Merge pull request #786 from abhishek-sa1/release-1.1.2

Release 1.1.1 changes due to dellemc.openmanage version changes

control_plane/input_params/ib_vars_edr.yml

@@ -1,200 +1,200 @@
-# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
-#
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
-
-
-# Default configurations written for :
-  # ----Switch-IB(TM) 2 based EDR InfiniBand 1U Switch, 36 QSFP28 ports----
-# Change the configurations as per the switch model to avoid failures
-
-# Subnet Manager: centralized resource used by infiniband
-# to handle the management of the fabric.
-# Cache and Log directories of subnet manager
-# container are mounted to below mentioned path on host.
-
-# cache_directory: opensm stores certain data to the disk such that
-# subsequent runs are consistent. The default directory used is /var/cache/opensm.
-# The following files are included in it: guid2lid, guid2mkey, neighbors
-
-# log_directory: controls the directory in which the temporary files
-# generated by opensm are created. These files are: opensm-subnet.lst,
-# opensm.fdbs, and opensm.log. By default, this directory is /var/log.
-
-subnet_manager:
-  cache_directory: /var/cache/opensm
-  log_directory: /var/log
-
-# mellanox_switch_config: list of configuration lines to apply to the switch.
-  # Example:
-    # mellanox_switch_config:
-      # - Command 1
-      # - Command 2
-  # By default, the list is empty.
-mellanox_switch_config:
-
-# mellanox_switch_interface_config: contains interface configuration.
-  # It is a dict mapping switch interface names to configuration dicts.
-  # Each dict may contain the following items:
-    # description - a description to apply to the interface.
-    # config - a list of per-interface configuration.
-mellanox_switch_interface_config:
-  ib 1/1:
-    description: port 1
-    config:
-      - "no shutdown"
-  ib 1/2:
-    description: port 2
-    config:
-      - "no shutdown"
-  ib 1/3:
-    description: port 3
-    config:
-      - "no shutdown"
-  ib 1/4:
-    description: port 4
-    config:
-      - "no shutdown"
-  ib 1/5:
-    description: port 5
-    config:
-      - "no shutdown"
-  ib 1/6:
-    description: port 6
-    config:
-      - "no shutdown"
-  ib 1/7:
-    description: port 7
-    config:
-      - "no shutdown"
-  ib 1/8:
-    description: port 8
-    config:
-      - "no shutdown"
-  ib 1/9:
-    description: port 9
-    config:
-      - "no shutdown"
-  ib 1/10:
-    description: port 10
-    config:
-      - "no shutdown"
-  ib 1/11:
-    description: port 11
-    config:
-      - "no shutdown"
-  ib 1/12:
-    description: port 12
-    config:
-      - "no shutdown"
-  ib 1/13:
-    description: port 13
-    config:
-      - "no shutdown"
-  ib 1/14:
-    description: port 14
-    config:
-      - "no shutdown"
-  ib 1/15:
-    description: port 15
-    config:
-      - "no shutdown"
-  ib 1/16:
-    description: port 16
-    config:
-      - "no shutdown"
-  ib 1/17:
-    description: port 17
-    config:
-      - "no shutdown"
-  ib 1/18:
-    description: port 18
-    config:
-      - "no shutdown"
-  ib 1/19:
-    description: port 19
-    config:
-      - "no shutdown"
-  ib 1/20:
-    description: port 20
-    config:
-      - "no shutdown"
-  ib 1/21:
-    description: port 21
-    config:
-      - "no shutdown"
-  ib 1/22:
-    description: port 22
-    config:
-      - "no shutdown"
-  ib 1/23:
-    description: port 23
-    config:
-      - "no shutdown"
-  ib 1/24:
-    description: port 24
-    config:
-      - "no shutdown"
-  ib 1/25:
-    description: port 25
-    config:
-      - "no shutdown"
-  ib 1/26:
-    description: port 26
-    config:
-      - "no shutdown"
-  ib 1/27:
-    description: port 27
-    config:
-      - "no shutdown"
-  ib 1/28:
-    description: port 28
-    config:
-      - "no shutdown"
-  ib 1/29:
-    description: port 29
-    config:
-      - "no shutdown"
-  ib 1/30:
-    description: port 30
-    config:
-      - "no shutdown"
-  ib 1/31:
-    description: port 31
-    config:
-      - "no shutdown"
-  ib 1/32:
-    description: port 32
-    config:
-      - "no shutdown"
-  ib 1/33:
-    description: port 33
-    config:
-      - "no shutdown"
-  ib 1/34:
-    description: port 34
-    config:
-      - "no shutdown"
-  ib 1/35:
-    description: port 35
-    config:
-      - "no shutdown"
-  ib 1/36:
-    description: port 36
-    config:
-      - "no shutdown"
-
-# save_changes_to_startup: is a boolean flag. By default, this option is set to false.
-# When set to true, it will save the switch's running configuration to the startup configuration file
