Issue #463: Cobbler ghost window

Signed-off-by: shubhangi_srivastava <shubhangi_srivastava@dell.com>

.all-contributorsrc

@@ -204,7 +204,7 @@
       "name": "John Hearns",
       "avatar_url": "https://avatars.githubusercontent.com/u/19259589?v=4",
       "profile": "https://github.com/hearnsj",
-        "contributions": [
+      "contributions": [
         "bug"
       ]
     },
@@ -225,6 +225,24 @@
       "contributions": [
         "bug"
       ]
+    },
+    {
+      "login": "jiad-vmware",
+      "name": "jiad-vmware",
+      "avatar_url": "https://avatars.githubusercontent.com/u/68653329?v=4",
+      "profile": "https://github.com/jiad-vmware",
+      "contributions": [
+        "bug"
+      ]
+    },
+    {
+      "login": "jlec",
+      "name": "Justin Lecher",
+      "avatar_url": "https://avatars.githubusercontent.com/u/79732?v=4",
+      "profile": "https://jlec.de",
+      "contributions": [
+        "ideas"
+      ]
     }
   ],
   "contributorsPerLine": 7,

README.md

@@ -55,7 +55,11 @@ Thanks goes to everyone who makes Omnia possible ([emoji key](https://allcontrib
     <td align="center"><a href="https://github.com/bssitton-BU"><img src="https://avatars.githubusercontent.com/u/14130464?v=4?s=100" width="100px;" alt=""/><br /><sub><b>bssitton-BU</b></sub></a><br /><a href="https://github.com/dellhpc/omnia/issues?q=author%3Abssitton-BU" title="Bug reports">🐛</a></td>
     <td align="center"><a href="https://github.com/hearnsj"><img src="https://avatars.githubusercontent.com/u/19259589?v=4?s=100" width="100px;" alt=""/><br /><sub><b>John Hearns</b></sub></a><br /><a href="https://github.com/dellhpc/omnia/issues?q=author%3Ahearnsj" title="Bug reports">🐛</a></td>
     <td align="center"><a href="https://github.com/renzo-granados"><img src="https://avatars.githubusercontent.com/u/83035817?v=4?s=100" width="100px;" alt=""/><br /><sub><b>renzo-granados</b></sub></a><br /><a href="https://github.com/dellhpc/omnia/issues?q=author%3Arenzo-granados" title="Bug reports">🐛</a></td>
+  </tr>
+  <tr>
     <td align="center"><a href="https://github.com/kbuggenhout"><img src="https://avatars.githubusercontent.com/u/30471699?v=4?s=100" width="100px;" alt=""/><br /><sub><b>kris buggenhout</b></sub></a><br /><a href="https://github.com/dellhpc/omnia/issues?q=author%3Akbuggenhout" title="Bug reports">🐛</a></td>
+    <td align="center"><a href="https://github.com/jiad-vmware"><img src="https://avatars.githubusercontent.com/u/68653329?v=4?s=100" width="100px;" alt=""/><br /><sub><b>jiad-vmware</b></sub></a><br /><a href="https://github.com/dellhpc/omnia/issues?q=author%3Ajiad-vmware" title="Bug reports">🐛</a></td>
+    <td align="center"><a href="https://jlec.de"><img src="https://avatars.githubusercontent.com/u/79732?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Justin Lecher</b></sub></a><br /><a href="#ideas-jlec" title="Ideas, Planning, & Feedback">🤔</a></td>
   </tr>
 </table>
 

control_plane/roles/control_plane_device/files/Dockerfile

@@ -1,23 +1,21 @@
 # Dockerfile for creating the management network container
 
-FROM centos:7
+FROM centos:8
 
 # RPM REPOs
-RUN yum install -y \
+RUN dnf install -y \
     epel-release \
-    && yum clean all \
-    && rm -rf /var/cache/yum
+    && dnf clean all \
+    && rm -rf /var/cache/dnf
 
-RUN yum update -y \
-    && yum clean all \
-    && rm -rf /var/cache/yum
+RUN dnf install -y dhcp-server
+RUN dnf install -y python3-netaddr
 
 RUN yum install -y \
   ansible \
   cronie \
   tftp\
   tftp-server\
-  dhcp \
   xinetd \
   net-tools \
   && yum clean all \
@@ -28,10 +26,10 @@ RUN mkdir /root/omnia
 #Copy Configuration files
 COPY dhcpd.conf  /etc/dhcp/dhcpd.conf
 COPY tftp /etc/xinetd.d/tftp
+COPY inventory_creation.yml /root/
 COPY mngmnt_container_configure.yml /root/
 
 RUN systemctl enable tftp
 RUN systemctl enable dhcpd
 
-CMD ["sbin/init"]
-
+CMD ["sbin/init"]

control_plane/roles/control_plane_device/files/dhcpd.conf

@@ -1,48 +0,0 @@
-
-# ******************************************************************
-# Cobbler managed dhcpd.conf file
-#
-# generated from cobbler dhcp.conf template ($date)
-# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
-# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
-# overwritten.
-#
-# ******************************************************************
-
-ddns-update-style interim;
-
-allow booting;
-allow bootp;
-
-ignore client-updates;
-set vendorclass = option vendor-class-identifier;
-
-option pxe-system-type code 93 = unsigned integer 16;
-
-subnet 172.17.0.0 netmask 255.255.0.0 {
-option subnet-mask 255.255.0.0;
-range dynamic-bootp 172.17.0.10 172.17.0.100;
-default-lease-time  21600;
-max-lease-time  43200;
-next-server 172.17.0.1;
-#insert the static DHCP leases for configuration here
-
-
-     class "pxeclients" {
-          match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
-          if option pxe-system-type = 00:02 {
-                  filename "ia64/elilo.efi";
-          } else if option pxe-system-type = 00:06 {
-                  filename "grub/grub-x86.efi";
-          } else if option pxe-system-type = 00:07 {
-                  filename "grub/grub-x86_64.efi";
-          } else if option pxe-system-type = 00:09 {
-                  filename "grub/grub-x86_64.efi";
-          } else {
-                  filename "pxelinux.0";
-          }
-     }
-
-}
-
-#end for

control_plane/roles/control_plane_device/files/inventory_creation.yml

@@ -0,0 +1,53 @@
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+- hosts: localhost
+  connection: local
+  gather_facts: false
+  tasks:
+    - name: Read dhcp file
+      set_fact:
+        var: "{{ lookup('file', '/var/lib/dhcpd/dhcpd.leases').split()| unique | select| list }}"
+
+    - name: Filter the ip
+      set_fact:
+        vars_new: "{{ var| ipv4('address')| to_nice_yaml}}"
+
+    - name: Create the static ip
+      shell: awk -F',' 'NR >1{print $2}' /root/omnia/control_plane/roles/control_plane_device/files/new_mngmnt_mapping_file.csv > static_hosts.yml
+      changed_when: false
+      failed_when: false
+
+    - name: Create the dynamic inventory
+      shell: |
+        echo "{{ vars_new }}" > temp.txt
+        egrep -o '[1-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' temp.txt >>dynamic_hosts.yml
+      changed_when: false
+      failed_when: false
+
+    - name: Final inventory
+      shell: cat dynamic_hosts.yml static_hosts.yml| sort -ur  >> omnia/control_plane/roles/collect_device_info/files/mgmt_provisioned_hosts.yml
+      changed_when: false
+
+    - name: Temp result
+      shell: cat /root/omnia/control_plane/roles/collect_device_info/files/mgmt_provisioned_hosts.yml |sort|uniq
+      register: inventory
+
+    - name: Final Inventory
+      local_action: copy content="{{ inventory.stdout }}" dest=omnia/control_plane/roles/collect_device_info/files/mgmt_provisioned_hosts.yml
+
+    - name: New line at end of file
+      shell: echo "">> omnia/control_plane/roles/collect_device_info/files/mgmt_provisioned_hosts.yml
+      changed_when: false

control_plane/roles/control_plane_device/files/k8s_mngmnt_network.yml

@@ -33,4 +33,4 @@ spec:
             - name: omnia-storage
               mountPath: /root/omnia
           securityContext:
-            privileged: true
+            privileged: true

control_plane/roles/control_plane_device/files/mngmnt_container_configure.yml

@@ -67,4 +67,15 @@
   - name: Start dhcpd services
     service:
       name: dhcpd
-      state: started
+      state: started
+
+  - name: Fetch ansible-playbook location
+    command: whereis ansible-playbook
+    changed_when: false
+    register: ansible_playbook_location
+
+  - name: Add inventory cron job
+    cron:
+      name: Create inventory
+      minute: "*/5"
+      job: "{{ ansible_playbook_location.stdout.split(' ')[1] }} /root/inventory_creation.yml"

control_plane/roles/control_plane_device/files/start_mngmnt_container.yml

@@ -1,23 +0,0 @@
-#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
-#
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
----
-
-- name: Start mngmnt_network on reboot
-  hosts: localhost
-  connection: local
-  gather_facts: false
-  tasks:
-    - name: Wait for 2 minutes
-      pause:
-        minutes: 2

control_plane/roles/control_plane_device/files/temp_dhcp.template

@@ -1,4 +1,3 @@
-
 # ******************************************************************
 # Cobbler managed dhcpd.conf file
 #
@@ -45,4 +44,4 @@ next-server next_server;
 
 }
 
-#end for
+#end for

control_plane/roles/control_plane_device/tasks/check_prerequisites.yml

@@ -8,7 +8,7 @@
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIiND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ---
@@ -17,22 +17,21 @@
   set_fact:
     mngmnt_network_container_status: false
     mngmnt_network_container_image_status: false
-    mngmnt_network_container_config_status: false
-    backup_map_status: false
-    new_node_status: false
+    backup_mngmnt_map_status: false
+    new_mngmnt_node_status: false
   tags: install
 
 - name: Check if any backup file exists
   block:
   - name: Check status of backup file
     stat:
-      path: "{{ role_path }}/files/backup_mapping_file.csv"
-    register: backup_map
+      path: "{{ role_path }}/files/backup_mngmnt_mapping_file.csv"
+    register: backup_mngmnt_map
 
   - name: Set status for backup file
     set_fact:
-      backup_map_status: true
-    when: backup_map.stat.exists == true  
+      backup_mngmnt_map_status: true
+    when: backup_mngmnt_map.stat.exists
   rescue:
   - name: Message
     debug:
@@ -42,14 +41,14 @@
 - name: Inspect the mngmnt_network_container image
   command: "buildah images {{ mngmnt_network_image_name }}"
   register: mngmnt_network_container_image_result
-  ignore_errors: true
+  failed_when: false
   changed_when: false
   tags: install
 
 - name: Check mngmnt_network_container status on the machine
   command: kubectl get pods -n network-config
   register: mngmnt_network_container_result
-  ignore_errors: true
+  failed_when: false
   changed_when: false
   tags: install
 
@@ -64,9 +63,3 @@
     mngmnt_network_container_status: true
   when: "'mngmnt-network-container' in mngmnt_network_container_result.stdout"
   tags: install
-
-- name: Update mngmnt_network_container  status
-  set_fact:
-    mngmnt_network_container_config_status: true
-  when:
-    - mngmnt_network_container_status == true

control_plane/roles/control_plane_device/tasks/configure_mngmnt_network_container.yml

