Issue #818: Existing hosts inside awx inventory groups are not visible

Signed-off-by: Lakshmi-Patneedi <Lakshmi_Patneedi@Dellteam.com>

control_plane/roles/control_plane_common/tasks/device_config_validations.yml

@@ -16,17 +16,20 @@
 - name: Initialize variables
   set_fact:
     mngmnt_network_container_status: false
+  tags: init
 
 - name: Check mngmnt_network_container status on the machine
   command: kubectl get pods -n network-config
   register: mngmnt_network_container_result
   failed_when: false
   changed_when: false
+  tags: init
 
 - name: Validate if mngmnt_network is present if device_config is false
   set_fact:
     mngmnt_network_container_status: true
   when: "'mngmnt-network-container' in mngmnt_network_container_result.stdout"
+  tags: init
 
 - name: Validate if mngmnt_network is present if device_config is false
   assert:
@@ -34,6 +37,7 @@
     success_msg: "{{ mgmnt_device_fail }}"
     fail_msg: "{{ mgmnt_device_fail }}"
   when: mngmnt_network_container_status
+  tags: validate
 
 - name: Assert value of idrac_support if mngmnt_network container needed
   assert:
@@ -41,6 +45,7 @@
     success_msg: "{{ idrac_support_valid }}"
     fail_msg: " {{ failed_idrac_support }}"
   when: device_config_support
+  tags: validate
 
 - block:
     - name: Assert ethernet_switch_support
@@ -48,19 +53,21 @@
         that: ethernet_switch_support == true or ethernet_switch_support == false
         success_msg: "{{ ethernet_switch_support_success_msg }}"
         fail_msg: "{{ ethernet_switch_support_fail_msg }}"
+      tags: validate
 
     - name: Assert ib_switch_support
       assert:
         that:  ib_switch_support == true or ib_switch_support == false
         success_msg: "{{ ib_switch_support_success_msg }}"
         fail_msg: "{{ ib_switch_support_fail_msg }}"
+      tags: validate
 
     - name: Assert powervault_support
       assert:
         that: powervault_support == true or powervault_support == false
         success_msg: "{{ powervault_support_success_msg }}"
         fail_msg: "{{ powervault_support_fail_msg }}"
-
+      tags: validate
   when: device_support_status
 
 - block:
@@ -69,28 +76,34 @@
       that: ethernet_switch_support == true
       success_msg: "{{ ethernet_device_config }}"
     failed_when: false
+    tags: validate
 
   - name: Set ethernet_switch_support when not device_config_support
     set_fact:
       ethernet_switch_support: false
+    tags: init
 
   - name: Check value of ib_switch_support when not device_config_support
     assert:
       that: ib_switch_support == true
       success_msg: "{{ ib_device_config }}"
     failed_when: false
+    tags: validate
 
   - name: Set ib_switch_support when not device_config_support
     set_fact:
       ib_switch_support: false
+    tags: init
 
   - name: Check value of powervault_support when not device_config_support
     assert:
       that: powervault_support == true
       success_msg: "{{ pv_device_config }}"
     failed_when: false
+    tags: validate
 
   - name: Set powervault_support when not device_config_support
     set_fact:
       powervault_support: false
+    tags: init
   when: not device_support_status

control_plane/roles/control_plane_common/tasks/fetch_base_inputs.yml

@@ -44,6 +44,7 @@
   assert:
     that: mngmnt_network_nic | length > 1
     fail_msg: "{{ input_base_failure_msg }}"
+  tags: validate
   when: device_config_support
   
 - name: Validate the value of device config support
@@ -74,6 +75,7 @@
       - '"/"  in device_ip_list_path'
     success_msg: "{{ device_ip_list_not_supported  }}"
   when: not idrac_support
+  tags: validate
   failed_when: false
 
 - name: Set status for device_config_support
@@ -184,7 +186,7 @@
         - ib_network_dhcp_end_range | length > 6
     success_msg: "{{ success_msg_ib }}"
     fail_msg: "{{ fail_msg_ib }}"
-    register: ib_check
+  register: ib_check
   when: ib_switch_support
   tags: [ validate, network-ib ]
 
@@ -234,12 +236,10 @@
 
 - name: Validate device_config_support
   import_tasks: device_config_validations.yml
-  tags: [ validate, init ]
 