-# after the role applies its configuration. This will allow the configuration to persist after a
-# restart or power failure.
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+
+# Default configurations written for :
+  # ----Switch-IB(TM) 2 based EDR InfiniBand 1U Switch, 36 QSFP28 ports----
+# Change the configurations as per the switch model to avoid failures
+
+# Subnet Manager: centralized resource used by infiniband
+# to handle the management of the fabric.
+# Cache and Log directories of subnet manager
+# container are mounted to below mentioned path on host.
+
+# cache_directory: opensm stores certain data to the disk such that
+# subsequent runs are consistent. The default directory used is /var/cache/opensm.
+# The following files are included in it: guid2lid, guid2mkey, neighbors
+
+# log_directory: controls the directory in which the temporary files
+# generated by opensm are created. These files are: opensm-subnet.lst,
+# opensm.fdbs, and opensm.log. By default, this directory is /var/log.
+
+subnet_manager:
+  cache_directory: /var/cache/opensm
+  log_directory: /var/log
+
+# mellanox_switch_config: list of configuration lines to apply to the switch.
+  # Example:
+    # mellanox_switch_config:
+      # - Command 1
+      # - Command 2
+  # By default, the list is empty.
+mellanox_switch_config:
+
+# mellanox_switch_interface_config: contains interface configuration.
+  # It is a dict mapping switch interface names to configuration dicts.
+  # Each dict may contain the following items:
+    # description - a description to apply to the interface.
+    # config - a list of per-interface configuration.
+mellanox_switch_interface_config:
+  ib 1/1:
+    description: port 1
+    config:
+      - "no shutdown"
+  ib 1/2:
+    description: port 2
+    config:
+      - "no shutdown"
+  ib 1/3:
+    description: port 3
+    config:
+      - "no shutdown"
+  ib 1/4:
+    description: port 4
+    config:
+      - "no shutdown"
+  ib 1/5:
+    description: port 5
+    config:
+      - "no shutdown"
+  ib 1/6:
+    description: port 6
+    config:
+      - "no shutdown"
+  ib 1/7:
+    description: port 7
+    config:
+      - "no shutdown"
+  ib 1/8:
+    description: port 8
+    config:
+      - "no shutdown"
+  ib 1/9:
+    description: port 9
+    config:
+      - "no shutdown"
+  ib 1/10:
+    description: port 10
+    config:
+      - "no shutdown"
+  ib 1/11:
+    description: port 11
+    config:
+      - "no shutdown"
+  ib 1/12:
+    description: port 12
+    config:
+      - "no shutdown"
+  ib 1/13:
+    description: port 13
+    config:
+      - "no shutdown"
+  ib 1/14:
+    description: port 14
+    config:
+      - "no shutdown"
+  ib 1/15:
+    description: port 15
+    config:
+      - "no shutdown"
+  ib 1/16:
+    description: port 16
+    config:
+      - "no shutdown"
+  ib 1/17:
+    description: port 17
+    config:
+      - "no shutdown"
+  ib 1/18:
+    description: port 18
+    config:
+      - "no shutdown"
+  ib 1/19:
+    description: port 19
+    config:
+      - "no shutdown"
+  ib 1/20:
+    description: port 20
+    config:
+      - "no shutdown"
+  ib 1/21:
+    description: port 21
+    config:
+      - "no shutdown"
+  ib 1/22:
+    description: port 22
+    config:
+      - "no shutdown"
+  ib 1/23:
+    description: port 23
+    config:
+      - "no shutdown"
+  ib 1/24:
+    description: port 24
+    config:
+      - "no shutdown"
+  ib 1/25:
+    description: port 25
+    config:
+      - "no shutdown"
+  ib 1/26:
+    description: port 26
+    config:
+      - "no shutdown"
+  ib 1/27:
+    description: port 27
+    config:
+      - "no shutdown"
+  ib 1/28:
+    description: port 28
+    config:
+      - "no shutdown"
+  ib 1/29:
+    description: port 29
+    config:
+      - "no shutdown"
+  ib 1/30:
+    description: port 30
+    config:
+      - "no shutdown"
+  ib 1/31:
+    description: port 31
+    config:
+      - "no shutdown"
+  ib 1/32:
+    description: port 32
+    config:
+      - "no shutdown"
+  ib 1/33:
+    description: port 33
+    config:
+      - "no shutdown"
+  ib 1/34:
+    description: port 34
+    config:
+      - "no shutdown"
+  ib 1/35:
+    description: port 35
+    config:
+      - "no shutdown"
+  ib 1/36:
+    description: port 36
+    config:
+      - "no shutdown"
+
+# save_changes_to_startup: is a boolean flag. By default, this option is set to false.
+# When set to true, it will save the switch's running configuration to the startup configuration file
+# after the role applies its configuration. This will allow the configuration to persist after a
+# restart or power failure.
 save_changes_to_startup: false

