Merge pull request #542 from abhishek-s-a/control_plane_tools

Issue #540: provision_report.yml tool changes

control_plane/input_params/idrac_tools_vars.yml

@@ -35,18 +35,21 @@ ipv4_static_dns2: ""
 # Mandatory value required
 smtp_server_ip: ""
 
-# Username used for SMTP
+# Email address used for enabling 2FA
+# Mandatory value required
+use_email_address_2fa: ""
+
+# SMTP authentication disabled by default
+# If enabled provide smtp username and password
 # Mandatory value required
+smtp_authentication: "disabled"
+
+# Username used for SMTP
 smtp_username: ""
    
 # Password used for SMTP
-# Mandatory value required    
 smtp_password: ""
 
-# Email address used for enabling 2FA
-# Mandatory value required
-use_email_address_2fa: ""
-
 
 ### Usage: idrac_ldap ###
 
@@ -108,4 +111,4 @@ role_group1_dn: ""
 # Supported options are Administrator, Operator, ReadOnly
 # By default role_group1_privilege will be Administrator
 # Mandatory value required
-role_group1_privilege: "Administrator"
+role_group1_privilege: "Administrator"

control_plane/input_params/idrac_vars.yml

@@ -23,9 +23,7 @@ idrac_system_profile: "Performance"
 # Boolean value indicating whether OMNIA should perform firmware update or not
 # It takes values "true" or "false" indicating required and not required cases respectively.
 # Default value is "true"
-# firmware_update_required should be 'false' now as there is bug in DSU & OMAM modules and firmware updates dependent on that.
-# It will be updated to 'true' once DSU and OMAM fix the bugs
-firmware_update_required: false
+firmware_update_required: true
 
 # This is the list of poweredge server models
 # The firmware updates will be downloaded only for the below list of models
@@ -71,4 +69,4 @@ two_factor_authentication: "disabled"
 # If required it can be "enabled"
 # Update 2FA input parameters in idrac_tools_vars.yml if two_factor_authentication is enabled
 # Command to edit idrac_tools_vars.yml: ansible-vault edit idrac_tools_vars.yml --vault-password-file .idrac_vault_key
-ldap_directory_services: "disabled"
+ldap_directory_services: "disabled"

control_plane/tools/provision_report.yml

@@ -1,4 +1,4 @@
-# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -21,7 +21,7 @@
 - name: Fetch provision_password
   hosts: localhost
   connection: local
-  gather_facts: no
+  gather_facts: false
   roles:
     - fetch_password
 
@@ -50,7 +50,7 @@
 
 - name: Find reachable hosts using ssh
   hosts: reachable
-  gather_facts: False
+  gather_facts: false
   ignore_unreachable: true
   remote_user: "root"
   vars:

control_plane/tools/roles/fetch_password/tasks/main.yml

@@ -1,4 +1,4 @@
-#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -42,4 +42,9 @@
   command: >-
     ansible-vault encrypt {{ role_path }}/../../../{{ login_vars_filename }}
     --vault-password-file {{ role_path }}/../../../{{ vault_filename }}
-  changed_when: false
+  changed_when: false
+
+- name: Update login_vars.yml permission
+  file:
+    path: "{{ role_path }}/../../../{{ login_vars_filename }}"
+    mode: "{{ file_perm }}"

control_plane/tools/roles/hpc_cluster_report/tasks/main.yml

@@ -1,4 +1,4 @@
-# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -42,9 +42,14 @@
   file:
     path: "{{ role_path}}/files"
     state: directory
-    
+
+- name: Fetch cobbler pod name
+  command: kubectl get pods -n cobbler -o jsonpath="{.items[0].metadata.name}"
+  register: cobbler_pod 
+  changed_when: false
+
 - name: Copy dhcpd.leases from cobbler
-  command: docker cp cobbler:/var/lib/dhcpd/dhcpd.leases {{ role_path}}/files/dhcpd.leases
+  command: kubectl cp {{ cobbler_pod.stdout }}:/var/lib/dhcpd/dhcpd.leases {{ role_path}}/files/dhcpd.leases -n cobbler
   changed_when: true
 