 - name: Validate device_config_support
   import_tasks: validate_device_ip_file.yml
   when: device_config_ip_file
-  tags: [ validate, init ]
 
 - name: Validate NIC parameters
   import_tasks: validate_nic_vars.yml

control_plane/roles/control_plane_common/tasks/fetch_security_inputs.yml

@@ -48,7 +48,7 @@
   command: hostname -s
   register: short_hostname
   changed_when: false
-  tags: [ validate, security ]
+  tags: security
 
 - name: Verify the hostname is not blank in hostname
   fail:
@@ -70,7 +70,7 @@
   register: domain_name_set
   changed_when: false
   failed_when: false
-  tags: [ validate, security ]
+  tags: security
 
 - name: Verify the domain name is not blank in hostname
   fail:
@@ -81,7 +81,7 @@
 - name: Set fact for the domain name in hostname
   set_fact:
     ms_domain_name: "{{ domain_name_set.stdout }}"
-  tags: [ validate, security ]
+  tags: security
 
 - name: Validate the domain name set on the host
   assert:
@@ -95,7 +95,7 @@
   command: hostname
   register: machine_hostname
   changed_when: false
-  tags: [ validate, security ]
+  tags: security
 
 - name: Add host name in hosts file
   lineinfile:
@@ -162,8 +162,9 @@
 
 - name: Prepare user list
   set_fact:
-      user_list: "{{ lookup('vars', 'user').split()| unique | select| list }}"
+    user_list: "{{ lookup('vars', 'user').split()| unique | select| list }}"
   when: user | length > 1
+  tags: security
 
 - name: validate user
   assert:
@@ -173,6 +174,7 @@
     success_msg: "{{ user_success_msg }}"
     fail_msg: "{{ user_fail_msg }}"
   with_items: "{{ user_list }}"
+  tags: [ validate, security ]
   when:
     - user | length > 1
 
@@ -182,3 +184,4 @@
       - allow_deny == 'Allow' or allow_deny == 'Deny'
     success_msg: "{{ allow_deny_success_msg }}"
     fail_msg: "{{ allow_deny_fail_msg }}"
+  tags: [ validate, security ]

control_plane/roles/control_plane_common/tasks/main.yml

@@ -35,6 +35,7 @@
 
 - name: iDRAC inputs validation
   import_tasks: validate_idrac_vars.yml
+  when: idrac_support
 
 - name: Subnet manager inputs validation
   import_tasks: fetch_sm_inputs.yml
@@ -56,6 +57,7 @@
 
 - name: Encrypt idrac_tools_vars.yml
   import_tasks: encrypt_idrac_tools_vars.yml
+  when: idrac_support
   tags: init
 
 - name: NFS Server setup for offline repo and awx

control_plane/roles/control_plane_common/tasks/nfs_server_setup.yml

@@ -13,6 +13,15 @@
 #  limitations under the License.
 ---
 
+- name: Creating NFS share directory
+  file:
+    path: "{{ item }}"
+    state: directory
+    mode: "{{ nfs_share_dir_mode }}"
+  with_items:
+    - "{{ nfs_share_offline_repo }}"
+    - "{{ nfs_share_awx }}"
+
 - name: Install nfs-utils
   package:
     name: nfs-utils
@@ -38,15 +47,6 @@
     - rpcbind
     - nfs-server
 
-- name: Creating NFS share directory
-  file:
-    path: "{{ item }}"
-    state: directory
-    mode: "{{ nfs_share_dir_mode }}"
-  with_items:
-    - "{{ nfs_share_offline_repo }}"
-    - "{{ nfs_share_awx }}"
-
 - name: Adding NFS share entries in /etc/exports
   lineinfile:
     path: "{{ exports_file_path }}"
@@ -65,7 +65,7 @@
     - { path: "{{ nfs_share_offline_repo }}", ip: "{{ mngmnt_network_subnet }}/{{ mngmnt_network_netmask }}" }
   when: device_config_support
 