control_plane/roles/control_plane_common/tasks/fetch_base_inputs.yml

@@ -174,6 +174,11 @@
     success_msg: "{{ success_awx_organization }}"
     fail_msg: "{{ fail_awx_organization }}"
 
+- name: Convert timezone.txt to linux format
+  command: dos2unix {{ role_path }}/files/timezone.txt
+  failed_when: false
+  changed_when: false
+
 - name: Check timezone file
   command: grep -Fx "{{ timezone }}" {{ role_path }}/files/timezone.txt
   failed_when: false

control_plane/roles/control_plane_customiso/tasks/check_prerequisites.yml

@@ -23,8 +23,8 @@
   command: ansible-galaxy collection install {{ item }}
   changed_when: true
   with_items:
-   - community.general
-   - dellemc.openmanage
+   - community.general:4.4.0
+   - dellemc.openmanage:4.4.0
 
 - name: Install omsdk using pip
   pip:
@@ -50,4 +50,4 @@
     path: "{{ role_path }}/../provision_idrac/files/{{ management_station_ip_file }}"
     line: "{{ mngmnt_network_ip }}"
     mode: "{{ file_permission }}"
-    create: yes
+    create: yes

control_plane/roles/control_plane_customiso/tasks/create_unattended_iso.yml

@@ -45,10 +45,16 @@
 
 - name: ISO creation - rocky
   block:
+
+    - name: Fetch rocky profile name
+      shell: set -o pipefail && grep 'Rocky-8' {{ tmp_iso_dir }}{{ grub_cfg_path }} | head -1
+      register: rocky_profile_name
+      changed_when: false
+
     - name: Create custom ISO
       command: >-
         mkisofs -o /tmp/{{ rocky_iso_filename }} -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4
-        -boot-info-table -eltorito-alt-boot -e images/efiboot.img -no-emul-boot -J -R -V "Rocky-8-4-x86_64-dvd"  {{ tmp_iso_dir }}
+        -boot-info-table -eltorito-alt-boot -e images/efiboot.img -no-emul-boot -J -R -V {{ rocky_profile_name.stdout.split(' ')[4] | replace("'","") }}  {{ tmp_iso_dir }}
       changed_when: true
       register: rocky_iso_status
       tags: install
@@ -77,4 +83,4 @@
   file:
     path: "{{ role_path }}/files/{{ idrac_kickstart_file }}"
     state: absent
-  tags: install
+  tags: install

control_plane/roles/control_plane_device/files/Dockerfile

@@ -1,6 +1,5 @@
 # Dockerfile for creating the management network container
-
-FROM centos:8
+FROM rockylinux/rockylinux:8.5
 
