Issue #369: PR comments code changes

Signed-off-by: ptrinesh <palakurthi_trinesh@dellteam.com>

control_plane/roles/control_plane_common/tasks/fetch_base_inputs.yml

@@ -34,19 +34,17 @@
       mngmnt_network_dhcp_end_range | length < 1 or
       host_network_nic | length < 1 or
       host_network_dhcp_start_range | length < 1 or
-      host_network_dhcp_end_range | length < 1 or
-      dhcp_gateway | length < 1 or
-      dhcp_dns1 | length < 1 or
-      dhcp_dns2 | length < 1
-
-- name: Validate infiniband base_vars are not empty
-  fail:
-    msg: "{{ input_base_failure_msg }} for infiniBand as ib_switch_support is true"
-  register: ib_check
-  when:
-    - ib_network_nic | length < 1 or
-      ib_network_dhcp_start_range | length < 1 or
-      ib_network_dhcp_end_range | length < 1 and ib_switch_support
+      host_network_dhcp_end_range | length < 1
+
+#- name: Validate infiniband base_vars are not empty
+#  fail:
+#    msg: "{{ input_base_failure_msg }} for infiniBand as ib_switch_support is true"
+#  register: ib_check
+#  when:
+#    - ib_network_nic | length < 1 or
+#      ib_network_dhcp_start_range | length < 1 or
+#      ib_network_dhcp_end_range | length < 1
+#  when: ib_switch_support
 
 - name: Set facts to validate snmp support
   set_fact:
@@ -193,12 +191,12 @@
   when: ( result_path_iso_file.stat.exists ) and ( ".iso" not in iso_file_path )
 
 ####management_net_dhcp_start_end_range
-- name: Assert management network nic
-  assert:
-    that:
-      - mngmnt_network_nic in nic_addr_up.stdout
-    success_msg: "{{ success_msg_mngmnt_network_nic }}"
-    fail_msg: "{{ fail_msg_mngmnt_network_nic }}"
+#- name: Assert management network nic
+#  assert:
+#    that:
+#      - mngmnt_network_nic in nic_addr_up.stdout
+#    success_msg: "{{ success_msg_mngmnt_network_nic }}"
+#    fail_msg: "{{ fail_msg_mngmnt_network_nic }}"
 
 - name: Fetch the management network ip, netmask and subnet
   set_fact:
@@ -272,12 +270,12 @@
 #########
 
 ###Host network####
-- name: Assert host network nic
-  assert:
-    that:
-      - host_network_nic in nic_addr_up.stdout
-    success_msg: "{{ success_msg_host_network_nic }}"
-    fail_msg: "{{ fail_msg_host_network_nic }}"
+#- name: Assert host network nic
+#  assert:
+#    that:
+#      - host_network_nic in nic_addr_up.stdout
+#    success_msg: "{{ success_msg_host_network_nic }}"
+#    fail_msg: "{{ fail_msg_host_network_nic }}"
 
 - name: Fetch the host network ip, netmask and subnet
   set_fact:
@@ -359,13 +357,13 @@
     fail_msg: "{{ fail_msg_different_nics }}"
 
 ########
-- name: Assert infiniband network nic
-  assert:
-    that:
-      - ib_network_nic in nic_addr_up.stdout
-    success_msg: "{{ success_msg_ib_network_nic }}"
-    fail_msg: "{{ fail_msg_ib_network_nic }}"
-  when: ib_switch_support
+#- name: Assert infiniband network nic
+#  assert:
+#    that:
+#      - ib_network_nic in nic_addr_up.stdout
+#    success_msg: "{{ success_msg_ib_network_nic }}"
+#    fail_msg: "{{ fail_msg_ib_network_nic }}"
+#  when: ib_switch_support
 
 - name: Fetch the infiniband network ip, netmask and subnet
   set_fact:
@@ -452,4 +450,4 @@
       - ib_network_nic != host_network_nic
     success_msg: "{{ success_msg_different_nics_ib }}"
     fail_msg: "{{ fail_msg_different_nics_ib }}"
-  when: ib_switch_support
+  when: ib_switch_support

