Merge branch 'devel' into devel

appliance/input_config.yml

@@ -0,0 +1,39 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+# Password used while deploying OS on bare metal servers and for Cobbler UI.
+# The Length of the password should be atleast 8.
+# The password must not contain -,\, ',"
+provision_password: ""
+
+# Password used for the AWX UI.
+# The Length of the password should be atleast 8.
+# The password must not contain -,\, ',"
+awx_password: ""
+
+# Password used for Slurm database.
+# The Length of the password should be atleast 8.
+# The password must not contain -,\, ',"
+mariadb_password: ""
+
+# The nic/ethernet card that needs to be connected to the HPC switch.
+# This nic will be configured by Omnia for the DHCP server.
+# Default value of nic is em1.
+hpc_nic: "em1"
+
+# The nic card that needs to be connected to the public internet.
+# The public_nic should be em2, em1 or em3
+# Default value of nic is em2.
+public_nic: "em2"

appliance/roles/common/tasks/docker_installation.yml

@@ -30,8 +30,8 @@
 
 - name: Install docker
   package:
-    name: "{{ container_repo_install }}" 
-    state: latest
+    name: "{{ container_repo_install }}"
+    state: present
   become: yes
   tags: install
 
@@ -43,6 +43,18 @@
   become: yes
   tags: install
 
+- name: Uninstall docker-py using pip
+  pip:
+    name: ['docker-py','docker']
+    state: absent
+  tags: install
+
+- name: Install docker using pip
+  pip:
+    name: docker
+    state: present
+  tags: install
+
 - name: Installation using python3
   pip:
     name: "{{ docker_compose }}"
@@ -57,5 +69,5 @@
 
 - name: Restart docker
   service:
-    name: docker 
+    name: docker
     state: restarted

appliance/roles/common/tasks/main.yml

@@ -12,6 +12,9 @@
 #  See the License for the specific language governing permissions and
 #  limitations under the License.
 ---
+- name: Mount Path
+  set_fact:
+    mount_path: "{{ role_path + '/../../..'  }}"
 
 - name: Pre-requisite validation
   import_tasks: pre_requisite.yml
@@ -26,4 +29,7 @@
   import_tasks: docker_installation.yml
 
 - name: Docker volume creation
-  import_tasks: docker_volume.yml
+  import_tasks: docker_volume.yml
+
+- name: Basic Configuration
+  import_tasks: password_config.yml

appliance/roles/common/tasks/package_installation.yml

@@ -16,5 +16,5 @@
 - name: Install packages
   package:
     name: "{{ common_packages }}"
-    state: latest
+    state: present
   tags: install

appliance/roles/common/tasks/password_config.yml

@@ -0,0 +1,117 @@
+# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+- name: Check input config file is encrypted
+  command: cat {{ input_config_filename }}
+  changed_when: false
+  register: config_content
+
+- name: Decrpyt input_config.yml
+  command: ansible-vault decrypt {{ input_config_filename }} --vault-password-file {{ role_path }}/files/{{ vault_filename }}
+  changed_when: false
+  when: "'$ANSIBLE_VAULT;' in config_content.stdout"
+
+- name: Include variable file input_config.yml
+  include_vars: "{{ input_config_filename }}"
+
+- name: Validate input parameters are not empty
+  fail:
+    msg: "{{ input_config_failure_msg }}"
+  register: input_config_check
+  when: (provision_password | length < 1) or (awx_password | length < 1) or (mariadb_password | length < 1) or (hpc_nic | length < 1) or (public_nic | length < 1)
+
+- name: Save input variables from file
+  set_fact:
+    cobbler_password: "{{ provision_password }}"
+    admin_password: "{{ awx_password }}"
+    input_mariadb_password: "{{ mariadb_password }}"
+    nic:  "{{ hpc_nic }}"
+    internet_nic: "{{ public_nic }}"
+
+- name: Assert provision_password
+  assert:
+    that:
+      - cobbler_password | length > min_length | int - 1
+      - cobbler_password | length < max_length | int + 1
+      - '"-" not in cobbler_password '
+      - '"\\" not in cobbler_password '
+      - '"\"" not in cobbler_password '
+      - " \"'\" not in cobbler_password "
+    success_msg: "{{ success_msg_provision_password }}"
+    fail_msg: "{{ fail_msg_provision_password }}"
+  register: cobbler_password_check
+
+- name: Assert awx_password
+  assert:
+    that:
+        - admin_password | length > min_length | int - 1
+        - admin_password | length < max_length | int + 1
+        - '"-" not in admin_password '
+        - '"\\" not in admin_password '
+        - '"\"" not in admin_password '
+        - " \"'\" not in admin_password "
+    success_msg: "{{ success_msg_awx_password }}"
+    fail_msg: "{{ fail_msg_awx_password }}"
+  register: awx_password_check
+
+- name: Assert mariadb_password
+  assert:
+    that:
+        - input_mariadb_password | length > min_length | int - 1
+        - input_mariadb_password | length < max_length | int + 1
+        - '"-" not in input_mariadb_password '
+        - '"\\" not in input_mariadb_password '
+        - '"\"" not in input_mariadb_password '
+        - " \"'\" not in input_mariadb_password "
+    success_msg: "{{ success_msg_mariadb_password }}"
+    fail_msg: "{{ fail_msg_mariadb_password }}"
+  register: mariadb_password_check
+
+- name: Assert hpc_nic
+  assert:
+    that:
+      - nic | length > nic_min_length | int - 1
+      - nic != internet_nic
+    success_msg: "{{ success_msg_hpc_nic }}"
+    fail_msg: "{{ fail_msg_hpc_nic }}"
+  register: hpc_nic_check
+
+- name: Assert public_nic
+  assert:
+    that:
+      - internet_nic | length > nic_min_length | int - 1
+      - nic != internet_nic
+      - "('em1' in internet_nic) or ('em2' in internet_nic) or ('em3' in internet_nic)"
+    success_msg: "{{ success_msg_public_nic }}"
+    fail_msg: "{{ fail_msg_public_nic }}"
+  register: public_nic_check
+
+- name: Create ansible vault key
+  set_fact:
+    vault_key: "{{ lookup('password', '/dev/null chars=ascii_letters') }}"
+  when: "'$ANSIBLE_VAULT;' not in config_content.stdout"
+
+- name: Save vault key
+  copy:
+    dest: "{{ role_path }}/files/{{ vault_filename }}"
+    content: |
+      {{ vault_key }}
+    owner: root
+    force: yes
+  when: "'$ANSIBLE_VAULT;' not in config_content.stdout"
+
+- name: Encrypt input config file
+  command: ansible-vault encrypt {{ input_config_filename }} --vault-password-file {{ role_path }}/files/{{ vault_filename }}
+  changed_when: false

appliance/roles/common/tasks/pre_requisite.yml

@@ -20,8 +20,8 @@
     replace: 'log_path = /var/log/omnia.log'
   tags: install
 
-- name: Check OS support 
-  fail: 
+- name: Check OS support
+  fail:
     msg: "{{ os_status }}"
   when: not(ansible_distribution == os_name and ansible_distribution_version >= os_version)
   register: os_value
@@ -33,7 +33,7 @@
   tags: install
 
 - name: Status of SElinux
-  fail: 
+  fail:
     msg: "{{ selinux_status }}"
   when: ansible_selinux.status != 'disabled'
   register: selinux_value

appliance/roles/common/vars/main.yml

@@ -15,7 +15,7 @@
 
 # vars file for common
 
-# Usage: tasks/package_installation.yml
+# Usage: package_installation.yml
 common_packages:
   - epel-release
   - yum-utils
@@ -25,23 +25,27 @@ common_packages:
   - nodejs
   - device-mapper-persistent-data
   - bzip2
+  - python2-pip
   - python3-pip
   - nano
   - lvm2
   - gettext
+  - python-docker
 
-# Usage: tasks/pre_requisite.yml
+# Usage: pre_requisite.yml
 internet_delay: 0
 internet_timeout: 1
 hostname: github.com
 port_no: 22
 os_name: CentOS
-os_version: '8' 
-internet_status: "Failed:No Internet connection.Connect to Internet."
+os_version: '7.9' 
+internet_status: "Failed: No Internet connection.Connect to Internet."
 os_status: "Unsupported OS or OS version.OS must be {{ os_name }} and Version must be {{ os_version }} or more"
 selinux_status: "SElinux is not disabled. Disable it in /etc/sysconfig/selinux and reboot the system"
+iso_name: CentOS-7-x86_64-Minimal-2009.iso
+iso_fail: "Iso file absent: Download and copy the iso file in omnia/appliance/roles/provision/files"
 
-# Usage: tasks/docker_installation.yml
+# Usage: docker_installation.yml
 docker_repo_url: https://download.docker.com/linux/centos/docker-ce.repo
 docker_repo_dest: /etc/yum.repos.d/docker-ce.repo
 success: '0'
@@ -50,5 +54,23 @@ container_repo_install: docker-ce
 docker_compose: docker-compose
 daemon_dest: /etc/docker/
 
-# Usage: tasks/docker_volume.yml
-docker_volume_name: omnia-storage
+# Usage: docker_volume.yml
+docker_volume_name: omnia-storage
+
+# Usage: password_config.yml
+input_config_filename: "input_config.yml"
+fail_msg_provision_password: "Failed. Incorrect provision_password format provided in input_config.yml file"
+success_msg_provision_password: "provision_password validated"
+fail_msg_awx_password: "Failed. Incorrect awx_password format provided in input_config.yml file"
+success_msg_awx_password: "awx_password validated"
+fail_msg_mariadb_password: "Failed. Incorrect mariadb_password format provided in input_config.yml file"
+success_msg_mariadb_password: "mariadb_password validated"
+fail_msg_hpc_nic: "Failed. Incorrect hpc_nic format provided in input_config.yml file"
+success_msg_hpc_nic: "hpc_nic validated"
+fail_msg_public_nic: "Failed. Incorrect public_nic format provided in input_config.yml file"
+success_msg_public_nic: "public_nic validated"
+input_config_failure_msg: "Please provide all the required parameters in input_config.yml"
+min_length: 8
+max_length: 30
+nic_min_length: 3
+vault_filename: .vault_key

appliance/roles/provision/files/.users.digest

@@ -1 +0,0 @@
-cobbler:Cobbler:

appliance/roles/provision/files/Dockerfile

@@ -15,12 +15,12 @@ RUN yum install -y \
   cobbler-web \
   ansible \
   pykickstart \
+  cronie \
   debmirror \
   curl \
-  wget \
   rsync \
   httpd\
-  dhcp\
+  dhcp \
   dnsmasq\
   xinetd \
   net-tools \
@@ -28,6 +28,8 @@ RUN yum install -y \
   && yum clean all \
   &&  rm -rf /var/cache/yum
 
+RUN mkdir /root/omnia
+
 #Copy Configuration files
 COPY settings /etc/cobbler/settings
 COPY dhcp.template  /etc/cobbler/dhcp.template
@@ -36,7 +38,9 @@ COPY modules.conf  /etc/cobbler/modules.conf
 COPY tftp /etc/xinetd.d/tftp
 COPY .users.digest /etc/cobbler/users.digest
 COPY kickstart.yml /root
-COPY centos8.ks /var/lib/cobbler/kickstarts
+COPY tftp.yml /root
+COPY inventory_creation.yml /root
+COPY centos7.ks /var/lib/cobbler/kickstarts
 COPY first-sync.sh /usr/local/bin/first-sync.sh
 