@@ -17,13 +17,7 @@
   command: kubectl get pods -n network-config
   changed_when: false
   register: mngmnt_network_pod_status
-  ignore_errors: true
-
-- name: Deploy mngmnt_network pod
-  command: "kubectl apply -f {{ role_path }}/files/k8s_mngmnt_network.yml"
-  changed_when: true
-  tags: install
-  when: mngmnt_network_container_status == true and  mngmnt_network_container_config_status == false
+  failed_when: false
 
 - name: Wait for mngmnt_network pod to come to ready state
   command: kubectl wait --for=condition=ready -n network-config pod -l app=mngmnt-network
@@ -38,15 +32,15 @@
 
 - name: Configuring mngmnt_network container
   command: 'kubectl exec --stdin --tty -n network-config {{ mngmnt_network_pod_name.stdout }} \
-    -- ansible-playbook /root/omnia/control_plane/roles/control_plane_device/files/mngmnt_container_configure.yml'
+    -- ansible-playbook /root/mngmnt_container_configure.yml'
   changed_when: false
   tags: install
-  when: mngmnt_network_container_config_status == false
+  when: not mngmnt_network_container_status
 
-- name: Schedule task
-  cron:
-    name: "start mngmnt_network_container on reboot"
-    special_time: reboot
-    job: "ansible-playbook {{ role_path }}/files/start_mngmnt_container.yml"
-  tags: install
-  #when: mngmnt_network_container_config_status == false
+- name: Remove the files
+  file:
+    path: "{{ item }}"
+    state: absent
+  with_items:
+    - "{{ role_path }}/files/dhcpd.conf"
+    - "{{ role_path }}/files/temp_mgmt_mapping_file.csv.bak"

control_plane/roles/control_plane_device/tasks/main.yml

@@ -31,19 +31,15 @@
   when: not mngmnt_network_container_status
 
 - name: Include variable file base_vars.yml
-  include_vars: "{{ mngmnt_base_file }}"
-
-#- name: Fetch base inputs
-#  include_tasks: ../../control_plane_common/tasks/fetch_base_inputs.yml
-#  when: not mngmnt_network_container_status
+  include_vars: "{{ base_mngmnt_file }}"
 
 - name: Dhcp Configuration
   import_tasks: dhcp_configure.yml
-  when: (not mngmnt_network_container_image_status) or ( backup_map_status == true)
+  when: (not mngmnt_network_container_image_status) or ( backup_mngmnt_map_status)
 
-#- name: Mapping file validation
-#  import_tasks: mapping_file.yml
-#  when: (not mngmnt_network_container_image_status) and (mapping_file == true) or ( backup_map_status == true)
+- name: Mapping file validation
+  import_tasks: mapping_file.yml
+  when: (not mngmnt_network_container_image_status) and (mngmnt_mapping_file_path) or ( backup_mngmnt_map_status)
 
 - name: mngmnt_network_container image creation
   import_tasks: mngmnt_network_container_image.yml
@@ -54,11 +50,13 @@
 
 - name: mngmnt_network_container container status message
   block:
-    - debug:
+    - name: management network container running
+      debug:
         msg: "{{ message_skipped }}"
         verbosity: 2
       when: mngmnt_network_container_status
-    - debug:
+    - name: management network container not running
+      debug:
         msg: "{{ message_installed }}"
         verbosity: 2
       when: not mngmnt_network_container_status

control_plane/roles/control_plane_device/tasks/mapping_file.yml

@@ -0,0 +1,85 @@
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# limitations under the License.
+---
+
+- name: Remove blank lines
+  shell:  set -o pipefail && awk -F, 'length>NF+1' {{ mngmnt_mapping_file_path }} > {{ temp_mgmt_mapping_file }}
+  changed_when: false
+  tags: install
+
+- name: Remove blank spaces
+  shell:  set -o pipefail && sed -i.bak -E 's/(^|,)[[:blank:]]+/\1/g; s/[[:blank:]]+(,|$)/\1/g'  {{ temp_mgmt_mapping_file }}
+  args:
+    warn: no
+  changed_when: false
+  tags: install
+
+- name: Compare the file for new nodes
+  block:
+    - name: Check difference
+      shell: set -o pipefail && diff {{ temp_mgmt_mapping_file }} {{ role_path }}/files/backup_mngmnt_mapping_file.csv| tr -d \>|tr -d \<| grep -E -- ', & :| '
+      register: diff_mngmnt_output
+      changed_when: false
+      failed_when: false
+
+    - name: Status of new nodes
+      set_fact:
+        new_mngmnt_node_status: true
+      when: diff_mngmnt_output.stdout
+  rescue:
+    - name: No new nodes
+      debug:
+        msg: "No new nodes to add"
+        verbosity: 2
+  when: backup_mngmnt_map_status
+
+- name: Fetch inputs from mapping file
+  command: awk 'NR > 1 { print }' {{ temp_mgmt_mapping_file }}
+  changed_when: false
+  register: fetch_mgmt_mapping_file
+
+- name: Fetch input
+  blockinfile:
+    path: "{{ role_path }}/files/dhcpd.conf"
+    insertafter: '^#insert the static DHCP leases for configuration here'
+    block: |
+      host {{ item.split(',')[1] }} {
+        hardware ethernet {{ item.split(',')[0] }};
+        fixed-address {{ item.split(',')[1] }};
+      }
+    marker: "# {mark} DHCP BLOCK OF {{ item.split(',')[0] }}"
+  when: (not mngmnt_network_container_image_status) or (new_mngmnt_node_status)
+  failed_when: false
+  with_items: "{{ fetch_mgmt_mapping_file.stdout_lines }}"
+  tags: install
+
+- name: Create a backup file
+  copy:
+    src: "{{ temp_mgmt_mapping_file }}"
+    dest: "{{ role_path }}/files/backup_mngmnt_mapping_file.csv"
+
+- name: Get mngmnt container pod name
+  command: 'kubectl get pod -n network-config -l app=mngmnt-network -o jsonpath="{.items[0].metadata.name}"'
+  changed_when: false
+  register: mngmnt_pod_name
+  when:  mngmnt_network_container_status
+  tags: install
+
+- name: Copy the dhcp.template inside container
+  command: 'kubectl exec --stdin --tty -n network-config {{ mngmnt_pod_name.stdout }} \
+    -- cp /root/omnia/control_plane/roles/control_plane_device/files/dhcp.template /etc/dhcpd/dhcpd.conf'
+  when:  (  mngmnt_network_container_status ) and ( new_mngmnt_node_status  )
+
+- name: Restart dhcpd
+  command: 'kubectl exec --stdin --tty -n network-config {{ mngmnt_pod_name.stdout }} -- systemctl restart dhcpd'
+  when:  (  mngmnt_network_container_status ) and ( new_mngmnt_node_status )

control_plane/roles/control_plane_device/tasks/mngmnt_network_container_image.yml

@@ -16,6 +16,7 @@
 - name: Image creation (It may take 5-10 mins)
   command: "buildah bud -t {{ mngmnt_network_image_name }}:{{ mngmnt_network_image_tag }} --network host ."
   changed_when: true
+  when: not mngmnt_network_container_image_status
   args:
     chdir: "{{ role_path }}/files/"
   tags: install

control_plane/roles/control_plane_device/vars/main.yml

@@ -15,10 +15,15 @@
 
 # vars file for mngmnt_network
 
+# Usage: main.yml
+base_mngmnt_file: "{{ role_path }}/../../input_params/base_vars.yml"
+
 # Usage: check_prerequisites.yml, mngmnt_network_container_image.yml
 mngmnt_network_image_name: mngmnt_network_container
 mngmnt_network_image_tag: latest
 mount_path: /root/omnia
 message_skipped: "The container is already present"
 message_installed: "The container is installed"
-mngmnt_base_file: "{{ role_path }}/../../input_params/base_vars.yml"
+
+# Usage: mapping_file.yml
+temp_mgmt_mapping_file: "{{ role_path }}/files/new_mngmnt_mapping_file.csv"

control_plane/roles/provision_cobbler/files/Dockerfile

@@ -1,51 +1,71 @@
-FROM centos:7
+FROM centos:8.3.2011
 
 # RPM REPOs
-RUN yum install -y \
+RUN dnf install -y \
     epel-release \
-    && yum clean all \
-    && rm -rf /var/cache/yum
-
-RUN yum update -y \
-    && yum clean all \
-    && rm -rf /var/cache/yum
-
-RUN yum install -y \
-  cobbler \
-  cobbler-web \
-  ansible \
-  pykickstart \
-  cronie \
-  debmirror \
-  curl \
-  rsync \
-  httpd\
-  dhcp \
-  xinetd \
-  net-tools \
-  memtest86+ \
-  && yum clean all \
-  &&  rm -rf /var/cache/yum
+    && dnf clean all \
+    && rm -rf /var/cache/dnf
+
+RUN dnf update -y \
+    && dnf clean all \
+    && rm -rf /var/cache/dnf
+
+RUN dnf install -y git
+RUN git clone -b release32  https://github.com/cobbler/cobbler.git
+RUN cd cobbler/
 
 RUN mkdir /root/omnia
 
+RUN dnf install -y mod_ssl \
+        python3-librepo \
+        python3-schema \
+        syslinux \
+        wget \
+        dhcp-server \
+        pykickstart \
+        dnf-plugins-core \
+        cronie \
+        xinetd \
+        python3-coverage \
+        python3-cheetah \
+        python3-netaddr \
+        python3-distro \
+        python3-devel \
+        python3-future \
+        python3-mod_wsgi \
+        gcc \
+        xinetd \
+        epel-rpm-macros \
+        rpm-build \
+        ansible \
+        make \
+        grub2-efi-x64-modules \
+        efibootmgr \
+        && dnf clean all \
+        &&  rm -rf /var/cache/dnf
+
+RUN yum install -y  grub2-efi-x64 shim-x64 
+RUN yum install -y yum-utils
+RUN dnf config-manager --set-enabled powertools
+RUN dnf install -y python3-sphinx
+RUN pip3 install wheel
+
 #Copy Configuration files
-COPY settings /etc/cobbler/settings
+COPY settings.yaml /etc/cobbler/settings.yaml
 COPY dhcp.template  /etc/cobbler/dhcp.template
 COPY modules.conf  /etc/cobbler/modules.conf
 COPY tftp /etc/xinetd.d/tftp
 COPY .users.digest /etc/cobbler/users.digest
-COPY kickstart.yml /root
+COPY cobbler_configurations.yml /root
 COPY tftp.yml /root
 COPY inventory_creation.yml /root
-COPY centos7.ks /var/lib/cobbler/kickstarts
+COPY centos7.ks /var/lib/cobbler/templates/
 
 EXPOSE 69 80 443 25151
 
 VOLUME [ "/var/www/cobbler", "/var/lib/cobbler/backup", "/mnt" ]
 
-RUN systemctl enable cobblerd
 RUN systemctl enable httpd
-RUN systemctl enable rsyncd
+RUN systemctl enable dhcpd
 
-CMD ["sbin/init"]
+CMD ["sbin/init"]

control_plane/roles/provision_cobbler/files/kickstart.yml

@@ -25,36 +25,71 @@
     debug:
       msg: "Hiii! I am cobbler"
 
