Dynamic DHCP comfiguration and support for mapping file

Signed-off-by: Shubhangi-dell <shubhangi_srivastava@dell.com>

appliance/roles/common/tasks/main.yml

@@ -25,11 +25,11 @@
 - name: Common packages installation
   import_tasks: package_installation.yml
 
+- name: Basic Configuration
+  import_tasks: password_config.yml
+
 - name: Docker installation and configuration
   import_tasks: docker_installation.yml
 
 - name: Docker volume creation
-  import_tasks: docker_volume.yml
-
-- name: Basic Configuration
-  import_tasks: password_config.yml
+  import_tasks: docker_volume.yml

appliance/roles/common/tasks/password_config.yml

@@ -17,28 +17,76 @@
   command: cat {{ input_config_filename }}
   changed_when: false
   register: config_content
-
-- name: Decrpyt input_config.yml
-  command: ansible-vault decrypt {{ input_config_filename }} --vault-password-file {{ role_path }}/files/{{ vault_filename }}
+S
+- name: Decrpyt appliance_config.yml
+  command: >-
+    ansible-vault decrypt {{ input_config_filename }}
+    --vault-password-file {{ vault_filename }}
   changed_when: false
   when: "'$ANSIBLE_VAULT;' in config_content.stdout"
 
-- name: Include variable file input_config.yml
+- name: Include variable file appliance_config.yml
   include_vars: "{{ input_config_filename }}"
+  no_log: true
 
 - name: Validate input parameters are not empty
   fail:
     msg: "{{ input_config_failure_msg }}"
   register: input_config_check
-  when: (provision_password | length < 1) or (awx_password | length < 1) or (mariadb_password | length < 1) or (hpc_nic | length < 1) or (public_nic | length < 1)
+  when:
+    - provision_password | length < 1 or
+      awx_password | length < 1 or
+      hpc_nic | length < 1 or
+      public_nic | length < 1 or
+      dhcp_start_ip_range | length < 1 or
+      dhcp_end_ip_range | length < 1
 
 - name: Save input variables from file
   set_fact:
     cobbler_password: "{{ provision_password }}"
     admin_password: "{{ awx_password }}"
-    input_mariadb_password: "{{ mariadb_password }}"
     nic:  "{{ hpc_nic }}"
     internet_nic: "{{ public_nic }}"
+    dhcp_start_ip: "{{ dhcp_start_ip_range | ipv4 }}"
+    dhcp_end_ip: "{{ dhcp_end_ip_range | ipv4 }}"
+    mapping_file: "{{ mapping_file_exists }}"
+  no_log: true
+
+- name: Get the system hpc ip
+  shell:  "ifconfig {{ hpc_nic }} | grep 'inet' |cut -d: -f2 |  awk '{ print $2}'"
+  register: ip
+  changed_when: false
+
+- name: Get the system public ip
+  shell:  "ifconfig {{ internet_nic }} | grep 'inet' |cut -d: -f2 |  awk '{ print $2}'"
+  register: internet_ip
+  changed_when: false
+
+- name: Get the system netmask
+  shell:  "ifconfig {{ hpc_nic }} | grep 'inet' |cut -d: -f2 |  awk '{ print $4}'"
+  register: net
+  changed_when: false
+
+- name: HPC nic IP
+  set_fact:
+    hpc_ip: "{{ ip.stdout }}"
+    public_ip: "{{ internet_ip.stdout }}"
+
+- name:  Netmask
+  set_fact:
+    netmask: "{{ net.stdout }}"
+
+- name: shell try
+  shell: |
+    IFS=. read -r i1 i2 i3 i4 <<< "{{ hpc_ip }}"
+    IFS=. read -r m1 m2 m3 m4 <<< "{{ netmask }}"
+    printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))"
+  register: sub_result
+  changed_when: false
+
+- name: Subnet
+  set_fact:
+    subnet: "{{ sub_result.stdout }}"
 
 - name: Assert provision_password
   assert:
@@ -51,6 +99,7 @@
       - " \"'\" not in cobbler_password "
     success_msg: "{{ success_msg_provision_password }}"
     fail_msg: "{{ fail_msg_provision_password }}"
+  no_log: true
   register: cobbler_password_check
 
 - name: Assert awx_password
@@ -64,20 +113,24 @@
         - " \"'\" not in admin_password "
     success_msg: "{{ success_msg_awx_password }}"
     fail_msg: "{{ fail_msg_awx_password }}"
+  no_log: true
   register: awx_password_check
 
