Issue 458: updated fetch_password role

Signed-off-by: abhishek-s-a <a_sa@dellteam.com>

control_plane/input_params/ethernet_tor_vars.yml

@@ -0,0 +1,193 @@
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+
+# ---Default configurations written for Dell PowerSwitch S3048-ON---
+# ---Change the configurations as per the switch model to avoid failures---
+# ---Use this configuration file for all S3* and S4* switches---
+# ---S3* Switches: S3048-ON, S4048T-ON, S4112F-ON---
+# ---S4* Switches: S4048-ON, S4048T-ON, S4112F-ON, S4112T-ON, S4128F-ON,
+# ---------------- S4148F-ON, S4128T-ON, S4148T-ON, S4148FE, S4148U, S4248FBL-ON ---
+
+# Global configuration for switch
+os10_config:
+    - "interface vlan1"
+    - "exit"
+
+# Interface configuration for switch
+os10_interface:
+    ethernet 1/1/1:
+      desc: "Port 1"
+      admin: up
+    ethernet 1/1/2:
+      desc: "Port 2"
+      admin: up
+    ethernet 1/1/3:
+      desc: "Port 3"
+      admin: up
+    ethernet 1/1/4:
+      desc: "Port 4"
+      admin: up
+    ethernet 1/1/5:
+      desc: "Port 5"
+      admin: up
+    ethernet 1/1/6:
+      desc: "Port 6"
+      admin: up
+    ethernet 1/1/7:
+      desc: "Port 7"
+      admin: up
+    ethernet 1/1/8:
+      desc: "Port 8"
+      admin: up
+    ethernet 1/1/9:
+      desc: "Port 9"
+      admin: up
+    ethernet 1/1/10:
+      desc: "Port 10"
+      admin: up
+    ethernet 1/1/11:
+      desc: "Port 11"
+      admin: up
+    ethernet 1/1/12:
+      desc: "Port 12"
+      admin: up
+    ethernet 1/1/13:
+      desc: "Port 13"
+      admin: up
+    ethernet 1/1/14:
+      desc: "Port 14"
+      admin: up
+    ethernet 1/1/15:
+      desc: "Port 15"
+      admin: up
+    ethernet 1/1/16:
+      desc: "Port 16"
+      admin: up
+    ethernet 1/1/17:
+      desc: "Port 17"
+      admin: up
+    ethernet 1/1/18:
+      desc: "Port 18"
+      admin: up
+    ethernet 1/1/19:
+      desc: "Port 19"
+      admin: up
+    ethernet 1/1/20:
+      desc: "Port 20"
+      admin: up
+    ethernet 1/1/21:
+      desc: "Port 21"
+      admin: up
+    ethernet 1/1/22:
+      desc: "Port 22"
+      admin: up
+    ethernet 1/1/23:
+      desc: "Port 23"
+      admin: up
+    ethernet 1/1/24:
+      desc: "Port 24"
+      admin: up
+    ethernet 1/1/25:
+      desc: "Port 25"
+      admin: up
+    ethernet 1/1/26:
+      desc: "Port 26"
+      admin: up
+    ethernet 1/1/27:
+      desc: "Port 27"
+      admin: up
+    ethernet 1/1/28:
+      desc: "Port 28"
+      admin: up
+    ethernet 1/1/29:
+      desc: "Port 29"
+      admin: up
+    ethernet 1/1/30:
+      desc: "Port 30"
+      admin: up
+    ethernet 1/1/31:
+      desc: "Port 31"
+      admin: up
+    ethernet 1/1/32:
+      desc: "Port 32"
+      admin: up
+    ethernet 1/1/33:
+      desc: "Port 33"
+      admin: up
+    ethernet 1/1/34:
+      desc: "Port 34"
+      admin: up
+    ethernet 1/1/35:
+      desc: "Port 35"
+      admin: up
+    ethernet 1/1/36:
+      desc: "Port 36"
+      admin: up
+    ethernet 1/1/37:
+      desc: "Port 37"
+      admin: up
+    ethernet 1/1/38:
+      desc: "Port 38"
+      admin: up
+    ethernet 1/1/39:
+      desc: "Port 39"
+      admin: up
+    ethernet 1/1/40:
+      desc: "Port 40"
+      admin: up
+    ethernet 1/1/41:
+      desc: "Port 41"
+      admin: up
+    ethernet 1/1/42:
+      desc: "Port 42"
+      admin: up
+    ethernet 1/1/43:
+      desc: "Port 43"
+      admin: up
+    ethernet 1/1/44:
+      desc: "Port 4"
+      admin: up
+    ethernet 1/1/45:
+      desc: "Port 45"
+      admin: up
+    ethernet 1/1/46:
+      desc: "Port 46"
+      admin: up
+    ethernet 1/1/47:
+      desc: "Port 47"
+      admin: up
+    ethernet 1/1/48:
+      desc: "Port 48"
+      admin: up
+    ethernet 1/1/49:
+      desc: "Port 49"
+      admin: up
+    ethernet 1/1/50:
+      desc: "Port 50"
+      admin: up
+    ethernet 1/1/51:
+      desc: "Port 51"
+      admin: up
+    ethernet 1/1/52:
+      desc: "Port 52"
+      admin: up
+    vlan 1:
+      admin: up
+
+# save_changes_to_startup is a boolean flag. By default, this option is set to false.
+# When set to true, it will save the switch's running configuration to the startup configuration file
+# after the role applies its configuration. This will allow the configuration to persist after a
+# restart or power failure.
+save_changes_to_startup: false

control_plane/input_params/ethernet_vars.yml

@@ -13,105 +13,124 @@
 #  limitations under the License.
 
 
-# ---Default configurations written for Dell PowerSwitch S4128T-ON---
+# ---Default configurations written for Dell PowerSwitch S5232F-ON---
 # ---Change the configurations as per the switch model to avoid failures---
+# ---Use this configuration file for all switches other than S3* and S4* switches---
+
 
 # Global configuration for switch
 os10_config:
     - "interface vlan1"
     - "exit"
 
+# By default, all ports are set up in 10g-4x breakout mode
+# Possible values of breakout/fanout mode: 10g-4x, 25g-4x, 40g-1x, 50g-2x, 100g-1x
+breakout_value: 10g-4x
+
 # Interface configuration for switch
+# By default, all ports are brought up in admin UP state
 os10_interface:
     ethernet 1/1/1:
-      desc: "Port 1"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/2:
-      desc: "Port 2"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/3:
-      desc: "Port 3"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/4:
-      desc: "Port 4"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/5:
-      desc: "Port 5"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/6:
-      desc: "Port 6"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/7:
-      desc: "Port 7"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/8:
-      desc: "Port 8"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/9:
-      desc: "Port 9"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/10:
-      desc: "Port 10"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/11:
-      desc: "Port 11"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/12:
-      desc: "Port 12"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/13:
-      desc: "Port 13"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/14:
-      desc: "Port 14"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/15:
-      desc: "Port 15"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/16:
-      desc: "Port 16"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/17:
-      desc: "Port 17"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/18:
-      desc: "Port 18"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/19:
-      desc: "Port 19"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/20:
-      desc: "Port 20"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/21:
-      desc: "Port 21"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/22:
-      desc: "Port 22"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/23:
-      desc: "Port 23"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/24:
-      desc: "Port 24"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/25:
-      desc: "Port 25"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/26:
-      desc: "Port 26"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/27:
-      desc: "Port 27"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/28:
-      desc: "Port 28"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/29:
-      desc: "Port 29"
       admin: up
+      fanout: "{{ breakout_value }}"
     ethernet 1/1/30:
-      desc: "Port 30"
+      admin: up
+      fanout: "{{ breakout_value }}"
+    ethernet 1/1/31:
+      admin: up
+      fanout: "{{ breakout_value }}"
+    ethernet 1/1/32:
+      desc: "Port 32"
+      admin: up
+    ethernet 1/1/33:
+      desc: "Port 33"
+      admin: up
+    ethernet 1/1/34:
+      desc: "Port 34"
       admin: up
     vlan 1:
       admin: up

control_plane/roles/network_ethernet/tasks/pre_requisites.yml

@@ -13,6 +13,21 @@
 # limitations under the License.
 ---
 
+- name: Install paramiko
+  command: pip3 install paramiko -i http://pypi.douban.com/simple/ --trusted-host pypi.douban.com
+  delegate_to: localhost
+  changed_when: false
+
+- name: Check if ethernet_tor_vars.yml exists
+  stat:
+    path: "{{ tor_config_file }}"
+  register: stat_result
+
+- name: Fail if config file doesn't exist
+  fail:
+    msg: "{{ fail_msg_tor_config_file }}"
+  when: not stat_result.stat.exists
+
 - name: Check if ethernet_vars.yml exists
   stat:
     path: "{{ config_file }}"
@@ -23,15 +38,37 @@
     msg: "{{ fail_msg_config_file }}"
   when: not stat_result.stat.exists
 
-- name: Include switch config variable file
-  include_vars: "{{ config_file }}"
+- name: Check switch model name
+  dellos10_command:
+    commands: 'show system | grep "Current Type"'
+  register: model_type
 
-- name: Assert save_changes_to_startup variable
-  assert:
-    that: "save_changes_to_startup == true or save_changes_to_startup == false"
-    success_msg: "{{ success_msg_save_config }}"
-    fail_msg: "{{ fail_msg_save_config }}"
+- name: Save switch model name
+  set_fact:
+    model_type: "{{ model_type.stdout[0].split(' ')[-1] }}"
 
-- name: Install paramiko
-  command: pip3 install paramiko -i http://pypi.douban.com/simple/ --trusted-host pypi.douban.com
-  changed_when: false
+- name: Pre-requisite tasks for S3* and S4* switches
+  block:
+    - name: Include ethernet_tor_vars.yml config variable file
+      include_vars: "{{ tor_config_file }}"
+
+    - name: Assert save_changes_to_startup variable
+      assert:
+        that: "save_changes_to_startup == true or save_changes_to_startup == false"
+        success_msg: "{{ success_msg_tor_save_config }}"
+        fail_msg: "{{ fail_msg_tor_save_config }}"
+
+  when: "'S3' in model_type or 'S4' in model_type"
+
+- name: Pre-requisite tasks for other ethernet switches
+  block:
+    - name: Include ethernet_vars.yml config variable file
+      include_vars: "{{ config_file }}"
+
+    - name: Assert save_changes_to_startup variable
+      assert:
+        that: "save_changes_to_startup == true or save_changes_to_startup == false"
+        success_msg: "{{ success_msg_save_config }}"
+        fail_msg: "{{ fail_msg_save_config }}"
+
+  when: "'S3' not in model_type and 'S4' not in model_type"

control_plane/roles/network_ethernet/vars/main.yml

@@ -16,7 +16,11 @@
 
 # Usage: pre_requisites.yml
 base_vars_file: "{{ role_path }}/../../input_params/base_vars.yml"
+tor_config_file: "{{ role_path }}/../../input_params/ethernet_tor_vars.yml"
 config_file: "{{ role_path }}/../../input_params/ethernet_vars.yml"
+fail_msg_tor_config_file: TOR Ethernet config file doesn't exist.
 fail_msg_config_file: Ethernet config file doesn't exist.
+success_msg_tor_save_config: TOR Ethernet config file validated.
+fail_msg_tor_save_config: save_changes_to_startup variable can only be set to true or false in ethernet_tor_vars.yml
 success_msg_save_config: Ethernet config file validated.
 fail_msg_save_config: save_changes_to_startup variable can only be set to true or false.

control_plane/roles/network_ib/tasks/authenticate.yml

@@ -45,7 +45,7 @@
   rescue:
     - name: Filtered response creation
       set_fact:
-        filtered_dict: "{{filtered_dict |combine({item.key: item.value})}}"
+        filtered_dict: "{{ filtered_dict |combine({ item.key: item.value }) }}"
       when: item.key not in 'invocation'
       with_dict: "{{ login }}"
       no_log: true

control_plane/roles/network_ib/tasks/interface_config.yml

@@ -24,7 +24,7 @@
       {
       "commands":
        [
-         "interface {{ item.key}}",
+         "interface {{ item.key }}",
          "description {{ item.value.description | default('<none>') }}",
          "{{ item.value.config | default([]) |join(', ') }}"
        ]

control_plane/tools/roles/cluster_preperation/tasks/passwordless_ssh.yml

@@ -21,19 +21,23 @@
 - name: Refresh ssh-key if changed
   command: ssh-keygen -R {{ current_host }}
   changed_when: False
-  ignore_errors: yes
+  failed_when: false
   when: "'manager' in group_names"
 
 - name: Verify whether passwordless ssh is set on the remote host
-  command: ssh -o PasswordAuthentication=no root@"{{ current_host }}" 'hostname'
+  shell: sshpass ssh -o "PasswordAuthentication=no" root@{{ current_host }} 'hostname'
   register: ssh_output
-  ignore_errors: yes
-  changed_when: False
+  async: 30
+  poll: 5
+  failed_when: false
+  changed_when: false
 
 - name: Update ssh connection status
   set_fact:
     ssh_status: true
-  when: "'Permission denied' not in ssh_output.stderr"
+  when:
+    - "'Permission denied' not in ssh_output.stderr"
+    -  ssh_output.stdout | length > 2
 
 - name: Verify the public key file existence
   stat:

control_plane/tools/roles/fetch_password/tasks/main.yml

@@ -12,24 +12,25 @@
 #  See the License for the specific language governing permissions and
 #  limitations under the License.
 ---
-- name: Include variables from common role
+
+- name: Include variables from control_plane_common role
   include_vars: "{{ role_path }}/../../../roles/control_plane_common/vars/main.yml"
   no_log: True
 
-- name: Check input config file is encrypted
-  command: cat {{ role_path }}/../../../{{ input_config_filename }}
+- name: Check login_vars.yml is encrypted
+  command: cat {{ role_path }}/../../../{{ login_vars_filename }}
   changed_when: false
   register: config_content
 
-- name: Decrpyt appliance_config.yml
+- name: Decrpyt login_vars.yml
   command: >-
-    ansible-vault decrypt {{ role_path }}/../../../{{ input_config_filename }}
+    ansible-vault decrypt {{ role_path }}/../../../{{ login_vars_filename }}
     --vault-password-file {{ role_path }}/../../../{{ vault_filename }}
   changed_when: false
   when: "'$ANSIBLE_VAULT;' in config_content.stdout"
 
 - name: Include variable file appliance_config.yml
-  include_vars: "{{ role_path }}/../../../{{ input_config_filename }}"
+  include_vars: "{{ role_path }}/../../../{{ login_vars_filename }}"
   no_log: true
 
 - name: Save input variables from file
@@ -37,8 +38,8 @@
     cobbler_password: "{{ provision_password }}"
   no_log: true
 
-- name: Encrypt input config file
+- name: Encrypt login_vars.yml
   command: >-
-    ansible-vault encrypt {{ role_path }}/../../../{{ input_config_filename }}
+    ansible-vault encrypt {{ role_path }}/../../../{{ login_vars_filename }}
     --vault-password-file {{ role_path }}/../../../{{ vault_filename }}
-  changed_when: false
+  changed_when: false