-  - name: Start xinetd
-    service:
-      name: "{{ item }}"
-      state: started
-    loop:
-      - cobblerd
-      - xinetd
-      - rsyncd
-      - tftp
-      - httpd
+  - name: Make
+    command: make rpms
+    args:
+      chdir: /cobbler
+    changed_when: false
 
-  - name: Remove loaders if it exists
-    command: rm -rfd /var/lib/cobbler/loaders
+  - name: Install cobbler and cobbler-web
+    command: dnf install -y cobbler-3.2.1-1.el8.noarch.rpm cobbler-web-3.2.1-1.el8.noarch.rpm
+    args:
+      chdir: /cobbler/rpm-build
+    changed_when: false
+  
+  - name: Run script
+    shell: sh ./mkgrub.sh
+    args:
+      chdir: /usr/share/cobbler/bin
     changed_when: false
 
-  - name: Untar loaders
-    command: tar -xf /root/omnia/control_plane/roles/provision_cobbler/files/loaders.tar -C /var/lib/cobbler
+  - name: Add load_wsgi
+    blockinfile:
+      state: present
+      insertbefore: '# LoadModule foo_module modules/mod_foo.so'
+      dest: /etc/httpd/conf/httpd.conf
+      block: |
+        LoadModule wsgi_module modules/mod_wsgi_python3.so
+        LoadModule proxy_module modules/mod_proxy.so
+
+  - name: Cobbler web
+    blockinfile:
+      state: present
+      insertafter: '^<VirtualHost '
+      path: /etc/httpd/conf.d/cobbler_web.conf
+      block: |
+         ServerName localhost
+         SSLEngine on
+         SSLCipherSuite PROFILE=SYSTEM
+         SSLCertificateFile /etc/pki/tls/certs/localhost.crt
+         SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
+
+  - name: Add settings to http
+    shell: echo "LoadModule wsgi_module modules/mod_wsgi_python3.so" >/etc/httpd/conf.d/wsgi.conf
     changed_when: false
 
-  - name: Replace in /etc/debian
-    replace:
-      path: "/etc/debmirror.conf"
-      regexp: "^@dists=\"sid\";"
-      replace: "#@dists=\"sid\";"
+  - name: Enable cobbler
+    command: systemctl enable {{ item }}
+    with_items:
+      - cobblerd
+      - tftp
+    changed_when: false
+
+  - name: Restart httpd
+    service:
+      name: "{{ item }}"
+      state: restarted
+    loop:
+      - httpd
+      - cobblerd
 
-  - name: Replace in /etc/debian
-    replace:
-      path: "/etc/debmirror.conf"
-      regexp: "^@arches=\"i386\";"
-      replace: "#@arches=\"i386\";"
+  - name: Start services
+    service:
+      name: "{{ item }}"
+      state: started
+    loop:
+      - cobblerd
+      - tftp
 
   - name: Adding curl
     shell: export PATH="/usr/bin/curl:$PATH"
@@ -63,36 +98,22 @@
     command: cobbler import --arch=x86_64 --path=/mnt --name="{{ name_iso }}"
     changed_when: false
 
-  - name: Distro list
-    command: cobbler distro edit --name="{{ distro_name }}" --kernel=/var/www/cobbler/ks_mirror/CentOS7-x86_64/isolinux/vmlinuz --initrd=/var/www/cobbler/ks_mirror/CentOS7-x86_64/isolinux/initrd.img
-    changed_when: false
-
   - name: Kickstart profile
-    command: cobbler profile edit --name="{{ distro_name }}" --kickstart=/var/lib/cobbler/kickstarts/centos7.ks
-    changed_when: false
+    copy:
+      src: "/var/lib/cobbler/templates/centos7.ks"
+      dest: "/var/lib/cobbler/templates/sample.ks"
+      mode: 0775
+    tags: install
 
   - name: Syncing of cobbler
     command: cobbler sync
-    changed_when: false
-  
-  - name: Disable default apache webpage
-    blockinfile:
-      state: present
-      insertafter: '^#insert the content here for disabling the default apache webpage'
-      dest: /etc/httpd/conf/httpd.conf
-      block: |
-        <Directory />
-           Order Deny,Allow
-           Deny from all
-           Options None
-           AllowOverride None
-         </Directory>
+    changed_when: false 
 
   - name: Restart cobbler
     service:
       name: cobblerd
       state: restarted
- 
+
   - name: Restart httpdd
     service:
       name: httpd
@@ -108,14 +129,19 @@
       name: dhcpd
       state: restarted
 
+  - name: Fetch ansible-playbook path
+    command: whereis ansible-playbook
+    changed_when: false
+    register: ansible_playbook_path
+
   - name: Add tftp cron job
     cron:
       name: Start tftp service
       minute: "*"
-      job: "ansible-playbook /root/tftp.yml"
+      job: "{{ ansible_playbook_path.stdout.split(' ')[1] }} /root/tftp.yml"
 
   - name: Add inventory cron job
     cron:
       name: Create inventory
       minute: "*/5"
-      job: "ansible-playbook /root/inventory_creation.yml"
+      job: "{{ ansible_playbook_path.stdout.split(' ')[1] }} /root/inventory_creation.yml"

control_plane/roles/provision_cobbler/files/cobbler_settings

@@ -1,87 +1,89 @@
----
-# cobbler settings file
-# restart cobblerd and run "cobbler sync" after making changes
-# This config file is in YAML 1.0 format
-# see http://yaml.org
-# ==========================================================
-# if 1, cobbler will allow insertions of system records that duplicate
-# the --dns-name information of other system records.  In general,
-# this is undesirable and should be left 0.
-allow_duplicate_hostnames: 0
-
-# if 1, cobbler will allow insertions of system records that duplicate
-# the ip address information of other system records.  In general,
-# this is undesirable and should be left 0.
-allow_duplicate_ips: 0
-
-# if 1, cobbler will allow insertions of system records that duplicate
-# the mac address information of other system records.  In general,
-# this is undesirable.
-allow_duplicate_macs: 0
-
-# if 1, cobbler will allow settings to be changed dynamically without
-# a restart of the cobblerd daemon. You can only change this variable
-# by manually editing the settings file, and you MUST restart cobblerd
-# after changing it.
-allow_dynamic_settings: 0
-
-# by default, installs are *not* set to send installation logs to the cobbler
-# # # server.  With 'anamon_enabled', kickstart templates may use the pre_anamon
-# # # snippet to allow remote live monitoring of their installations from the
-# # # cobbler server.  Installation logs will be stored under
-# # # /var/log/cobbler/anamon/.  NOTE: This does allow an xmlrpc call to send logs
-# # # to this directory, without authentication, so enable only if you are
-# # # ok with this limitation.
-anamon_enabled: 0
-
-# If using authn_pam in the modules.conf, this can be configured
-# to change the PAM service authentication will be tested against.
+# Cobbler settings file
+
+# Restart cobblerd and run "cobbler sync" after making changes.
+# This config file is in YAML 1.2 format; see "http://yaml.org".
+
+# If "true", Cobbler will allow insertions of system records that duplicate the "--dns-name" information of other system
+# records. In general, this is undesirable and should be left "false".
+allow_duplicate_hostnames: false
+
+# If "true", Cobbler will allow insertions of system records that duplicate the ip address information of other system
+# records. In general, this is undesirable and should be left "false".
+allow_duplicate_ips: false
+
+# If "true", Cobbler will allow insertions of system records that duplicate the MAC address information of other system
+# records. In general, this is undesirable.
+allow_duplicate_macs: false
+
+# If "true", Cobbler will allow settings to be changed dynamically without a restart of the cobblerd daemon. You can
+# only change this variable by manually editing the settings file, and you MUST restart cobblerd after changing it.
+allow_dynamic_settings: false
+
+# By default, installs are *not* set to send installation logs to the Cobbler server. With "anamon_enabled", automatic
+# installation templates may use the "pre_anamon" snippet to allow remote live monitoring of their installations from
+# the Cobbler server. Installation logs will be stored under "/var/log/cobbler/anamon/".
+# NOTE: This does allow an xmlrpc call to send logs to this directory, without authentication, so enable only if you are
+# ok with this limitation.
+anamon_enabled: false
+
+# If using "authn_pam" in the "modules.conf", this can be configured to change the PAM service authentication will be
+# tested against.
 # The default value is "login".
 authn_pam_service: "login"
 
-# How long the authentication token is valid for, in seconds
+# How long the authentication token is valid for, in seconds.
 auth_token_expiration: 3600
 
-# Email out a report when cobbler finishes installing a system.
-# enabled: set to 1 to turn this feature on
+# This is a directory of files that Cobbler uses to make templating easier. See the Wiki for more information.  Changing
+# this directory should not be required.
+autoinstall_snippets_dir: /var/lib/cobbler/snippets
+autoinstall_templates_dir: /var/lib/cobbler/templates
+
+# location of templates used for boot loader config generation
+boot_loader_conf_template_dir: "/etc/cobbler/boot_loader_conf"
+
+# Email out a report when Cobbler finishes installing a system.
+# enabled: set to true to turn this feature on
 # sender: optional
 # email: which addresses to email
 # smtp_server: used to specify another server for an MTA
 # subject: use the default subject unless overridden
-build_reporting_enabled: 0
+build_reporting_enabled: false
 build_reporting_sender: ""
 build_reporting_email: [ 'root@localhost' ]
 build_reporting_smtp_server: "localhost"
 build_reporting_subject: ""
-build_reporting_ignorelist: [ "" ]
-
-# Cheetah-language kickstart templates can import Python modules.
-# while this is a useful feature, it is not safe to allow them to
-# import anything they want. This whitelists which modules can be
-# imported through Cheetah.  Users can expand this as needed but
-# should never allow modules such as subprocess or those that
-# allow access to the filesystem as Cheetah templates are evaluated
-# by cobblerd as code.
+build_reporting_ignorelist: []
+
+# If cache_enabled is true, a cache will keep converted records in memory to make checking them faster. This helps with
+# use cases like writing out large numbers of records. There is a known issue with cache and remote XMLRPC API calls.
+# If you will use Cobbler with config management or infrastructure-as-code tools such as Terraform, it is recommended
+# to disable by setting to false.
+cache_enabled: true
+
+# Cheetah-language autoinstall templates can import Python modules. While this is a useful feature, it is not safe to
+# allow them to import anything they want. This whitelists which modules can be imported through Cheetah. Users can
+# expand this as needed but should never allow modules such as subprocess or those that allow access to the filesystem
+# as Cheetah templates are evaluated by cobblerd as code.
 cheetah_import_whitelist:
  - "random"
  - "re"
  - "time"
+ - "netaddr"
 
-# Default createrepo_flags to use for new repositories. If you have
-# createrepo >= 0.4.10, consider "-c cache --update -C", which can
-# dramatically improve your "cobbler reposync" time.  "-s sha"
-# enables working with Fedora repos from F11/F12 from EL-4 or
-# EL-5 without python-hashlib installed (which is not available
-# on EL-4)
+# Default "createrepo_flags" to use for new repositories. If you have createrepo >= 0.4.10, consider
+# "-c cache --update -C", which can dramatically improve your "cobbler reposync" time. "-s sha" enables working with
+# Fedora repos from F11/F12 from EL-4 or EL-5 without python-hashlib installed (which is not available on EL-4)
 createrepo_flags: "-c cache -s sha"
 