-- name: Assert mariadb_password
+- name: Assert hpc_ip
+  assert:
+    that:
+      - hpc_ip | length > 7
+    success_msg: "{{ success_hpc_ip }}"
+    fail_msg: "{{ fail_hpc_ip }}"
+  register: hpc_ip_check
+
+- name: Assert public_ip
   assert:
     that:
-        - input_mariadb_password | length > min_length | int - 1
-        - input_mariadb_password | length < max_length | int + 1
-        - '"-" not in input_mariadb_password '
-        - '"\\" not in input_mariadb_password '
-        - '"\"" not in input_mariadb_password '
-        - " \"'\" not in input_mariadb_password "
-    success_msg: "{{ success_msg_mariadb_password }}"
-    fail_msg: "{{ fail_msg_mariadb_password }}"
-  register: mariadb_password_check
+      - public_ip | length > 7
+    success_msg: "{{ success_hpc_ip }}"
+    fail_msg: "{{ fail_hpc_ip }}"
+  register: public_ip_check
 
 - name: Assert hpc_nic
   assert:
@@ -93,11 +146,70 @@
     that:
       - internet_nic | length > nic_min_length | int - 1
       - nic != internet_nic
-      - "('em1' in internet_nic) or ('em2' in internet_nic) or ('em3' in internet_nic)"
     success_msg: "{{ success_msg_public_nic }}"
     fail_msg: "{{ fail_msg_public_nic }}"
   register: public_nic_check
 
+- name: Assert mapping_file_exists
+  assert:
+    that:
+      - "( mapping_file == true) or ( mapping_file == false)"
+    success_msg: "{{ success_mapping_file }}"
+    fail_msg: "{{ fail_mapping_file }}"
+  register: mapping_file_check
+
+- name: Check the subnet of dhcp start range
+  shell: |
+    IFS=. read -r i1 i2 i3 i4 <<< "{{ dhcp_start_ip }}"
+    IFS=. read -r m1 m2 m3 m4 <<< "{{ netmask }}"
+    printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))"
+  args:
+    warn: no
+  register: dhcp_start_sub_result
+  changed_when: false
+  when: dhcp_start_ip != "false"
+
+- name: Set the start dhcp subnet
+  set_fact:
+    dhcp_start_sub: "{{ dhcp_start_sub_result.stdout }}"
+  when: dhcp_start_ip != "false"
+
+- name: Check the subnet of dhcp end range
+  shell: |
+    IFS=. read -r i1 i2 i3 i4 <<< "{{ dhcp_end_ip }}"
+    IFS=. read -r m1 m2 m3 m4 <<< "{{ netmask }}"
+    printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))"
+  register: dhcp_end_sub_result
+  when: dhcp_end_ip != "false"
+  changed_when: false
+
+- name: Set the end dhcp subnet
+  set_fact:
+    dhcp_end_sub: "{{ dhcp_end_sub_result.stdout }}"
+  when: dhcp_end_ip != "false"
+
+- name: Assert dhcp_start_ip_range
+  assert:
+    that:
+      - dhcp_start_ip != "false"
+      - dhcp_start_ip != dhcp_end_ip
+      - dhcp_start_sub == subnet
+      - dhcp_start_sub == dhcp_end_sub
+    success_msg: "{{ success_dhcp_range }}"
+    fail_msg: "{{ fail_dhcp_range }}"
+  register: dhcp_start_ip_check
+
+- name: Assert dhcp_end_ip_range
+  assert:
+    that:
+      - dhcp_end_ip != "false"
+      - dhcp_start_ip != dhcp_end_ip
+      - dhcp_end_sub == subnet
+      - dhcp_start_sub == dhcp_end_sub
+    success_msg: "{{ success_dhcp_range }}"
+    fail_msg: "{{ fail_dhcp_range }}"
+  register: dhcp_end_ip_check
+
 - name: Create ansible vault key
   set_fact:
     vault_key: "{{ lookup('password', '/dev/null chars=ascii_letters') }}"
@@ -105,7 +217,7 @@
 
 - name: Save vault key
   copy:
-    dest: "{{ role_path }}/files/{{ vault_filename }}"
+    dest: "{{ vault_filename }}"
     content: |
       {{ vault_key }}
     owner: root
@@ -113,5 +225,7 @@
   when: "'$ANSIBLE_VAULT;' not in config_content.stdout"
 
 - name: Encrypt input config file
-  command: ansible-vault encrypt {{ input_config_filename }} --vault-password-file {{ role_path }}/files/{{ vault_filename }}
-  changed_when: false
+  command: >-
+    ansible-vault encrypt {{ input_config_filename }}
+    --vault-password-file {{ vault_filename }}
+  changed_when: false

appliance/roles/common/vars/main.yml

@@ -31,6 +31,8 @@ common_packages:
   - lvm2
   - gettext
   - python-docker
+  - net-tools
+  - python-netaddr
 
 # Usage: pre_requisite.yml
 internet_delay: 0
@@ -58,19 +60,23 @@ daemon_dest: /etc/docker/
 docker_volume_name: omnia-storage
 