 # RPM REPOs
 RUN dnf install -y \
@@ -10,7 +9,6 @@ RUN dnf install -y \
 
 RUN dnf install -y dhcp-server
 RUN dnf install -y python3-netaddr
-
 RUN yum install -y \
   ansible \
   cronie \
@@ -32,4 +30,4 @@ COPY mngmnt_container_configure.yml /root/
 RUN systemctl enable tftp
 RUN systemctl enable dhcpd
 
-CMD ["sbin/init"]
+CMD ["sbin/init"]

control_plane/roles/control_plane_ib/files/Dockerfile

@@ -1,13 +1,11 @@
 # Dockerfile for creating the management network container
-
-FROM centos:8
+FROM rockylinux/rockylinux:8.5
 
 # RPM REPOs
 RUN dnf install -y \
     epel-release \
     && dnf clean all \
     && rm -rf /var/cache/dnf
-
 RUN dnf install dhcp-server -y
 RUN yum install -y \
   ansible \
@@ -23,4 +21,4 @@ COPY dhcpd.conf  /etc/dhcp/dhcpd.conf
 
 RUN systemctl enable dhcpd
 
-CMD ["sbin/init"]
+CMD ["sbin/init"]

control_plane/roles/control_plane_sm/files/Dockerfile

@@ -1,15 +1,11 @@
-FROM centos:8
+FROM rockylinux/rockylinux:8.5
 
 RUN dnf -y update && dnf clean all
-
 RUN dnf install -y epel-release
-
 RUN dnf groupinstall "Infiniband Support" -y
-
 RUN dnf install -y opensm
 
 COPY opensm.conf /etc/rdma/opensm.conf
-
 COPY start.sh /
 
 RUN chmod +x /start.sh

control_plane/roles/provision_cobbler/files/Dockerfile

@@ -1,21 +1,11 @@
-FROM centos:8.3.2011
+FROM rockylinux/rockylinux:8.5
 
-# RPM REPOs
 RUN dnf install -y \
     epel-release \
     && dnf clean all \
     && rm -rf /var/cache/dnf
 
-RUN dnf update -y \
-    && dnf clean all \
-    && rm -rf /var/cache/dnf
-
-RUN dnf install -y git
-RUN git clone -b v3.2.2 https://github.com/cobbler/cobbler.git
-RUN cd cobbler/
-
 RUN mkdir /root/omnia
-
 RUN dnf install -y mod_ssl \
         python3-librepo \
         python3-schema \
@@ -44,11 +34,14 @@ RUN dnf install -y mod_ssl \
         && dnf clean all \
         &&  rm -rf /var/cache/dnf
 
-RUN yum install -y  grub2-efi-x64 shim-x64 
+RUN yum install -y  grub2-efi-x64 shim-x64
 RUN yum install -y yum-utils
 RUN dnf config-manager --set-enabled powertools
 RUN dnf install -y python3-sphinx
 RUN pip3 install wheel
+RUN dnf module enable -y cobbler
+RUN dnf install -y cobbler
+RUN dnf install -y cobbler-web
 
 #Copy Configuration files
 COPY settings.yaml /etc/cobbler/settings.yaml

control_plane/roles/provision_cobbler/files/cobbler_configurations.yml

@@ -22,18 +22,6 @@
     debug:
       msg: "Hiii! I am cobbler"
 