-# if no kickstart is specified to profile add, use this template
-default_kickstart: /var/lib/cobbler/kickstarts/default.ks
+# if no autoinstall template is specified to profile add, use this template
+default_autoinstall: /var/lib/cobbler/autoinstall_templates/default.ks
 
 # configure all installed systems to use these nameservers by default
 # unless defined differently in the profile.  For DHCP configurations
 # you probably do /not/ want to supply this.
 default_name_servers: []
+default_name_servers_search: []
 
 # if using the authz_ownership module (see the Wiki), objects
 # created without specifying an owner are assigned to this
@@ -89,21 +91,21 @@ default_name_servers: []
 default_ownership:
  - "admin"
 
-# cobbler has various sample kickstart templates stored
-# in /var/lib/cobbler/kickstarts/.  This controls
+# Cobbler has various sample automatic installation templates stored
+# in /var/lib/cobbler/autoinstall_templates/.  This controls
 # what install (root) password is set up for those
 # systems that reference this variable.  The factory
-# default is "cobbler" and cobbler check will warn if
+# default is "cobbler" and Cobbler check will warn if
 # this is not changed.
 # The simplest way to change the password is to run
 # openssl passwd -1
 # and put the output between the "" below.
-default_password_crypted: "password"
+default_password_crypted: password
 
 # the default template type to use in the absence of any
 # other detected template. If you do not specify the template
 # with '#template=<template_type>' on the first line of your
-# templates/snippets, cobbler will assume try to use the
+# templates/snippets, Cobbler will assume try to use the
 # following template engine to parse the templates.
 #
 # Current valid values are: cheetah, jinja2
@@ -129,54 +131,30 @@ default_virt_ram: 512
 # (NOTE: this does not change what virt_type is chosen by import)
 default_virt_type: xenpv
 
-# enable gPXE booting? Enabling this option will cause cobbler
+# enable gPXE booting? Enabling this option will cause Cobbler
 # to copy the undionly.kpxe file to the tftp root directory,
 # and if a profile/system is configured to boot via gpxe it will
 # chain load off pxelinux.0.
-# Default: 0
-enable_gpxe: 0
+# Default: false
+enable_gpxe: false
 
-# controls whether cobbler will add each new profile entry to the default
+# controls whether Cobbler will add each new profile entry to the default
 # PXE boot menu.  This can be over-ridden on a per-profile
-# basis when adding/editing profiles with --enable-menu=0/1.  Users
+# basis when adding/editing profiles with --enable-menu=false/true.  Users
 # should ordinarily leave this setting enabled unless they are concerned
 # with accidental reinstalls from users who select an entry at the PXE
 # boot menu.  Adding a password to the boot menus templates
 # may also be a good solution to prevent unwanted reinstallations
-enable_menu: 1
-
-# enable Func-integration?  This makes sure each installed machine is set up
-# to use func out of the box, which is a powerful way to script and control
-# remote machines.
-# Func lives at http://fedorahosted.org/func
-# read more at https://github.com/cobbler/cobbler/wiki/Func-integration
-# you will need to mirror Fedora/EPEL packages for this feature, so see
-# https://github.com/cobbler/cobbler/wiki/Manage-yum-repos if you want cobbler
-# to help you with this
-func_auto_setup: 0
-func_master: overlord.example.org
+enable_menu: true
 
 # change this port if Apache is not running plaintext on port
 # 80.  Most people can leave this alone.
 http_port: 80
 
-# kernel options that should be present in every cobbler installation.
+# kernel options that should be present in every Cobbler installation.
 # kernel options can also be applied at the distro/profile/system
 # level.
-kernel_options:
- ksdevice: link
- lang: 'en_US '
- text: ~
-
-# s390 systems require additional kernel options in addition to the
-# above defaults
-kernel_options_s390x:
- RUNKS: 1
- ramdisk_size: 40000
- root: /dev/ram0
- ro: ~
- ip: off
- vnc: ~
+kernel_options: {}
 
 # configuration options if using the authn_ldap module. See the
 # the Wiki for details.  This can be ignored if you are not using
@@ -184,8 +162,8 @@ kernel_options_s390x:
 ldap_server: "ldap.example.com"
 ldap_base_dn: "DC=example,DC=com"
 ldap_port: 389
-ldap_tls: 1
-ldap_anonymous_bind: 1
+ldap_tls: true
+ldap_anonymous_bind: true
 ldap_search_bind_dn: ''
 ldap_search_passwd: ''
 ldap_search_prefix: 'uid='
@@ -193,26 +171,26 @@ ldap_tls_cacertfile: ''
 ldap_tls_keyfile: ''
 ldap_tls_certfile: ''
 
-# cobbler has a feature that allows for integration with config management
+# Cobbler has a feature that allows for integration with config management
 # systems such as Puppet.  The following parameters work in conjunction with
-# --mgmt-classes  and are described in furhter detail at:
+# --mgmt-classes  and are described in further detail at:
 # https://github.com/cobbler/cobbler/wiki/Using-cobbler-with-a-configuration-management-system
 mgmt_classes: []
 mgmt_parameters:
- from_cobbler: 1
+ from_cobbler: true
 
 # if enabled, this setting ensures that puppet is installed during
 # machine provision, a client certificate is generated and a
 # certificate signing request is made with the puppet master server
-puppet_auto_setup: 0
+puppet_auto_setup: false
 
 # when puppet starts on a system after installation it needs to have
 # its certificate signed by the puppet master server. Enabling the
 # following feature will ensure that the puppet server signs the
 # certificate after installation if the puppet master server is
-# running on the same machine as cobbler. This requires
+# running on the same machine as Cobbler. This requires
 # puppet_auto_setup above to be enabled
-sign_puppet_certs_automatically: 0
+sign_puppet_certs_automatically: false
 
 # location of the puppet executable, used for revoking certificates
 puppetca_path: "/usr/bin/puppet"
@@ -222,28 +200,28 @@ puppetca_path: "/usr/bin/puppet"
 # new certificate is signed (see above). Enabling the following
 # feature will ensure that the certificate for the machine to be
 # installed is removed from the puppet master server if the puppet
-# master server is running on the same machine as cobbler. This
+# master server is running on the same machine as Cobbler. This
 # requires puppet_auto_setup above to be enabled
-remove_old_puppet_certs_automatically: 0
+remove_old_puppet_certs_automatically: false
 
-# choose a --server argument when running puppetd/puppet agent during kickstart
+# choose a --server argument when running puppetd/puppet agent during autoinstall
 #puppet_server: 'puppet'
 
-# let cobbler know that you're using a newer version of puppet
+# let Cobbler know that you're using a newer version of puppet
 # choose version 3 to use: 'puppet agent'; version 2 uses status quo: 'puppetd'
 #puppet_version: 2
 
 # choose whether to enable puppet parameterized classes or not.
 # puppet versions prior to 2.6.5 do not support parameters
-#puppet_parameterized_classes: 1
+puppet_parameterized_classes: true
 
-# set to 1 to enable Cobbler's DHCP management features.
+# set to true to enable Cobbler's DHCP management features.
 # the choice of DHCP management engine is in /etc/cobbler/modules.conf
-manage_dhcp: 1
+manage_dhcp: true
 
-# set to 1 to enable Cobbler's DNS management features.
+# set to true to enable Cobbler's DNS management features.
 # the choice of DNS mangement engine is in /etc/cobbler/modules.conf
-manage_dns: 0
+manage_dns: false
 
 # set to path of bind chroot to create bind-chroot compatible bind
 # configuration files.  This should be automatically detected.
@@ -253,104 +231,87 @@ bind_chroot_path: ""
 # bind configuration files
 bind_master: 127.0.0.1
 
-# manage_genders - Bool to enable/disable managing an /etc/genders file for use with pdsh and others.
-manage_genders: 0
-
-# bind_manage_ipmi - used to let bind manage IPMI addresses if the power management address is an IP and if manage_bind is set.
-bind_manage_ipmi: 0
-
-# set to 1 to enable Cobbler's TFTP management features.
+# set to true to enable Cobbler's TFTP management features.
 # the choice of TFTP mangement engine is in /etc/cobbler/modules.conf
-manage_tftpd: 1
+manage_tftpd: true
 
-# set to 1 to enable Cobbler's RSYNC management features.
-manage_rsync: 0
+# This variable contains the location of the tftpboot directory. If this directory is not present Cobbler does not
+# start.
+# Default: /var/lib/tftpboot
+tftpboot_location: "/var/lib/tftpboot"
+
+# set to true to enable Cobbler's RSYNC management features.
+manage_rsync: true
 
 # if using BIND (named) for DNS management in /etc/cobbler/modules.conf
 # and manage_dns is enabled (above), this lists which zones are managed
 # See the Wiki (https://github.com/cobbler/cobbler/wiki/Dns-management) for more info
 manage_forward_zones: []
-manage_reverse_zones: ['172.17']
+manage_reverse_zones: []
 
-# if using cobbler with manage_dhcp, put the IP address
-# of the cobbler server here so that PXE booting guests can find it
+# if using Cobbler with manage_dhcp, put the IP address
+# of the Cobbler server here so that PXE booting guests can find it
 # if you do not set this correctly, this will be manifested in TFTP open timeouts.
-next_server: ip
+next_server: 127.0.0.1
 
 # settings for power management features.  optional.
 # see https://github.com/cobbler/cobbler/wiki/Power-management to learn more
 # choices (refer to codes.py):
 #    apc_snmp bladecenter bullpap drac ether_wake ilo integrity
-#    ipmilan ipmitool lpar rsa virsh wti
-power_management_default_type: 'ipmitool'
-
-# the commands used by the power management module are sourced
-# from what directory?
-power_template_dir: "/etc/cobbler/power"
+#    ipmilan lpar rsa virsh wti
+power_management_default_type: 'ipmilan'
 
-# if this setting is set to 1, cobbler systems that pxe boot
+# if this setting is set to true, Cobbler systems that pxe boot
 # will request at the end of their installation to toggle the
-# --netboot-enabled record in the cobbler system record.  This eliminates
+# --netboot-enabled record in the Cobbler system record.  This eliminates
 # the potential for a PXE boot loop if the system is set to PXE
 # first in it's BIOS order.  Enable this if PXE is first in your BIOS
 # boot order, otherwise leave this disabled.   See the manpage
 # for --netboot-enabled.
-pxe_just_once: 1
-
-# the templates used for PXE config generation are sourced
-# from what directory?
-pxe_template_dir: "/etc/cobbler/pxe"
-
-# Path to where system consoles are
-consoles: "/var/consoles"
-
-# Are you using a Red Hat management platform in addition to Cobbler?
-# Cobbler can help you register to it.  Choose one of the following:
-#   "off"    : I'm not using Red Hat Network, Satellite, or Spacewalk
-#   "hosted" : I'm using Red Hat Network
-#   "site"   : I'm using Red Hat Satellite Server or Spacewalk
-# You will also want to read: https://github.com/cobbler/cobbler/wiki/Tips-for-RHN
-redhat_management_type: "off"
-
-# if redhat_management_type is enabled, choose your server
-#   "management.example.org" : For Satellite or Spacewalk
-#   "xmlrpc.rhn.redhat.com"  : For Red Hat Network
-# This setting is also used by the code that supports using Spacewalk/Satellite users/passwords
-# within Cobbler Web and Cobbler XMLRPC.  Using RHN Hosted for this is not supported.
-# This feature can be used even if redhat_management_type is off, you just have
-# to have authn_spacewalk selected in modules.conf
-redhat_management_server: "xmlrpc.rhn.redhat.com"
+pxe_just_once: true
 