-- name: Adding NFS share entries in /etc/exports when device_config_support
+- name: Adding NFS share entries in /etc/exports when idrac_support
   lineinfile:
     path: "{{ exports_file_path }}"
     line: "{{ nfs_share_offline_repo  }} {{ item }}(rw,sync,no_root_squash)"
@@ -89,9 +89,3 @@
 - name: Reload firewalld
   command: firewall-cmd --reload
   changed_when: true
-
-- name: Stop and disable firewalld
-  service:
-    name: firewalld
-    state: stopped
-    enabled: no

control_plane/roles/control_plane_common/tasks/pre_requisite.yml

@@ -80,9 +80,23 @@
   register: os_value
   tags: [ init, validate ]
 
-- name: State of firewall
-  service:
-    name: firewalld
-    state: started
-    enabled: yes
+- block:
+    - name: Fetch SElinux mode
+      command: sestatus
+      register: sestatus_current
+      changed_when: false
+
+    - name: Disable SElinux
+      replace:
+        path: "{{ selinux_config_path }}"
+        regexp: 'SELINUX=[a-z]+'
+        replace: 'SELINUX=disabled'
+      when: '"SELinux status:                 enabled" in sestatus_current.stdout_lines'
+
+    - name: Status of SElinux
+      fail:
+        msg: "{{ selinux_status }}"
+      when: '"SELinux status:                 enabled" in sestatus_current.stdout_lines'
+      register: selinux_value
   tags: init
+  when: os_supported_leap not in mgmt_os

control_plane/roles/control_plane_common/tasks/validate_device_ip_file.yml

@@ -13,18 +13,21 @@
 #  limitations under the License.
 ---
 
-- name: Check IP
+- name: Set IP list with device_ip_list
   set_fact:
     device_ip: "{{ lookup('file', '{{ device_ip_list_path }}').splitlines() |list }}"
+  tags: init
 
 - name: Filter all the IP present
   set_fact:
     len1: "{{ device_ip | length }}"
     device_ip_temp: "{{ device_ip | ipv4('address') | list }}"
+  tags: init
 
-- name: size
+- name: Set total number of IP present
   set_fact:
     len2: "{{ device_ip_temp | length }}"
+  tags: init
 
 - name: Assert if valid device_ip_file
   assert:
@@ -32,9 +35,11 @@
       - len1 == len2
     fail_msg: "{{ fail_device_ip_format }}"
     success_msg: "{{ success_device_ip_format }}"
+  tags: validate
 
-- name: Copy the Ips to file
+- name: Copy the IP list to provisioned hosts file
   copy:
     src: "{{ device_ip_list_path }}"
     dest: "{{ mgmnt_ip_path }}"
     mode: "{{ file_perm }}"
+  tags: init

control_plane/roles/control_plane_common/tasks/validate_idrac_vars.yml

@@ -12,35 +12,34 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ---
-- block:
-  - name: Include variable file idrac_vars.yml
-    include_vars: "{{ idrac_input_filename }}"
-    run_once: true
-    tags: init
 
-  - name: Assert firmware_update_required value
-    assert:
-      that:
-        - firmware_update_required == true or firmware_update_required == false
-      success_msg: "{{ firmware_update_success_msg }}"
-      fail_msg: "{{ firmware_update_fail_msg }}"
-    tags: [ validate, firmware-repo ]
+- name: Include variable file idrac_vars.yml
+  include_vars: "{{ idrac_input_filename }}"
+  run_once: true
+  tags: init
 
-  - name: Read poweredge_model file
-    command: cat {{ role_path }}/files/poweredge_models.txt
-    failed_when: false
-    register: poweredge_models_file_output
-    changed_when: false
-    tags: [ validate, firmware-repo ]
+- name: Assert firmware_update_required value
+  assert:
+    that:
+      - firmware_update_required == true or firmware_update_required == false
+    success_msg: "{{ firmware_update_success_msg }}"
+    fail_msg: "{{ firmware_update_fail_msg }}"
+  tags: [ validate, firmware-repo ]
 