-  - name: Make
-    command: make rpms
-    args:
-      chdir: /cobbler
-    changed_when: false
-
-  - name: Install cobbler and cobbler-web
-    command: dnf install -y cobbler-3.2.2-1.el8.noarch.rpm cobbler-web-3.2.2-1.el8.noarch.rpm
-    args:
-      chdir: /cobbler/rpm-build
-    changed_when: false
-  
   - name: Run script
     shell: sh ./mkgrub.sh
     args:
@@ -49,18 +37,6 @@
         LoadModule wsgi_module modules/mod_wsgi_python3.so
         LoadModule proxy_module modules/mod_proxy.so
 
-  - name: Cobbler web
-    blockinfile:
-      state: present
-      insertafter: '^<VirtualHost '
-      path: /etc/httpd/conf.d/cobbler_web.conf
-      block: |
-         ServerName localhost
-         SSLEngine on
-         SSLCipherSuite PROFILE=SYSTEM
-         SSLCertificateFile /etc/pki/tls/certs/localhost.crt
-         SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
-
   - name: Add settings to http
     shell: echo "LoadModule wsgi_module modules/mod_wsgi_python3.so" >/etc/httpd/conf.d/wsgi.conf
     changed_when: false
@@ -90,6 +66,7 @@
 
   - name: Adding curl
     shell: export PATH="/usr/bin/curl:$PATH"
+    changed_when: false
 
   - name: Run import command
     command: cobbler import --arch=x86_64 --path=/mnt --name="{{ name_iso }}"
@@ -134,7 +111,7 @@
 
   - name: Syncing of cobbler
     command: cobbler sync
-    changed_when: false 
+    changed_when: false
 
   - name: Restart cobblerd, http, xinetd and dhcpd
     service:

control_plane/roles/webui_awx/files/requirements.yml

@@ -1,5 +1,8 @@
 ---
 collections:
-  - community.general
-  - dellemc.openmanage
-  - dellemc.os10
+  - name: community.general
+    version: 4.4.0
+  - name: dellemc.openmanage
+    version: 4.4.0
+  - name: dellemc.os10
+    version: 1.1.1

control_plane/roles/webui_awx/vars/main.yml

@@ -71,7 +71,7 @@ credential_details:
   - { name: ethernet_credential, type: Machine, username: "{{ ethernet_switch_username }}", password: "{{ ethernet_switch_password }}", flag: "{{ ethernet_switch_support }}" }
   - { name: infiniband_credential, type: Network, username: "{{ ib_username }}", password: "{{ ib_password }}", flag: "{{ ib_switch_support }}" }
   - { name: powervault_me4_credential, type: Network, username: "{{ powervault_me4_username }}", password: "{{ powervault_me4_password }}", flag: "{{ powervault_support }}" }
-  - { name: node_credential, type: Machine, username: root, password: omnia@123, flag: true }
+  - { name: node_credential, type: Machine, username: root, password: "{{ provision_password }}", flag: true }
 job_template_details:
   - { name: idrac_template, inventory: idrac_inventory, playbook: control_plane/idrac.yml, credential: idrac_credential, flag: true }
   - { name: ethernet_template, inventory: ethernet_inventory, playbook: control_plane/ethernet.yml, credential: ethernet_credential, flag: "{{ ethernet_switch_support }}" }
@@ -83,4 +83,4 @@ omnia_job_template_details:
   - { name: deploy_omnia_template, inventory: node_inventory, playbook: omnia.yml, credential: node_credential }  
 scheduled_templates:
   - { name: NodeInventorySchedule, template: node_inventory_job, schedule_rule: "DTSTART:20210815T120000Z RRULE:FREQ=MINUTELY;INTERVAL=10" }
-  - { name: DeviceInventorySchedule, template: device_inventory_job, schedule_rule: "DTSTART:20210815T060000Z RRULE:FREQ=DAILY;INTERVAL=1"}
+  - { name: DeviceInventorySchedule, template: device_inventory_job, schedule_rule: "DTSTART:20210815T060000Z RRULE:FREQ=DAILY;INTERVAL=1"}

