Issue #328: Porting management station OS to centOS 8.3

Signed-off-by: DeepikaKrishnaiah <deepika_k2@dell.com>

README.md

@@ -18,4 +18,4 @@ For Omnia documentation, including installation and contribution instructions, p
 * John Lockman (Dell Technologies)
 
 ## Omnia Community Members:
-<img src="docs/images/delltech.jpg" height="75px" alt="Dell Technologies"> <img src="docs/images/pisa.png" height="75px" alt="Universita di Pisa"> <img src="https://user-images.githubusercontent.com/83095575/117071024-64956c80-ace3-11eb-9d90-2dac7daef11c.png" height="75px">
+<img src="docs/images/delltech.jpg" height="75px" alt="Dell Technologies"> <img src="docs/images/pisa.png" height="80px" alt="Universita di Pisa"> <img src="https://user-images.githubusercontent.com/83095575/117071024-64956c80-ace3-11eb-9d90-2dac7daef11c.png" height="75px"> <img src="https://www.vizias.com/uploads/1/1/8/9/118906653/published/thick-blue-white-ring-letters-full.png" height="65px" alt="Vizias">

appliance/appliance_config.yml

@@ -56,3 +56,9 @@ dhcp_end_ip_range: ""
 # Default timezone will be set to "GMT"
 # Some of the other available timezone are EST,CET,MST,CST6CDT,PST8PDT
 timezone: "GMT"
+
+# Path to directory hosting ansible config file (ansible.cfg file)
+# Default value is "/etc/ansible"
+# This directory is on the host running ansible, if ansible is installed using dnf
+# If ansible is installed using pip, this path should be set
+ansible_config_file_path: /etc/ansible

appliance/roles/common/tasks/package_installation.yml

@@ -18,3 +18,8 @@
     name: "{{ common_packages }}"
     state: present
   tags: install
+
+- name: Install netaddr
+  command: pip3 install netaddr
+  tags: install
+  changed_when: false

appliance/roles/common/tasks/password_config.yml

@@ -44,7 +44,8 @@
       dhcp_gateway | length < 1 or
       dhcp_dns1 | length < 1 or
       dhcp_dns2 | length < 1 or
-      timezone | length < 1
+      timezone | length < 1 or
+      ansible_config_file_path | length < 1
 
 - name: Save input variables from file
   set_fact:
@@ -61,8 +62,31 @@
     mapping_file: false
     path_for_mapping_file: "{{ mapping_file_path }}"
     ks_timezone: "{{ timezone }}"
+    ansible_conf_file_path: "{{ ansible_config_file_path ​}}"
   no_log: true
 
+- name: Check whether ansible config file exists
+  stat:
+    path: "{{ ansible_conf_file_path }}/ansible.cfg"
+  register: ansible_conf_exists
+
+- name: Create the directory if it does not exist
+  file:
+    path: "{{ ansible_conf_file_path }}"
+    state: directory
+    mode: "{{ file_perm }}"
+  when: not ansible_conf_exists.stat.exists
+  changed_when: false
+
+- name: Create ansible config file if it does not exist
+  copy:
+    dest: '{{ ansible_conf_file_path }}/ansible.cfg'
+    mode: "{{ file_perm }}"
+    content: |
+      [defaults]
+      log_path = /var/log/omnia.log
+  when: not ansible_conf_exists.stat.exists
+
 - name: Get the system hpc ip
   shell:  "ifconfig {{ hpc_nic }} | grep 'inet' |cut -d: -f2 |  awk '{ print $2}'"
   register: ip
@@ -354,4 +378,4 @@
   command: >-
     ansible-vault encrypt {{ role_path }}/../../../{{ config_filename }}
     --vault-password-file {{ role_path }}/../../../{{ config_vaultname }}
-  changed_when: false
+  changed_when: false

appliance/roles/common/tasks/pre_requisite.yml

@@ -13,9 +13,20 @@
 #  limitations under the License.
 ---
 
+- name: Verify the ansible and python versions installed
+  fail:
+    msg: "{{ ansible_python_version_status }}"
+  when: ansible_python_version != python_version_support
+  tags: install
+
+- name: Verify whether ansible configuration file exists
+  stat:
+    path: "{{ default_ansible_config_file_path }}"
+  register: file_exists
+
 - name: Set omnia.log file
   replace:
-    path: /etc/ansible/ansible.cfg
+    path: "{{ default_ansible_config_file_path }}"
     regexp: '#log_path = /var/log/ansible.log'
     replace: 'log_path = /var/log/omnia.log'
   tags: install
@@ -27,15 +38,22 @@
   register: os_value
   tags: install
 
+- name: Fetch SElinux mode
+  command: sestatus
+  register: sestatus_current
+
 - name: Disable SElinux
-  selinux:
-    state: disabled
+  replace:
+    path: /etc/sysconfig/selinux
+    regexp: 'SELINUX=[a-z]+'
+    replace: 'SELINUX=disabled'
+  when: '"SELinux status:                 enabled" in sestatus_current.stdout_lines'
   tags: install
 
 - name: Status of SElinux
   fail:
     msg: "{{ selinux_status }}"
-  when: ansible_selinux.status != 'disabled'
+  when: '"SELinux status:                 enabled" in sestatus_current.stdout_lines'
   register: selinux_value
   tags: install
 