-  - name: Assert poweredge_model value
-    assert:
-      that:
-        - item | length > 1
-        - item in poweredge_models_file_output.stdout
-      success_msg: "{{ poweredge_model_success_msg }}"
-      fail_msg: "{{ poweredge_model_fail_msg }}"
-    when: firmware_update_required
-    with_items: "{{ poweredge_model.split(',') | map('trim') }}"
-    tags: [ validate, firmware-repo ]
-  when: idrac_support
+- name: Read poweredge_model file
+  command: cat {{ role_path }}/files/poweredge_models.txt
+  failed_when: false
+  register: poweredge_models_file_output
+  changed_when: false
+  tags: [ validate, firmware-repo ]
+
+- name: Assert poweredge_model value
+  assert:
+    that:
+      - item | length > 1
+      - item in poweredge_models_file_output.stdout
+    success_msg: "{{ poweredge_model_success_msg }}"
+    fail_msg: "{{ poweredge_model_fail_msg }}"
+  when: firmware_update_required
+  with_items: "{{ poweredge_model.split(',') | map('trim') }}"
+  tags: [ validate, firmware-repo ]

control_plane/roles/control_plane_common/tasks/validate_nic_vars.yml

@@ -35,6 +35,7 @@
   tags: init
 
 ### management network
+
 - block:
   - name: Assert management network nic
     assert:
@@ -126,6 +127,7 @@
     when: mngmnt_mapping_file and not result_mngmnt_mapping_file.stat.exists
     tags: init
   when: device_config_support
+
 ### host network
 
 - name: Fetch the host network ip, netmask and subnet
@@ -227,9 +229,10 @@
       - public_nic != host_network_nic
     success_msg: "{{ success_msg_different_nics }}"
     fail_msg: "{{ fail_msg_different_nics }}"
-  tags: [ validate, pxe, network-device ]
+  tags: [ validate, pxe ]
 
 ### ib network
+
 - block:
     - name: Fetch the infiniband network ip, netmask and subnet
       set_fact:

control_plane/roles/control_plane_common/vars/main.yml

@@ -58,6 +58,7 @@ python_version_support: '3.6.8'
 default_ansible_config_file_path: /etc/ansible/ansible.cfg
 invalid_run_tag_msg: "Failed. init tag should be used with run tags"
 invalid_skip_tag_msg: "Failed. init tag can't be used with skip tags"
+selinux_config_path: /etc/sysconfig/selinux
 
 # Usage: verify_login_inputs.yml
 login_vars_filename: "input_params/login_vars.yml"

control_plane/roles/control_plane_k8s/tasks/k8s_firewalld.yml

@@ -1,4 +1,4 @@
-#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#  Copyright 2022 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -13,17 +13,6 @@
 #  limitations under the License.
 ---
 
-- name: Install firewalld
-  package:
-    name: firewalld
-    state: present
-
-- name: Start and enable firewalld
-  service:
-    name: firewalld
-    state: started
-    enabled: yes
-
 - name: Configure firewalld on master nodes
   firewalld:
     port: "{{ item }}"
@@ -53,9 +42,3 @@
 - name: Reload firewalld
   command: firewall-cmd --reload
   changed_when: true
-
-- name: Stop and disable firewalld
-  service:
-    name: firewalld
-    state: stopped
-    enabled: no

control_plane/roles/control_plane_k8s/tasks/k8s_installation.yml

@@ -19,6 +19,10 @@
     fstype: swap
     state: absent
 
+- name: Disable selinux
+  selinux:
+    state: disabled
+
 - name: Copy k8s.conf file
   copy:
     src: k8s.conf

control_plane/roles/control_plane_security/tasks/firewall_settings.yml

@@ -13,17 +13,6 @@
 #  limitations under the License.
 ---
 
-- name: Install firewalld
-  package:
-    name: firewalld
-    state: present
-
-- name: Start and enable firewalld
-  service:
-    name: firewalld
-    state: started
-    enabled: yes
-
 - name: Firewall ports addition - tcp/udp ports
   firewalld:
     zone: public
@@ -47,9 +36,3 @@
 - name: Reload firewalld
   command: firewall-cmd --reload
   changed_when: true
-
-- name: Stop and disable firewalld
-  service:
-    name: firewalld
-    state: stopped
-    enabled: no

control_plane/roles/webui_awx/tasks/check_prerequisites.yml

@@ -55,6 +55,7 @@
 - block:
     - name: Get awx-service cluster-ip
       command: "kubectl get svc {{ awx_service_name }} -n {{ awx_namespace }} -o jsonpath='{.spec.clusterIP}'"
+      changed_when: false
       register: awx_cluster_ip
 
     - name: Get AWX admin password
@@ -62,6 +63,7 @@
         set -o pipefail && \
         kubectl get secret awx-admin-password -n {{ awx_namespace }} -o jsonpath='{.data.password}' | base64 --decode
       no_log: true
+      changed_when: false
       register: awx_admin_password
 