 EXPOSE 69 80 443 25151
@@ -48,6 +52,4 @@ RUN systemctl enable httpd
 RUN systemctl enable rsyncd
 RUN systemctl enable dnsmasq
 
-#RUN ansible-playbook /root/kickstart.yml
-
 CMD ["sbin/init"]

appliance/roles/provision/files/ifcfg-eno1

@@ -9,9 +9,9 @@ IPV6_AUTOCONF=yes
 IPV6_DEFROUTE=yes
 IPV6_FAILURE_FATAL=no
 IPV6_ADDR_GEN_MODE=stable-privacy
-NAME=eno1
-UUID=468847a9-d146-4062-813b-85f74ffd6e2a
-DEVICE=eno1
+NAME=em1
+UUID=485d7133-2c49-462d-bbb4-b854fe98e0fe
+DEVICE=em1
 ONBOOT=yes
 IPV6_PRIVACY=no
 IPADDR=172.17.0.1

appliance/roles/provision/files/inventory_creation.yml

@@ -0,0 +1,34 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+- hosts: localhost
+  connection: local
+  gather_facts: false
+  tasks:
+    - name: Read dhcp file
+      set_fact:
+        var: "{{ lookup('file', '/var/lib/dhcpd/dhcpd.leases').split()| unique | select| list }}"
+
+    - name: Filter the ip
+      set_fact:
+        vars_new: "{{ var| ipv4('address')| to_nice_yaml}}"
+
+    - name: Create the inventory
+      shell: |
+        echo "[all]" > omnia/appliance/roles/inventory/files/provisioned_hosts.yml
+        echo "{{ vars_new }}" > temp.txt
+        egrep -o '[1-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' temp.txt >>omnia/appliance/roles/inventory/files/provisioned_hosts.yml
+      changed_when: false
+

appliance/roles/provision/files/kickstart.yml

@@ -17,53 +17,88 @@
   connection: local
   gather_facts: false
   vars:
-    name_iso: CentOS8
-    distro_name: CentOS8-x86_64
-    kernel_path: /var/www/cobbler/ks_mirror/CentOS8-x86_64/isolinux/vmlinuz
-
+    name_iso: CentOS7
+    distro_name: CentOS7-x86_64
   tasks:
   - name: Inside cobbler container
     debug:
       msg: "Hiii! I am cobbler"
 
-  - name: Start services
+  - name: Start xinetd
     service:
       name: "{{ item }}"
       state: started
     loop:
       - cobblerd
-      - httpd
-      - rsyncd
       - xinetd
+      - rsyncd
       - tftp
+      - httpd
 
   - name: Cobbler get-loaders
     command: cobbler get-loaders
     changed_when: false
 
+  - name: Get fence agents
+    package:
+      name: fence-agents
+      state: present
+
+  - name: Replace in /etc/debian
+    replace:
+      path: "/etc/debmirror.conf"
+      regexp: "^@dists=\"sid\";"
+      replace: "#@dists=\"sid\";"
+
+  - name: Replace in /etc/debian
+    replace:
+      path: "/etc/debmirror.conf"
+      regexp: "^@arches=\"i386\";"
+      replace: "#@arches=\"i386\";"
+
+  - name: Adding curl
+    shell: export PATH="/usr/bin/curl:$PATH"
+    changed_when: true
+
   - name: Run import command
     command: cobbler import --arch=x86_64 --path=/mnt --name="{{ name_iso }}"
     changed_when: false
 
   - name: Distro list
-    command: >-
-      cobbler distro edit --name="{{ distro_name }}" --kernel="{{ kernel_path }}" --initrd=/var/www/cobbler/ks_mirror/CentOS8-x86_64/isolinux/initrd.img
+    command: cobbler distro edit --name="{{ distro_name }}" --kernel=/var/www/cobbler/ks_mirror/CentOS7-x86_64/isolinux/vmlinuz --initrd=/var/www/cobbler/ks_mirror/CentOS7-x86_64/isolinux/initrd.img
     changed_when: false
 
   - name: Kickstart profile
-    command: cobbler profile edit --name="{{ distro_name }}" --kickstart=/var/lib/cobbler/kickstarts/centos8.ks
+    command: cobbler profile edit --name="{{ distro_name }}" --kickstart=/var/lib/cobbler/kickstarts/centos7.ks
     changed_when: false
 
   - name: Syncing of cobbler
     command: cobbler sync
     changed_when: false
 
-  - name: Start xinetd
+  - name: Restart cobbler
+    service:
+      name: cobblerd
+      state: restarted
+
+  - name: Restart xinetd
     service:
       name: xinetd
       state: restarted
 
-  - name: Start dhcp
+  - name: Restart dhcpd
     service:
       name: dhcpd
       state: restarted
+
+  - name: Add tftp cron job
+    cron:
+      name: Start tftp service
+      minute: "*"
+      job: "ansible-playbook /root/tftp.yml"
+
+  - name: Add inventory cron job
+    cron:
+      name: Create inventory
+      minute: "*/5"
+      job: "ansible-playbook /root/inventory_creation.yml"

appliance/roles/provision/files/settings

@@ -98,7 +98,7 @@ default_ownership:
 # The simplest way to change the password is to run
 # openssl passwd -1
 # and put the output between the "" below.
-default_password_crypted: "$1$mF86/UHC$WvcIcX2t6crBz2onWxyac."
+default_password_crypted: "password"
 
 # the default template type to use in the absence of any
 # other detected template. If you do not specify the template
@@ -243,7 +243,7 @@ manage_dhcp: 1
 
 # set to 1 to enable Cobbler's DNS management features.
 # the choice of DNS mangement engine is in /etc/cobbler/modules.conf
-manage_dns: 1
+manage_dns: 0
 
 # set to path of bind chroot to create bind-chroot compatible bind
 # configuration files.  This should be automatically detected.

appliance/roles/provision/files/start_cobbler.yml

@@ -0,0 +1,27 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+- name: Start cobbler on reboot
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  tasks:
+    - name: Wait for 2 minutes
+      pause:
+        minutes: 2
+
+    - name: Execute cobbler sync in cobbler container
+      command: docker exec cobbler cobbler sync
+      changed_when: true

appliance/roles/provision/files/temp_centos7.ks

@@ -0,0 +1,63 @@
+#version=DEVEL
+
+# Use network installation
+url --url http://ip/cblr/links/CentOS7-x86_64/
+
+# Install OS instead of upgrade
+install
+
+# Use text install
+text
+
+# SELinux configuration
+selinux --disabled
+
+# Firewall configuration
+firewall --disabled
+
+# Do not configure the X Window System
+skipx
+
+# Run the Setup Agent on first boot
+#firstboot --enable
+ignoredisk --only-use=sda
+
+# Keyboard layouts
+keyboard us
+
+# System language
+lang en_US
+
+# Network information
+network  --bootproto=dhcp --device=nic --onboot=on
+
+# Root password
+rootpw --iscrypted password
+
+# System services
+services --enabled="chronyd"
+
+# System timezone
+timezone Asia/Kolkata --isUtc
+
+# System bootloader configuration
+bootloader --location=mbr --boot-drive=sda
+
+# Partition clearing information
+clearpart --all --initlabel --drives=sda
+
+# Clear the Master Boot Record
+zerombr
+
+# Disk Partitioning
+partition /boot/efi --asprimary --fstype=vfat --label EFI  --size=200
+partition /boot     --asprimary --fstype=ext4 --label BOOT --size=500
+partition /         --asprimary --fstype=ext4 --label ROOT --size=4096 --grow
+
+# Reboot after installation
+reboot
+
+%packages
+@core
+%end
+

appliance/roles/provision/files/temp_centos8.ks

@@ -1,51 +0,0 @@
-#platform=x86, AMD64, or Intel EM64T
-#version=DEVEL
-# Firewall configuration
-firewall --disabled
-# Install OS instead of upgrade
-install
-# Use network installation
-url --url http://ip/cblr/links/CentOS8-x86_64/
-#repo --name="CentOS" --baseurl=cdrom:sr0 --cost=100
-#Root password
-rootpw --iscrypted password
-# Use graphical install
-#graphical
-#Use text mode install
-text
-#System language
-lang en_US
-#System keyboard
-keyboard us
-#System timezone
-timezone America/Phoenix --isUtc
-# Run the Setup Agent on first boot
-#firstboot --enable
-# SELinux configuration
-selinux --disabled
-# Do not configure the X Window System
-skipx
-# Installation logging level
-#logging --level=info
-# Reboot after installation
-reboot
-# System services
-services --disabled="chronyd"
-ignoredisk --only-use=sda
-# Network information
-network  --bootproto=dhcp --device=em1 --onboot=on
-# System bootloader configuration
-bootloader --location=mbr --boot-drive=sda
-# Clear the Master Boot Record
-zerombr
-# Partition clearing information
-clearpart --all --initlabel
-# Disk partitioning information
-part /boot --fstype="xfs" --size=300
-part swap --fstype="swap" --size=2048
-part pv.01 --size=1 --grow
-volgroup root_vg01 pv.01
-logvol / --fstype xfs --name=lv_01 --vgname=root_vg01 --size=1 --grow
-%packages
-@core
-%end

appliance/roles/provision/files/tftp.yml

@@ -0,0 +1,32 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+- name: Start tftp
+  hosts: localhost
+  connection: local
+  tasks:
+    - name: Fetch tftp status
+      command: systemctl is-active tftp
+      args:
+        warn: no
+      register: tftp_status
+      ignore_errors: yes
+      changed_when: false
+
+    - name: Start tftp if inactive state
+      command: systemctl start tftp.service
+      args:
+        warn: no
+      when: "('inactive' in tftp_status.stdout) or ('unknown' in tftp_status.stdout)"

appliance/roles/provision/tasks/check_prerequisites.yml

@@ -13,6 +13,17 @@
 # limitations under the License.
 ---
 
+- name: Check availability of iso file
+  stat:
+    path: "{{ role_path }}/files/{{ iso_name }}"
+  register: iso_status
+
+- name: Iso file not present
+  fail:
+    msg: "{{ iso_fail }}"
+  when: iso_status.stat.exists == false
+  register: iso_file_check
+
 - name: Initialize variables
   set_fact:
     cobbler_status: false

appliance/roles/provision/tasks/configure_cobbler.yml

@@ -13,13 +13,21 @@
 # limitations under the License.
 ---
 
-- name: Stop the firewall
-  service:
-    name: firewalld
-    state: stopped
-  tags: install
-
 - name: Configuring cobbler inside container (It may take 5-10 mins)
   command: docker exec cobbler ansible-playbook /root/kickstart.yml
   changed_when: false
   tags: install
+  when: not cobbler_status
+
+- name: Schedule task
+  cron:
+    name: "start cobbler on reboot"
+    special_time: reboot
+    job: "ansible-playbook {{ role_path }}/files/start_cobbler.yml"
+  tags: install
+  when: not cobbler_status
+
+- name: Execute cobbler sync in cobbler container
+  command: docker exec cobbler cobbler sync
+  changed_when: true
+  when: cobbler_status == true

appliance/roles/provision/tasks/configure_nic.yml

@@ -15,17 +15,17 @@
 
 - name: Configure NIC-1
   copy:
-    src: "ifcfg-{{ eno }}"
-    dest: "/etc/sysconfig/network-scripts/ifcfg-{{ eno }}"
+    src: "ifcfg-{{ nic }}"
+    dest: "/etc/sysconfig/network-scripts/ifcfg-{{ nic }}"
     mode: 0644
   tags: install
 
 - name: Restart NIC
-  command: ifdown {{ eno }}
+  command: ifdown {{ nic }}
   changed_when: false
   tags: install
 