-# specify the default Red Hat authorization key to use to register
-# system.  If left blank, no registration will be attempted.  Similarly
-# you can set the --redhat-management-key to blank on any system to
-# keep it from trying to register.
-redhat_management_key: ""
+# if this setting is set to one, triggers will be executed when systems
+# will request to toggle the --netboot-enabled record at the end of their installation.
+nopxe_with_triggers: true
 
-# if using authn_spacewalk in modules.conf to let cobbler authenticate
+# This setting is only used by the code that supports using Spacewalk/Satellite
+# authentication within Cobbler Web and Cobbler XMLRPC.
+redhat_management_server: "xmlrpc.rhn.redhat.com"
+
+# if using authn_spacewalk in modules.conf to let Cobbler authenticate
 # against Satellite/Spacewalk's auth system, by default it will not allow per user
 # access into Cobbler Web and Cobbler XMLRPC.
 # in order to permit this, the following setting must be enabled HOWEVER
 # doing so will permit all Spacewalk/Satellite users of certain types to edit all
-# of cobbler's configuration.
+# of Cobbler's configuration.
 # these roles are:  config_admin and org_admin
 # users should turn this on only if they want this behavior and
 # do not have a cross-multi-org seperation concern.  If you have
 # a single org in your satellite, it's probably safe to turn this
 # on and then you can use CobblerWeb alongside a Satellite install.
-redhat_management_permissive: 0
+redhat_management_permissive: false
+
+# specify the default Red Hat authorization key to use to register
+# system.  If left blank, no registration will be attempted.  Similarly
+# you can set the --redhat-management-key to blank on any system to
+# keep it from trying to register.
+redhat_management_key: ""
 
-# if set to 1, allows /usr/bin/cobbler-register (part of the koan package)
-# to be used to remotely add new cobbler system records to cobbler.
+# if set to true, allows /usr/bin/cobbler-register (part of the koan package)
+# to be used to remotely add new Cobbler system records to Cobbler.
 # this effectively allows for registration of new hardware from system
 # records.
-register_new_installs: 0
+register_new_installs: false
 
 # Flags to use for yum's reposync.  If your version of yum reposync
 # does not support -l, you may need to remove that option.
 reposync_flags: "-l -n -d"
 
-# when DHCP and DNS management are enabled, cobbler sync can automatically
+# Flags to use for rysync's reposync. If flag 'a' is used then createrepo
+# is not ran after the rsync
+reposync_rsync_flags: "-rltDv --copy-unsafe-links"
+
+# when DHCP and DNS management are enabled, Cobbler sync can automatically
 # restart those services to apply changes.  The exception for this is
 # if using ISC for DHCP, then omapi eliminates the need for a restart.
 # omapi, however, is experimental and not recommended for most configurations.
@@ -361,86 +322,92 @@ reposync_flags: "-l -n -d"
 # Note that if manage_dhcp and manage_dns are disabled, the respective
 # parameter will have no effect.  Most users should not need to change
 # this.
-restart_dns: 1
-restart_dhcp: 1
+restart_dns: true
+restart_dhcp: true
 
 # install triggers are scripts in /var/lib/cobbler/triggers/install
-# that are triggered in kickstart pre and post sections.  Any
+# that are triggered in autoinstall pre and post sections.  Any
 # executable script in those directories is run.  They can be used
 # to send email or perform other actions.  They are currently
 # run as root so if you do not need this functionality you can
 # disable it, though this will also disable "cobbler status" which
 # uses a logging trigger to audit install progress.
-run_install_triggers: 1
+run_install_triggers: true
 
 # enables a trigger which version controls all changes to /var/lib/cobbler
 # when add, edit, or sync events are performed.  This can be used
 # to revert to previous database versions, generate RSS feeds, or for
 # other auditing or backup purposes. "git" and "hg" are currently suported,
 # but git is the recommend SCM for use with this feature.
-scm_track_enabled: 0
+scm_track_enabled: false
 scm_track_mode: "git"
+scm_track_author: "cobbler <cobbler@localhost>"
+scm_push_script: "/bin/true"
 
-# this is the address of the cobbler server -- as it is used
+# this is the address of the Cobbler server -- as it is used
 # by systems during the install process, it must be the address
 # or hostname of the system as those systems can see the server.
 # if you have a server that appears differently to different subnets
 # (dual homed, etc), you need to read the --server-override section
 # of the manpage for how that works.
-server: ip
+server: 127.0.0.1
 
-# If set to 1, all commands will be forced to use the localhost address
+# If set to true, all commands will be forced to use the localhost address
 # instead of using the above value which can force commands like
 # cobbler sync to open a connection to a remote address if one is in the
 # configuration and would traceback.
-client_use_localhost: 0
-
-# If set to 1, all commands to the API (not directly to the XMLRPC
-# server) will go over HTTPS instead of plaintext. Be sure to change
-# the http_port setting to the correct value for the web server
-client_use_https: 0
-
-# this is a directory of files that cobbler uses to make
-# templating easier.  See the Wiki for more information.  Changing
-# this directory should not be required.
-snippetsdir: /var/lib/cobbler/snippets
-
-# Normally if a kickstart is specified at a remote location, this
-# URL will be passed directly to the kickstarting system, thus bypassing
-# the usual snippet templating Cobbler does for local kickstart files. If
-# this option is enabled, Cobbler will fetch the file contents internally
-# and serve a templated version of the file to the client.
-template_remote_kickstarts: 0
-
-# should new profiles for virtual machines default to auto booting with the physical host when the physical host reboots?
-# this can be overridden on each profile or system object.
-virt_auto_boot: 1
-
-# cobbler's web directory.  Don't change this setting -- see the
-# Wiki on "relocating your cobbler install" if your /var partition
-# is not large enough.
-webdir: /var/www/cobbler
-
-# cobbler's public XMLRPC listens on this port.  Change this only
+client_use_localhost: false
+
+# If set to "true", all commands to the API (not directly to the XMLRPC server) will go over HTTPS instead of plaintext.
+# Be sure to change the "http_port" setting to the correct value for the web server.
+client_use_https: false
+
+# Should new profiles for virtual machines default to auto booting with the physical host when the physical host
+# reboots? This can be overridden on each profile or system object.
+virt_auto_boot: true
+
+# Cobbler's web directory. Don't change this setting -- see the Wiki on "Relocating your Cobbler install" if your "/var"
+# partition is not large enough.
+webdir: "/var/www/cobbler"
+
+# Directories that will not get wiped and recreated on a "cobbler sync".
+webdir_whitelist:
+  - misc
+  - web
+  - webui
+  - localmirror
+  - repo_mirror
+  - distro_mirror
+  - images
+  - links
+  - pub
+  - repo_profile
+  - repo_system
+  - svc
+  - rendered
+  - .link_cache
+
+# Cobbler's public XMLRPC listens on this port.  Change this only
 # if absolutely needed, as you'll have to start supplying a new
 # port option to koan if it is not the default.
 xmlrpc_port: 25151
 
-# "cobbler repo add" commands set cobbler up with repository
-# information that can be used during kickstart and is automatically
-# set up in the cobbler kickstart templates.  By default, these
+# "cobbler repo add" commands set Cobbler up with repository
+# information that can be used during autoinstall and is automatically
+# set up in the Cobbler autoinstall templates.  By default, these
 # are only available at install time.  To make these repositories
-# usable on installed systems (since cobbler makes a very convient)
-# mirror, set this to 1.  Most users can safely set this to 1.  Users
-# who have a dual homed cobbler server, or are installing laptops that
-# will not always have access to the cobbler server may wish to leave
-# this as 0.  In that case, the cobbler mirrored yum repos are still
+# usable on installed systems (since Cobbler makes a very convenient
+# mirror) set this to true.  Most users can safely set this to true.  Users
+# who have a dual homed Cobbler server, or are installing laptops that
+# will not always have access to the Cobbler server may wish to leave
+# this as false.  In that case, the Cobbler mirrored yum repos are still
 # accessable at http://cobbler.example.org/cblr/repo_mirror and yum
 # configuration can still be done manually.  This is just a shortcut.
-yum_post_install_mirror: 1
+yum_post_install_mirror: true
 
-# the default yum priority for all the distros.  This is only used
-# if yum-priorities plugin is used.  1=maximum.  Tweak with caution.
+# the default yum priority for all the distros. This is only used if yum-priorities plugin is used.
+# 1=maximum
+# Tweak with caution!
 yum_distro_priority: 1
 
 # Flags to use for yumdownloader.  Not all versions may support
@@ -448,22 +415,52 @@ yum_distro_priority: 1
 yumdownloader_flags: "--resolve"
 
 # sort and indent JSON output to make it more human-readable
-serializer_pretty_json: 0
+serializer_pretty_json: false
 
-# replication rsync options for distros, kickstarts, snippets set to override default value of "-avzH"
+# replication rsync options for distros, autoinstalls, snippets set to override default value of "-avzH"
 replicate_rsync_options: "-avzH"
 
 # replication rsync options for repos set to override default value of "-avzH"
 replicate_repo_rsync_options: "-avzH"
 
 # always write DHCP entries, regardless if netboot is enabled
-always_write_dhcp_entries: 0
+always_write_dhcp_entries: false
 
-# external proxy - used by: get-loaders, reposync, signature update
-# eg: proxy_url_ext: "http://192.168.1.1:8080"
+# External proxy - used by: "get-loaders", "reposync", "signature update"
+# Eg: "http://192.168.1.1:8080" (HTTP), "https://192.168.1.1:8443" (HTTPS)
 proxy_url_ext: ""
 
-# internal proxy - used by systems to reach cobbler for kickstarts
-# eg: proxy_url_int: "http://10.0.0.1:8080"
+# Internal proxy - used by systems to reach Cobbler for templates
+# Eg: proxy_url_int: "http://10.0.0.1:8080"
 proxy_url_int: ""
 
+# This is a directory of files that Cobbler uses to include
+# files into Jinja2 templates
+jinja2_includedir: "/var/lib/cobbler/jinja2"
+
+# Up to now, cobblerd used $server's IP address instead of the DNS name in autoinstallation
+# file settings (pxelinux.cfg files) to save bytes, which seemed required for S/390 systems.
+# This behavior can have negative impact on installs with multi-homed Cobbler servers, because
+# not all of the IP addresses may be reachable during system install.
+# This behavior was now made conditional, with default being "off".
+convert_server_to_ip: false
+
+# Leftover settings
+bootloaders_dir: "/var/lib/cobbler/loaders"
+buildisodir: "/var/cache/cobbler/buildiso"
+cobbler_master: ""
+default_virt_disk_driver: "raw"
+grubconfig_dir: "/var/lib/cobbler/grub_config"
+iso_template_dir: "/etc/cobbler/iso"
+
+# Puppet
+puppet_server: ""
+puppet_version: 2
+
+# Signatures
+signature_path: "/var/lib/cobbler/distro_signatures.json"
+signature_url: "https://cobbler.github.io/signatures/3.0.x/latest.json"
+
+# Include other configuration snippets. Overwriting a key from this file in a childfile will overwrite the value from
+# this file.
+include: [ "/etc/cobbler/settings.d/*.settings" ]

control_plane/roles/provision_cobbler/files/inventory_creation.yml

@@ -1,18 +1,3 @@
-#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
-#
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
----
-
 - hosts: localhost
   connection: local
   gather_facts: false
@@ -26,18 +11,28 @@
         vars_new: "{{ var| ipv4('address')| to_nice_yaml}}"
 