 # Usage: password_config.yml
-input_config_filename: "input_config.yml"
+input_config_filename: "appliance_config.yml"
 fail_msg_provision_password: "Failed. Incorrect provision_password format provided in input_config.yml file"
 success_msg_provision_password: "provision_password validated"
 fail_msg_awx_password: "Failed. Incorrect awx_password format provided in input_config.yml file"
 success_msg_awx_password: "awx_password validated"
-fail_msg_mariadb_password: "Failed. Incorrect mariadb_password format provided in input_config.yml file"
-success_msg_mariadb_password: "mariadb_password validated"
 fail_msg_hpc_nic: "Failed. Incorrect hpc_nic format provided in input_config.yml file"
 success_msg_hpc_nic: "hpc_nic validated"
 fail_msg_public_nic: "Failed. Incorrect public_nic format provided in input_config.yml file"
 success_msg_public_nic: "public_nic validated"
+success_mapping_file: "mapping_file_exists validated"
+fail_mapping_file: "Failed. Incorrect mapping_file_exists value in input_config.yml. It should be either true or false"
 input_config_failure_msg: "Please provide all the required parameters in input_config.yml"
+success_dhcp_range: "Dhcp_range validated"
+fail_dhcp_range: "Failed: Incorrect range assigned for dhcp"
+success_hpc_ip: "IP validated"
+fail_hpc_ip: "Failed: Nic should be configured"
 min_length: 8
 max_length: 30
 nic_min_length: 3
-vault_filename: .vault_key
+vault_filename: .vault_key

appliance/roles/inventory/files/create_inventory.yml

@@ -26,6 +26,11 @@
       ignore_errors: yes
       changed_when: false
 
+    - name: Refresh ssh keys
+      command: ssh-keygen -R {{ inventory_hostname }}
+      delegate_to: localhost
+      changed_when: false
+
     - name: Group reachable hosts
       group_by:
         key: "reachable"
@@ -51,11 +56,44 @@
     - name: Setup
       setup:
        filter: ansible_*
+    
+    - name: Check hostname of server
+      command: hostname
+      register: hostname_check
+      changed_when: false     
+
+    - name: Check if IP present in mapping file
+      shell: grep "{{ inventory_hostname }}" {{ role_path }}/files/new_mapping_file.csv
+      delegate_to: localhost
+      register: file_present
+      changed_when: false
+
+    - name: Get the static hostname from mapping file
+      shell:  grep -Po ".* (?="{{ inventory_hostname }}")" {{ role_path }}/files/new_mapping_file.csv| awk -F',' '{print $2}'
+      delegate_to: localhost
+      when: ('localhost' in hostname_check.stdout) and (file_present.stdout != "")
+      changed_when: false
+      register: host_name
+
+    - name: Set the hostname from mapping file
+      hostname:
+        name: "{{ host_name.stdout }}"
+      register: result_host_name
+      when: ('localhost' in hostname_check.stdout) and (file_present.stdout != "")
 
     - name: Set the system hostname
       hostname:
         name: "compute{{ inventory_hostname.split('.')[-2] + '-' + inventory_hostname.split('.')[-1] }}"
       register: result_name
+      when: ('localhost' in hostname_check.stdout) and (file_present.stdout == "")
+
+    - name: Add new hostname to /etc/hosts
+      lineinfile:
+        dest: /etc/hosts
+        regexp: '^127\.0\.0\.1[ \t]+localhost'
+        line: "127.0.0.1 localhost {{ host_name.stdout }}"
+        state: present
+      when: "'localhost' in hostname_check.stdout" and (file_present.stdout != "")
 
     - name: Add new hostname to /etc/hosts
       lineinfile:
@@ -63,6 +101,7 @@
         regexp: '^127\.0\.0\.1[ \t]+localhost'
         line: "127.0.0.1 localhost 'compute{{ inventory_hostname.split('.')[-2] + '-' + inventory_hostname.split('.')[-1] }}'"
         state: present
+      when: "'localhost' in hostname_check.stdout" and (file_present.stdout == "" )
 
 - name: Update inventory
   hosts: localhost
@@ -79,4 +118,4 @@
     - name: Show unreachable hosts
       debug:
         msg: "{{ host_unreachable_msg }} + {{ groups['ungrouped'] }}"
-      when: "'ungrouped' in groups"
+      when: "'ungrouped' in groups"

appliance/roles/inventory/tasks/main.yml

@@ -36,13 +36,13 @@
       changed_when: false
       register: config_content
 
-    - name: Decrpyt input_config.yml
+    - name: Decrpyt appliance_config.yml
       command: >-
         ansible-vault decrypt {{ input_config_filename }}
-        --vault-password-file roles/common/files/{{ vault_filename }}
+        --vault-password-file {{ vault_filename }}
       when: "'$ANSIBLE_VAULT;' in config_content.stdout"
 