platforms/roles/kubeflow/tasks/deploy_kubeflow.yml

@@ -1,141 +1,141 @@
-#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
-#
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
----
-
-- name: Download kfctl release from the Kubeflow releases page
-  unarchive:
-    src: "{{ kfctl_download_url }}"
-    dest: "{{ kfctl_download_dest_path }}"
-    mode: "{{ kfctl_download_file_mode }}"
-    remote_src: yes
-
-- name: Delete omnia kubeflow directory if exists
-  file:
-    path: "{{ omnia_kubeflow_dir_path }}"
-    state: absent
-
-- name: Create omnia kubeflow directory
-  file:
-    path: "{{ omnia_kubeflow_dir_path }}"
-    state: directory
-    mode: "{{ omnia_kubeflow_dir_mode }}"
-    recurse: yes
-
-- name: Build kubeflow configuration
-  command:
-    cmd: /usr/bin/kfctl build -V -f "{{ kubeflow_config_yaml_url }}"
-    chdir: "{{ omnia_kubeflow_dir_path }}"
-  changed_when: true
-
-- name: Modify CPU limit for istio-ingressgateway-service-account
-  replace:
-    path: "{{ istio_noauth_yaml_file_path }}"
-    after: 'serviceAccountName: istio-ingressgateway-service-account'
-    before: '---'
-    regexp: 'cpu: 100m'
-    replace: 'cpu: 2'
-
-- name: Modify memory limit for istio-ingressgateway-service-account
-  replace:
-    path: "{{ istio_noauth_yaml_file_path }}"
-    after: 'serviceAccountName: istio-ingressgateway-service-account'
-    before: '---'
-    regexp: 'memory: 128Mi'
-    replace: 'memory: 512Mi'
-
-- name: Modify CPU request for istio-ingressgateway-service-account
-  replace:
-    path: "{{ istio_noauth_yaml_file_path }}"
-    after: 'serviceAccountName: istio-ingressgateway-service-account'
-    before: '---'
-    regexp: 'cpu: 10m'
-    replace: 'cpu: 1'
-
-- name: Modify memory request for istio-ingressgateway-service-account
-  replace:
-    path: "{{ istio_noauth_yaml_file_path }}"
-    after: 'serviceAccountName: istio-ingressgateway-service-account'
-    before: '---'
-    regexp: 'memory: 40Mi'
-    replace: 'memory: 256Mi'
-
-- name: Modify memory request for istio-engressgateway-service-account
-  replace:
-    path: "{{ istio_noauth_yaml_file_path }}"
-    after: 'serviceAccountName: istio-egressgateway-service-account'
-    before: '---'
-    regexp: 'memory: 128Mi'
-    replace: 'memory: 256Mi'
-
-- name: Modify memory request for istio-engressgateway-service-account
-  replace:
-    path: "{{ istio_noauth_yaml_file_path }}"
-    after: 'serviceAccountName: istio-egressgateway-service-account'
-    before: '---'
-    regexp: 'memory: 40Mi'
-    replace: 'memory: 128Mi'
-
-- name: Modify CPU limit for kfserving-gateway
-  replace:
-    path: "{{ kfserving_gateway_yaml_file_path }}"
-    after: 'serviceAccountName: istio-ingressgateway-service-account'
-    before: 'env:'
-    regexp: 'cpu: 100m'
-    replace: 'cpu: 2'
-
-- name: Modify memory limit for kfserving-gateway
-  replace:
-    path: "{{ kfserving_gateway_yaml_file_path }}"
-    after: 'serviceAccountName: istio-ingressgateway-service-account'
-    before: 'env:'
-    regexp: 'memory: 128Mi'
-    replace: 'memory: 512Mi'
-
-- name: Modify CPU request for kfserving-gateway
-  replace:
-    path: "{{ kfserving_gateway_yaml_file_path }}"
-    after: 'serviceAccountName: istio-ingressgateway-service-account'
-    before: 'env:'
-    regexp: 'cpu: 10m'
-    replace: 'cpu: 1'
-
-- name: Modify memory request for kfserving-gateway
-  replace:
-    path: "{{ kfserving_gateway_yaml_file_path }}"
-    after: 'serviceAccountName: istio-ingressgateway-service-account'
-    before: 'env:'
-    regexp: 'memory: 40Mi'
-    replace: 'memory: 256Mi'
-
-- name: Change argo base service from NodePort to LoadBalancer
-  replace:
-    path: "{{ argo_yaml_file_path }}"
-    regexp: 'NodePort'
-    replace: 'LoadBalancer'
-
-- name: Change istio-install base istio-noauth service from NodePort to LoadBalancer
-  replace:
-    path: "{{ istio_noauth_yaml_file_path }}"
-    regexp: 'NodePort'
-    replace: 'LoadBalancer'
-
-- name: Apply kubeflow configuration
-  command:
-    cmd: "/usr/bin/kfctl apply -V -f '{{ kubeflow_config_file }}'"
-    chdir: "{{ omnia_kubeflow_dir_path }}"
-  changed_when: true
-  register: apply_kubeflow_config