 - name: Restart NIC
-  command: ifup {{ eno }}
+  command: ifup {{ nic }}
   changed_when: false
   tags: install

appliance/roles/provision/tasks/firewall_settings.yml

@@ -45,7 +45,7 @@
 
 - name:  Permit traffic in default zone on port 69/udp
   firewalld:
-    port: 69/tcp
+    port: 69/udp
     permanent: yes
     state: enabled
   tags: install

appliance/roles/provision/tasks/main.yml

@@ -46,7 +46,6 @@
 
 - name: Cobbler configuration
   import_tasks: configure_cobbler.yml
-  when: not cobbler_status
 
 - name: Cobbler container status message
   block:
@@ -58,4 +57,4 @@
         msg: "{{ message_installed }}"
         verbosity: 2
       when: not cobbler_status
-  tags: install
+  tags: install

appliance/roles/provision/tasks/mount_iso.yml

@@ -32,13 +32,13 @@
 
 - name: Update mount status
   set_fact:
-    mount_check: result.failed
+    mount_check: "{{ result.failed }}"
   tags: install
 
 - name: Mount the iso file
-  command: mount -o loop {{ role_path }}/files/{{ iso_image }} /mnt/{{ iso_path }}
+  command: mount -o loop {{ role_path }}/files/{{ iso_name }} /mnt/{{ iso_path }}
   changed_when: false
   args:
     warn: no
-  when:  mount_check
+  when: mount_check == true
   tags: install

appliance/roles/provision/tasks/provision_password.yml

@@ -26,97 +26,46 @@
     mode: 0644
   tags: install
 
-- name: Take provision Password
-  block:
-  - name: Provision Password (Min length should be 8)
-    pause:
-      prompt: "{{ prompt_password }}"
-      echo: no
-    register: prompt_admin_password
-    until:
-      - prompt_admin_password.user_input | length >  min_length| int  - 1
-    retries: "{{ no_of_retry }}"
-    delay: "{{ retry_delay }}"
-    when: admin_password is not defined and no_prompt is not defined
-  rescue:
-  - name: Abort if password validation fails
-    fail:
-      msg: "{{ msg_incorrect_format }}"
-  tags: install
-
-- name: Assert admin_password if prompt not given
-  assert:
-    that:
-        - admin_password | length >  min_length| int  - 1
-    success_msg: "{{ success_msg_pwd_format }}"
-    fail_msg: "{{ fail_msg_pwd_format }}"
-  register: msg_pwd_format
-  when: admin_password is defined and no_prompt is defined
-  tags: install
-
-- name: Save admin password
-  set_fact:
-    admin_password: "{{ prompt_admin_password.user_input }}"
-  when: no_prompt is not defined
-  tags: install
-
-- name: Confirm password
-  block:
-  - name: Confirm provision password
-    pause:
-      prompt: "{{ confirm_password }}"
-      echo: no
-    register: prompt_admin_password_confirm
-    until: admin_password == prompt_admin_password_confirm.user_input
-    retries: "{{ no_of_retry }}"
-    delay: "{{ retry_delay }}"
-    when: admin_password_confirm is not defined and no_prompt is not defined
-  rescue:
-  - name: Abort if password confirmation failed
-    fail:
-      msg: "{{ msg_failed_password_confirm }}"
-  tags: install
-
-- name: Assert admin_password_confirm if prompt not given
-  assert:
-    that: admin_password == admin_password_confirm
-    success_msg: "{{ success_msg_pwd_confirm }}"
-    fail_msg: "{{ fail_msg_pwd_confirm }}"
-  register: msg_pwd_confirm
-  when: admin_password_confirm is defined and no_prompt is defined
-  tags: install
-
 - name: Encrypt cobbler password
-  shell: >
-     set -o pipefail && \
-     digest="$( printf "%s:%s:%s" {{ username }} "Cobbler" {{ admin_password }} | md5sum | awk '{print $1}' )"
-     printf "%s:%s:%s\n" "{{ username }}" "Cobbler" "$digest" > "{{ role_path }}/files/.users.digest"
-  args:
-    executable: /bin/bash
+  shell: printf "%s:%s:%s" {{ username }} "Cobbler" {{ cobbler_password }} | md5sum | awk '{print $1}'
   changed_when: false
+  register: encrypt_password
   tags: install
 
-- name: Read password file
-  set_fact:
-    var: "{{ lookup('file', role_path+'/files/.users.digest').splitlines() }}"
+- name: Copy cobbler password to cobbler config file
+  shell: printf "%s:%s:%s\n" "{{ username }}" "Cobbler" "{{ encrypt_password.stdout }}" > "{{ role_path }}/files/.users.digest"
+  changed_when: false
   tags: install
 
-- name: Get encrypted password
-  set_fact:
-    encrypted_pass: "{{ var[0].split(':')[2] }}"
-
 - name: Create the kickstart file
   copy:
-    src: "{{ role_path }}/files/temp_centos8.ks"
-    dest: "{{ role_path }}/files/centos8.ks"
+    src: "{{ role_path }}/files/temp_centos7.ks"
+    dest: "{{ role_path }}/files/centos7.ks"
     mode: 0775
   tags: install
 
 - name: Configure kickstart file
   replace:
-    path: "{{ role_path }}/files/centos8.ks"
-    regexp: '^url --url http://ip/cblr/links/CentOS8-x86_64/'
-    replace: url --url http://{{ ansible_eno2.ipv4.address }}/cblr/links/CentOS8-x86_64/
+    path: "{{ role_path }}/files/centos7.ks"
+    regexp: '^url --url http://ip/cblr/links/CentOS7-x86_64/'
+    replace: url --url http://{{ ansible_em1.ipv4.address }}/cblr/links/CentOS7-x86_64/
+  when: internet_nic == "em1"
+  tags: install
+
+- name: Configure kickstart file
+  replace:
+    path: "{{ role_path }}/files/centos7.ks"
+    regexp: '^url --url http://ip/cblr/links/CentOS7-x86_64/'
+    replace: url --url http://{{ ansible_em2.ipv4.address }}/cblr/links/CentOS7-x86_64/
+  when: internet_nic == "em2"
+  tags: install
+
+- name: Configure kickstart file
+  replace:
+    path: "{{ role_path }}/files/centos7.ks"
+    regexp: '^url --url http://ip/cblr/links/CentOS7-x86_64/'
+    replace: url --url http://{{ ansible_em3.ipv4.address }}/cblr/links/CentOS7-x86_64/
+  when: internet_nic == "em3"
   tags: install
 
 - name: Random phrase generation
@@ -131,14 +80,25 @@
   tags: install
 
 - name: Login password
-  command: openssl passwd -1 -salt {{ random_phrase }} {{ admin_password }}
+  command: openssl passwd -1 -salt {{ random_phrase }} {{ cobbler_password }}
   changed_when: false
   register: login_pass
   tags: install
 
 - name: Configure kickstart file
   replace:
-    path: "{{ role_path }}/files/centos8.ks"
+    path: "{{ role_path }}/files/centos7.ks"
     regexp: '^rootpw --iscrypted password'
     replace: 'rootpw --iscrypted {{ login_pass.stdout }}'
   tags: install
+
+- name: Configure kickstart file
+  replace:
+    path: "{{ role_path }}/files/centos7.ks"
+    regexp: '^network  --bootproto=dhcp --device=nic --onboot=on'
+    replace: 'network  --bootproto=dhcp --device={{ nic }} --onboot=on'
+  tags: install
+
+- name: Configure default password in settings
+  local_action: copy content="{{ login_pass.stdout }}" dest="{{ role_path }}/files/.node_login.digest"
+  tags: install

appliance/roles/provision/vars/main.yml

@@ -15,36 +15,23 @@
 
 # vars file for provision
 
+#Usage: check_prerequisite.yml
+iso_name: CentOS-7-x86_64-Minimal-2009.iso
+iso_fail: "Iso file absent: Download and copy the iso file in omnia/appliance/roles/provision/files"
+
 # Usage: provision_password.yml
 provision_encrypted_dest: ../files/
-min_length: 8
-no_of_retry: 3
-retry_delay: 0.001
 username: cobbler
-prompt_password: "Enter cobbler password.( Min. Length of Password should be {{ min_length| int }}." 
-confirm_password: "Confirm cobbler Password"
-msg_incorrect_format: "Failed. Incorrect format."
-msg_failed_password_confirm: "Failed. Passwords did not match"
-success_msg_pwd_format: "admin_password validated"
-fail_msg_pwd_format: "admin_password validation failed"
-success_msg_pwd_confirm: "admin_password confirmed"
-fail_msg_pwd_confirm: "admin_password confirmation failed"
-success_msg_format: "random_phrase validated"
-fail_msg_format: "random_phrase validation failed"
 
 # Usage: cobbler_image.yml
 docker_image_name: cobbler
 docker_image_tag: latest
-cobbler_run_command: docker run -itd --privileged --net=host --restart=always -v cobbler_www:/var/www/cobbler:Z -v cobbler_backup:/var/lib/cobbler/backup:Z -v /mnt/iso:/mnt:Z -p 69:69/udp -p 81:80 -p 443:443 -p 25151:25151 --name cobbler  cobbler:latest  /sbin/init
+cobbler_run_command: docker run -itd --privileged --net=host --restart=always -v {{ mount_path }}:/root/omnia  -v cobbler_www:/var/www/cobbler:Z -v cobbler_backup:/var/lib/cobbler/backup:Z -v /mnt/iso:/mnt:Z -p 69:69/udp -p 81:80 -p 443:443 -p 25151:25151 --name cobbler  cobbler:latest  /sbin/init
 
 
 # Usage: main.yml
 message_skipped: "Installation Skipped: Cobbler instance is already running on your system"
 message_installed: "Installation Successful"
 
-# Usage: os_provsion.yml
-iso_image: CentOS-8.2.2004-x86_64-minimal.iso 
+# Usage: mount_iso.yml
 iso_path: iso
-
-# Usage: configure_nic.yml
-eno: eno1

omnia.yml

@@ -13,72 +13,124 @@
 # limitations under the License.
 ---
 
-# Omnia playbook. Will be updated later.
+- name: Validate the cluster
+  hosts: localhost
+  connection: local
+  gather_facts: no
+  roles:
+    - cluster_validation
 
 - name: Gather facts from all the nodes
   hosts: all
 
+- name: Prepare the cluster with passwordless ssh from manager to compute
+  hosts: manager
+  gather_facts: false
+  pre_tasks:
+    - name: Set Fact
+      set_fact:
+        ssh_to: "{{ groups['compute'] }}"
+  roles:
+    - cluster_preperation
+
+- name: Prepare the cluster with passwordless ssh from compute to manager
+  hosts: compute
+  gather_facts: false
+  pre_tasks:
+    - name: Set Fact
+      set_fact:
+        ssh_to: "{{ groups['manager'] }}"
+  roles:
+    - cluster_preperation
+    
 - name: Apply common installation and config
   hosts: manager, compute
   gather_facts: false
   roles:
     - common
- 
-#- name: Apply GPU node config
-#  hosts: gpus
-#  gather_facts: false
-#  roles:
-#    - compute_gpu
+  tags: common
+
+- name: Apply common K8s installation and config
+  hosts: manager, compute
+  gather_facts: false
+  roles:
+    - k8s_common
+  tags: kubernetes
+
+- name: Apply GPU node config
+  hosts: gpus
+  gather_facts: false
+  roles:
+    - compute_gpu
 