     - name: Create the static ip
-      shell: awk -F',' 'NR >1{print $3}' omnia/control_plane/roles/provision_cobbler/files/new_mapping_file.csv > static_hosts.yml
+      shell: awk -F',' 'NR >1{print $3}' omnia/control_plane/roles/provision_cobbler/files/new_host_mapping_file.csv > static_hosts.yml
       changed_when: false
-      ignore_errors: true
+      failed_when: false
 
     - name: Create the dynamic inventory
       shell: |
-        echo "[all]" >  omnia/control_plane/roles/inventory/files/provisioned_hosts.yml
         echo "{{ vars_new }}" > temp.txt
         egrep -o '[1-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' temp.txt >>dynamic_hosts.yml
       changed_when: false
-      ignore_errors: true
+      failed_when: false
 
     - name: Final inventory
-      shell: cat dynamic_hosts.yml static_hosts.yml| sort -ur  >> omnia/control_plane/roles/inventory/files/provisioned_hosts.yml
+      shell: cat dynamic_hosts.yml static_hosts.yml| sort -ur  >> omnia/control_plane/roles/collect_node_info/files/provisioned_hosts.yml
       changed_when: false
+
+    - name: Temp result
+      shell: cat /root/omnia/control_plane/roles/collect_node_info/files/provisioned_hosts.yml |sort|uniq
+      register: inventory
+
+    - name: Final Inventory
+      local_action: copy content="{{ inventory.stdout }}" dest=omnia/control_plane/roles/collect_node_info/files/provisioned_hosts.yml
+
+    - name: New line at end of file
+      shell: echo "">> omnia/control_plane/roles/collect_node_info/files/provisioned_hosts.yml
+      changed_when: false

control_plane/roles/provision_cobbler/files/menu.yml

@@ -0,0 +1,8 @@
+DEFAULT menu
+PROMPT 0
+MENU TITLE Cobbler | https://cobbler.github.io
+TIMEOUT 2
+TOTALTIMEOUT 5
+$pxe_menu_items
+
+MENU end

control_plane/roles/provision_cobbler/files/modules.conf

@@ -2,83 +2,87 @@
 # =================================
 
 # authentication:
-# what users can log into the WebUI and Read-Write XMLRPC?
-# choices:
-#    authn_denyall    -- no one (default)
-#    authn_configfile -- use /etc/cobbler/users.digest (for basic setups)
-#    authn_passthru   -- ask Apache to handle it (used for kerberos)
-#    authn_ldap       -- authenticate against LDAP
-#    authn_spacewalk  -- ask Spacewalk/Satellite (experimental)
-#    authn_pam        -- use PAM facilities
-#    authn_testing    -- username/password is always testing/testing (debug)
-#    (user supplied)  -- you may write your own module
-# WARNING: this is a security setting, do not choose an option blindly.
-# for more information:
-# https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface
-# https://github.com/cobbler/cobbler/wiki/Security-overview
-# https://github.com/cobbler/cobbler/wiki/Kerberos
-# https://github.com/cobbler/cobbler/wiki/Ldap
+# Decides what users can log into the WebUI and call Read-Write XMLRPC methods.
+# Choices:
+#    authentication.denyall    -- No one (default)
+#    authentication.configfile -- Use /etc/cobbler/users.digest (for basic setups)
+#    authentication.passthru   -- Ask Apache to handle it (used for kerberos)
+#    authentication.ldap       -- Authenticate against LDAP
+#    authentication.spacewalk  -- Ask Spacewalk/Satellite (experimental)
+#    authentication.pam        -- Use PAM facilities
+#    authentication.testing    -- Username/password is always testing/testing (debug)
+#    (user supplied)  -- You may write your own module
+# WARNING: This is a security setting, do not choose an option blindly.
+# For more information:
+#    - https://cobbler.readthedocs.io/en/latest/user-guide/web-interface.html
+#    - https://cobbler.readthedocs.io/en/release28/5_web-interface/web_authentication.html
+#
+# hash_algorithm: This parameter has currently only a meaning when the option authentication.configfile is used.
+#                 The parameter decides what hashfun algorithm is used for checking the passwords.
+#                 Currently available are: sha3_384, sha3_512, blake2b, sha3_224, blake2s, shake_128, shake_256,
+#                                          sha3_256
 
 [authentication]
-module = authn_configfile
+module = authentication.configfile
+hash_algorithm = sha3_256
 
 # authorization:
 # once a user has been cleared by the WebUI/XMLRPC, what can they do?
 # choices:
-#    authz_allowall   -- full access for all authneticated users (default)
-#    authz_ownership  -- use users.conf, but add object ownership semantics
+#    authorization.allowall   -- full access for all authneticated users (default)
+#    authorization.ownership  -- use users.conf, but add object ownership semantics
 #    (user supplied)  -- you may write your own module
 # WARNING: this is a security setting, do not choose an option blindly.
 # If you want to further restrict cobbler with ACLs for various groups,
-# pick authz_ownership.  authz_allowall does not support ACLs.  configfile
+# pick authorization.ownership. authorization.ownership does not support ACLs.  configfile
 # does but does not support object ownership which is useful as an additional
 # layer of control.
 
 # for more information:
-# https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface
+# https://cobbler.readthedocs.io/en/latest/user-guide/web-interface.html
 # https://github.com/cobbler/cobbler/wiki/Security-overview
 # https://github.com/cobbler/cobbler/wiki/Web-authorization
 
 [authorization]
-module = authz_allowall
+module = authorization.allowall
 
 # dns:
 # chooses the DNS management engine if manage_dns is enabled
-# in /etc/cobbler/settings, which is off by default.
+# in /etc/cobbler/settings.yaml, which is off by default.
 # choices:
-#    manage_bind    -- default, uses BIND/named
-#    manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dhcp below
+#    managers.bind    -- default, uses BIND/named
+#    managers.dnsmasq -- uses dnsmasq, also must select dnsmasq for dhcp below
+#    managers.ndjbdns -- uses ndjbdns
 # NOTE: more configuration is still required in /etc/cobbler
 # for more information:
 # https://github.com/cobbler/cobbler/wiki/Dns-management
 
 [dns]
-module = manage_dnsmasq
+module = managers.bind
 
 # dhcp:
 # chooses the DHCP management engine if manage_dhcp is enabled
-# in /etc/cobbler/settings, which is off by default.
+# in /etc/cobbler/settings.yaml, which is off by default.
 # choices:
-#    manage_isc     -- default, uses ISC dhcpd
-#    manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dns above
+#    managers.isc     -- default, uses ISC dhcpd
+#    managers.dnsmasq -- uses dnsmasq, also must select dnsmasq for dns above
 # NOTE: more configuration is still required in /etc/cobbler
 # for more information:
 # https://github.com/cobbler/cobbler/wiki/Dhcp-management
 
 [dhcp]
-module = manage_isc
+module = managers.isc
 
 # tftpd:
-# chooses the TFTP management engine if manage_tftp is enabled
-# in /etc/cobbler/settings, which is ON by default.
+# chooses the TFTP management engine if manage_tftpd is enabled
+# in /etc/cobbler/settings.yaml, which is ON by default.
 #
 # choices:
-#    manage_in_tftpd -- default, uses the system's tftp server
-#    manage_tftpd_py -- uses cobbler's tftp server
+#    managers.in_tftpd -- default, uses the system's tftp server
+#    managers.tftpd_py -- uses cobbler's tftp server
 #
 
 [tftpd]
-module = manage_in_tftpd
-
-#--------------------------------------------------
+module = managers.in_tftpd
 
+#-------------------------------------------------

control_plane/roles/provision_cobbler/files/temp_centos7.ks

@@ -29,7 +29,7 @@ keyboard us
 lang en_US
 
 # Network information
-network  --bootproto=dhcp --device=nic --onboot=on
+network  --bootproto=dhcp --device=link --onboot=on --activate
 
 # Root password
 rootpw --iscrypted password
@@ -60,4 +60,9 @@ reboot
 %packages
 @core
 net-tools
+%end
+
+%post --log=/root/ks-post.log
+yum groupinstall "Infiniband Support" -y
+yum install infiniband-diags perftest qperf -y
 %end

control_plane/roles/provision_cobbler/files/temp_dhcp.template

@@ -8,6 +8,8 @@
 #
 # ******************************************************************
 
+#import netaddr
+
 ddns-update-style interim;
 
 allow booting;
@@ -16,32 +18,72 @@ allow bootp;
 ignore client-updates;
 set vendorclass = option vendor-class-identifier;
 
-option pxe-system-type code 93 = unsigned integer 16;
+option system-arch code 93 = unsigned integer 16;
 
 subnet subnet_mask netmask net_mask {
 option subnet-mask net_mask;
 range dynamic-bootp start end;
-default-lease-time  21600;
-max-lease-time  43200;
+default-lease-time 2160000;
+max-lease-time 4320000;
 next-server $next_server;
 #insert the static DHCP leases for configuration here
 
 
      class "pxeclients" {
           match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
-          if option pxe-system-type = 00:02 {
-                  filename "ia64/elilo.efi";
-          } else if option pxe-system-type = 00:06 {
-                  filename "grub/grub-x86.efi";
-          } else if option pxe-system-type = 00:07 {
-                  filename "grub/grub-x86_64.efi";
-          } else if option pxe-system-type = 00:09 {
-                  filename "grub/grub-x86_64.efi";
-          } else {
-                  filename "pxelinux.0";
+
+          # Legacy
+          if option system-arch = 00:00 {
+              filename "grub/grub.0";
+          }
+          # UEFI-32-1
+          if option system-arch = 00:06 {
+               # Not supported, no 32 bit UEFI grub executable
+              filename "unsupported";
+          }
+          # UEFI-32-2
+          if option system-arch = 00:02 {
+              # Not supported, no 32 bit UEFI grub executable
+              filename "unsupported";
+          }
+          # UEFI-64-1
+          else if option system-arch = 00:07 {
+              filename "grub/grubx64.efi";
+          }
+          # UEFI-64-2
+          else if option system-arch = 00:08 {
+              filename "grub/grubx64.efi";
+          }
+          # UEFI-64-3
+          else if option system-arch = 00:09 {
+              filename "grub/grubx64.efi";
+          }
+          # armv7   (aka arm 32 bit)
+          else if option system-arch = 00:0a {
+              filename "grub/armv7.efi";
+          }
+          # aarch64 (aka arm 64 bit)
+          else if option system-arch = 00:0b {
+              filename "grub/grubaa64.efi";
+          }
+          # RiskV 32 bit
+          else if option system-arch = 00:25 {
+              #ToDo petitboot loader
+              filename "unsupported";
+          }
+          #RiskV 32 bit
+          else if option system-arch = 00:27 {
+              #ToDo petitboot loader
+              filename "unsupported";
+          }
+          else if option system-arch = 00:0e {
+              filename "grub/grub.ppc64le";
+          }
+          else
+          {
+              filename "grub/grub.0";
           }
      }
-
 }
 
