation_type: #X
- controller:
- sudo_pass: #X
 
 # Section 2 - LPAR(s)
  z:
  high_availability: False
- ip_forward: "{{ 1 if network_mode | upper == 'NAT' else 0 }}"
+ ip_forward: 0
  lpar1:
  create: True
  hostname: #X

diff --git a/playbooks/5_setup_bastion.yaml b/playbooks/5_setup_bastion.yaml
@@ -91,7 +91,7 @@
  - { role: haproxy, when: env.bastion.options.loadbalancer.on_bastion }
  - { role: sno_haproxy, when: env.bastion.options.loadbalancer.on_bastion and control_node_count | int == 1 }
  - httpd
- - { role: install_tessia_baselib, when: env.installation_type|lower == "lpar" }
+ - { role: install_tessia_baselib, when: installation_type|lower == "lpar" }
 
 - hosts: bastion
  tags: services, section_2, openvpn
@@ -100,8 +100,8 @@
  openvpn_role: "server"
  roles:
  #- { role: robertdebock.bootstrap, tags: openvpn, when: env.z.high_availability == True }
- - { role: robertdebock.epel, tags: openvpn, when: env.setup_openvpn == True and env.z.high_availability == True and env.installation_type|lower != "lpar" }
- - { role: robertdebock.openvpn, tags: openvpn, when: env.setup_openvpn == True and env.z.high_availability == True and env.installation_type|lower != "lpar" }
+ - { role: robertdebock.epel, tags: openvpn, when: env.setup_openvpn == True and env.z.high_availability == True and installation_type|lower != "lpar" }
+ - { role: robertdebock.openvpn, tags: openvpn, when: env.setup_openvpn == True and env.z.high_availability == True and installation_type|lower != "lpar" }
 
 - hosts: localhost
  tags: services, section_2, openvpn
@@ -112,7 +112,7 @@
  file:
  state: directory
  path: tmp
- when: env.setup_openvpn == True and env.z.high_availability == True and env.installation_type|lower != "lpar"
+ when: env.setup_openvpn == True and env.z.high_availability == True and installation_type|lower != "lpar"
 
 - hosts: bastion
  tags: services, section_2, openvpn
@@ -129,7 +129,7 @@
  - issued/client.crt
  - private/client.key
  - ta.key
- when: env.setup_openvpn == True and env.z.high_availability == True and env.installation_type|lower != "lpar"
+ when: env.setup_openvpn == True and env.z.high_availability == True and installation_type|lower != "lpar"
 
 - name: setup OpenVPN on KVM host(s).
  hosts: kvm_host
@@ -142,7 +142,7 @@
  pre_tasks:
  - name: Gather facts.
  setup:
- when: env.setup_openvpn == True and env.z.high_availability == True and env.installation_type|lower != "lpar"
+ when: env.setup_openvpn == True and env.z.high_availability == True and installation_type|lower != "lpar"
 
  - name: Create landing directories for certificates and keys on KVM hosts.
  tags: openvpn
@@ -153,7 +153,7 @@
  loop:
  - issued
  - private
- when: env.setup_openvpn == True and env.z.high_availability == True and env.installation_type|lower != "lpar"
+ when: env.setup_openvpn == True and env.z.high_availability == True and installation_type|lower != "lpar"
 
  - name: Copy certificates and keys from controller to KVM hosts.
  tags: openvpn
@@ -166,10 +166,10 @@
  - client.crt
  - client.key
  - ta.key
- when: env.setup_openvpn == True and env.z.high_availability == True and env.installation_type|lower != "zvm" and env.installation_type|lower != "lpar"
+ when: env.setup_openvpn == True and env.z.high_availability == True and installation_type|lower != "zvm" and installation_type|lower != "lpar"
  roles:
- - { role: robertdebock.epel, tags: openvpn, when: env.setup_openvpn == True and env.z.high_availability == True and env.installation_type|lower != "lpar" }
- - { role: robertdebock.openvpn, tags: openvpn, when: env.setup_openvpn == True and env.z.high_availability == True and env.installation_type|lower != "lpar" }
+ - { role: robertdebock.epel, tags: openvpn, when: env.setup_openvpn == True and env.z.high_availability == True and installation_type|lower != "lpar" }
+ - { role: robertdebock.openvpn, tags: openvpn, when: env.setup_openvpn == True and env.z.high_availability == True and installation_type|lower != "lpar" }
 
 - hosts: localhost
  tags: services, section_2, openvpn
@@ -180,13 +180,14 @@
  file:
  state: absent
  path: tmp
- when: env.setup_openvpn == True and env.z.high_availability == True and env.installation_type|lower != "lpar"
+ when: env.setup_openvpn == True and env.z.high_availability == True and installation_type|lower != "lpar"
 