 - name: Apply K8s manager config
   hosts: manager
   gather_facts: true
   roles:
-    - manager
+    - k8s_manager
+  tags: kubernetes
 
 - name: Apply K8s firewalld config on manager and compute nodes
   hosts: manager, compute
   gather_facts: false
   roles:
-    - firewalld
+    - k8s_firewalld
+  tags: kubernetes
+
+- name: Apply NFS server setup on manager node
+  hosts: manager
+  gather_facts: false
+  roles:
+    - k8s_nfs_server_setup
+  tags: kubernetes
+
+- name: Apply NFS client setup on compute nodes
+  hosts: compute
+  gather_facts: false
+  roles:
+    - k8s_nfs_client_setup
+  tags: kubernetes
 
 - name: Start K8s on manager server
   hosts: manager
   gather_facts: true
   roles:
-    - startmanager
+    - k8s_start_manager
+  tags: kubernetes
 
 - name: Start K8s worker servers on compute nodes
   hosts: compute
   gather_facts: false
   roles:
-    - startworkers
+    - k8s_start_workers
+  tags: kubernetes
 
 - name: Start K8s worker servers on manager nodes
   hosts: manager
   gather_facts: false
   roles:
-    - startservices
+    - k8s_start_services
+  tags: kubernetes
 
-- name: Apply SLURM manager config
-  hosts: manager
+- name: Apply common Slurm installation and config
+  hosts: manager, compute
   gather_facts: false
   roles:
-    - slurm_manager
+    - slurm_common
   tags: slurm
 
-- name: Apply common Slurm installation and config
-  hosts: manager, compute
+- name: Apply Slurm manager config
+  hosts: manager
   gather_facts: false
   roles:
-    - slurm_common
+    - slurm_manager
   tags: slurm
 
-- name: Start slurm workers
+- name: Start Slurm workers
   hosts: compute
   gather_facts: false
   roles:
-    - start_slurm_workers
+    - slurm_workers
   tags: slurm
 
 - name: Start Slurm services
@@ -87,3 +139,10 @@
   roles:
     - slurm_start_services
   tags: slurm
+
+- name: Install slurm exporter
+  hosts: manager
+  gather_facts: false
+  roles:
+    - slurm_exporter
+  tags: slurm

roles/common/files/daemon.json

@@ -6,4 +6,4 @@
     }
   },
   "default-runtime": "nvidia"
-}
+}

roles/common/files/inventory.fact

@@ -15,4 +15,4 @@ cat << EOF
 }
 EOF
 
-rm -f $INVENTORY
+rm -f $INVENTORY

roles/common/handlers/main.yml

@@ -1,18 +1,23 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
 ---
 
-- name: Start and Enable docker service
-  service:
-    name: docker
-    state: restarted
-    enabled: yes
-  #tags: install
-
-- name: Start and Enable Kubernetes - kubelet
-  service:
-    name: kubelet
+- name: Restart ntpd
+  systemd:
+    name: ntpd
     state: started
     enabled: yes
-  #tags: install
 
 - name: Restart chrony
   service:
@@ -32,4 +37,4 @@
   register: chrony_src
   until:  chrony_src.stdout.find('^*') > -1
   retries: "{{ retry_count }}"
-  delay: "{{ delay_count }}"
+  delay: "{{ delay_count }}"

roles/common/tasks/main.yml

@@ -15,23 +15,17 @@
 
 - name: Create a custom fact directory on each host
   file:
-    path: /etc/ansible/facts.d
+    path: "{{ custom_fact_dir }}"
     state: directory
+    mode: "{{ custom_fact_dir_mode }}"
 
 - name: Install accelerator discovery script
   copy:
     src: inventory.fact
-    dest: /etc/ansible/facts.d/inventory.fact
-    mode: 0755
-
-- name: Add kubernetes repo
-  copy:
-    src: kubernetes.repo
-    dest: "{{ k8s_repo_dest }}"
+    dest: "{{ accelerator_discovery_script_dest }}"
     owner: root
     group: root
-    mode: "{{ k8s_repo_file_mode }}"
-  tags: install
+    mode: "{{ accelerator_discovery_script_mode }}"
 
 - name: Add elrepo GPG key
   rpm_key:
@@ -45,26 +39,6 @@
     state: present
   tags: install
 
-- name: Add docker community edition repository
-  get_url:
-    url: "{{ docker_repo_url }}"
-    dest: "{{ docker_repo_dest }}"
-  tags: install
-
-- name: Update sysctl to handle incorrectly routed traffic when iptables is bypassed
-  copy:
-    src: k8s.conf
-    dest: "{{ k8s_conf_dest }}"
-    owner: root
-    group: root
-    mode: "{{ k8s_conf_file_mode }}"
-  tags: install
-
-- name: Update sysctl
-  command: /sbin/sysctl --system
-  changed_when: true
-  tags: install
-
 - name: Disable swap
   command: /sbin/swapoff -a
   changed_when: true
@@ -84,44 +58,16 @@
 - name: Collect host facts (including acclerator information)
   setup: ~
 
-- name: Install k8s packages
-  package:
-    name: "{{ k8s_packages }}"
-    state: present
-  tags: install
-
-- name: Versionlock kubernetes
-  command: "yum versionlock '{{ item }}'"
-  args:
-    warn: false
-  with_items:
-    - "{{ k8s_packages }}"
-  changed_when: true
-  tags: install
-
 - name: Install infiniBand support
   package:
     name: "@Infiniband Support"
     state: present
   tags: install
 
-- name: Start and enable docker service
-  service:
-    name: docker
-    state: restarted
-    enabled: yes
-  tags: install
-
-- name: Start and enable kubernetes - kubelet
-  service:
-    name: kubelet
-    state: restarted
-    enabled: yes
-
 - name: Deploy time ntp/chrony
   include_tasks: ntp.yml
   tags: install
 
 - name: Install Nvidia drivers and software components
   include_tasks: nvidia.yml
-  when: ansible_local.inventory.nvidia_gpu > 0
+  when: ansible_local.inventory.nvidia_gpu > 0

roles/common/tasks/ntp.yml

@@ -13,28 +13,28 @@
 #  limitations under the License.
 ---
 
-#- name: Deploy ntp servers
-#block:
-#- name: Deploy ntpd
-#package:
-#name: ntp
-#state: present
-#- name: Deploy ntpdate
-#package:
-#name: ntpdate
-#state: present
-#- name: Update ntp servers
-#template:
-#src: ntp.conf.j2
-#dest: "{{ ntp_path }}"
-#owner: root
-#group: root
-#mode: "{{ ntp_mode }}"
-          #backup: yes
-          #notify:
-          #- restart ntpd
-            #- sync ntp clocks
-            #when:  ( ansible_distribution == "CentOS" or   ansible_distribution == "RedHat" ) and ansible_distribution_major_version  < os_higher_version
+  - name: Deploy ntp servers
+    block:
+      - name: Deploy ntpd
+        package:
+          name: ntp
+          state: present
+      - name: Deploy ntpdate
+        package:
+          name: ntpdate
+          state: present
+      - name: Update ntp servers
+        template:
+          src: ntp.conf.j2
+          dest: "{{ ntp_path }}"
+          owner: root
+          group: root
+          mode: "{{ ntp_mode }}"
+          backup: yes
+        notify:
+          - Restart ntpd
+          - Sync tp clocks
+    when:  ( ansible_distribution == "CentOS" or   ansible_distribution == "RedHat" ) and ansible_distribution_major_version  < os_higher_version
 
   - name: Deploy chrony server
     block:
@@ -51,6 +51,6 @@
           mode: "{{ ntp_mode }}"
           backup: yes
         notify:
-          - restart chrony
-          - sync chrony sources
-    when:  ( ansible_distribution == "CentOS" or   ansible_distribution == "RedHat" ) and ansible_distribution_major_version  > os_version
+          - Restart chrony
+          - Sync chrony sources
+    when:  ( ansible_distribution == "CentOS" or   ansible_distribution == "RedHat" ) and ansible_distribution_major_version  > os_version

roles/common/tasks/nvidia.yml

@@ -58,4 +58,4 @@
     name: kubelet
     state: restarted
     enabled: yes
-  tags: install
+  tags: install

roles/common/templates/chrony.conf.j2

@@ -38,5 +38,4 @@ leapsectz right/UTC
 logdir /var/log/chrony
 
 # Select which information is logged.
-#log measurements statistics tracking
-
+#log measurements statistics tracking

roles/common/templates/ntp.conf.j2

@@ -11,6 +11,4 @@ server  {{ item }} iburst
 
 includefile /etc/ntp/crypto/pw
 
-keys /etc/ntp/keys
-
-
+keys /etc/ntp/keys

roles/common/vars/main.yml

@@ -19,32 +19,22 @@ common_packages:
   - gcc
   - nfs-utils
   - python3-pip
-  - docker-ce
   - bash-completion
   - nvidia-detect
   - chrony
   - pciutils
 
-k8s_packages:
-  - kubelet-1.16.7
-  - kubeadm-1.16.7
-  - kubectl-1.16.7
+custom_fact_dir: /etc/ansible/facts.d
 
-k8s_repo_dest: /etc/yum.repos.d/
+custom_fact_dir_mode: 0755
 
-elrepo_gpg_key_url: https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
-
-elrepo_rpm_url: https://www.elrepo.org/elrepo-release-7.el7.elrepo.noarch.rpm
-
-docker_repo_url: https://download.docker.com/linux/centos/docker-ce.repo
+accelerator_discovery_script_dest: /etc/ansible/facts.d/inventory.fact
 
-docker_repo_dest: /etc/yum.repos.d/docker-ce.repo
+accelerator_discovery_script_mode: 0755
 
-k8s_conf_dest: /etc/sysctl.d/
-
-k8s_repo_file_mode: 0644
+elrepo_gpg_key_url: https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
 
-k8s_conf_file_mode: 0644
+elrepo_rpm_url: https://www.elrepo.org/elrepo-release-7.el7.elrepo.noarch.rpm
 
 chrony_path: "/etc/chrony.conf"
 ntp_path: "/etc/ntp.conf"
@@ -73,4 +63,4 @@ nvidia_packages:
   - nvidia-docker2
 
 daemon_file_dest: /etc/docker/
-daemon_file_mode: 0644
+daemon_file_mode: 0644

roles/k8s_common/handlers/main.yml

@@ -0,0 +1,28 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+- name: Start and Enable docker service
+  service:
+    name: docker
+    state: restarted
+    enabled: yes
+  tags: install
+
+- name: Start and Enable Kubernetes - kubelet
+  service:
+    name: kubelet
+    state: started
+    enabled: yes
+  tags: install

roles/k8s_common/tasks/main.yml

@@ -0,0 +1,77 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+- name: Add kubernetes repo
+  copy:
+    src: kubernetes.repo
+    dest: "{{ k8s_repo_dest }}"
+    owner: root
+    group: root
+    mode: "{{ k8s_repo_file_mode }}"
+  tags: install
+
+- name: Add docker community edition repository
+  get_url:
+    url: "{{ docker_repo_url }}"
+    dest: "{{ docker_repo_dest }}"
+  tags: install
+
+- name: Update sysctl to handle incorrectly routed traffic when iptables is bypassed
+  copy:
+    src: k8s.conf
+    dest: "{{ k8s_conf_dest }}"
+    owner: root
+    group: root
+    mode: "{{ k8s_conf_file_mode }}"
+  tags: install
+
+- name: Update sysctl
+  command: /sbin/sysctl --system
+  changed_when: true
+  tags: install
+
+- name: Install docker
+  package:
+    name: docker-ce
+    state: present
+  tags: install
+
+- name: Install k8s packages
+  package:
+    name: "{{ k8s_packages }}"
+    state: present
+  tags: install
+
+- name: Versionlock kubernetes
+  command: "yum versionlock '{{ item }}'"
+  args:
+    warn: false
+  with_items:
+    - "{{ k8s_packages }}"
+  changed_when: true
+  tags: install
+
+- name: Start and enable docker service
+  service:
+    name: docker
+    state: restarted
+    enabled: yes
+  tags: install
+
+- name: Start and enable kubernetes - kubelet
+  service:
+    name: kubelet
+    state: restarted
+    enabled: yes

roles/k8s_common/vars/main.yml

@@ -0,0 +1,31 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+k8s_packages:
+  - kubelet-1.16.7
+  - kubeadm-1.16.7
+  - kubectl-1.16.7
+
+k8s_repo_dest: /etc/yum.repos.d/
+
+docker_repo_url: https://download.docker.com/linux/centos/docker-ce.repo
+
+docker_repo_dest: /etc/yum.repos.d/docker-ce.repo
+
+k8s_conf_dest: /etc/sysctl.d/
+
+k8s_repo_file_mode: 0644
+
+k8s_conf_file_mode: 0644

roles/firewalld/tasks/main.yml

@@ -40,7 +40,7 @@
     port: "{{ item }}/tcp"
     permanent: yes
     state: enabled
-  with_items: '{{ k8s_worker_ports }}'
+  with_items: '{{ k8s_compute_ports }}'
   when: "'compute' in group_names"
   tags: firewalld
 