     - name: Waiting for the AWX UI to be up
@@ -93,10 +95,12 @@
     - block:
          - name: Fetching Schedule from AWX UI
            command: awx schedules list --all --conf.host http://{{ awx_cluster_ip.stdout }}:{{ awx_port }} --conf.username admin --conf.password {{ awx_admin_password.stdout }} -f human --filter "name"
+           changed_when: false
            register: awx_schedule_list
 
          - name: Fetching job_templates from AWX UI
            command: awx job_templates list --all --conf.host http://{{ awx_cluster_ip.stdout }}:{{ awx_port }} --conf.username admin --conf.password {{ awx_admin_password.stdout }} -f human --filter "name"
+           changed_when: false
            register: awx_job_templates_list
 
          - name: Updating awx_configuration_status

control_plane/roles/webui_awx/tasks/configure_settings.yml

@@ -1,4 +1,4 @@
-# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+# Copyright 2022 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -117,6 +117,8 @@
 
 - name: Waiting for AWX UI
   wait_for:
+    host: "{{ awx_cluster_ip.stdout }}"
+    port: "{{ awx_port }}"
     timeout: "{{ awx_ui_wait_time }}"
 
 - name: Waiting for the AWX UI to be up

control_plane/roles/webui_awx/tasks/install_awx.yml

@@ -20,36 +20,6 @@
   changed_when: false
   register: namespaces
 
-- name: Creating directory for deploying awx-operator
-  file:
-    path: "{{ awx_operator_folder }}"
-    state: directory
-    mode: "{{ file_perm }}"
-
-- name: Check for awx-operator status
-  stat:
-    path: "{{ awx_manager_file }}"
-  register: awx_operator_repo
-
-- name: Cloning awx-operator from github
-  git:
-    repo: "{{ awx_operator_link }}"
-    dest: "{{ awx_operator_folder }}"
-    version: "{{ awx_tag }}"
-  when: not awx_operator_repo.stat.exists
-
-- name: Modifying livenessprobe value
-  replace:
-    path: "{{ awx_manager_file }}"
-    regexp: "{{ liveness_probe_initial }}"
-    replace: "{{ liveness_probe_final }}"
-
-- name: Modifying readinessprobe value
-  replace:
-    path: "{{ awx_manager_file }}"
-    regexp: "{{ readiness_probe_initial }}"
-    replace: "{{ readiness_probe_final }}"
-
 - name: Create namespace
   command: "kubectl create namespace {{ awx_namespace }}"
   changed_when: true
@@ -64,17 +34,86 @@
     name: jq
     state: present
 
-- name: Deploying awx-operator
-  command: make deploy
-  changed_when: false
-  args:
-    chdir: "{{ awx_operator_folder }}"
-  environment:
-    NAMESPACE: "{{ awx_namespace }}"
+- name: Creating and deploying AWX operator
+  block:
+    - name: Creating directory for deploying awx-operator
+      file:
+        path: "{{ awx_operator_folder }}"
+        state: directory
+        mode: "{{ file_perm }}"
+
+    - name: Check for awx-operator status
+      stat:
+        path: "{{ awx_manager_file }}"
+      register: awx_operator_repo
+
+    - name: Cloning awx-operator from github
+      git:
+        repo: "{{ awx_operator_link }}"
+        dest: "{{ awx_operator_folder }}"
+        version: "{{ awx_operator_version }}"
+      when: not awx_operator_repo.stat.exists
+
+    - name: Modifying livenessprobe value
+      replace:
+        path: "{{ awx_manager_file }}"
+        regexp: "{{ liveness_probe_initial }}"
+        replace: "{{ liveness_probe_final }}"
+
+    - name: Modifying readinessprobe value
+      replace:
+        path: "{{ awx_manager_file }}"
+        regexp: "{{ readiness_probe_initial }}"
+        replace: "{{ readiness_probe_final }}"
+
+    - name: Deploying awx-operator
+      command: make deploy
+      changed_when: false
+      args:
+        chdir: "{{ awx_operator_folder }}"
+      environment:
+        NAMESPACE: "{{ awx_namespace }}"
+  rescue:
+    - name: Cleaning awx-operator folder
+      file:
+        path: "{{ awx_operator_folder }}"
+        state: absent
+    
+    - name: Creating directory for deploying awx-operator
+      file:
+        path: "{{ awx_operator_folder }}"
+        state: directory
+        mode: "{{ file_perm }}"
+
+    - name: Cloning awx-operator from github
+      git:
+        repo: "{{ awx_operator_link }}"
+        dest: "{{ awx_operator_folder }}"
+        version: "{{ awx_operator_version }}"
+
+    - name: Modifying livenessprobe value
+      replace:
+        path: "{{ awx_manager_file }}"
+        regexp: "{{ liveness_probe_initial }}"
+        replace: "{{ liveness_probe_final }}"
+
+    - name: Modifying readinessprobe value
+      replace:
+        path: "{{ awx_manager_file }}"
+        regexp: "{{ readiness_probe_initial }}"
+        replace: "{{ readiness_probe_final }}"
+
+    - name: Deploying awx-operator
+      command: make deploy
+      changed_when: false
+      args:
+        chdir: "{{ awx_operator_folder }}"
+      environment:
+        NAMESPACE: "{{ awx_namespace }}"
 