-  until: apply_kubeflow_config is not failed
-  retries: 20
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+- name: Download kfctl release from the Kubeflow releases page
+  unarchive:
+    src: "{{ kfctl_download_url }}"
+    dest: "{{ kfctl_download_dest_path }}"
+    mode: "{{ kfctl_download_file_mode }}"
+    remote_src: yes
+
+- name: Delete omnia kubeflow directory if exists
+  file:
+    path: "{{ omnia_kubeflow_dir_path }}"
+    state: absent
+
+- name: Create omnia kubeflow directory
+  file:
+    path: "{{ omnia_kubeflow_dir_path }}"
+    state: directory
+    mode: "{{ omnia_kubeflow_dir_mode }}"
+    recurse: yes
+
+- name: Build kubeflow configuration
+  command:
+    cmd: /usr/bin/kfctl build -V -f "{{ kubeflow_config_yaml_url }}"
+    chdir: "{{ omnia_kubeflow_dir_path }}"
+  changed_when: true
+
+- name: Modify CPU limit for istio-ingressgateway-service-account
+  replace:
+    path: "{{ istio_noauth_yaml_file_path }}"
+    after: 'serviceAccountName: istio-ingressgateway-service-account'
+    before: '---'
+    regexp: 'cpu: 100m'
+    replace: 'cpu: 2'
+
+- name: Modify memory limit for istio-ingressgateway-service-account
+  replace:
+    path: "{{ istio_noauth_yaml_file_path }}"
+    after: 'serviceAccountName: istio-ingressgateway-service-account'
+    before: '---'
+    regexp: 'memory: 128Mi'
+    replace: 'memory: 512Mi'
+
+- name: Modify CPU request for istio-ingressgateway-service-account
+  replace:
+    path: "{{ istio_noauth_yaml_file_path }}"
+    after: 'serviceAccountName: istio-ingressgateway-service-account'
+    before: '---'
+    regexp: 'cpu: 10m'
+    replace: 'cpu: 1'
+
+- name: Modify memory request for istio-ingressgateway-service-account
+  replace:
+    path: "{{ istio_noauth_yaml_file_path }}"
+    after: 'serviceAccountName: istio-ingressgateway-service-account'
+    before: '---'
+    regexp: 'memory: 40Mi'
+    replace: 'memory: 256Mi'
+
+- name: Modify memory request for istio-engressgateway-service-account
+  replace:
+    path: "{{ istio_noauth_yaml_file_path }}"
+    after: 'serviceAccountName: istio-egressgateway-service-account'
+    before: '---'
+    regexp: 'memory: 128Mi'
+    replace: 'memory: 256Mi'
+
+- name: Modify memory request for istio-engressgateway-service-account
+  replace:
+    path: "{{ istio_noauth_yaml_file_path }}"
+    after: 'serviceAccountName: istio-egressgateway-service-account'
+    before: '---'
+    regexp: 'memory: 40Mi'
+    replace: 'memory: 128Mi'
+
+- name: Modify CPU limit for kfserving-gateway
+  replace:
+    path: "{{ kfserving_gateway_yaml_file_path }}"
+    after: 'serviceAccountName: istio-ingressgateway-service-account'
+    before: 'env:'
+    regexp: 'cpu: 100m'
+    replace: 'cpu: 2'
+
+- name: Modify memory limit for kfserving-gateway
+  replace:
+    path: "{{ kfserving_gateway_yaml_file_path }}"
+    after: 'serviceAccountName: istio-ingressgateway-service-account'
+    before: 'env:'
+    regexp: 'memory: 128Mi'
+    replace: 'memory: 512Mi'
+
+- name: Modify CPU request for kfserving-gateway
+  replace:
+    path: "{{ kfserving_gateway_yaml_file_path }}"
+    after: 'serviceAccountName: istio-ingressgateway-service-account'
+    before: 'env:'
+    regexp: 'cpu: 10m'
+    replace: 'cpu: 1'
+
+- name: Modify memory request for kfserving-gateway
+  replace:
+    path: "{{ kfserving_gateway_yaml_file_path }}"
+    after: 'serviceAccountName: istio-ingressgateway-service-account'
+    before: 'env:'
+    regexp: 'memory: 40Mi'
+    replace: 'memory: 256Mi'
+
+- name: Change argo base service from NodePort to LoadBalancer
+  replace:
+    path: "{{ argo_yaml_file_path }}"
+    regexp: 'NodePort'
+    replace: 'LoadBalancer'
+
+- name: Change istio-install base istio-noauth service from NodePort to LoadBalancer
+  replace:
+    path: "{{ istio_noauth_yaml_file_path }}"
+    regexp: 'NodePort'
+    replace: 'LoadBalancer'
+
+- name: Apply kubeflow configuration
+  command:
+    cmd: "/usr/bin/kfctl apply -V -f '{{ kubeflow_config_file }}'"
+    chdir: "{{ omnia_kubeflow_dir_path }}"
+  changed_when: true
+  register: apply_kubeflow_config
+  until: apply_kubeflow_config is not failed
+  retries: 20
   delay: 10