@@ -81,4 +81,4 @@
     name: firewalld
     state: stopped
     enabled: no
-  tags: firewalld
+  tags: firewalld

roles/firewalld/vars/main.yml

@@ -25,7 +25,7 @@ k8s_master_ports:
   - 10252
 
 # Worker nodes firewall ports
-k8s_worker_ports:
+k8s_compute_ports:
   - 10250
   - 30000-32767
 
@@ -35,7 +35,6 @@ calico_udp_ports:
 calico_tcp_ports:
   - 5473
   - 179
-  - 5473
 
 # Flannel CNI firewall ports
 flannel_udp_ports:

roles/k8s_nfs_client_setup/tasks/main.yml

@@ -0,0 +1,40 @@
+# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+- name: Install nfs-utils
+  package:
+    name: nfs-utils
+    state: present
+  tags: nfs_client
+
+- name: Creating directory to mount NFS Share
+  file:
+    path: "{{ nfs_mnt_dir }}"
+    state: directory
+    mode: "{{ nfs_mnt_dir_mode }}"
+  tags: nfs_client
+
+- name: Mounting NFS Share
+  command: "mount {{ groups['manager'] }}:{{ nfs_mnt_dir }} {{ nfs_mnt_dir }}"
+  changed_when: true
+  args:
+    warn: false
+  tags: nfs_client
+
+- name: Configuring Automount NFS Shares on reboot
+  lineinfile:
+    path: "{{ fstab_file_path }}"
+    line: "{{ groups['manager'] }}:{{ nfs_mnt_dir }}     {{ nfs_mnt_dir }}  nfs     nosuid,rw,sync,hard,intr 0 0"
+  tags: nfs_client

roles/k8s_nfs_client_setup/vars/main.yml

@@ -0,0 +1,20 @@
+# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+nfs_mnt_dir: /home/k8snfs
+
+nfs_mnt_dir_mode: 0755
+
+fstab_file_path: /etc/fstab

roles/k8s_nfs_server_setup/tasks/main.yml

@@ -0,0 +1,84 @@
+# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+- name: Install nfs-utils
+  package:
+    name: nfs-utils
+    state: present
+  tags: nfs_server
+
+- name: Install firewalld
+  package:
+    name: firewalld
+    state: present
+  tags: firewalld
+
+- name: Start and enable firewalld
+  service:
+    name: firewalld
+    state: started
+    enabled: yes
+  tags: firewalld
+
+- name: Start and enable rpcbind and nfs-server service
+  service:
+    name: "{{ item }}"
+    state: restarted
+    enabled: yes
+  with_items:
+    - rpcbind
+    - nfs-server
+  tags: nfs_server
+
+- name: Creating NFS share directory
+  file:
+    path: "{{ nfs_share_dir }}"
+    state: directory
+    mode: "{{ nfs_share_dir_mode }}"
+  tags: nfs_server
+
+- name: Adding NFS share entries in /etc/exports
+  lineinfile:
+    path: "{{ exports_file_path }}"
+    line: "{{ nfs_share_dir }} {{ item }}(rw,sync,no_root_squash)"
+  with_items:
+    - "{{ groups['compute'] }}"
+  tags: nfs_server
+
+- name: Exporting the shared directories
+  command: exportfs -r
+  changed_when: true
+  tags: nfs_server
+
+- name: Configuring firewall
+  firewalld:
+    service: "{{ item }}"
+    permanent: true
+    state: enabled
+  with_items:
+    - "{{ nfs_services }}"
+  tags: nfs_server
+
+- name: Reload firewalld
+  command: firewall-cmd --reload
+  changed_when: true
+  tags: nfs_server
+
+- name: Stop and disable firewalld
+  service:
+    name: firewalld
+    state: stopped
+    enabled: no
+  tags: firewalld

roles/k8s_nfs_server_setup/vars/main.yml

@@ -0,0 +1,25 @@
+# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+nfs_share_dir: /home/k8snfs
+
+nfs_share_dir_mode: 0777
+
+exports_file_path: /etc/exports
+
+nfs_services:
+  - mountd
+  - rpc-bind
+  - nfs

roles/startmanager/tasks/main.yml

@@ -146,7 +146,7 @@
   changed_when: true
   tags: init
 
-- name: Edge / Workstation Install allows pods to scheudle on manager
+- name: Edge / Workstation Install allows pods to schedule on manager
   command: kubectl taint nodes --all node-role.kubernetes.io/master-
   when: single_node
-  tags: init
+  tags: init

roles/startmanager/vars/main.yml

@@ -47,4 +47,4 @@ k8s_clusterRoleBinding_file_mode: 0655
 
 calico_yml_url: https://docs.projectcalico.org/manifests/calico.yaml
 
-flannel_yml_url: https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
+flannel_yml_url: https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

roles/startservices/vars/main.yml

@@ -27,8 +27,7 @@ k8s_dashboard_yaml_url: https://raw.githubusercontent.com/kubernetes/dashboard/v
 
 helm_stable_repo_url: https://charts.helm.sh/stable
 
-#nfs_server: "{{ ansible_host }}"
-nfs_server: 10.0.0.1
+nfs_server: "{{ ansible_host }}"
 
 nfs_path: /home/k8snfs
 
@@ -44,4 +43,4 @@ mig_strategy: none
 
 gpu_feature_discovery_version: 0.2.0
 
-fpga_device_plugin_yaml_url: https://raw.githubusercontent.com/Xilinx/FPGA_as_a_Service/master/k8s-fpga-device-plugin/fpga-device-plugin.yml
+fpga_device_plugin_yaml_url: https://raw.githubusercontent.com/Xilinx/FPGA_as_a_Service/master/k8s-fpga-device-plugin/fpga-device-plugin.yml

roles/manager/files/k8s.conf

@@ -1,3 +0,0 @@
-net.bridge.bridge-nf-call-ip6tables = 1
-net.bridge.bridge-nf-call-iptables = 1
-

roles/manager/files/kubernetes.repo

@@ -1,8 +0,0 @@
-[kubernetes]
-name=Kubernetes
-baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
-enabled=1
-gpgcheck=1
-repo_gpgcheck=1
-gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
-

test/test_jupyterhub.yml

@@ -0,0 +1,113 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+# OMNIA_UKP_US_VFKP_TC_014
+# Execute jupyterhub role in manager nodes with os installed centos 7.9
+- name: OMNIA_UKP_US_VFKP_TC_014
+  hosts: manager
+  gather_facts: false
+  vars_files:
+    - test_vars/test_jupyterhub_vars.yml
+  tasks:
+    - block:
+        - name: Call jupyterhub role
+          include_role:
+            name: ../platforms/roles/jupyterhub
+      tags: TC_014
+
+    - name: Waiting for the pods deployment
+      pause:
+        minutes: 5
+      tags: TC_014
+
+    - name: Checking all running pods under default namespace
+      command: kubectl get pods --namespace default --field-selector=status.phase=Running
+      register: namesapce_default_running_pods
+      changed_when: false
+      ignore_errors: True
+      tags: TC_014, VERIFY_014
+
+    - name: Checking K8s services
+      command: kubectl get services
+      register: k8s_services
+      changed_when: false
+      ignore_errors: True
+      tags: TC_014, VERIFY_014
+
+    - name: Validating JupyterHub pods
+      assert:
+        that:
+          - "'hub' in namesapce_default_running_pods.stdout"
+          - "'proxy' in namesapce_default_running_pods.stdout"
+        fail_msg: "{{ jupyterhub_pods_fail_msg }}"
+        success_msg: "{{ jupyterhub_pods_success_msg }}"
+      tags: TC_014, VERIFY_014
+
+    - name: Validating JupyterHub services
+      assert:
+        that:
+          - "'hub' in k8s_services.stdout"
+          - "'proxy-public' in k8s_services.stdout"
+          - "'proxy-api' in k8s_services.stdout"
+        fail_msg: "{{ jupyterhub_services_fail_msg }}"
+        success_msg: "{{ jupyterhub_services_success_msg }}"
+      tags: TC_014, VERIFY_014
+
+# OMNIA_UKP_US_VFKP_TC_015
+# Execute jupyterhub role in manager nodes with JupyterHub already deployed
+- name: OMNIA_UKP_US_VFKP_TC_015
+  hosts: manager
+  gather_facts: false
+  vars_files:
+    - test_vars/test_jupyterhub_vars.yml
+  tasks:
+    - block:
+        - name: Call jupyterhub role
+          include_role:
+            name: ../platforms/roles/jupyterhub
+      tags: TC_015, VERIFY_015
+
+    - name: Checking all running pods under default namespace
+      command: kubectl get pods --namespace default --field-selector=status.phase=Running
+      register: namesapce_default_running_pods
+      changed_when: false
+      ignore_errors: True
+      tags: TC_015, VERIFY_015
+
+    - name: Checking K8s services
+      command: kubectl get services
+      register: k8s_services
+      changed_when: false
+      ignore_errors: True
+      tags: TC_015, VERIFY_015
+
+    - name: Validating JupyterHub pods
+      assert:
+        that:
+          - "'hub' in namesapce_default_running_pods.stdout"
+          - "'proxy' in namesapce_default_running_pods.stdout"
+        fail_msg: "{{ jupyterhub_pods_fail_msg }}"
+        success_msg: "{{ jupyterhub_pods_success_msg }}"
+      tags: TC_015, VERIFY_015
+
+    - name: Validating JupyterHub services
+      assert:
+        that:
+          - "'hub' in k8s_services.stdout"
+          - "'proxy-public' in k8s_services.stdout"
+          - "'proxy-api' in k8s_services.stdout"
+        fail_msg: "{{ jupyterhub_services_fail_msg }}"
+        success_msg: "{{ jupyterhub_services_success_msg }}"
+      tags: TC_015, VERIFY_015