 - hosts: bastion
  tags: get_ocp, section_3
  become: true
  vars_files:
  - "{{ inventory_dir }}/group_vars/all.yaml"
+ - "{{ inventory_dir }}/group_vars/disconnected.yaml"
  roles:
  - common
  - { role: get_ocp, when: abi.flag is not defined or abi.flag != True }
diff --git a/playbooks/6_create_nodes.yaml b/playbooks/6_create_nodes.yaml
@@ -5,15 +5,24 @@
  vars_files:
  - "{{ inventory_dir }}/group_vars/all.yaml"
  tasks:
- - name: Loop over node types and include role
- include_role:
- name: check_for_lpar_nodes
- loop:
- - bootstrap
- - compute
- - control
- loop_control:
- loop_var: node_type
+ - block:
+ - name: Loop over node types and include role
+ include_role:
+ name: check_for_lpar_nodes
+ loop:
+ - bootstrap
+ - control
+ - compute
+ loop_control:
+ loop_var: node_type
+ register: result
+ ignore_errors: true
+
+ - name: fail the play if the previous command did not succeed
+ fail: msg="Check for lpar nodes failed for bootstrap or control node"
+ when:
+ - "'bootstrap' in result.msg"
+ - "'control' in result.msg"
 
 # Prepare and then create the temporary bootstrap node and the control nodes
 - name: 6 create nodes - prepare KVM guests

diff --git a/roles/create_bastion/tasks/main.yaml b/roles/create_bastion/tasks/main.yaml
@@ -81,7 +81,7 @@
  --graphics none \
  --console pty,target_type=serial \
  --noautoconsole --wait=-1 \
- --initrd-inject "/{{ kvm_host_home.stdout }}/{{ env.file_server.cfgs_dir }}/{{ env.bastion.networking.hostname }}/bastion-ks.cfg" \
+ --initrd-inject "{{ env.file_server.cfgs_dir }}/{{ env.bastion.networking.hostname }}/bastion-ks.cfg" \
  --extra-args "inst.ks=file:/bastion-ks.cfg" \
  {% if (env.bastion.networking.mac is defined and env.use_dhcp) %}
  --extra-args "ip=dhcp" \

diff --git a/roles/dns/tasks/main.yaml b/roles/dns/tasks/main.yaml
@@ -49,17 +49,18 @@
  extended: yes
  index_var: i
 
-- name: Add compute nodes to DNS forwarding file on bastion
- tags: dns
- ansible.builtin.lineinfile:
- path: /var/named/{{ env.cluster.networking.metadata_name }}.db
- insertafter: "entries for the compute nodes"
- line: "{{ env.cluster.nodes.compute.hostname[i] }}.{{ env.cluster.networking.metadata_name }}.{{ env.cluster.networking.base_domain }}. IN A {{ env.cluster.nodes.compute.ip[i] }}"
- with_sequence: start=0 end={{ (env.cluster.nodes.compute.hostname | length) - 1 }} stride=1
- loop_control:
- extended: yes
- index_var: i
- when: env.cluster.nodes.compute.hostname[0] is defined
+- block:
+ - name: Add compute nodes to DNS forwarding file on bastion
+ tags: dns
+ ansible.builtin.lineinfile:
+ path: /var/named/{{ env.cluster.networking.metadata_name }}.db
+ insertafter: "entries for the compute nodes"
+ line: "{{ env.cluster.nodes.compute.hostname[i] }}.{{ env.cluster.networking.metadata_name }}.{{ env.cluster.networking.base_domain }}. IN A {{ env.cluster.nodes.compute.ip[i] }}"
+ with_sequence: start=0 end={{ (env.cluster.nodes.compute.hostname | length) - 1 }} stride=1
+ loop_control:
+ extended: yes
+ index_var: i
+ when: env.cluster.nodes.compute.hostname is defined and env.cluster.nodes.compute.hostname[0] is defined and (env.cluster.nodes.compute.hostname | length) > 0
 
 - name: Add infrastructure nodes to DNS forwarding file on bastion if requested
  tags: dns

diff --git a/roles/set_inventory/templates/hosts.j2 b/roles/set_inventory/templates/hosts.j2
@@ -1,5 +1,5 @@
 [localhost]
-127.0.0.1 ansible_connection=local ansible_become_password={{ env.controller.sudo_pass }}
+127.0.0.1 ansible_connection=local ansible_become_password={{ controller_sudo_pass }}
 
 [file_server]
 {{ env.file_server.ip }} ansible_user={{ env.file_server.user }} ansible_become_password={{ env.file_server.pass }}