Startup script for omnia after reboot

Signed-off-by: abhishek-sa1 <abhishek.sa3@dell.com>

control_plane/roles/control_plane_k8s/files/startup_omnia.yml

@@ -0,0 +1,164 @@
+#  Copyright 2022 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+- name: Start omnia services on reboot
+  hosts: localhost
+  connection: local
+  vars:
+    wait_time_minutes: 3
+    os_supported_leap: "leap"
+    src_resolv_conf: /tmp/resolv.conf
+    dest_resolv_conf: /etc/resolv.conf
+    max_retries: 20
+    cobbler_namespace: cobbler
+    cobbler_pod: cobbler
+    cobbler_kickstart_file: rocky8.ks
+    management_network_namespace: network-config
+    management_network_pod: mngmnt-network-container
+    file_perm: '0775'
+    mount_dir: /mnt/temp/
+  tasks:
+    - name: Wait for 3 minutes
+      pause:
+        minutes: "{{ wait_time_minutes }}"
+    
+    - name: Include base_vars.yml
+      include_vars: ../../../input_params/base_vars.yml
+
+    - name: Check resolv.conf file is present
+      stat:
+        path: "{{ src_resolv_conf }}"
+      register: resolv_conf_check
+
+    - name: Copy resolv.conf file
+      copy:
+        src: "{{ src_resolv_conf }}"
+        dest: "{{ dest_resolv_conf }}"
+        mode: preserve
+      when: resolv_conf_check.stat.exists
+
+    - name: Check if mount iso file exists
+      stat:
+        path: "/mnt/{{ provision_os }}/EFI/BOOT/grub.cfg"
+      register: mount_iso_check
+
+    - name: Create tmp directory
+      file:
+        path: "{{ mount_dir }}"
+        state: directory
+        mode: "{{ file_perm }}"
+      when: not mount_iso_check.stat.exists
+
+    - name: Mount the iso file
+      command: mount -o loop {{ iso_file_path }} {{ mount_dir }}
+      changed_when: false
+      failed_when: false
+      args:
+        warn: false
+      when: not mount_iso_check.stat.exists
+
+    - name: Copy files to tmp folder
+      command:  "rsync -AHPSXav {{ mount_dir }} /mnt/{{ provision_os }}"
+      changed_when: true
+      args:
+        warn: false
+      when: not mount_iso_check.stat.exists 
+
+    - name: Delete tmp directory
+      file:
+        path: "{{ mount_dir }}"
+        state: absent
+      when: not mount_iso_check.stat.exists
+
+    - block:
+        - name: Fetch SElinux mode
+          command: /usr/sbin/sestatus
+          register: sestatus_current
+          changed_when: false
+
+        - name: Set SElinux to permissive mode
+          command: /usr/sbin/setenforce 0
+          changed_when: true
+          when: '"SELinux status:                 enabled" in sestatus_current.stdout_lines'
+      when: os_supported_leap not in ansible_distribution | lower
+
+    - name: Disable SWAP
+      command: /usr/sbin/swapoff -a
+      changed_when: true
+
+    - name: Start and enable kubernetes - kubelet
+      service:
+        name: kubelet
+        state: restarted
+        enabled: yes
+
+    - name: Wait for 3 minutes
+      pause:
+        minutes: "{{ wait_time_minutes }}"
+
+    - name: Get K8s nodes status
+      command: kubectl get nodes
+      changed_when: false
+      register: k8s_nodes
+      retries: "{{ max_retries }}"
+      until: "'master' in k8s_nodes.stdout"
+
+    - block:
+        - name: Check mngmnt_network pod status
+          command: kubectl get pods -n {{ management_network_namespace }}
+          changed_when: false
+          register: mngmnt_network_pod_status
+          failed_when: false
+
+        - name: Wait for mngmnt_network pod to come to ready state
+          command: kubectl wait --for=condition=ready -n {{ management_network_namespace }} pod -l app=mngmnt-network
+          changed_when: false
+          when: management_network_pod in mngmnt_network_pod_status.stdout
+
+        - name: Get mngmnt_network pod name
+          command: 'kubectl get pod -n {{ management_network_namespace }} -l app=mngmnt-network -o jsonpath="{.items[0].metadata.name}"'
+          changed_when: false
+          register: mngmnt_network_pod_name
+          when: management_network_pod in mngmnt_network_pod_status.stdout
+
+        - name: Configuring mngmnt_network container
+          command: 'kubectl exec --stdin --tty -n {{ management_network_namespace }} {{ mngmnt_network_pod_name.stdout }} \
+            -- ansible-playbook /root/mngmnt_container_configure.yml -e mngmnt_nic="{{ mngmnt_network_nic }}"'
+          changed_when: false
+          failed_when: false
+          when: management_network_pod in mngmnt_network_pod_status.stdout
+      when: device_config_support
+
+    - name: Check cobbler pod status
+      command: kubectl get pods -n {{ cobbler_namespace }}
+      changed_when: false
+      register: cobbler_pod_status
+      failed_when: false
+
+    - name: Wait for cobbler pod to come to ready state
+      command: kubectl wait --for=condition=ready -n {{ cobbler_namespace }} pod -l app=cobbler
+      changed_when: false
+      when: cobbler_pod in cobbler_pod_status.stdout
+
+    - name: Get cobbler pod name
+      command: 'kubectl get pod -n {{ cobbler_namespace }} -l app=cobbler -o jsonpath="{.items[0].metadata.name}"'
+      changed_when: false
+      register: cobbler_pod_name
+      when: cobbler_pod in cobbler_pod_status.stdout
+
+    - name: Configuring cobbler inside container (It may take 5-10 mins)
+      command: "kubectl exec --stdin --tty -n {{ cobbler_namespace }} {{ cobbler_pod_name.stdout }} -- ansible-playbook /root/cobbler_configurations_rocky.yml -e provision_os={{ provision_os }} -e file_perm={{ file_perm }}"
+      changed_when: true
+      when: cobbler_pod in cobbler_pod_status.stdout