test/test_k8s_common.yml

@@ -0,0 +1,155 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+# Testcase OMNIA_UKP_US_VFKP_TC_001
+# Execute k8s_common role in manager & compute nodes with os installed centos 7.8
+- name: OMNIA_UKP_US_VFKP_TC_001
+  hosts: manager, compute
+  vars_files:
+    - test_vars/test_k8s_common_vars.yml
+  tasks:
+    - block:
+        - name: Call common role
+          include_role:
+            name: ../roles/k8s_common
+      tags: TC_001
+
+    - name: Checking common packages installation status
+      command: "'{{ item }}' --version"
+      with_items:
+        - "{{ common_packages }}"
+      register: common_packages_status
+      changed_when: false
+      ignore_errors: True
+      tags: TC_001, VERIFY_001
+
+    - name: Checking K8s packages installation status
+      command: "'{{ item }}' version"
+      with_items:
+        - "{{ k8_packages }}"
+      register: k8s_packages_status
+      changed_when: false
+      ignore_errors: True
+      tags: TC_001, VERIFY_001
+
+    - name: Checking docker service status
+      systemd:
+        name: docker
+      register: docker_service
+      tags: TC_001, VERIFY_001
+
+    - name: Checking K8s service status
+      systemd:
+        name: kubelet
+      register: kubelet_service
+      tags: TC_001, VERIFY_001
+
+    - name: Validate common & K8s packages status
+      assert:
+        that:
+          - "'command not found' not in {{ item }}"
+        fail_msg: "{{ packages_status_fail_msg }}"
+        success_msg: "{{ packages_status_success_msg }}"
+      with_items:
+        - "{{ common_packages_status.results }}"
+        - "{{ k8s_packages_status.results }}"
+      tags: TC_001, VERIFY_001
+
+    - name: Validating docker service status
+      assert:
+        that:
+          - docker_service.status.ActiveState == 'active'
+        fail_msg: "{{ docker_service_fail_msg }}"
+        success_msg: "{{ docker_service_success_msg }}"
+      tags: TC_001, VERIFY_001
+
+    - name: Validating K8s service status
+      assert:
+        that:
+          - kubelet_service.status.ActiveState == 'active'
+        fail_msg: "{{ kubelet_service_fail_msg }}"
+        success_msg: "{{ kubelet_service_success_msg }}"
+      tags: TC_001, VERIFY_001
+
+# Testcase OMNIA_UKP_US_VFKP_TC_002
+# Execute k8s_common role in manager & compute nodes with common and K8s packages already installed
+- name: OMNIA_UKP_US_VFKP_TC_002
+  hosts: manager, compute
+  vars_files:
+    - test_vars/test_k8s_common_vars.yml
+  tasks:
+    - block:
+        - name: Call common role
+          include_role:
+            name: ../roles/k8s_common
+      tags: TC_002, VERIFY_002
+
+    - name: Checking common packages installation status
+      command: "'{{ item }}' --version"
+      with_items:
+        - "{{ common_packages }}"
+      register: common_packages_status
+      changed_when: false
+      ignore_errors: True
+      tags: TC_002, VERIFY_002
+
+    - name: Checking K8s packages installation status
+      command: "'{{ item }}' version"
+      with_items:
+        - "{{ k8_packages }}"
+      register: k8s_packages_status
+      changed_when: false
+      ignore_errors: True
+      tags: TC_002, VERIFY_002
+
+    - name: Checking docker service status
+      systemd:
+        name: docker
+      register: docker_service
+      tags: TC_002, VERIFY_002
+
+    - name: Checking K8s service status
+      systemd:
+        name: kubelet
+      register: kubelet_service
+      tags: TC_002, VERIFY_002
+
+    - name: Validate common & K8s packages status
+      assert:
+        that:
+          - "'command not found' not in {{ item }}"
+        fail_msg: "{{ packages_status_fail_msg }}"
+        success_msg: "{{ packages_status_success_msg }}"
+        quiet: true
+      with_items:
+        - "{{ common_packages_status.results }}"
+        - "{{ k8s_packages_status.results }}"
+      tags: TC_002, VERIFY_002
+
+    - name: Validating docker service status
+      assert:
+        that:
+          - docker_service.status.ActiveState == 'active'
+        fail_msg: "{{ docker_service_fail_msg }}"
+        success_msg: "{{ docker_service_success_msg }}"
+      tags: TC_002, VERIFY_002
+
+    - name: Validating K8s service status
+      assert:
+        that:
+          - kubelet_service.status.ActiveState == 'active'
+        fail_msg: "{{ kubelet_service_fail_msg }}"
+        success_msg: "{{ kubelet_service_success_msg }}"
+      tags: TC_002, VERIFY_002

test/test_k8s_firewalld.yml

@@ -0,0 +1,226 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+# OMNIA_UKP_US_VFKP_TC_007
+# Execute k8s_firewalld role in manager and compute nodes with os installed centos 7.9
+- name: OMNIA_UKP_US_VFKP_TC_007
+  hosts: manager, compute
+  gather_facts: false
+  vars_files:
+    - test_vars/test_k8s_firewalld_vars.yml
+    - ../roles/k8s_firewalld/vars/main.yml
+  tasks:
+    - block:
+        - name: Call k8s_firewalld role
+          include_role:
+            name: ../roles/k8s_firewalld
+      tags: TC_007
+
+    - name: Start and enable firewalld
+      service:
+        name: firewalld
+        state: started
+        enabled: yes
+      tags: TC_007, VERIFY_007
+
+    - name: Checking firewalld open ports on manager node
+      command: firewall-cmd --list-ports
+      register: manager_firewalld_ports
+      when: "'manager' in group_names"
+      tags: TC_007, VERIFY_007
+
+    - name: Checking firewalld open ports on compute node
+      command: firewall-cmd --list-ports
+      register: compute_firewalld_ports
+      when: "'compute' in group_names"
+      tags: TC_007, VERIFY_007
+
+    - name: Validating K8s port on manager node
+      assert:
+        that:
+          - "'6443' in manager_firewalld_ports.stdout"
+          - "'2379-2380' in manager_firewalld_ports.stdout"
+          - "'10250' in manager_firewalld_ports.stdout"
+          - "'10251' in manager_firewalld_ports.stdout"
+          - "'10252' in manager_firewalld_ports.stdout"
+        fail_msg: "{{ manager_k8s_ports_status_fail_msg }}"
+        success_msg: "{{ manager_k8s_ports_status_success_msg }}"
+      when: "'manager' in group_names"
+      tags: TC_007, VERIFY_007
+
+    - name: Validating K8s port on compute node
+      assert:
+        that:
+          - "'10250' in compute_firewalld_ports.stdout"
+          - "'30000-32767' in compute_firewalld_ports.stdout"
+        fail_msg: "{{ compute_k8s_ports_status_fail_msg }}"
+        success_msg: "{{ compute_k8s_ports_status_success_msg }}"
+      when: "'compute' in group_names"
+      tags: TC_007, VERIFY_007
+
+    - name: Validating Calico udp/tcp ports on manager nodes
+      assert:
+        that:
+          - "'4789' in manager_firewalld_ports.stdout"
+          - "'5473' in manager_firewalld_ports.stdout"
+          - "'179' in manager_firewalld_ports.stdout"
+        fail_msg: "{{ calico_ports_manager_fail_msg }}"
+        success_msg: "{{ calico_ports_manager_success_msg }}"
+      when: "k8s_cni == 'calico' and 'manager' in group_names"
+      tags: TC_007, VERIFY_007
+
+    - name: Validating Calico udp/tcp ports on compute nodes
+      assert:
+        that:
+          - "'4789' in compute_firewalld_ports.stdout"
+          - "'5473' in compute_firewalld_ports.stdout"
+          - "'179' in compute_firewalld_ports.stdout"
+        fail_msg: "{{ calico_ports_compute_fail_msg }}"
+        success_msg: "{{ calico_ports_compute_success_msg }}"
+      when: "k8s_cni == 'calico' and 'compute' in group_names"
+      tags: TC_007, VERIFY_007
+
+    - name: Validating Flannel ports on manager nodes
+      assert:
+        that:
+          - "'8285' in manager_firewalld_ports.stdout"
+          - "'8472' in manager_firewalld_ports.stdout"
+        fail_msg: "{{ flannel_ports_manager_fail_msg }}"
+        success_msg: "{{ flannel_ports_manager_success_msg }}"
+      when: "k8s_cni == 'flannel' and 'manager' in group_names"
+      tags: TC_007, VERIFY_007
+
+    - name: Validating Flannel ports on compute nodes
+      assert:
+        that:
+          - "'8285' in compute_firewalld_ports.stdout"
+          - "'8472' in compute_firewalld_ports.stdout"
+        fail_msg: "{{ flannel_ports_compute_fail_msg }}"
+        success_msg: "{{ flannel_ports_compute_success_msg }}"
+      when: "k8s_cni == 'flannel' and 'compute' in group_names"
+      tags: TC_007, VERIFY_007
+
+    - name: Stop and disable firewalld
+      service:
+        name: firewalld
+        state: stopped
+        enabled: no
+      tags: TC_007, VERIFY_007
+
+# OMNIA_UKP_US_VFKP_TC_008
+# Execute k8s_firewalld role in manager and compute nodes with K8s ports already opened
+- name: OMNIA_UKP_US_VFKP_TC_008
+  hosts: manager, compute
+  gather_facts: false
+  vars_files:
+    - test_vars/test_k8s_firewalld_vars.yml
+    - ../roles/k8s_firewalld/vars/main.yml
+  tasks:
+    - block:
+        - name: Call k8s_firewalld role
+          include_role:
+            name: ../roles/k8s_firewalld
+      tags: TC_008
+
+    - name: Start and enable firewalld
+      service:
+        name: firewalld
+        state: started
+        enabled: yes
+      tags: TC_008, VERIFY_008
+
+    - name: Checking firewalld open ports on manager node
+      command: firewall-cmd --list-ports
+      register: manager_firewalld_ports
+      when: "'manager' in group_names"
+      tags: TC_008, VERIFY_008
+
+    - name: Checking firewalld open ports on compute node
+      command: firewall-cmd --list-ports
+      register: compute_firewalld_ports
+      when: "'compute' in group_names"
+      tags: TC_008, VERIFY_008
+
+    - name: Validating K8s port on manager node
+      assert:
+        that:
+          - "'6443' in manager_firewalld_ports.stdout"
+          - "'2379-2380' in manager_firewalld_ports.stdout"
+          - "'10250' in manager_firewalld_ports.stdout"
+          - "'10251' in manager_firewalld_ports.stdout"
+          - "'10252' in manager_firewalld_ports.stdout"
+        fail_msg: "{{ manager_k8s_ports_status_fail_msg }}"
+        success_msg: "{{ manager_k8s_ports_status_success_msg }}"
+      when: "'manager' in group_names"
+      tags: TC_008, VERIFY_008
+
+    - name: Validating K8s port on compute node
+      assert:
+        that:
+          - "'10250' in compute_firewalld_ports.stdout"
+          - "'30000-32767' in compute_firewalld_ports.stdout"
+        fail_msg: "{{ compute_k8s_ports_status_fail_msg }}"
+        success_msg: "{{ compute_k8s_ports_status_success_msg }}"
+      when: "'compute' in group_names"
+      tags: TC_008, VERIFY_008
+
+    - name: Validating Calico udp/tcp ports on manager nodes
+      assert:
+        that:
+          - "'4789' in manager_firewalld_ports.stdout"
+          - "'5473' in manager_firewalld_ports.stdout"
+          - "'179' in manager_firewalld_ports.stdout"
+        fail_msg: "{{ calico_ports_manager_fail_msg }}"
+        success_msg: "{{ calico_ports_manager_success_msg }}"
+      when: "k8s_cni == 'calico' and 'manager' in group_names"
+      tags: TC_008, VERIFY_008
+
+    - name: Validating Calico udp/tcp ports on compute nodes
+      assert:
+        that:
+          - "'4789' in compute_firewalld_ports.stdout"
+          - "'5473' in compute_firewalld_ports.stdout"
+          - "'179' in compute_firewalld_ports.stdout"
+        fail_msg: "{{ calico_ports_compute_fail_msg }}"
+        success_msg: "{{ calico_ports_compute_success_msg }}"
+      when: "k8s_cni == 'calico' and 'compute' in group_names"
+      tags: TC_008, VERIFY_008
+
+    - name: Validating Flannel ports on manager nodes
+      assert:
+        that:
+          - "'8285' in manager_firewalld_ports.stdout"
+          - "'8472' in manager_firewalld_ports.stdout"
+        fail_msg: "{{ flannel_ports_manager_fail_msg }}"
+        success_msg: "{{ flannel_ports_manager_success_msg }}"
+      when: "k8s_cni == 'flannel' and 'manager' in group_names"
+      tags: TC_008, VERIFY_008
+
+    - name: Validating Flannel ports on compute nodes
+      assert:
+        that:
+          - "'8285' in compute_firewalld_ports.stdout"
+          - "'8472' in compute_firewalld_ports.stdout"
+        fail_msg: "{{ flannel_ports_compute_fail_msg }}"
+        success_msg: "{{ flannel_ports_compute_success_msg }}"
+      when: "k8s_cni == 'flannel' and 'compute' in group_names"
+      tags: TC_008, VERIFY_008
+
+    - name: Stop and disable firewalld
+      service:
+        name: firewalld
+        state: stopped
+        enabled: no
+      tags: TC_008, VERIFY_008