 #for dhcp_tag in $dhcp_tags.keys():
@@ -49,45 +91,57 @@ next-server $next_server;
     ## or really any valid dhcpd.conf construct ... if you only use the
     ## default dhcp tag in cobbler, the group block can be deleted for a
     ## flat configuration
-# group for Cobbler DHCP tag: $dhcp_tag
-group {
+    # group for Cobbler DHCP tag: $dhcp_tag
+    group {
         #for mac in $dhcp_tags[$dhcp_tag].keys():
             #set iface = $dhcp_tags[$dhcp_tag][$mac]
-    host $iface.name {
-        #if $iface.interface_type == "infiniband":
-        option dhcp-client-identifier = $mac;
-        #else
-        hardware ethernet $mac;
-        #end if
-        #if $iface.ip_address:
-        fixed-address $iface.ip_address;
-        #end if
-        #if $iface.hostname:
-        option host-name "$iface.hostname";
-        #end if
-        #if $iface.netmask:
-        option subnet-mask $iface.netmask;
-        #end if
-        #if $iface.gateway:
-        option routers $iface.gateway;
-        #end if
-        #if $iface.enable_gpxe:
-        if exists user-class and option user-class = "gPXE" {
-            filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";
-        } else if exists user-class and option user-class = "iPXE" {
-            filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";
-        } else {
-            filename "undionly.kpxe";
+            #set mac_dhcp_format = netaddr.EUI($mac,dialect=netaddr.mac_unix)
+            host $iface.name {
+                #if $iface.interface_type == "infiniband":
+                    option dhcp-client-identifier = $mac;
+                #else
+                    hardware ethernet $mac_dhcp_format;
+                #end if
+            #if $iface.ip_address:
+                fixed-address $iface.ip_address;
+            #end if
+            #if $iface.dns_name:
+               option host-name "$iface.dns_name";
+            #else if $iface.hostname:
+                option host-name "$iface.hostname";
+            #end if
+            #if $iface.netmask:
+                option subnet-mask $iface.netmask;
+            #end if
+            #if $iface.if_gateway:
+                option routers $iface.if_gateway;
+            #else if $iface.gateway:
+                option routers $iface.gateway;
+            #end if
+            #if "filename" in $iface.keys() and $iface.filename:
+                #if $iface.enable_gpxe:
+                    if exists user-class and option user-class = "gPXE" {
+                        filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";
+                    } else if exists user-class and option user-class = "iPXE" {
+                        filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";
+                    } else {
+                        filename "undionly.kpxe";
+                    }
+                #else
+                    filename "$iface.filename";
+                #end if
+            #end if
+            #if $iface.next_server:
+                next-server $iface.next_server;
+            #end if
+            #if $iface.filename:
+                filename $filename
+            #end if
+            #if $iface.name_servers:
+                #set $mynameservers = ','.join($iface.name_servers)
+                option domain-name-servers $mynameservers;
+            #end if
         }
-        #else
-        filename "$iface.filename";
-        #end if
-        ## Cobbler defaults to $next_server, but some users
-        ## may like to use $iface.system.server for proxied setups
-        next-server $next_server;
-        ## next-server $iface.next_server;
-    }
-        #end for
+    #end for
 }
-#end for
-
+#end for

control_plane/roles/provision_cobbler/tasks/check_prerequisites.yml

@@ -32,7 +32,7 @@
   - name: Set status for backup file
     set_fact:
       backup_map_status: true
-    when: backup_map.stat.exists == true  
+    when: backup_map.stat.exists
   rescue:
   - name: Message
     debug:
@@ -52,14 +52,14 @@
 - name: Inspect the cobbler image
   command: "buildah images {{ cobbler_image_name }}"
   register: cobbler_image_result
-  ignore_errors: true
+  failed_when: false
   changed_when: false
   tags: install
 
 - name: Check cobbler pod status on the machine
   command: kubectl get pods -n cobbler
   register: cobbler_pod_result
-  ignore_errors: true
+  failed_when: false
   changed_when: false
   tags: install
 
@@ -83,17 +83,17 @@
   tags: install
 
 - name: Fetch cobbler profile list
-  command: "kubectl exec --stdin --tty -n {{ cobbler_pod_name.stdout }} -- cobbler profile list"
+  command: "kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- cobbler profile list"
   changed_when: false
   register: cobbler_profile_list
-  ignore_errors: true
+  failed_when: false
   when: cobbler_container_status
 
 - name: Check crontab list
-  command: "kubectl exec --stdin --tty -n {{ cobbler_pod_name.stdout }} -- crontab -l"
+  command: "kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- crontab -l"
   changed_when: false
   register: crontab_list
-  ignore_errors: true
+  failed_when: false
   when: cobbler_container_status
 
 - name: Update cobbler config status
@@ -102,5 +102,5 @@
   when:
     - cobbler_container_status
     - "'CentOS' in cobbler_profile_list.stdout"
-    - "'* * * * * ansible-playbook /root/tftp.yml' in crontab_list.stdout"
-    - "'5 * * * * ansible-playbook /root/inventory_creation.yml' in crontab_list.stdout"
+    - "'* * * * * /usr/bin/ansible-playbook /root/tftp.yml' in crontab_list.stdout"
+    - "'*/5 * * * * /usr/bin/ansible-playbook /root/inventory_creation.yml' in crontab_list.stdout"

control_plane/roles/provision_cobbler/tasks/cobbler_image.yml

@@ -18,6 +18,7 @@
   changed_when: true
   args:
     chdir: "{{ role_path }}/files/"
+  when: not cobbler_image_status
   tags: install
 
 - name: Update image name in k8s_cobbler.yml

control_plane/roles/provision_cobbler/tasks/configure_cobbler.yml

@@ -31,7 +31,7 @@
   tags: install
 
 - name: Configuring cobbler inside container (It may take 5-10 mins)
-  command: "kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- ansible-playbook /root/kickstart.yml"
+  command: "kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- ansible-playbook /root/cobbler_configurations.yml"
   changed_when: true
   tags: install
   when: not cobbler_config_status
@@ -58,4 +58,4 @@
     - "{{ role_path }}/files/dhcp.template"
     - "{{ role_path }}/files/settings"
     - "{{ role_path }}/files/centos7.ks"
-    - "{{ role_path }}/files/new_mapping_file.csv.bak"
+    - "{{ role_path }}/files/temp_host_mapping_file.csv.bak"

control_plane/roles/provision_cobbler/tasks/dhcp_configure.yml

@@ -42,18 +42,18 @@
 - name: Create the cobbler settings file
   copy:
     src: "{{ role_path }}/files/cobbler_settings"
-    dest: "{{ role_path }}/files/settings"
+    dest: "{{ role_path }}/files/settings.yaml"
     mode: 0775
   tags: install
 
 - name: Assign server ip
   replace:
-    path: "{{ role_path }}/files/settings"
-    regexp: '^server: ip'
+    path: "{{ role_path }}/files/settings.yaml"
+    regexp: '^server: 127.0.0.1'
     replace: 'server: {{ hpc_ip }}'
 
 - name: Assign next server ip
   replace:
-    path: "{{ role_path }}/files/settings"
-    regexp: '^next_server: ip'
+    path: "{{ role_path }}/files/settings.yaml"
+    regexp: '^next_server: 127.0.0.1'
     replace: 'next_server: {{ hpc_ip }}'

control_plane/roles/provision_cobbler/tasks/main.yml

@@ -26,20 +26,6 @@
   import_tasks: firewall_settings.yml
   when: not cobbler_container_status
 
-- name: Decrpyt login_vars.yml
-  command: >-
-    ansible-vault decrypt {{ login_file }}
-    --vault-password-file {{ login_vault_file }}
-  changed_when: false
-
-- name: Include variable file login_vars.yml
-  include_vars: "{{ login_file }}"
-#  no_log: true
-
-- name: Include variable file base_vars.yml
-  include_vars: "{{ base_file }}"
-#  no_log: true
-
 - name: Include common variables
   include_vars: ../../control_plane_common/vars/main.yml
   when: not cobbler_container_status
@@ -48,23 +34,17 @@
   include_tasks: ../../control_plane_common/tasks/internet_validation.yml
   when: not cobbler_container_status
 
+- name: Dhcp Configuration
+  import_tasks: dhcp_configure.yml
+  when: (not cobbler_image_status) or ( backup_map_status )
+
 - name: Provision password validation
   import_tasks: provision_password.yml
   when: not cobbler_image_status
 
-- name: Encypt login file
-  command: >-
-    ansible-vault encrypt {{ login_file }}
-    --vault-password-file {{ login_vault_file }}
-  changed_when: false
-
-- name: Dhcp Configuration
-  import_tasks: dhcp_configure.yml
-  when: (not cobbler_image_status) or ( backup_map_status == true)
-
 - name: Mapping file validation
   import_tasks: mapping_file.yml
-  when: (not cobbler_image_status) and (host_mapping_file == true) or ( backup_map_status == true)
+  when: (not cobbler_image_status) and (host_mapping_file) or ( backup_map_status)
 
 - name: Cobbler image creation
   import_tasks: cobbler_image.yml
@@ -72,15 +52,18 @@
 
 - name: Cobbler configuration
   import_tasks: configure_cobbler.yml
+  when: not cobbler_config_status
 
 - name: Cobbler container status message
   block:
-    - debug:
+    - name: cobbler container running
+      debug:
         msg: "{{ message_skipped }}"
         verbosity: 2
       when: cobbler_container_status
-    - debug:
+    - name: cobbler container not running
+      debug:
         msg: "{{ message_installed }}"
         verbosity: 2
       when: not cobbler_container_status
-  tags: install
+  tags: install

control_plane/roles/provision_cobbler/tasks/mapping_file.yml

@@ -12,125 +12,41 @@
 # limitations under the License.
 ---
 
-- name: Check if file is comma seperated
-  shell: awk -F\, '{print NF-1}' {{ host_mapping_file_path }}
-  register: comma_seperated
-  changed_when: false
-  tags: install
-
-- name: Fail if not comma seperated
-  fail:
-    msg: "{{ not_comma_seperated }}"
-  when: item != "2"
-  with_items: "{{ comma_seperated.stdout_lines }}"
-  tags: install
-
 - name: Remove blank lines
-  shell:  awk -F, 'length>NF+1' {{ host_mapping_file_path }} > {{ role_path }}/files/new_host_mapping_file.csv
+  shell:  set -o pipefail && awk -F, 'length>NF+1' {{ host_mapping_file_path }} > {{ temp_host_mapping_file }}
   changed_when: false
   tags: install
 