-    - name: Include variable file input_config.yml
+    - name: Include variable file appliance_config.yml
       include_vars: "{{ input_config_filename }}"
       no_log: True
 
@@ -54,7 +54,7 @@
     - name: Encrypt input config file
       command: >-
         ansible-vault encrypt {{ input_config_filename }}
-        --vault-password-file roles/common/files/{{ vault_filename }}
+        --vault-password-file {{ vault_filename }}
       when: "'$ANSIBLE_VAULT;' not in config_content.stdout"
 
     - name: Check if inventory file already exists
@@ -91,4 +91,4 @@
 
 - name: push inventory to AWX
   command: awx-manage inventory_import --inventory-name {{ omnia_inventory_name }} --source /root/inventory
-  changed_when: no
+  when: provisioned_file_result.stat.exists

appliance/roles/provision/files/Dockerfile

@@ -21,7 +21,6 @@ RUN yum install -y \
   rsync \
   httpd\
   dhcp \
-  dnsmasq\
   xinetd \
   net-tools \
   memtest86+ \
@@ -33,7 +32,6 @@ RUN mkdir /root/omnia
 #Copy Configuration files
 COPY settings /etc/cobbler/settings
 COPY dhcp.template  /etc/cobbler/dhcp.template
-COPY dnsmasq.template /etc/cobbler/dnsmasq.template
 COPY modules.conf  /etc/cobbler/modules.conf
 COPY tftp /etc/xinetd.d/tftp
 COPY .users.digest /etc/cobbler/users.digest
@@ -50,6 +48,5 @@ VOLUME [ "/var/www/cobbler", "/var/lib/cobbler/backup", "/mnt" ]
 RUN systemctl enable cobblerd
 RUN systemctl enable httpd
 RUN systemctl enable rsyncd
-RUN systemctl enable dnsmasq
 
-CMD ["sbin/init"]
+CMD ["sbin/init"]

appliance/roles/provision/files/settings

@@ -275,7 +275,7 @@ manage_reverse_zones: ['172.17']
 # if using cobbler with manage_dhcp, put the IP address
 # of the cobbler server here so that PXE booting guests can find it
 # if you do not set this correctly, this will be manifested in TFTP open timeouts.
-next_server: 172.17.0.1
+next_server: ip
 
 # settings for power management features.  optional.
 # see https://github.com/cobbler/cobbler/wiki/Power-management to learn more
@@ -387,7 +387,7 @@ scm_track_mode: "git"
 # if you have a server that appears differently to different subnets
 # (dual homed, etc), you need to read the --server-override section
 # of the manpage for how that works.
-server: 172.17.0.1
+server: ip
 
 # If set to 1, all commands will be forced to use the localhost address
 # instead of using the above value which can force commands like

appliance/roles/provision/files/dnsmasq.template

@@ -1,20 +0,0 @@
-# Cobbler generated configuration file for dnsmasq
-# $date
-#
-
-# resolve.conf .. ?
-#no-poll
-#enable-dbus
-read-ethers
-addn-hosts = /var/lib/cobbler/cobbler_hosts
-
-dhcp-range=172.17.0.10 172.17.0.254
-dhcp-option=66,$next_server
-dhcp-lease-max=1000
-dhcp-authoritative
-dhcp-boot=pxelinux.0
-dhcp-boot=net:normalarch,pxelinux.0
-dhcp-boot=net:ia64,$elilo
-
-$insert_cobbler_system_definitions
-

appliance/roles/provision/files/ifcfg-em1

@@ -1,18 +0,0 @@
-TYPE=Ethernet
-PROXY_METHOD=none
-BROWSER_ONLY=no
-BOOTPROTO=none
-DEFROUTE=yes
-IPV4_FAILURE_FATAL=no
-IPV6INIT=yes
-IPV6_AUTOCONF=yes
-IPV6_DEFROUTE=yes
-IPV6_FAILURE_FATAL=no
-IPV6_ADDR_GEN_MODE=stable-privacy
-NAME=em1
-UUID=485d7133-2c49-462d-bbb4-b854fe98e0fe
-DEVICE=em1
-ONBOOT=yes
-IPV6_PRIVACY=no
-IPADDR=172.17.0.1
-NETMASK=255.255.0.0

appliance/roles/provision/files/inventory_creation.yml

@@ -25,10 +25,17 @@
       set_fact:
         vars_new: "{{ var| ipv4('address')| to_nice_yaml}}"
 
-    - name: Create the inventory
+    - name: Create the static ip
+      shell: awk -F',' 'NR >1{print $3}' omnia/appliance/roles/provision/files/new_mapping_file.csv > static_hosts.yml
+      changed_when: false
+
+    - name: Create the dynamic inventory
       shell: |
-        echo "[all]" > omnia/appliance/roles/inventory/files/provisioned_hosts.yml
+        echo "[all]" >  omnia/appliance/roles/inventory/files/provisioned_hosts.yml
         echo "{{ vars_new }}" > temp.txt
-        egrep -o '[1-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' temp.txt >>omnia/appliance/roles/inventory/files/provisioned_hosts.yml
+        egrep -o '[1-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' temp.txt >>dynamic_hosts.yml
       changed_when: false
 