test/test_k8s_manager.yml

@@ -0,0 +1,70 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+# OMNIA_UKP_US_VFKP_TC_005
+# Execute k8s_manager role in manager nodes with os installed centos 7.9
+- name: OMNIA_UKP_US_VFKP_TC_005
+  hosts: manager
+  vars_files:
+    - test_vars/test_k8s_manager_vars.yml
+  tasks:
+    - block:
+        - name: Call manager role
+          include_role:
+            name: ../roles/k8s_manager
+      tags: TC_005
+
+    - name: Checking helm installation status
+      command: helm version
+      register: helm_status
+      changed_when: false
+      ignore_errors: True
+      tags: TC_005, VERIFY_005
+
+    - name: Validating helm installation status
+      assert:
+        that:
+          - "'version.BuildInfo' in helm_status.stdout"
+        fail_msg: "{{ helm_status_fail_msg }}"
+        success_msg: "{{ helm_status_success_msg }}"
+      tags: TC_005, VERIFY_005
+
+# OMNIA_UKP_US_VFKP_TC_006
+# Execute k8s_manager role in manager nodes with helm already installed
+- name: OMNIA_UKP_US_VFKP_TC_006
+  hosts: manager
+  vars_files:
+    - test_vars/test_k8s_manager_vars.yml
+  tasks:
+    - block:
+        - name: Call manager role
+          include_role:
+            name: ../roles/k8s_manager
+      tags: TC_006, VERIFY_006
+
+    - name: Checking helm installation status
+      command: helm version
+      register: helm_status
+      changed_when: false
+      ignore_errors: True
+      tags: TC_006, VERIFY_006
+
+    - name: Validating helm installation status
+      assert:
+        that:
+          - "'command not found' not in helm_status.stdout"
+        fail_msg: "{{ helm_status_fail_msg }}"
+        success_msg: "{{ helm_status_success_msg }}"
+      tags: TC_006, VERIFY_006

test/test_k8s_start_manager_workers.yml

@@ -0,0 +1,144 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+# OMNIA_UKP_US_VFKP_TC_009, OMNIA_UKP_US_VFKP_TC_010
+# Execute k8s_start_manager role in manager nodes with os installed centos 7.9 and swap enabled
+- name: OMNIA_UKP_US_VFKP_TC_009, OMNIA_UKP_US_VFKP_TC_010
+  hosts: manager
+  gather_facts: false
+  vars_files:
+    - test_vars/test_k8s_start_manager_workers_vars.yml
+  tasks:
+    - name: Enable Swap
+      command: /usr/sbin/swapon -a
+      changed_when: true
+      tags: TC_009, TC_010
+
+    - block:
+        - name: Call k8s_start_manager role
+          include_role:
+            name: ../roles/k8s_start_manager
+      tags: TC_009, TC_010
+
+    - name: Waiting for the pods deployment
+      pause:
+        minutes: 10
+      tags: TC_009, TC_010
+
+    - name: Checking master node
+      command: kubectl get nodes
+      register: master_node_status
+      changed_when: false
+      ignore_errors: True
+      tags: TC_009, TC_010, VERIFY_009
+
+    - name: Checking kube-system pods
+      command: kubectl get pods --namespace kube-system --field-selector=status.phase=Running
+      register: kube_system_pods
+      changed_when: false
+      ignore_errors: True
+      tags: TC_009, TC_010, VERIFY_009
+
+    - name: Checking calico/flannel SDN network status
+      command: ip address
+      register: calico_flannel_status
+      changed_when: false
+      tags: TC_009, TC_010, VERIFY_009
+
+    - name: Checking K8s service account and token
+      command: kubectl get secrets
+      register: service_account_status
+      changed_when: false
+      ignore_errors: True
+      tags: TC_009, TC_010, VERIFY_009
+
+    - name: Validating master node status
+      assert:
+        that:
+          - "'master' in master_node_status.stdout"
+        fail_msg: "{{ master_node_status_fail_msg }}"
+        success_msg: "{{ master_node_status_success_msg }}"
+      tags: TC_009, TC_010, VERIFY_009
+
+    - name: Validating controller-manager and scheduler and coreDNS pods status
+      assert:
+        that:
+          - "'kube-scheduler' in kube_system_pods.stdout"
+          - "'kube-controller' in kube_system_pods.stdout"
+        fail_msg: "{{ controller_scheduler_status_fail_msg }}"
+        success_msg: "{{ controller_scheduler_status_success_msg }}"
+      tags: TC_009, TC_010, VERIFY_009
+
+    - name: Validating coreDNS pods status
+      assert:
+        that:
+          - "'coredns' in kube_system_pods.stdout"
+        fail_msg: "{{ coredns_status_fail_msg }}"
+        success_msg: "{{ coredns_status_success_msg }}"
+      tags: TC_009, TC_010, VERIFY_009
+
+    - name: Validating calico/flannel SDN network status
+      assert:
+        that:
+          - "'calico' in kube_system_pods.stdout or 'flannel' in kube_system_pods.stdout"
+        fail_msg: "{{ calico_flannel_status_fail_msg }}"
+        success_msg: "{{ calico_flannel_status_success_msg }}"
+      tags: TC_009, TC_010, VERIFY_009
+
+    - name: Validating K8s service account and token status
+      assert:
+        that:
+          - "'kubernetes.io/service-account-token' in service_account_status.stdout"
+        fail_msg: "{{ k8s_service_account_status_fail_msg }}"
+        success_msg: "{{ k8s_service_account_status_success_msg }}"
+      tags: TC_009, TC_010, VERIFY_009
+
+# OMNIA_UKP_US_VFKP_TC_011, OMNIA_UKP_US_VFKP_TC_012
+# Execute k8s_start_workers role in compute nodes with os installed centos 7.9 and swap enabled
+- name: OMNIA_UKP_US_VFKP_TC_011, OMNIA_UKP_US_VFKP_TC_012
+  hosts: compute
+  gather_facts: false
+  tasks:
+    - name: Enable Swap
+      command: /usr/sbin/swapon -a
+      changed_when: true
+      tags: TC_011, TC_012
+
+    - block:
+        - name: Call k8s_start_workers role
+          include_role:
+            name: ../roles/k8s_start_workers.yml
+      tags: TC_011, TC_012
+
+- name: OMNIA_UKP_US_VFKP_TC_011, OMNIA_UKP_US_VFKP_TC_012
+  hosts: manager
+  gather_facts: false
+  vars_files:
+    - test_vars/test_k8s_start_manager_workers_vars.yml
+  tasks:
+    - name: Check worker nodes status
+      command: kubectl get node --selector='!node-role.kubernetes.io/master'
+      register: worker_nodes_status
+      changed_when: false
+      ignore_errors: True
+      tags: TC_011, TC_012, VERIFY_011
+
+    - name: Validating worker nodes status
+      assert:
+        that:
+          - "'Ready' in worker_nodes_status.stdout"
+        fail_msg: "{{ worker_nodes_status_fail_msg }}"
+        success_msg: "{{ worker_nodes_status_success_msg }}"
+      tags: TC_011, TC_012, VERIFY_011

test/test_k8s_start_services.yml

@@ -0,0 +1,97 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+# OMNIA_UKP_US_VFKP_TC_013
+# Execute k8s_start_services role in manager nodes with os installed centos 7.9
+- name: OMNIA_UKP_US_VFKP_TC_013
+  hosts: manager
+  gather_facts: false
+  vars_files:
+    - test_vars/test_k8s_start_services_vars.yml
+  tasks:
+    - block:
+        - name: Call k8s_start_services role
+          include_role:
+            name: ../roles/k8s_start_services
+      tags: TC_013
+
+    - name: Waiting for the pods deployment
+      pause:
+        minutes: 10
+      tags: TC_013
+
+    - name: Checking all running pods
+      command: kubectl get pods --all-namespaces --field-selector=status.phase=Running
+      register: running_pods
+      changed_when: false
+      ignore_errors: True
+      tags: TC_013, VERIFY_013
+
+    - name: Checking default storage class
+      command: kubectl get sc
+      register: default_storage_class
+      changed_when: false
+      ignore_errors: True
+      tags: TC_013, VERIFY_013
+
+    - name: Validating Metallb, Prometheus and MPI pods
+      assert:
+        that:
+          - "'metallb' in running_pods.stdout"
+          - "'prometheus' in running_pods.stdout"
+          - "'mpi-operator' in running_pods.stdout"
+        fail_msg: "{{ metallb_prometheus_mpi_pods_fail_msg }}"
+        success_msg: "{{ metallb_prometheus_mpi_pods_success_msg }}"
+      tags: TC_013, VERIFY_013
+
+    - name: Validating K8s dashboard
+      assert:
+        that:
+          - "'kubernetes-dashboard' in running_pods.stdout"
+        fail_msg: "{{ kubernetes_dashboard_fail_msg }}"
+        success_msg: "{{ kubernetes_dashboard_success_msg }}"
+      tags: TC_013, VERIFY_013
+
+    - name: Validating NFS Client Provisioner pods
+      assert:
+        that:
+          - "'nfs-client-provisioner' in running_pods.stdout"
+        fail_msg: "{{ nfs_client_provisioner_pods_fail_msg }}"
+        success_msg: "{{ nfs_client_provisioner_pods_success_msg }}"
+      tags: TC_013, VERIFY_013
+
+    - name: Validating default storage class
+      assert:
+        that:
+          - "'nfs-client' in default_storage_class.stdout"
+        fail_msg: "{{ default_storage_class_fail_msg }}"
+        success_msg: "{{ default_storage_class_success_msg }}"
+      tags: TC_013, VERIFY_013
+
+    - name: Validating Node Feature Discovery pods
+      assert:
+        that:
+          - "'node-feature-discovery' in running_pods.stdout"
+        fail_msg: "{{ node_feature_discovery_pods_fail_msg }}"
+        success_msg: "{{ node_feature_discovery_pods_success_msg }}"
+      tags: TC_013, VERIFY_013
+
+    - name: Validating Nvidia device plugin pods
+      assert:
+        that:
+          - "'nvidia-device-plugin' in running_pods.stdout"
+        fail_msg: "{{ nvidia_device_plugin_pods_fail_msg }}"
+        success_msg: "{{ nvidia_device_plugin_pods_success_msg }}"
+      tags: TC_013, VERIFY_013