platforms/roles/kubeflow/tasks/firewalld_config.yml

@@ -1,45 +1,45 @@
-#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
-#
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
----
-
-- name: Install firewalld
-  package:
-    name: firewalld
-    state: present
-  tags: firewalld
-
-- name: Start and enable firewalld
-  service:
-    name: firewalld
-    state: started
-    enabled: yes
-  tags: firewalld
-
-- name: Configure firewalld on master nodes
-  firewalld:
-    port: "{{ item }}/tcp"
-    permanent: yes
-    state: enabled
-  with_items: '{{ kubeflow_firewalld_ports }}'
-  tags: firewalld
-
-- name: Masquerade the firewall
-  command: firewall-cmd --add-masquerade --permanent
-  changed_when: true
-  tags: firewalld
-
-- name: Reload firewalld
-  command: firewall-cmd --reload
-  changed_when: true
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+- name: Install firewalld
+  package:
+    name: firewalld
+    state: present
+  tags: firewalld
+
+- name: Start and enable firewalld
+  service:
+    name: firewalld
+    state: started
+    enabled: yes
+  tags: firewalld
+
+- name: Configure firewalld on master nodes
+  firewalld:
+    port: "{{ item }}/tcp"
+    permanent: yes
+    state: enabled
+  with_items: '{{ kubeflow_firewalld_ports }}'
+  tags: firewalld
+
+- name: Masquerade the firewall
+  command: firewall-cmd --add-masquerade --permanent
+  changed_when: true
+  tags: firewalld
+
+- name: Reload firewalld
+  command: firewall-cmd --reload
+  changed_when: true
   tags: firewalld