+    - name: Final inventory
+      shell: cat dynamic_hosts.yml static_hosts.yml| sort -ur  >> omnia/appliance/roles/inventory/files/provisioned_hosts.yml
+      changed_when: false     

appliance/roles/provision/files/kickstart.yml

@@ -58,7 +58,6 @@
 
   - name: Adding curl
     shell: export PATH="/usr/bin/curl:$PATH"
-    changed_when: true
 
   - name: Run import command
     command: cobbler import --arch=x86_64 --path=/mnt --name="{{ name_iso }}"
@@ -75,11 +74,29 @@
   - name: Syncing of cobbler
     command: cobbler sync
     changed_when: false
+  
+  - name: Disable default apache webpage
+    blockinfile:
+      state: present
+      insertafter: '^#insert the content here for disabling the default apache webpage'
+      dest: /etc/httpd/conf/httpd.conf
+      block: |
+        <Directory />
+           Order Deny,Allow
+           Deny from all
+           Options None
+           AllowOverride None
+         </Directory>
 
   - name: Restart cobbler
     service:
       name: cobblerd
       state: restarted
+ 
+  - name: Restart httpdd
+    service:
+      name: httpd
+      state: restarted
 
   - name: Restart xinetd
     service:
@@ -101,4 +118,4 @@
     cron:
       name: Create inventory
       minute: "*/5"
-      job: "ansible-playbook /root/inventory_creation.yml"
+      job: "ansible-playbook /root/inventory_creation.yml"

appliance/roles/provision/files/temp_centos7.ks

@@ -59,5 +59,6 @@ reboot
 
 %packages
 @core
+net-tools
 %end
 

appliance/roles/provision/files/dhcp.template

@@ -18,14 +18,15 @@ set vendorclass = option vendor-class-identifier;
 
 option pxe-system-type code 93 = unsigned integer 16;
 
-subnet 172.17.0.0 netmask 255.255.0.0 {
-     option routers             172.17.0.1;
-     option domain-name-servers 172.17.0.1;
-     option subnet-mask         255.255.0.0;
-     range dynamic-bootp        172.17.0.10 172.17.0.254;
-     default-lease-time         21600;
-     max-lease-time             43200;
-     next-server                $next_server;
+subnet subnet_mask netmask net_mask {
+option subnet-mask net_mask;
+range dynamic-bootp start end;
+default-lease-time  21600;
+max-lease-time  43200;
+next-server $next_server;
+#insert the static DHCP leases for configuration here
+
+
      class "pxeclients" {
           match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
           if option pxe-system-type = 00:02 {

appliance/roles/provision/tasks/check_prerequisites.yml

@@ -17,17 +17,20 @@
   stat:
     path: "{{ role_path }}/files/{{ iso_name }}"
   register: iso_status
+  tags: install
 
 - name: Iso file not present
   fail:
     msg: "{{ iso_fail }}"
   when: iso_status.stat.exists == false
   register: iso_file_check
+  tags: install
 
 - name: Initialize variables
   set_fact:
-    cobbler_status: false
+    cobbler_container_status: false
     cobbler_image_status: false
+    cobbler_config_status: false
   tags: install
 
 - name: Inspect the cobbler image
@@ -48,8 +51,30 @@
   when: cobbler_image_result.images| length==1
   tags: install
 
-- name: Update cobbler status
+- name: Update cobbler container status
   set_fact:
-    cobbler_status: true
+    cobbler_container_status: true
   when: cobbler_result.exists
   tags: install
+
+- name: Fetch cobbler profile list
+  command: docker exec cobbler cobbler profile list
+  changed_when: false
+  register: cobbler_profile_list
+  when: cobbler_container_status == true
+
+- name: Check crontab list
+  command: docker exec cobbler crontab -l
+  changed_when: false
+  register: crontab_list
+  ignore_errors: true
+  when: cobbler_container_status == true
+
+- name: Update cobbler container status
+  set_fact:
+    cobbler_config_status: true
+  when:
+    - cobbler_container_status == true
+    - "'CentOS' in cobbler_profile_list.stdout"
+    - "'* * * * * ansible-playbook /root/tftp.yml' in crontab_list.stdout"
+    - "'5 * * * * ansible-playbook /root/inventory_creation.yml' in crontab_list.stdout"

appliance/roles/provision/tasks/configure_cobbler.yml

@@ -12,12 +12,24 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ---
+- name: Delete the cobbler container if exits
+  docker_container:
+    name: cobbler
+    state: absent
+  tags: install
+  when: cobbler_container_status == true and cobbler_config_status == false
+
+- name: Run cobbler container
+  command: "{{ cobbler_run_command }}"
+  changed_when: false
+  tags: install
+  when: cobbler_container_status == true and cobbler_config_status == false
 