@@ -43,4 +61,4 @@
   service:
     name: firewalld
     state: started
-    enabled: yes
+    enabled: yes

appliance/roles/common/vars/main.yml

@@ -30,9 +30,8 @@ common_packages:
   - nano
   - lvm2
   - gettext
-  - python-docker
   - net-tools
-  - python-netaddr
+  - python3-netaddr
   - yum-plugin-versionlock
 
 # Usage: pre_requisite.yml
@@ -41,12 +40,15 @@ internet_timeout: 10
 hostname: github.com
 port_no: 22
 os_name: CentOS
-os_version: '7.9' 
+os_version: '8.3' 
 internet_status: "Failed. No Internet connection. Make sure network is up."
 os_status: "Unsupported OS or OS version. OS should be {{ os_name }} and Version should be {{ os_version }} or more"
 selinux_status: "SElinux is not disabled. Disable it in /etc/sysconfig/selinux and reboot the system"
 iso_name: CentOS-7-x86_64-Minimal-2009.iso
 iso_fail: "Iso file not found. Download and copy the iso file to omnia/appliance/roles/provision/files"
+ansible_python_version_status: "For CentOS 8.3, python bindings of firewalld, dnf, selinux are not available if python is installed from source and not from dnf. So please make sure python3.6 is installed using dnf. And ansible uses the python version 3.6 installed using dnf"
+python_version_support: '3.6.8'
+default_ansible_config_file_path: /etc/ansible/ansible.cfg
 
 # Usage: docker_installation.yml
 docker_repo_url: https://download.docker.com/linux/centos/docker-ce.repo
@@ -93,4 +95,5 @@ success_msg_mariadb_password: "mariadb_password validated"
 success_msg_k8s_cni: "Kubernetes CNI Validated"
 fail_msg_k8s_cni: "Failed. Kubernetes CNI is incorrect in omnia_config.yml"
 success_timezone: "timezone validated"
-fail_timezone: "Failed. Incorrect timezone provided. Please check the file timezone.txt in appliance/roles/common/files/ folder"
+fail_timezone: "Failed. Incorrect timezone provided. Please check the file timezone.txt in appliance/roles/common/files/ folder"
+file_perm: '0755'

omnia_config.yml

@@ -27,3 +27,9 @@ k8s_cni: "calico"
 # Default value is "10.244.0.0/16"
 # Make sure this value does not overlap with any of the host networks.
 k8s_pod_network_cidr: "10.244.0.0/16"
+
+# Path to directory hosting ansible config file (ansible.cfg file)
+# Default value is "/etc/ansible"
+# This directory is on the host running ansible, if ansible is installed using dnf
+# If ansible is installed using pip, this path should be set
+ansible_config_file_path: /etc/ansible

roles/cluster_validation/tasks/fetch_password.yml

@@ -55,7 +55,8 @@
   when:
     - mariadb_password | length < 1 or
       k8s_cni | length < 1 or
-      k8s_pod_network_cidr | length < 1
+      k8s_pod_network_cidr | length < 1 or
+      ansible_config_file_path | length < 1
 
 - name: Assert mariadb_password
   assert:
@@ -88,8 +89,37 @@
     db_password: "{{ mariadb_password }}"
     k8s_cni: "{{ k8s_cni }}"
     k8s_pod_network_cidr: "{{ k8s_pod_network_cidr }}"
+    ansible_conf_file_path: "{{ ansible_config_file_path }}"
   no_log: True
 
+- name: Check whether ansible config file exists
+  stat:
+    path: "{{ ansible_conf_file_path }}/ansible.cfg"
+  register: ansible_conf_exists
+
+- name: Create the directory if it does not exist
+  file:
+    path: "{{ ansible_conf_file_path }}"
+    state: directory
+    mode: "{{ file_perm }}"
+  when: ansible_conf_exists.stat.exists == false
+
+- name: Create ansible config file if it does not exist
+  copy:
+    dest: "{{ ansible_conf_file_path }}/ansible.cfg"
+    mode: "{{ file_perm }}"
+    content: |
+      [defaults]
+      log_path = /var/log/omnia.log
+  when: ansible_conf_exists.stat.exists == false
+
+- name: Set omnia.log file
+  replace:
+    path: "{{ ansible_conf_file_path }}/ansible.cfg"
+    regexp: '#log_path = /var/log/ansible.log'
+    replace: 'log_path = /var/log/omnia.log'
+  when: ansible_conf_exists.stat.exists == true
+
 - name: Encrypt input config file
   command: >-
     ansible-vault encrypt {{ role_path }}/../../{{ config_filename }}

roles/cluster_validation/vars/main.yml

@@ -23,6 +23,7 @@ success_msg_k8s_cni: "Kubernetes CNI Validated"
 fail_msg_k8s_cni: "Kubernetes CNI not correct."
 success_msg_k8s_pod_network_cidr: "Kubernetes pod network cidr validated"
 fail_msg_k8s_pod_network_cidr: "Kubernetes pod network cidr not given in correct format"
+file_perm: '0755'
 
 #Usage: validations.yml
 skip_tag_fail_msg: "Can't skip both slurm and kubernetes"