control_plane/roles/control_plane_common/tasks/fetch_sm_inputs.yml

@@ -0,0 +1,57 @@
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+- name: Check that the ib_vars.yml exists
+  stat:
+    path: "{{ ib_config_file }}"
+  register: stat_result
+  tags: install
+
+- name: Fail if config file doesn't exist
+  fail:
+    msg: "{{ fail_msg_config_file }}"
+  when: not stat_result.stat.exists
+  tags: install
+
+- name: Check that the opensm.conf exists
+  stat:
+    path: "{{ opensm_conf_file }}"
+  register: stat_result
+  tags: install
+
+- name: Fail if opensm.conf file doesn't exist
+  fail:
+    msg: "{{ fail_msg_opensm_config_file }}"
+  when: not stat_result.stat.exists
+  tags: install
+
+- name: Include infiniband variable file
+  include_vars: "{{ ib_config_file }}"
+  tags: install
+
+- name: Validate directory input definition
+  fail:
+    msg: "{{ fail_msg_ib_input_definition }}"
+  when:
+    - subnet_manager.cache_directory is not defined or subnet_manager.log_directory is not defined
+  tags: install
+
+- name: Validate directory input
+  fail:
+    msg: "{{ fail_msg_ib_input }}"
+  when:
+    - subnet_manager.cache_directory |length < 1
+    - subnet_manager.log_directory |length < 1
+  tags: install

control_plane/roles/control_plane_common/tasks/main.yml

@@ -1,4 +1,4 @@
-#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -31,5 +31,9 @@
 - name: Credentials Configuration
   import_tasks: password_config.yml
 
-- name: Omnia inputs validation
-  import_tasks: verify_omnia_params.yml
+- name: omnia inputs validation
+  import_tasks: verify_omnia_params.yml
+
+- name: Subnet manager inputs validation
+  import_tasks: fetch_sm_inputs.yml
+  when: ib_switch_support

control_plane/roles/control_plane_common/tasks/package_installation.yml

@@ -1,4 +1,4 @@
-#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -18,7 +18,7 @@
     name: "{{ common_packages }}"
     state: present
   tags: install
-
+  
 - name: Install netaddr
   command: pip3 install netaddr
   tags: install

control_plane/roles/control_plane_common/tasks/password_config.yml

@@ -1,16 +1,16 @@
-# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
 #
-#     http://www.apache.org/licenses/LICENSE-2.0
+#      http://www.apache.org/licenses/LICENSE-2.0
 #
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
 ---
 
 - name: Check login_vars file is encrypted

control_plane/roles/control_plane_common/tasks/pre_requisite.yml

@@ -29,6 +29,7 @@
     path: "{{ default_ansible_config_file_path }}"
     regexp: '#log_path = /var/log/ansible.log'
     replace: 'log_path = /var/log/omnia.log'
+  when: file_exists.stat.exists
   tags: install
 
 - name: Check OS support

control_plane/roles/control_plane_common/tasks/verify_omnia_params.yml

@@ -85,4 +85,4 @@
   command: >-
     ansible-vault encrypt {{ role_path }}/../../../{{ config_filename }}
     --vault-password-file {{ role_path }}/../../../{{ config_vaultname }}
-  changed_when: false
+  changed_when: false

control_plane/roles/control_plane_common/vars/main.yml

@@ -1,4 +1,4 @@
-#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -40,12 +40,10 @@ internet_timeout: 10
 hostname: github.com
 port_no: 22
 os_name: CentOS
-os_version: '8.3' 
+os_version: '8.3'
 internet_status: "Failed. No Internet connection. Make sure network is up."
 os_status: "Unsupported OS or OS version. OS should be {{ os_name }} and Version should be {{ os_version }} or more"
 selinux_status: "SElinux is not disabled. Disable it in /etc/sysconfig/selinux and reboot the system"
-iso_name: CentOS-7-x86_64-Minimal-2009.iso
-iso_fail: "Iso file not found. Download and copy the iso file to omnia/control_plane/roles/provision_cobbler/files"
 ansible_python_version_status: "For CentOS 8.3, python bindings of firewalld, dnf, selinux are not available if python is installed from source and not from dnf. So please make sure python3.6 is installed using dnf. And ansible uses the python version 3.6 installed using dnf"
 python_version_support: '3.6.8'
 default_ansible_config_file_path: /etc/ansible/ansible.cfg
@@ -131,4 +129,14 @@ invalid_mapping_file_path: "Incorrect mapping_file_path provided in base_vars.ym
 success_msg_different_nics: "The nics of different containers and public nic are not the same - Validated"
 fail_msg_different_nics: "Failed. Incorrect nic information. public nic, management network nic and host network nic should not be the same"
 success_msg_different_nics_ib: "The nics of different containers and public nic are not the same as infiniband nic- Validated"
-fail_msg_different_nics_ib: "Failed. Infiniband nic cannot be the same as other nics"
+fail_msg_different_nics_ib: "Failed. Infiniband nic cannot be the same as other nics"
+
+# Usage: fetch_sm_inputs.yml
+ib_config_file: "{{ role_path }}/../../input_params/ib_vars.yml"
+opensm_conf_file: "{{ role_path }}/../../input_params/opensm.conf"
+
+fail_msg_config_file: ib_vars.yml file doesn't exist.
+fail_msg_opensm_config_file: opensm.conf file doesn't exist.
+
+fail_msg_ib_input_definition: Infiniband config directories must be defined.
+fail_msg_ib_input: Infiniband config directories can't be left empty.