 - name: Configuring cobbler inside container (It may take 5-10 mins)
   command: docker exec cobbler ansible-playbook /root/kickstart.yml
   changed_when: false
   tags: install
-  when: not cobbler_status
+  when: cobbler_config_status == false
 
 - name: Schedule task
   cron:
@@ -25,9 +37,20 @@
     special_time: reboot
     job: "ansible-playbook {{ role_path }}/files/start_cobbler.yml"
   tags: install
-  when: not cobbler_status
+  when: cobbler_config_status == false
 
 - name: Execute cobbler sync in cobbler container
   command: docker exec cobbler cobbler sync
   changed_when: true
-  when: cobbler_status == true
+  when: cobbler_config_status == true
+
+- name: Remove the files
+  file:
+    path: "{{ item }}"
+    state: absent
+  with_items:
+    - "{{ role_path }}/files/.users.digest"
+    - "{{ role_path }}/files/dhcp.template"
+    - "{{ role_path }}/files/settings"
+    - "{{ role_path }}/files/centos7.ks"
+    - "{{ role_path }}/files/new_mapping_file.csv.bak"

appliance/roles/provision/tasks/configure_nic.yml

@@ -1,31 +0,0 @@
-# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
----
-
-- name: Configure NIC-1
-  copy:
-    src: "ifcfg-{{ nic }}"
-    dest: "/etc/sysconfig/network-scripts/ifcfg-{{ nic }}"
-    mode: 0644
-  tags: install
-
-- name: Restart NIC
-  command: ifdown {{ nic }}
-  changed_when: false
-  tags: install
-
-- name: Restart NIC
-  command: ifup {{ nic }}
-  changed_when: false
-  tags: install

appliance/roles/provision/tasks/dhcp_configure.yml

@@ -0,0 +1,60 @@
+# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+- name: Create the dhcp template
+  copy:
+    src: "{{ role_path }}/files/temp_dhcp.template"
+    dest: "{{ role_path }}/files/dhcp.template"
+    mode: 0775
+  tags: install
+
+- name: Assign subnet and netmask
+  replace:
+    path: "{{ role_path }}/files/dhcp.template"
+    regexp: '^subnet subnet_mask netmask net_mask {'
+    replace: 'subnet {{ subnet }} netmask {{ netmask }} {'
+  tags: install
+
+- name: Assign netmask
+  replace:
+    path: "{{ role_path }}/files/dhcp.template"
+    regexp: '^option subnet-mask net_mask;'
+    replace: 'option subnet-mask {{ netmask }};'
+
+- name: Assign DHCP range
+  replace:
+    path: "{{ role_path }}/files/dhcp.template"
+    regexp: '^range dynamic-bootp start end;'
+    replace: 'range dynamic-bootp {{ dhcp_start_ip }} {{ dhcp_end_ip }};'
+
+- name: Create the cobbler settings file
+  copy:
+    src: "{{ role_path }}/files/cobbler_settings"
+    dest: "{{ role_path }}/files/settings"
+    mode: 0775
+  tags: install
+
+- name: Assign server ip
+  replace:
+    path: "{{ role_path }}/files/settings"
+    regexp: '^server: ip'
+    replace: 'server: {{ hpc_ip }}'
+
+- name: Assign next server ip
+  replace:
+    path: "{{ role_path }}/files/settings"
+    regexp: '^next_server: ip'
+    replace: 'next_server: {{ hpc_ip }}'
+

appliance/roles/provision/tasks/main.yml

@@ -14,8 +14,6 @@
 ---
 
 #Tasks for Deploying cobbler on the system
-- name: Configure nic
-  import_tasks: configure_nic.yml
 
 - name: Check cobbler status on machine
   include_tasks: check_prerequisites.yml
@@ -26,23 +24,31 @@
 
 - name: Modify firewall settings for Cobbler
   import_tasks: firewall_settings.yml
-  when: not cobbler_status
+  when: not cobbler_container_status
 
 - name: Include common variables
   include_vars: ../../common/vars/main.yml
-  when: not cobbler_status
+  when: not cobbler_container_status
 
 - name: Internet validation
   include_tasks: ../../common/tasks/internet_validation.yml
-  when: not cobbler_status
+  when: not cobbler_container_status
 
 - name: Provision password validation
   import_tasks: provision_password.yml
   when: not cobbler_image_status
 
+- name: Dhcp Configuration
+  import_tasks: dhcp_configure.yml
+  when: not cobbler_image_status
+
+- name: Mapping file validation
+  import_tasks: mapping_file.yml
+  when: (not cobbler_image_status) and (mapping_file == true)
+
 - name: Cobbler image creation
   import_tasks: cobbler_image.yml
-  when: not cobbler_status
+  when: not cobbler_container_status
 