 - name: Fetch ethernet details of unreachable hosts
@@ -88,4 +93,4 @@
 
 - name: Display provision host report
   debug:
-    var: host_report.stdout_lines
+    var: host_report.stdout_lines

control_plane/tools/roles/hpc_cluster_report/templates/provision_host_report.j2

@@ -1,12 +1,10 @@
 HPC Cluster
 -----------
 Reachable Hosts:
-{% if reachable_host_number > 0 %}
+{% if reachable_host_number | int > 0 %}
 {% for host in groups['reachable_ssh'] %}
-{% if reachable_host_number == 1 %}
-  inet={{ host }}, link/ether={{ ethernet_detail_reachable.stdout | replace(';','')}}
-{% elif reachable_host_number > 1 %}
-{% if ethernet_detail_reachable.results[loop.index|int - 1].stdout | length > 1 %}
+{% if reachable_host_number | int >= 1 %}
+{% if ethernet_detail_reachable.results[loop.index|int - 1].stdout | length | int > 1 %}
   inet={{ host }}, link/ether={{ ethernet_detail_reachable.results[loop.index|int - 1].stdout | replace(';','')}}
 {% else %}
   inet={{ host }}, link/ether=Refer to mapping file provided
@@ -17,22 +15,18 @@ Reachable Hosts:
 Total reachable hosts: {{ reachable_host_number }}
 
 Unreachable Hosts:
-{% if unreachable_ping_host_number > 0 %}
+{% if unreachable_ping_host_number | int > 0 %}
 {% for host in groups['ungrouped'] %}
-{% if unreachable_ping_host_number == 1 %}
-  inet={{ host }}, link/ether={{ ethernet_detail_unreachable_ping.stdout | replace(';','')}}
-{% elif unreachable_ping_host_number > 1 %}
+{% if unreachable_ping_host_number | int >=  1 %}
   inet={{ host }}, link/ether={{ ethernet_detail_unreachable_ping.results[loop.index|int - 1].stdout | replace(';','')}}
 {% endif %}
 {% endfor %}
 {% endif %}
-{% if unreachable_ssh_host_number > 0 %}
+{% if unreachable_ssh_host_number | int  > 0 %}
 {% for host in groups['unreachable_ssh'] %}
-{% if unreachable_ssh_host_number == 1 %}
-  inet={{ host }}, link/ether={{ ethernet_detail_unreachable_ssh.stdout | replace(';','')}}
-{% elif unreachable_ssh_host_number > 1 %}
+{% if unreachable_ssh_host_number | int >= 1 %}
   inet={{ host }}, link/ether={{ ethernet_detail_unreachable_ssh.results[loop.index|int - 1].stdout | replace(';','')}}
 {% endif %}
 {% endfor %}
 {% endif %}
-Total unreachable hosts: {{ unreachable_host_number }}
+Total unreachable hosts: {{ unreachable_host_number }}

control_plane/tools/roles/idrac_2fa/tasks/configure_smtp.yml

@@ -35,7 +35,7 @@
     manager_attributes:
       RemoteHosts.1.SMTPServerIPAddress: "{{ smtp_server_ip }}"
       RemoteHosts.1.SMTPPort: 25
-      RemoteHosts.1.SMTPAuthentication: "Enabled"
+      RemoteHosts.1.SMTPAuthentication: "{{ smtp_authentication }}"
       RemoteHosts.1.SMTPUserName: "{{ smtp_username }}"
       RemoteHosts.1.SMTPPassword: "{{ smtp_password }}"
       EmailAlert.1.Address: "{{ use_email_address_2fa }}"

control_plane/tools/roles/idrac_2fa/tasks/validate_2fa_vars.yml

@@ -76,10 +76,16 @@
           ipv4_static_dns1 | length < 1 or
           ipv4_static_dns2 | length < 1 or
           smtp_server_ip | length < 1 or
-          smtp_username | length < 1 or
-          smtp_password | length < 1 or
           use_email_address_2fa | length < 1 
 
+    - name: Validate SMTP parameters if smtp_authentication is enabled
+      fail:
+        msg: "{{ smtp_input_fail_msg }} when smtp_authentication is enabled"
+      when:
+        - smtp_authentication | lower == "enabled"
+        - smtp_username | length < 1 or
+          smtp_password | length < 1
+
     - name: Assert use_email_address_2fa value
       assert:
         that: '"@" in use_email_address_2fa'
@@ -93,4 +99,4 @@
       changed_when: false
       run_once: true
       when: "'$ANSIBLE_VAULT;' in config_content.stdout"
-  when: two_factor_authentication == "enabled"
+  when: two_factor_authentication == "enabled"