control_plane/roles/control_plane_k8s/tasks/k8s_services.yml

@@ -126,4 +126,15 @@
 - name: Create namespace network-config
   command: kubectl create namespace network-config
   changed_when: true
-  when: "'network-config' not in k8s_namespaces.stdout"
+  when: "'network-config' not in k8s_namespaces.stdout"
+
+- name: Fetch ansible-playbook path
+  command: whereis ansible-playbook
+  changed_when: false
+  register: ansible_playbook_path
+
+- name: Schedule startup script omia
+  cron:
+    name: "Start omnia services on reboot"
+    special_time: reboot
+    job: "{{ ansible_playbook_path.stdout.split(' ')[1] }} {{ role_path }}/files/startup_omnia.yml"

control_plane/roles/control_plane_security/tasks/configure_alerting.yml

@@ -22,6 +22,7 @@
   systemd:
     name: postfix
     state: started
+    enabled: yes
 
 - name: Fetch ansible-playbook path
   command: whereis ansible-playbook

control_plane/roles/provision_cobbler/files/cobbler_configurations_rocky.yml

@@ -102,7 +102,7 @@
 
   - name: Kickstart profile - centos
     copy:
-      src: "/root/centos7.ks"
+      src: "/root/omnia/control_plane/roles/provision_cobbler/files/centos7.ks"
       dest: "/var/lib/cobbler/templates/sample.ks"
       mode: "{{ file_perm }}"
     tags: install
@@ -110,7 +110,7 @@
 
   - name: Kickstart profile - rocky
     copy:
-      src: "/root/rocky8.ks"
+      src: "/root/omnia/control_plane/roles/provision_cobbler/files/rocky8.ks"
       dest: "/var/lib/cobbler/templates/sample.ks"
       mode: "{{ file_perm }}"
     tags: install
@@ -118,7 +118,7 @@
 
   - name: Kickstart profile - leap
     copy:
-      src: "/root/leap15.xml"
+      src: "/root/omnia/control_plane/roles/provision_cobbler/files/leap15.xml"
       dest: "/var/lib/cobbler/templates/sample_autoyast.xml"
       mode: "{{ file_perm }}"
     tags: install

control_plane/roles/provision_cobbler/files/start_cobbler.yml

@@ -1,32 +0,0 @@
-#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
-#
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
----
-
-- name: Start cobbler on reboot
-  hosts: localhost
-  connection: local
-  gather_facts: false
-  tasks:
-    - name: Wait for 2 minutes
-      pause:
-        minutes: 2
-
-    - name: Get cobbler pod name
-      command: 'kubectl get pod -n cobbler -l app=cobbler -o jsonpath="{.items[0].metadata.name}"'
-      changed_when: false
-      register: cobbler_pod_name
-
-    - name: Execute cobbler sync in cobbler container
-      command: 'kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- cobbler sync'
-      changed_when: true

control_plane/roles/provision_cobbler/tasks/configure_cobbler.yml

@@ -37,11 +37,6 @@
   wait_for:
     timeout: 30
 
-- name: Copy kickstart file inside cobbler container
-  command: kubectl cp {{ role_path }}/files/{{ cobbler_kickstart_file }} {{ cobbler_pod_name.stdout }}:/root/{{ cobbler_kickstart_file }} -n {{ cobbler_namespace }}
-  changed_when: true
-  when: not cobbler_config_status
-
 - name: Configuring cobbler inside container (It may take 5-10 mins)
   command: "kubectl exec --stdin --tty -n {{ cobbler_namespace }} {{ cobbler_pod_name.stdout }} -- ansible-playbook /root/cobbler_configurations_rocky.yml -e provision_os={{ provision_os }} -e file_perm={{ file_perm }}"
   changed_when: true
@@ -66,14 +61,6 @@
   tags: install
   when: provision_os_change
 
-- name: Schedule task
-  cron:
-    name: "start cobbler on reboot"
-    special_time: reboot
-    job: "ansible-playbook {{ role_path }}/files/start_cobbler.yml"
-  tags: install
-  when: not cobbler_config_status
-
 - name: Execute cobbler sync in cobbler container
   command: 'kubectl exec --stdin --tty -n {{ cobbler_namespace }} {{ cobbler_pod_name.stdout }} -- cobbler sync'
   changed_when: true
@@ -91,6 +78,5 @@
     - "{{ role_path }}/files/.users.digest"
     - "{{ role_path }}/files/dhcp.template"
     - "{{ role_path }}/files/settings"
-    - "{{ role_path }}/files/{{ cobbler_kickstart_file }}"
     - "{{ role_path }}/files/temp_host_mapping_file.csv.bak"
     - "/mnt/tmp"

roles/login_node/tasks/configure_alerting.yml

@@ -22,6 +22,7 @@
   systemd:
     name: postfix
     state: started
+    enabled: yes
 
 - block:
     - name: Install python3