 - name: Cobbler configuration
   import_tasks: configure_cobbler.yml
@@ -52,9 +58,9 @@
     - debug:
         msg: "{{ message_skipped }}"
         verbosity: 2
-      when: cobbler_status
+      when: cobbler_container_status
     - debug:
         msg: "{{ message_installed }}"
         verbosity: 2
-      when: not cobbler_status
+      when: not cobbler_container_status
   tags: install

appliance/roles/provision/tasks/mapping_file.yml

@@ -0,0 +1,84 @@
+# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+- name: Check availability of mapping file
+  stat:
+    path: "{{ role_path }}/files/{{ mapping_file_name }}"
+  register: mapping_file_status
+  tags: install
+
+- name: Mapping file not present
+  fail:
+    msg: "{{ mapping_file_fail }}"
+  when: mapping_file_status.stat.exists == false
+  register: mapping_file_check
+  tags: install
+
+- name: Remove blank lines
+  shell:  awk -F, 'length>NF+1' {{ role_path }}/files/{{ mapping_file_name }} > {{ role_path }}/files/new_mapping_file.csv
+  changed_when: false
+  tags: install
+
+- name: Remove blank spaces
+  shell:  sed -i.bak -E 's/(^|,)[[:blank:]]+/\1/g; s/[[:blank:]]+(,|$)/\1/g'  {{ role_path }}/files/new_mapping_file.csv
+  args:
+    warn: no
+  changed_when: false
+  tags: install
+
+- name: Count the rows
+  shell: awk -F',' '{print $2}' {{ role_path }}/files/new_mapping_file.csv | wc -l
+  register: total_count
+  changed_when: false
+  tags: install
+
+- name: Check for duplicate hostname
+  shell: awk -F',' '{print $2}' {{ role_path }}/files/new_mapping_file.csv | uniq | wc -l
+  register: count_host
+  changed_when: false
+  tags: install
+
+- name: Fail if duplicate hosts exist
+  fail:
+    msg: "{{ fail_hostname_duplicate }}"
+  when:  total_count.stdout >  count_host.stdout
+  tags: install
+
+- name: Check if _ or . or space present in hostname
+  shell: awk -F',' '{print $2}' {{ role_path }}/files/new_mapping_file.csv |grep -E -- '_|\.| '
+  register: hostname_result
+  ignore_errors: true
+  changed_when: false
+  tags: install
+
+- name: Fail if  _ or . or space present in hostname
+  fail:
+    msg: "{{ hostname_result.stdout + ' :Hostname should not contain _ or . as it will cause error with slurm and K8s'}}"
+  when: hostname_result.stdout != ""
+  tags: install
+
+- name: Fetch input
+  blockinfile:
+    path: "{{ role_path }}/files/dhcp.template"
+    insertafter: '^#insert the static DHCP leases for configuration here'
+    block: |
+      host {{ item.split(',')[1] }} {
+        hardware ethernet {{ item.split(',')[0] }};
+        fixed-address {{ item.split(',')[2] }};
+      }
+    marker: "# {mark} DHCP BLOCK OF {{ item.split(',')[0] }}"
+  with_lines: "{{ remove_header }}"
+  ignore_errors: true
+  tags: install

appliance/roles/provision/tasks/provision_password.yml

@@ -27,14 +27,16 @@
   tags: install
 
 - name: Encrypt cobbler password
-  shell: printf "%s:%s:%s" {{ username }} "Cobbler" {{ cobbler_password }} | md5sum | awk '{print $1}'
+  shell: printf "%s:%s:%s" {{ username }} "Cobbler" "{{ cobbler_password }}" | md5sum | awk '{print $1}'
   changed_when: false
   register: encrypt_password
+  no_log: true
   tags: install
 
 - name: Copy cobbler password to cobbler config file
-  shell: printf "%s:%s:%s\n" "{{ username }}" "Cobbler" "{{ encrypt_password.stdout }}" > "{{ role_path }}/files/.users.digest"
+  shell: printf "%s:%s:%s\n" "{{ username }}" "Cobbler" "{{ encrypt_SSS.stdout }}" > "{{ role_path }}/files/.users.digest"
   changed_when: false
+  no_log: true
   tags: install
 
 - name: Create the kickstart file
@@ -44,28 +46,11 @@
     mode: 0775
   tags: install
 