test/test_k8s_start_workers.yml

@@ -0,0 +1,50 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+# OMNIA_UKP_US_VFKP_TC_013, OMNIA_UKP_US_VFKP_TC_014
+# Execute startworkers role in compute nodes with os installed centos 7.9 and swap enabled
+- name: OMNIA_UKP_US_VFKP_TC_013, OMNIA_UKP_US_VFKP_TC_014
+  hosts: compute
+  vars_files:
+    - test_vars/test_k8s_start_workers_vars.yml
+  tasks:
+    - name: Enable Swap
+      command: /usr/sbin/swapon -a
+      changed_when: true
+      tags: TC_013, TC_014
+
+    - block:
+        - name: Call k8s_start_workers role
+          include_role:
+            name: ../roles/k8s_start_workers.yml
+      tags: TC_013, TC_014
+
+- name: OMNIA_UKP_US_VFKP_TC_013, OMNIA_UKP_US_VFKP_TC_014
+  hosts: manager
+  vars_files:
+    - test_vars/test_k8s_start_workers_vars.yml
+  tasks:
+    - name: Check worker nodes status
+      command: kubectl get node --selector='!node-role.kubernetes.io/master'
+      register: worker_nodes_status
+      tags: TC_013, TC_014, VERIFY_013
+
+    - name: Validating worker nodes status
+      assert:
+        that:
+          - "'Ready' in worker_nodes_status.stdout"
+        fail_msg: "{{ worker_nodes_status_fail_msg }}"
+        success_msg: "{{ worker_nodes_status_success_msg }}"
+      tags: TC_013, TC_014, VERIFY_013

test/test_kubeflow.yml

@@ -0,0 +1,123 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+# OMNIA_UKP_US_VFKP_TC_016
+# Execute kubeflow role in manager nodes with os installed centos 7.9
+- name: OMNIA_UKP_US_VFKP_TC_016
+  hosts: manager
+  gather_facts: false
+  vars_files:
+    - test_vars/test_kubeflow_vars.yml
+  tasks:
+    - block:
+        - name: Call kubeflow role
+          include_role:
+            name: ../platforms/roles/kubeflow
+      tags: TC_016
+
+    - name: Waiting for the pods deployment
+      pause:
+        minutes: 5
+      tags: TC_016
+
+    - name: Checking installed Kubeflow version
+      command: kfctl version
+      register: kfctl_version
+      changed_when: false
+      ignore_errors: True
+      tags: TC_016, VERIFY_016
+
+    - name: Checking pods under kubeflow namespace
+      command: kubectl get pods --namespace kubeflow
+      register: kubeflow_pods
+      changed_when: false
+      ignore_errors: True
+      tags: TC_016, VERIFY_016
+
+    - name: Checking pods under istio-system namespace
+      command: kubectl get pods --namespace istio-system
+      register: istio_system_pods
+      changed_when: false
+      ignore_errors: True
+      tags: TC_016, VERIFY_016
+
+    - name: Validating Kubeflow Installation
+      assert:
+        that:
+          - "'command not found' not in kfctl_version.stdout"
+        fail_msg: "{{ kubeflow_install_fail_msg }}"
+        success_msg: "{{ kubeflow_install_success_msg }}"
+      tags: TC_016, VERIFY_016
+
+    - name: Validating Kubeflow pods deployment
+      assert:
+        that:
+          - "'Running' in kubeflow_pods.stdout or 'ContainerCreating' in kubeflow_pods.stdout"
+          - "'Running' in istio_system_pods.stdout or 'ContainerCreating' in istio_system_pods.stdout"
+        fail_msg: "{{ kubeflow_pods_deployment_fail_msg }}"
+        success_msg: "{{ kubeflow_pods_deployment_success_msg }}"
+      tags: TC_016, VERIFY_016
+
+# OMNIA_UKP_US_VFKP_TC_017
+# Execute kubeflow role in manager nodes with kubeflow already deployed
+- name: OMNIA_UKP_US_VFKP_TC_017
+  hosts: manager
+  gather_facts: false
+  vars_files:
+    - test_vars/test_kubeflow_vars.yml
+  tasks:
+    - block:
+        - name: Call kubeflow role
+          include_role:
+            name: ../platforms/roles/kubeflow
+      tags: TC_017, VERIFY_017
+
+    - name: Checking installed Kubeflow version
+      command: kfctl version
+      register: kfctl_version
+      changed_when: false
+      ignore_errors: True
+      tags: TC_017, VERIFY_017
+
+    - name: Checking pods under kubeflow namespace
+      command: kubectl get pods --namespace kubeflow
+      register: kubeflow_pods
+      changed_when: false
+      ignore_errors: True
+      tags: TC_017, VERIFY_017
+
+    - name: Checking pods under istio-system namespace
+      command: kubectl get pods --namespace istio-system
+      register: istio_system_pods
+      changed_when: false
+      ignore_errors: True
+      tags: TC_017, VERIFY_017
+
+    - name: Validating Kubeflow Installation
+      assert:
+        that:
+          - "'command not found' not in kfctl_version.stdout"
+        fail_msg: "{{ kubeflow_install_fail_msg }}"
+        success_msg: "{{ kubeflow_install_success_msg }}"
+      tags: TC_017, VERIFY_017
+
+    - name: Validating Kubeflow pods deployment
+      assert:
+        that:
+          - "'Running' in kubeflow_pods.stdout or 'ContainerCreating' in kubeflow_pods.stdout"
+          - "'Running' in istio_system_pods.stdout or 'ContainerCreating' in istio_system_pods.stdout"
+        fail_msg: "{{ kubeflow_pods_deployment_fail_msg }}"
+        success_msg: "{{ kubeflow_pods_deployment_success_msg }}"
+      tags: TC_017, VERIFY_017

test/test_vars/test_jupyterhub_vars.yml

@@ -0,0 +1,22 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+jupyterhub_pods_fail_msg: "JupyterHub pods are not deployed"
+
+jupyterhub_pods_success_msg: "JupyterHub pods are deployed and running"
+
+jupyterhub_services_fail_msg: "JupyterHub services are not running"
+
+jupyterhub_services_success_msg: "JupyterHub services are running"

test/test_vars/test_k8s_common_vars.yml

@@ -0,0 +1,34 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+common_packages:
+  - docker
+  - kubelet 
+
+k8_packages:
+  - kubeadm
+  - kubectl
+
+packages_status_success_msg: "Common & K8s packages are installed"
+
+packages_status_fail_msg: "Common & K8s packages are not installed"
+
+docker_service_fail_msg: "Docker service is not running"
+
+docker_service_success_msg: "Docker service is running"
+
+kubelet_service_fail_msg: "K8s service is not running"
+
+kubelet_service_success_msg: "K8s service is running"

test/test_vars/test_k8s_firewalld_vars.yml

@@ -0,0 +1,38 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+manager_k8s_ports_status_fail_msg: "Kubernetes Ports are not opened in manager node"
+
+manager_k8s_ports_status_success_msg: "Kubernetes Ports are opened in manager node"
+
+compute_k8s_ports_status_fail_msg: "Kubernetes Ports are not opened in compute nodes"
+
+compute_k8s_ports_status_success_msg: "Kubernetes Ports are opened in compute nodes"
+
+calico_ports_manager_fail_msg: "Calico ports are not opened in manager nodes"
+
+calico_ports_manager_success_msg: "Calico ports are opened in manager nodes"
+
+calico_ports_compute_fail_msg: "Calico ports are not opened in compute nodes"
+
+calico_ports_compute_success_msg: "Calico ports are opened in compute nodes"
+
+flannel_ports_manager_fail_msg: "Flannel ports are not opened in manager nodes"
+
+flannel_ports_manager_success_msg: "Flannel ports are opened in manager nodes"
+
+flannel_ports_compute_fail_msg: "Flannel ports are not opened in compute nodes"
+
+flannel_ports_compute_success_msg: "Flannel ports are opened in compute nodes"

test/test_vars/test_k8s_manager_vars.yml

@@ -0,0 +1,17 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+helm_status_fail_msg: "Helm is not installed"
+
+helm_status_success_msg: "Helm is installed"

test/test_vars/test_k8s_start_manager_workers_vars.yml

@@ -0,0 +1,38 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+master_node_status_fail_msg: "Master Node is not configured"
+
+master_node_status_success_msg: "Master Node is configured and initialized successfully"
+
+controller_scheduler_status_fail_msg: "Static Pod manifests (controller-manager and scheduler) are not deployed"
+
+controller_scheduler_status_success_msg: "Static Pod manifests (controller-manager and scheduler) are deployed and running"
+
+coredns_status_fail_msg: "Core DNS pods are not deployed"
+
+coredns_status_success_msg: "Core DNS pods are deployed and running"
+
+calico_flannel_status_fail_msg: "Calico/Flannel SDN network is not deployed"
+
+calico_flannel_status_success_msg: "Calico/Flannel SDN network is deployed and running"
+
+k8s_service_account_status_fail_msg: "Kubernetes dashboard service account and token is not created"
+
+k8s_service_account_status_success_msg: "Kubernetes dashboard service account and token is created"
+
+worker_nodes_status_fail_msg: "Worker Nodes are not initialized"
+
+worker_nodes_status_success_msg: "Worker Nodes are initialized and joined to the cluster"

test/test_vars/test_k8s_start_services_vars.yml

@@ -0,0 +1,38 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+metallb_prometheus_mpi_pods_fail_msg: "Metallb/Prometheus/MPI pods are not deployed/running"
+
+metallb_prometheus_mpi_pods_success_msg: "Metallb, Prometheus and MPI pods are deployed and running"
+
+kubernetes_dashboard_fail_msg: "Kubernetes Dashboard is not deployed"
+
+kubernetes_dashboard_success_msg: "Kubernetes Dashboard is deployed"
+
+nfs_client_provisioner_pods_fail_msg: "NFS Client Provisioner pod is not deployed"
+
+nfs_client_provisioner_pods_success_msg: "NFS Client Provisioner pod is deployed and running"
+
+node_feature_discovery_pods_fail_msg: "Node Feature Discovery pods are not deployed"
+
+node_feature_discovery_pods_success_msg: "Node Feature Discovery pods are deployed and running"
+
+nvidia_device_plugin_pods_fail_msg: "Nvidia Device Plugin pod is not deployed/running"
+
+nvidia_device_plugin_pods_success_msg: "Nvidia Device Plugin pod is deployed and running"
+
+default_storage_class_fail_msg: "NFS Client Provisioner is not configured as default storage class"
+
+default_storage_class_success_msg: "NFS Client Provisioner is configured as default storage class"

test/test_vars/test_kubeflow_vars.yml

@@ -0,0 +1,22 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+kubeflow_install_fail_msg: "Kubeflow (kfctl) is not installed"
+
+kubeflow_install_success_msg: "Kubeflow (kfctl) is installed"
+
+kubeflow_pods_deployment_fail_msg: "Kubeflow pods are not deployed"
+
+kubeflow_pods_deployment_success_msg: "Kubeflow pods are deployed"