 - name: Remove blank spaces
-  shell:  sed -i.bak -E 's/(^|,)[[:blank:]]+/\1/g; s/[[:blank:]]+(,|$)/\1/g'  {{ role_path }}/files/new_host_mapping_file.csv
+  shell:  set -o pipefail && sed -i.bak -E 's/(^|,)[[:blank:]]+/\1/g; s/[[:blank:]]+(,|$)/\1/g'  {{ temp_host_mapping_file }}
   args:
     warn: no
   changed_when: false
   tags: install
 
-- name: Check if header present
-  shell:  awk 'NR==1 { print $1}' {{ role_path }}/files/new_host_mapping_file.csv
-  register: header
-  changed_when: false
-  tags: install
-
-- name: Fail if header not present
-  fail:
-    msg: "{{ header_fail }}"
-  when: header.stdout !=  valid_header
-
-- name: Count the hostname
-  shell: awk -F',' '{print $2}' {{ role_path }}/files/new_host_mapping_file.csv | wc -l
-  register: total_hostname
-  changed_when: false
-  tags: install
-
-- name: Count the ip
-  shell: awk -F',' '{print $3}' {{ role_path }}/files/new_host_mapping_file.csv | wc -l
-  register: total_ip
-  changed_when: false
-  tags: install
-
-- name: Count the macs
-  shell: awk -F',' '{print $1}' {{ role_path }}/files/new_host_mapping_file.csv | wc -l
-  register: total_mac
-  changed_when: false
-  tags: install
-
-- name: Check for duplicate hostname
-  shell: awk -F',' '{print $2}' {{ role_path }}/files/new_host_mapping_file.csv | uniq | wc -l
-  register: uniq_hostname
-  changed_when: false
-  tags: install
-
-- name: Check for duplicate ip
-  shell: awk -F',' '{print $3}' {{ role_path }}/files/new__host_mapping_file.csv | uniq | wc -l
-  register: uniq_ip
-  changed_when: false
-  tags: install
-
-- name: Check for duplicate mac
-  shell: awk -F',' '{print $1}' {{ role_path }}/files/new_host_mapping_file.csv | uniq | wc -l
-  register: uniq_mac
-  changed_when: false
-  tags: install
-
-- name: Fail if duplicate hosts exist
-  fail:
-    msg: "{{ fail_hostname_duplicate }}"
-  when:  total_hostname.stdout >  uniq_hostname.stdout
-  tags: install
-
-- name: Fail if duplicate ips exist
-  fail:
-    msg: "{{ fail_ip_duplicate }}"
-  when:  total_ip.stdout >  uniq_ip.stdout
-  tags: install
-
-- name: Fail if duplicate mac exist
-  fail:
-    msg: "{{ fail_mac_duplicate }}"
-  when:  total_mac.stdout >  uniq_mac.stdout
-  tags: install
-
-- name: Check if _ or . or space present in hostname
-  shell: awk -F',' '{print $2}' {{ role_path }}/files/new_host_mapping_file.csv |grep -E -- '_|\.| '
-  register: hostname_result
-  ignore_errors: true
-  changed_when: false
-  tags: install
-
-- name: Fail if  _ or . or space present in hostname
-  fail:
-    msg: "{{ hostname_result.stdout + ' :Hostname should not contain _ or . as it will cause error with slurm and K8s'}}"
-  when: hostname_result.stdout != ""
-  tags: install
-
 - name: Compare the file for new nodes
   block:
-  - name: difference
-    shell: diff {{ role_path }}/files/new_host_mapping_file.csv {{role_path}}/files/backup_host_mapping_file.csv| tr -d \>|tr -d \<| grep -E -- ', & :| '
-    register: diff_output
-    when: backup_map_status == true
-
-  - name: status of new nodes
-    set_fact:
-      new_node_status: true
-    when: diff_output.stdout!= ""
+    - name: Check difference
+      shell: set -o pipefail && diff {{ temp_host_mapping_file }} {{ role_path }}/files/backup_host_mapping_file.csv| tr -d \>|tr -d \<| grep -E -- ', & :| '
+      register: diff_output
+      changed_when: false
+      failed_when: false
+
+    - name: Status of new nodes
+      set_fact:
+        new_node_status: true
+      when: diff_output.stdout
   rescue:
-  - name: No new nodes
-    debug:
-      msg: "No new nodes to add"
-      verbosity: 2
+    - name: No new nodes
+      debug:
+        msg: "No new nodes to add"
+        verbosity: 2
+  when: backup_map_status
+
+- name: Fetch inputs from mapping file
+  command: awk 'NR > 1 { print }' {{ temp_host_mapping_file }}
+  changed_when: false
+  register: fetch_mapping_file
 
 - name: Fetch input
   blockinfile:
@@ -140,17 +56,19 @@
       host {{ item.split(',')[1] }} {
         hardware ethernet {{ item.split(',')[0] }};
         fixed-address {{ item.split(',')[2] }};
+        option domain-name  "{{ domain_name }}";
       }
     marker: "# {mark} DHCP BLOCK OF {{ item.split(',')[0] }}"
-  with_lines: "{{ remove_header }}"
-  ignore_errors: true
-  when: (not cobbler_image_status) or (new_node_status == true)
+  when: (not cobbler_image_status) or (new_node_status)
+  failed_when: false
+  with_items: "{{ fetch_mapping_file.stdout_lines }}"
   tags: install
 
 - name: Create a backup file
   copy:
-    src: "{{ role_path }}/files/new_host_mapping_file.csv"
+    src: "{{ temp_host_mapping_file }}"
     dest: "{{ role_path }}/files/backup_host_mapping_file.csv"
+    mode: 0644
 
 - name: Get cobbler pod name
   command: 'kubectl get pod -n cobbler -l app=cobbler -o jsonpath="{.items[0].metadata.name}"'
@@ -162,15 +80,12 @@
 - name: Copy the dhcp.template inside container
   command: 'kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} \
     -- cp /root/omnia/control_plane/roles/provision_cobbler/files/dhcp.template /etc/cobbler/dhcp.template'
-  changed_when: true
-  when:  ( cobbler_container_status == true ) and ( new_node_status == true )
+  when:  ( cobbler_container_status ) and ( new_node_status )
 
 - name: Cobbler sync for adding new nodes
   command: 'kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- cobbler sync'
-  changed_when: true
-  when:  ( cobbler_container_status == true ) and ( new_node_status == true )
+  when:  ( cobbler_container_status ) and ( new_node_status )
 
 - name: Restart dhcpd
   command: 'kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- systemctl restart dhcpd'
-  changed_when: true
-  when:  ( cobbler_container_status == true ) and ( new_node_status == true )
+  when:  ( cobbler_container_status ) and ( new_node_status )

control_plane/roles/provision_cobbler/tasks/mount_iso.yml

@@ -12,27 +12,35 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ---
+
 - name: Initialize vars
   set_fact:
-    mount_check: true
+    mount_check: "0"
   tags: install
 
+- name: Check iso directory status
+  stat:
+    path: "/mnt/{{ iso_dir_name }}"
+  register: check_iso_dir
+
 - name: Create iso directory
   file:
     path: "/mnt/{{ iso_dir_name }}"
     state: directory
+    mode: 0644
   tags: install
+  when: not check_iso_dir.stat.exists
 
 - name: Check mountpoint
   command: mountpoint /mnt/{{ iso_dir_name }}
   changed_when: false
   register: result
-  ignore_errors: yes
+  failed_when: false
   tags: install
 
 - name: Update mount status
   set_fact:
-    mount_check: "{{ result.failed }}"
+    mount_check: "{{ result.rc }}"
   tags: install
 
 - name: Mount the iso file
@@ -40,5 +48,5 @@
   changed_when: false
   args:
     warn: no
-  when: mount_check == true
+  when: "'1' in mount_check"
   tags: install

control_plane/roles/provision_cobbler/tasks/provision_password.yml

@@ -26,15 +26,14 @@
     mode: "{{ user_mode }}"
   tags: install
 
-- name: Encrypt cobbler password
-  shell: printf "%s:%s:%s" {{ username }} "Cobbler" "{{ cobbler_password }}" | md5sum | awk '{print $1}'
-  changed_when: false
-  register: encrypt_password
+- name: Cobbler UI password
+  set_fact:
+        encrypt_password: "{{ cobbler_password| hash('sha3_256')}}"
   no_log: true
   tags: install
 
 - name: Copy cobbler password to cobbler config file
-  shell: printf "%s:%s:%s\n" "{{ username }}" "Cobbler" "{{ encrypt_password.stdout }}" > "{{ role_path }}/files/.users.digest"
+  shell: printf "%s:%s:%s\n" "{{ username }}" "Cobbler" "{{ encrypt_password }}" > "{{ role_path }}/files/.users.digest"
   changed_when: false
   no_log: true
   tags: install
@@ -73,6 +72,14 @@
   register: login_pass
   tags: install
 
+- name: Assign password
+  replace:
+    path: "{{ role_path }}/files/settings.yaml"
+    regexp: '^default_password_crypted: password'
+    replace: 'default_password_crypted: {{ login_pass.stdout }}'
+  no_log: true
+  tags: install
+
 - name: Configure kickstart file- Password
   replace:
     path: "{{ role_path }}/files/centos7.ks"
@@ -82,11 +89,12 @@
   tags: install
 
 - name: Configure kickstart file- nic
-  replace:
+  lineinfile:
     path: "{{ role_path }}/files/centos7.ks"
-    regexp: '^network  --bootproto=dhcp --device=nic --onboot=on'
-    replace: 'network  --bootproto=dhcp --device={{ host_network_nic }} --onboot=on'
+    insertafter: '^network  --bootproto=dhcp --device=link --onboot=on --activate'
+    line: 'network  --bootproto=dhcp --device={{ item }} --onboot=on --activate'
   tags: install
+  with_items: "{{ host_nic }}"
 
 - name: Configure kickstart file- timezone
   replace:

control_plane/roles/provision_cobbler/vars/main.yml

@@ -16,13 +16,7 @@
 # vars file for provision
 
 #Usage: mapping_file.yml
-fail_hostname_duplicate:  "Failed: Duplicate hostname exists. Please verify mapping file again."
-remove_header: awk 'NR > 1 { print }' {{ role_path }}/files/new_mapping_file.csv
-fail_ip_duplicate:  "Failed: Duplicate ip exists. Please verify mapping file again."
-fail_mac_duplicate:  "Failed: Duplicate mac exists. Please verify mapping file again."
-header_fail: "Failed: Header (MAC,Hostname,IP) should be present in the mapping file"
-valid_header: MAC,Hostname,IP
-not_comma_seperated: "Failed: Mapping file should be comma seperated." 
+temp_host_mapping_file: "{{ role_path }}/files/new_host_mapping_file.csv"
 
 #Usage: check_prerequisite.yml
 iso_name: CentOS-7-x86_64-Minimal-2009.iso
@@ -35,6 +29,19 @@ base_file: "{{ role_path }}/../../input_params/base_vars.yml"
 login_vault_file: "{{ role_path }}/../../input_params/.login_vault_key"
 username: cobbler
 user_mode: 0644
+host_nic:
+ - em1
+ - em2
+ - em3
+ - em4
+ - p4p1
+ - p4p2
+ - p3p1
+ - p3p2
+ - p2p1
+ - p2p2
+ - p1p2
+ - p1p1
 
 # Usage: cobbler_image.yml
 cobbler_image_name: cobbler