-- name: Configure kickstart file
+- name: Configure kickstart file- IP
   replace:
     path: "{{ role_path }}/files/centos7.ks"
     regexp: '^url --url http://ip/cblr/links/CentOS7-x86_64/'
-    replace: url --url http://{{ ansible_em1.ipv4.address }}/cblr/links/CentOS7-x86_64/
-  when: internet_nic == "em1"
-  tags: install
-
-- name: Configure kickstart file
-  replace:
-    path: "{{ role_path }}/files/centos7.ks"
-    regexp: '^url --url http://ip/cblr/links/CentOS7-x86_64/'
-    replace: url --url http://{{ ansible_em2.ipv4.address }}/cblr/links/CentOS7-x86_64/
-  when: internet_nic == "em2"
-  tags: install
-
-- name: Configure kickstart file
-  replace:
-    path: "{{ role_path }}/files/centos7.ks"
-    regexp: '^url --url http://ip/cblr/links/CentOS7-x86_64/'
-    replace: url --url http://{{ ansible_em3.ipv4.address }}/cblr/links/CentOS7-x86_64/
-  when: internet_nic == "em3"
+    replace: url --url http://{{ public_ip }}/cblr/links/CentOS7-x86_64/
   tags: install
 
 - name: Random phrase generation
@@ -81,24 +66,22 @@
 
 - name: Login password
   command: openssl passwd -1 -salt {{ random_phrase }} {{ cobbler_password }}
+  no_log: true
   changed_when: false
   register: login_pass
   tags: install
 
-- name: Configure kickstart file
+- name: Configure kickstart file- Password
   replace:
     path: "{{ role_path }}/files/centos7.ks"
     regexp: '^rootpw --iscrypted password'
     replace: 'rootpw --iscrypted {{ login_pass.stdout }}'
+  no_log: true
   tags: install
 
-- name: Configure kickstart file
+- name: Configure kickstart file- nic
   replace:
     path: "{{ role_path }}/files/centos7.ks"
     regexp: '^network  --bootproto=dhcp --device=nic --onboot=on'
     replace: 'network  --bootproto=dhcp --device={{ nic }} --onboot=on'
   tags: install
-
-- name: Configure default password in settings
-  local_action: copy content="{{ login_pass.stdout }}" dest="{{ role_path }}/files/.node_login.digest"
-  tags: install

appliance/roles/provision/vars/main.yml

@@ -15,6 +15,12 @@
 
 # vars file for provision
 
+#Usage: mapping_file.yml
+mapping_file_name: mapping_file.csv
+mapping_file_fail: "Mapping file absent: Copy the mapping file in omnia/appliance/roles/provision/files"
+fail_hostname_duplicate:  "Duplicate hostname exists. Please check"
+remove_header: awk 'NR > 1 { print }' {{ role_path }}/files/new_mapping_file.csv
+
 #Usage: check_prerequisite.yml
 iso_name: CentOS-7-x86_64-Minimal-2009.iso
 iso_fail: "Iso file absent: Download and copy the iso file in omnia/appliance/roles/provision/files"
@@ -28,7 +34,6 @@ docker_image_name: cobbler
 docker_image_tag: latest
 cobbler_run_command: docker run -itd --privileged --net=host --restart=always -v {{ mount_path }}:/root/omnia  -v cobbler_www:/var/www/cobbler:Z -v cobbler_backup:/var/lib/cobbler/backup:Z -v /mnt/iso:/mnt:Z -p 69:69/udp -p 81:80 -p 443:443 -p 25151:25151 --name cobbler  cobbler:latest  /sbin/init
 
-
 # Usage: main.yml
 message_skipped: "Installation Skipped: Cobbler instance is already running on your system"
 message_installed: "Installation Successful"

roles/k8s_nfs_client_setup/tasks/main.yml

@@ -36,7 +36,7 @@
   tags: nfs_client
 
 - name: Mounting NFS Share
-  command: "mount {{ groups['manager'][0] }}:{{ nfs_mnt_dir }} {{ nfs_mnt_dir }}"
+  command: "mount {{ mounthost }}:{{ nfs_share_dir }} {{ nfs_mnt_dir }}"
   changed_when: true
   args:
     warn: false
@@ -46,6 +46,6 @@
 - name: Configuring Automount NFS Shares on reboot
   lineinfile:
     path: "{{ fstab_file_path }}"
-    line: "{{ groups['manager'][0] }}:{{ nfs_mnt_dir }}     {{ nfs_mnt_dir }}  nfs     nosuid,rw,sync,hard,intr 0 0"
+    line: "{{ mounthost }}:{{ nfs_share_dir }}     {{ nfs_mnt_dir }}  nfs     nosuid,rw,sync,hard,intr 0 0"
   when: groups['manager'][0] not in mounted_share.stdout
   tags: nfs_client

roles/k8s_nfs_client_setup/vars/main.yml

@@ -14,7 +14,10 @@
 ---
 
 nfs_mnt_dir: /home/k8snfs
+nfs_share_dir: /home/k8snfs
+
+mounthost: "{{ groups['manager'][0] }}"
 
 nfs_mnt_dir_mode: 0755
 
-fstab_file_path: /etc/fstab
+fstab_file_path: /etc/fstab