-- name: Waiting for awx operator deployment {This might take 10-15 minutes}
+- name: Waiting for awx operator deployment
   block:
-    - name: Waiting for awx-operator deployment to be up and running
+    - name: Waiting for awx-operator deployment to be up and running (This might take 10-15 minutes)
       command: kubectl wait --for=condition=available deployment awx-operator-controller-manager -n {{ awx_namespace }} --timeout={{ awx_operator_time }}
       changed_when: false 
   rescue:
@@ -125,7 +164,7 @@
   changed_when: true
   when: not k8s_pods.stdout | regex_search('awx-([A-Za-z0-9]{10})-([A-Za-z0-9]{5})')
 
-- name: Wait for awx pods to get created
+- name: Wait for awx pods to get created (This will take 10min)
   wait_for:
     timeout: "{{ awx_wait_time }}"
   when: not k8s_pods.stdout | regex_search('awx-([A-Za-z0-9]{10})-([A-Za-z0-9]{5})')

control_plane/roles/webui_awx/vars/main.yml

@@ -24,9 +24,9 @@ awx_yml_file_path: "{{ role_path }}/files/awx.yml"
 postgres_storage_class: nfs-client
 projects_existing_claim: awx-pv-claim
 awx_version: 19.4.0
-awx_tag: 0.14.0
+awx_operator_version: 0.17.0
 file_perm: '0644'
-awx_wait_time: 90
+awx_wait_time: 600
 deployment_failure_msg: "Deployment failed due to docker pull rate limit"
 awx_operator_link: "https://github.com/ansible/awx-operator.git"
 awx_manager_file: '/root/awx-operator/config/manager/manager.yaml'
@@ -53,9 +53,9 @@ awx_tcp_ports:
   - 30000-32767
 awx_ui_msg: "AWX Upgrading"
 return_status: 200
-max_retries: 20
+max_retries: 25
 max_delay: 15
-awx_ui_wait_time: 200
+awx_ui_wait_time: 900
 
 # Usage: check_prerequisites.yml
 min_retries: 2
@@ -102,4 +102,4 @@ omnia_job_template_details:
   - { name: deploy_omnia_template, inventory: node_inventory, playbook: omnia.yml, credential: node_credential }
 scheduled_templates:
   - { name: NodeInventorySchedule, template: node_inventory_job, schedule_rule: "DTSTART:20210815T120000Z RRULE:FREQ=MINUTELY;INTERVAL=10", flag: true }
-  - { name: DeviceInventorySchedule, template: device_inventory_job, schedule_rule: "DTSTART:20210815T060000Z RRULE:FREQ=DAILY;INTERVAL=1", flag: "{{ device_support_status }}"}
+  - { name: DeviceInventorySchedule, template: device_inventory_job, schedule_rule: "DTSTART:20210815T060000Z RRULE:FREQ=DAILY;INTERVAL=1", flag: "{{ device_support_status }}"}

roles/common/tasks/main.yml

@@ -72,6 +72,11 @@
         name: "swap"
         fstype: swap
         state: absent
+        
+    - name: Disable selinux
+      selinux:
+        state: disabled
+      tags: install
 
     - name: Install common packages
       package: