|
|
@@ -16,11 +16,13 @@
|
|
|
- name: Include base variable file base_vars.yml
|
|
|
include_vars: "{{ base_vars_filename }}"
|
|
|
no_log: true
|
|
|
+ tags: init
|
|
|
|
|
|
- name: Validate input parameters of base_vars are not empty
|
|
|
fail:
|
|
|
msg: "{{ input_base_failure_msg }}"
|
|
|
register: input_base_check
|
|
|
+ tags: validate
|
|
|
when:
|
|
|
- ansible_conf_file_path | length < 1 or
|
|
|
public_nic | length < 1 or
|
|
|
@@ -49,10 +51,12 @@
|
|
|
- default_lease_time|int >= 21600
|
|
|
success_msg: "{{ success_msg_lease_time }}"
|
|
|
fail_msg: "{{ fail_msg_lease_time }}"
|
|
|
+ tags: [ validate, pxe, network-device, network-ib ]
|
|
|
|
|
|
- name: Calculate max lease time
|
|
|
set_fact:
|
|
|
max_lease_time: "{{ default_lease_time|int + 10000 }}"
|
|
|
+ tags: [ init, pxe, network-device, network-ib ]
|
|
|
|
|
|
- name: Validate infiniband base_vars are not empty
|
|
|
assert:
|
|
|
@@ -64,18 +68,21 @@
|
|
|
fail_msg: "{{ fail_msg_ib }}"
|
|
|
register: ib_check
|
|
|
when: ib_switch_support
|
|
|
+ tags: [ validate, network-ib ]
|
|
|
|
|
|
- name: Set facts to validate snmp support
|
|
|
set_fact:
|
|
|
snmp_enabled: false
|
|
|
mngmnt_mapping_file: false
|
|
|
host_mapping_file: false
|
|
|
+ tags: init
|
|
|
|
|
|
- name: Verify snmp_trap_destination IP address
|
|
|
set_fact:
|
|
|
snmp_enabled: true
|
|
|
when: snmp_trap_destination | length > 1
|
|
|
-
|
|
|
+ tags: init
|
|
|
+
|
|
|
- name: Assert snmp trap destination address
|
|
|
assert:
|
|
|
that:
|
|
|
@@ -85,6 +92,7 @@
|
|
|
success_msg: "{{ success_snmp_trap_dest }}"
|
|
|
fail_msg: "{{ fail_snmp_trap_dest }}"
|
|
|
when: snmp_enabled
|
|
|
+ tags: [ validate, idrac, network-device, network-ib ]
|
|
|
|
|
|
- name: Assert snmp community string
|
|
|
assert:
|
|
|
@@ -94,11 +102,13 @@
|
|
|
success_msg: "{{ success_snmp_comm_msg }}"
|
|
|
fail_msg: "{{ fail_snmp_comm_msg }}"
|
|
|
when: snmp_enabled
|
|
|
+ tags: [ validate, idrac, network-device, network-ib ]
|
|
|
|
|
|
- name: Check whether ansible config file exists
|
|
|
stat:
|
|
|
path: "{{ ansible_conf_file_path }}/ansible.cfg"
|
|
|
register: ansible_conf_exists
|
|
|
+ tags: init
|
|
|
|
|
|
- name: Create the directory if it does not exist
|
|
|
file:
|
|
|
@@ -107,6 +117,7 @@
|
|
|
mode: "{{ file_perm }}"
|
|
|
when: not ansible_conf_exists.stat.exists
|
|
|
changed_when: false
|
|
|
+ tags: init
|
|
|
|
|
|
- name: Create ansible config file if it does not exist
|
|
|
copy:
|
|
|
@@ -116,6 +127,7 @@
|
|
|
[defaults]
|
|
|
log_path = /var/log/omnia.log
|
|
|
when: not ansible_conf_exists.stat.exists
|
|
|
+ tags: init
|
|
|
|
|
|
- name: Assert ethernet_switch_support
|
|
|
assert:
|
|
|
@@ -123,6 +135,7 @@
|
|
|
- ethernet_switch_support == true or ethernet_switch_support == false
|
|
|
success_msg: "{{ ethernet_switch_support_success_msg }}"
|
|
|
fail_msg: "{{ ethernet_switch_support_fail_msg }}"
|
|
|
+ tags: [ validate, init ]
|
|
|
|
|
|
- name: Assert ib_switch_support
|
|
|
assert:
|
|
|
@@ -130,6 +143,7 @@
|
|
|
- ib_switch_support == true or ib_switch_support == false
|
|
|
success_msg: "{{ ib_switch_support_success_msg }}"
|
|
|
fail_msg: "{{ ib_switch_support_fail_msg }}"
|
|
|
+ tags: [ validate, init ]
|
|
|
|
|
|
- name: Assert powervault_support
|
|
|
assert:
|
|
|
@@ -137,6 +151,7 @@
|
|
|
- powervault_support == true or powervault_support == false
|
|
|
success_msg: "{{ powervault_support_success_msg }}"
|
|
|
fail_msg: "{{ powervault_support_fail_msg }}"
|
|
|
+ tags: [ validate, init ]
|
|
|
|
|
|
- name: Assert enable_security_support
|
|
|
assert:
|
|
|
@@ -144,23 +159,8 @@
|
|
|
- enable_security_support == true or enable_security_support == false
|
|
|
success_msg: "{{ enable_security_support_success_msg }}"
|
|
|
fail_msg: "{{ enable_security_support_fail_msg }}"
|
|
|
-
|
|
|
-- name: Fetch the network interfaces in UP state in the system
|
|
|
- shell: set -o pipefail && ip a | awk '/state UP/{print $2}'
|
|
|
- register: nic_addr_up
|
|
|
- changed_when: false
|
|
|
-
|
|
|
-- name: Assert public nic
|
|
|
- assert:
|
|
|
- that:
|
|
|
- - public_nic in nic_addr_up.stdout
|
|
|
- success_msg: "{{ success_msg_public_nic }}"
|
|
|
- fail_msg: "{{ fail_msg_public_nic }}"
|
|
|
-
|
|
|
-- name: Fetch the system public IP
|
|
|
- set_fact:
|
|
|
- public_ip: "{{ lookup('vars','ansible_'+public_nic).ipv4.address }}"
|
|
|
-
|
|
|
+ tags: [ validate, init ]
|
|
|
+
|
|
|
- name: Assert kubernetes pod network CIDR
|
|
|
assert:
|
|
|
that:
|
|
|
@@ -169,8 +169,9 @@
|
|
|
- '"/" in appliance_k8s_pod_net_cidr '
|
|
|
success_msg: "{{ success_msg_k8s_pod_network_cidr }}"
|
|
|
fail_msg: "{{ fail_msg_k8s_pod_network_cidr }}"
|
|
|
+ tags: [ validate, init ]
|
|
|
|
|
|
-- name: Assert Organization in awx
|
|
|
+- name: Assert organization in awx
|
|
|
assert:
|
|
|
that:
|
|
|
- awx_organization | length >= min_username_length
|
|
|
@@ -181,6 +182,7 @@
|
|
|
- " \"'\" not in awx_organization "
|
|
|
success_msg: "{{ success_awx_organization }}"
|
|
|
fail_msg: "{{ fail_awx_organization }}"
|
|
|
+ tags: [ validate, awx ]
|
|
|
|
|
|
- name: Make mount directory for grafana if it doesnt exist
|
|
|
file:
|
|
|
@@ -189,300 +191,11 @@
|
|
|
mode: "{{ mount_dir_perm }}"
|
|
|
group: root
|
|
|
owner: root
|
|
|
+ tags: [ init, monitoring ]
|
|
|
|
|
|
-- name: Check timezone file
|
|
|
- command: grep -Fx "{{ timezone }}" {{ role_path }}/files/timezone.txt
|
|
|
- failed_when: false
|
|
|
- register: timezone_out
|
|
|
- changed_when: false
|
|
|
-
|
|
|
-- name: Assert timezone
|
|
|
- assert:
|
|
|
- that: timezone in timezone_out.stdout
|
|
|
- success_msg: "{{ success_timezone_msg }}"
|
|
|
- fail_msg: "{{ fail_timezone_msg }}"
|
|
|
- register: timezone_check
|
|
|
-
|
|
|
-- name: Assert language for provisioning nodes
|
|
|
- fail:
|
|
|
- msg: "{{ fail_language }}"
|
|
|
- when: '"en-US" not in language'
|
|
|
-
|
|
|
-- name: Assert provisioning method
|
|
|
- assert:
|
|
|
- that:
|
|
|
- - provision_method == "PXE" or provision_method == "idrac"
|
|
|
- success_msg: "{{ success_provision_method }}"
|
|
|
- fail_msg: "{{ fail_provision_method }}"
|
|
|
-
|
|
|
-- name: Assert provision_state
|
|
|
- assert:
|
|
|
- that:
|
|
|
- - provision_state == "stateful"
|
|
|
- fail_msg: "{{ provision_state_fail_msg }}"
|
|
|
- success_msg: "{{ provision_state_success_msg }}"
|
|
|
-
|
|
|
-- name: Assert operating system
|
|
|
- assert:
|
|
|
- that:
|
|
|
- - provision_os == os_supported_centos or
|
|
|
- provision_os == os_supported_rocky or
|
|
|
- provision_os == os_supported_leap
|
|
|
- fail_msg: "{{ provision_os_fail_msg }}"
|
|
|
- success_msg: "{{ provision_os_success_msg }}"
|
|
|
-
|
|
|
-- name: Verify the iso_file_path
|
|
|
- stat:
|
|
|
- path: "{{ iso_file_path }}"
|
|
|
- register: result_path_iso_file
|
|
|
-
|
|
|
-- name : Assert iso_file_path location
|
|
|
- fail:
|
|
|
- msg: "{{ missing_iso_file_path }}"
|
|
|
- when: not result_path_iso_file.stat.exists
|
|
|
-
|
|
|
-- name: Validate iso_file_path name
|
|
|
- assert:
|
|
|
- that:
|
|
|
- - result_path_iso_file.stat.exists
|
|
|
- - '".iso" in iso_file_path'
|
|
|
- - provision_os in iso_file_path | lower
|
|
|
- fail_msg: "{{ invalid_iso_file_path }}"
|
|
|
- success_msg: "{{ valid_iso_file_path }}"
|
|
|
-
|
|
|
-#### management_net_dhcp_start_end_range
|
|
|
-- name: Assert management network nic
|
|
|
- assert:
|
|
|
- that:
|
|
|
- - mngmnt_network_nic in nic_addr_up.stdout
|
|
|
- success_msg: "{{ success_msg_mngmnt_network_nic }}"
|
|
|
- fail_msg: "{{ fail_msg_mngmnt_network_nic }}"
|
|
|
-
|
|
|
-- name: Fetch the management network ip, netmask and subnet
|
|
|
- set_fact:
|
|
|
- mngmnt_network_ip: "{{ lookup('vars','ansible_'+mngmnt_network_nic).ipv4.address }}"
|
|
|
- mngmnt_network_netmask: "{{ lookup('vars','ansible_'+mngmnt_network_nic).ipv4.netmask }}"
|
|
|
- mngmnt_network_subnet: "{{ lookup('vars','ansible_'+mngmnt_network_nic).ipv4.network }}"
|
|
|
-
|
|
|
-- name: Check the subnet of management network dhcp start range
|
|
|
- shell: |
|
|
|
- IFS=. read -r i1 i2 i3 i4 <<< "{{ mngmnt_network_dhcp_start_range }}"
|
|
|
- IFS=. read -r m1 m2 m3 m4 <<< "{{ mngmnt_network_netmask }}"
|
|
|
- printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))"
|
|
|
- args:
|
|
|
- warn: no
|
|
|
- register: dhcp_start_mgmnt_result
|
|
|
- changed_when: false
|
|
|
-
|
|
|
-- name: Set the start dhcp subnet for management network
|
|
|
- set_fact:
|
|
|
- dhcp_start_mgmnt: "{{ dhcp_start_mgmnt_result.stdout }}"
|
|
|
-
|
|
|
-- name: Check the subnet of dhcp end range for management network
|
|
|
- shell: |
|
|
|
- IFS=. read -r i1 i2 i3 i4 <<< "{{ mngmnt_network_dhcp_end_range }}"
|
|
|
- IFS=. read -r m1 m2 m3 m4 <<< "{{ mngmnt_network_netmask }}"
|
|
|
- printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))"
|
|
|
- register: dhcp_end_mgmnt_result
|
|
|
- changed_when: false
|
|
|
-
|
|
|
-- name: Set the end dhcp subnet for management network
|
|
|
- set_fact:
|
|
|
- dhcp_end_mgmnt: "{{ dhcp_end_mgmnt_result.stdout }}"
|
|
|
-
|
|
|
-- name: Assert management_net_dhcp_start_range
|
|
|
- assert:
|
|
|
- that:
|
|
|
- - mngmnt_network_dhcp_start_range | length > 1
|
|
|
- - mngmnt_network_dhcp_start_range | ipv4
|
|
|
- - mngmnt_network_dhcp_start_range != mngmnt_network_ip
|
|
|
- - mngmnt_network_dhcp_start_range != mngmnt_network_dhcp_end_range
|
|
|
- - dhcp_start_mgmnt == mngmnt_network_subnet
|
|
|
- - dhcp_start_mgmnt == dhcp_end_mgmnt
|
|
|
- success_msg: "{{ success_dhcp_range }} for management network"
|
|
|
- fail_msg: "{{ fail_dhcp_range }} for management network"
|
|
|
-
|
|
|
-- name: Assert management_net_dhcp_end_range
|
|
|
- assert:
|
|
|
- that:
|
|
|
- - mngmnt_network_dhcp_end_range | length > 1
|
|
|
- - mngmnt_network_dhcp_end_range | ipv4
|
|
|
- - mngmnt_network_dhcp_end_range != mngmnt_network_ip
|
|
|
- - mngmnt_network_dhcp_start_range != mngmnt_network_dhcp_end_range
|
|
|
- - dhcp_end_mgmnt == mngmnt_network_subnet
|
|
|
- - dhcp_start_mgmnt == dhcp_end_mgmnt
|
|
|
- success_msg: "{{ success_dhcp_range }} for management network"
|
|
|
- fail_msg: "{{ fail_dhcp_range }} for management network"
|
|
|
-
|
|
|
-- name: Set the mapping file value for management network
|
|
|
- set_fact:
|
|
|
- mngmnt_mapping_file: true
|
|
|
- when: mngmnt_mapping_file_path | length > 0
|
|
|
-
|
|
|
-- name: Assert valid mngmnt_mapping_file_path
|
|
|
- stat:
|
|
|
- path: "{{ mngmnt_mapping_file_path }}"
|
|
|
- when: mngmnt_mapping_file
|
|
|
- register: result_mngmnt_mapping_file
|
|
|
-
|
|
|
-- name : Valid mngmnt_mapping_file_path
|
|
|
- fail:
|
|
|
- msg: "{{ invalid_mapping_file_path }} for management network"
|
|
|
- when: mngmnt_mapping_file and not result_mngmnt_mapping_file.stat.exists
|
|
|
-#########
|
|
|
-
|
|
|
-###Host network####
|
|
|
-- name: Fetch the host network ip, netmask and subnet
|
|
|
- set_fact:
|
|
|
- hpc_ip: "{{ lookup('vars','ansible_'+host_network_nic).ipv4.address }}"
|
|
|
- netmask: "{{ lookup('vars','ansible_'+host_network_nic).ipv4.netmask }}"
|
|
|
- subnet: "{{ lookup('vars','ansible_'+host_network_nic).ipv4.network }}"
|
|
|
-
|
|
|
-- name: Check the subnet of host network dhcp start range
|
|
|
- shell: |
|
|
|
- IFS=. read -r i1 i2 i3 i4 <<< "{{ host_network_dhcp_start_range }}"
|
|
|
- IFS=. read -r m1 m2 m3 m4 <<< "{{ netmask }}"
|
|
|
- printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))"
|
|
|
- args:
|
|
|
- warn: no
|
|
|
- register: dhcp_start_host_result
|
|
|
- changed_when: false
|
|
|
-
|
|
|
-- name: Set the start dhcp subnet for host network
|
|
|
- set_fact:
|
|
|
- dhcp_start_host: "{{ dhcp_start_host_result.stdout }}"
|
|
|
-
|
|
|
-- name: Check the subnet of dhcp end range for host network
|
|
|
- shell: |
|
|
|
- IFS=. read -r i1 i2 i3 i4 <<< "{{ host_network_dhcp_end_range }}"
|
|
|
- IFS=. read -r m1 m2 m3 m4 <<< "{{ netmask }}"
|
|
|
- printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))"
|
|
|
- register: dhcp_end_host_result
|
|
|
- changed_when: false
|
|
|
-
|
|
|
-- name: Set the end dhcp subnet for host network
|
|
|
- set_fact:
|
|
|
- dhcp_end_host: "{{ dhcp_end_host_result.stdout }}"
|
|
|
-
|
|
|
-- name: Assert host_network_dhcp_start_range
|
|
|
- assert:
|
|
|
- that:
|
|
|
- - host_network_dhcp_start_range | length > 1
|
|
|
- - host_network_dhcp_start_range | ipv4
|
|
|
- - host_network_dhcp_start_range != hpc_ip
|
|
|
- - host_network_dhcp_start_range != host_network_dhcp_end_range
|
|
|
- - dhcp_start_host == subnet
|
|
|
- - dhcp_start_host == dhcp_end_host
|
|
|
- success_msg: "{{ success_dhcp_range }} for host network"
|
|
|
- fail_msg: "{{ fail_dhcp_range }} for host network"
|
|
|
-
|
|
|
-- name: Assert host_network_dhcp_end_range
|
|
|
- assert:
|
|
|
- that:
|
|
|
- - host_network_dhcp_end_range | length > 1
|
|
|
- - host_network_dhcp_end_range | ipv4
|
|
|
- - host_network_dhcp_end_range != hpc_ip
|
|
|
- - host_network_dhcp_start_range != host_network_dhcp_end_range
|
|
|
- - dhcp_end_host == subnet
|
|
|
- - dhcp_start_host == dhcp_end_host
|
|
|
- success_msg: "{{ success_dhcp_range }} for host network"
|
|
|
- fail_msg: "{{ fail_dhcp_range }} for host network"
|
|
|
-
|
|
|
-- name: Set the mapping file value for host network
|
|
|
- set_fact:
|
|
|
- host_mapping_file: true
|
|
|
- when: host_mapping_file_path | length > 0
|
|
|
-
|
|
|
-- name: Assert valid mapping_file_path
|
|
|
- stat:
|
|
|
- path: "{{ host_mapping_file_path }}"
|
|
|
- when: host_mapping_file
|
|
|
- register: result_host_mapping_file
|
|
|
-
|
|
|
-- name: Valid mapping_file_path
|
|
|
- fail:
|
|
|
- msg: "{{ invalid_mapping_file_path }} for host_network"
|
|
|
- when: host_mapping_file and not result_host_mapping_file.stat.exists
|
|
|
-
|
|
|
-- name: Verify different nics
|
|
|
- assert:
|
|
|
- that:
|
|
|
- - public_nic != mngmnt_network_nic
|
|
|
- - mngmnt_network_nic != host_network_nic
|
|
|
- - public_nic != host_network_nic
|
|
|
- success_msg: "{{ success_msg_different_nics }}"
|
|
|
- fail_msg: "{{ fail_msg_different_nics }}"
|
|
|
+- name: Validate provision paramters
|
|
|
+ import_tasks: validate_provision_vars.yml
|
|
|
+ tags: [ validate, idrac, pxe ]
|
|
|
|
|
|
-########
|
|
|
-- name: Fetch the infiniband network ip, netmask and subnet
|
|
|
- set_fact:
|
|
|
- ib_ip: "{{ lookup('vars','ansible_'+ib_network_nic).ipv4.address }}"
|
|
|
- ib_netmask: "{{ lookup('vars','ansible_'+ib_network_nic).ipv4.netmask }}"
|
|
|
- ib_subnet: "{{ lookup('vars','ansible_'+ib_network_nic).ipv4.network }}"
|
|
|
- when: ib_switch_support
|
|
|
-
|
|
|
-- name: Check the subnet of infiniband network dhcp start range
|
|
|
- shell: |
|
|
|
- IFS=. read -r i1 i2 i3 i4 <<< "{{ ib_network_dhcp_start_range }}"
|
|
|
- IFS=. read -r m1 m2 m3 m4 <<< "{{ ib_netmask }}"
|
|
|
- printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))"
|
|
|
- args:
|
|
|
- warn: no
|
|
|
- register: dhcp_start_ib_result
|
|
|
- when: ib_switch_support
|
|
|
- changed_when: false
|
|
|
-
|
|
|
-- name: Set the start dhcp subnet for infiniband network
|
|
|
- set_fact:
|
|
|
- dhcp_start_ib: "{{ dhcp_start_ib_result.stdout }}"
|
|
|
- when: ib_switch_support
|
|
|
-
|
|
|
-- name: Check the subnet of dhcp end range for infiniband network
|
|
|
- shell: |
|
|
|
- IFS=. read -r i1 i2 i3 i4 <<< "{{ ib_network_dhcp_end_range }}"
|
|
|
- IFS=. read -r m1 m2 m3 m4 <<< "{{ ib_netmask }}"
|
|
|
- printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))"
|
|
|
- register: dhcp_end_ib_result
|
|
|
- when: ib_switch_support
|
|
|
- changed_when: false
|
|
|
-
|
|
|
-- name: Set the end dhcp subnet for infiniband network
|
|
|
- set_fact:
|
|
|
- dhcp_end_ib: "{{ dhcp_end_ib_result.stdout }}"
|
|
|
- when: ib_switch_support
|
|
|
-
|
|
|
-- name: Assert infiniband_net_dhcp_start_range
|
|
|
- assert:
|
|
|
- that:
|
|
|
- - ib_network_dhcp_start_range | length > 1
|
|
|
- - ib_network_dhcp_start_range | ipv4
|
|
|
- - ib_network_dhcp_start_range != ib_ip
|
|
|
- - ib_network_dhcp_start_range != ib_network_dhcp_end_range
|
|
|
- - dhcp_start_ib == ib_subnet
|
|
|
- - dhcp_start_ib == dhcp_end_ib
|
|
|
- success_msg: "{{ success_dhcp_range }} for infiniband network"
|
|
|
- fail_msg: "{{ fail_dhcp_range }} for infiniband network"
|
|
|
- when: ib_switch_support
|
|
|
-
|
|
|
-- name: Assert infiniband_net_dhcp_end_range
|
|
|
- assert:
|
|
|
- that:
|
|
|
- - ib_network_dhcp_end_range | length > 1
|
|
|
- - ib_network_dhcp_end_range | ipv4
|
|
|
- - ib_network_dhcp_end_range != ib_ip
|
|
|
- - ib_network_dhcp_start_range != ib_network_dhcp_end_range
|
|
|
- - dhcp_end_ib == ib_subnet
|
|
|
- - dhcp_start_ib == dhcp_end_ib
|
|
|
- success_msg: "{{ success_dhcp_range }} for infiniband network"
|
|
|
- fail_msg: "{{ fail_dhcp_range }} for infiniband network"
|
|
|
- when: ib_switch_support
|
|
|
-
|
|
|
-- name: Verify different nics with infiniband nic
|
|
|
- assert:
|
|
|
- that:
|
|
|
- - public_nic != ib_network_nic
|
|
|
- - mngmnt_network_nic != ib_network_nic
|
|
|
- - ib_network_nic != host_network_nic
|
|
|
- success_msg: "{{ success_msg_different_nics_ib }}"
|
|
|
- fail_msg: "{{ fail_msg_different_nics_ib }}"
|
|
|
- when: ib_switch_support
|
|
|
+- name: Validate NIC parameters
|
|
|
+ import_tasks: validate_nic_vars.yml
|
abhishek-sa1