control_plane/roles/control_plane_device/files/Dockerfile

@@ -0,0 +1,37 @@
+# Dockerfile for creating the management network container
+
+FROM centos:7
+
+# RPM REPOs
+RUN yum install -y \
+    epel-release \
+    && yum clean all \
+    && rm -rf /var/cache/yum
+
+RUN yum update -y \
+    && yum clean all \
+    && rm -rf /var/cache/yum
+
+RUN yum install -y \
+  ansible \
+  cronie \
+  tftp\
+  tftp-server\
+  dhcp \
+  xinetd \
+  net-tools \
+  && yum clean all \
+  &&  rm -rf /var/cache/yum
+
+RUN mkdir /root/omnia
+
+#Copy Configuration files
+COPY dhcpd.conf  /etc/dhcp/dhcpd.conf
+COPY tftp /etc/xinetd.d/tftp
+COPY mngmnt_container_configure.yml /root/
+
+RUN systemctl enable tftp
+RUN systemctl enable dhcpd
+
+CMD ["sbin/init"]
+

control_plane/roles/control_plane_device/files/dhcpd.conf

@@ -0,0 +1,48 @@
+
+# ******************************************************************
+# Cobbler managed dhcpd.conf file
+#
+# generated from cobbler dhcp.conf template ($date)
+# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
+# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
+# overwritten.
+#
+# ******************************************************************
+
+ddns-update-style interim;
+
+allow booting;
+allow bootp;
+
+ignore client-updates;
+set vendorclass = option vendor-class-identifier;
+
+option pxe-system-type code 93 = unsigned integer 16;
+
+subnet 172.17.0.0 netmask 255.255.0.0 {
+option subnet-mask 255.255.0.0;
+range dynamic-bootp 172.17.0.10 172.17.0.100;
+default-lease-time  21600;
+max-lease-time  43200;
+next-server 172.17.0.1;
+#insert the static DHCP leases for configuration here
+
+
+     class "pxeclients" {
+          match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
+          if option pxe-system-type = 00:02 {
+                  filename "ia64/elilo.efi";
+          } else if option pxe-system-type = 00:06 {
+                  filename "grub/grub-x86.efi";
+          } else if option pxe-system-type = 00:07 {
+                  filename "grub/grub-x86_64.efi";
+          } else if option pxe-system-type = 00:09 {
+                  filename "grub/grub-x86_64.efi";
+          } else {
+                  filename "pxelinux.0";
+          }
+     }
+
+}
+
+#end for

control_plane/roles/control_plane_device/files/k8s_mngmnt_network.yml

@@ -0,0 +1,36 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: mngmnt-network-container
+  namespace: network-config
+  labels:
+    app: mngmnt-network
+spec:
+  selector:
+    matchLabels:
+      app: mngmnt-network
+  replicas: 1
+  strategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: mngmnt-network
+    spec:
+      hostNetwork: true
+      volumes:
+        - name: omnia-storage
+          hostPath:
+            path: /home/omnia/
+            type: Directory
+      containers:
+        - name: mngmnt-network-container
+          image: 'localhost/mngmnt_network_container:latest'
+          imagePullPolicy: Never
+          command:
+            - /sbin/init
+          volumeMounts:
+            - name: omnia-storage
+              mountPath: /root/omnia
+          securityContext:
+            privileged: true

control_plane/roles/control_plane_device/files/mngmnt_container_configure.yml

@@ -0,0 +1,70 @@
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+- name: Initial  setup
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  tasks:
+  - name: Change mode of tftpboot
+    file:
+      path: /var/lib/tftpboot
+      mode: 0777
+
+  - name: Link for tftp services
+    shell: cp -v /usr/lib/systemd/system/tftp.service /etc/systemd/system/tftp-server.service
+
+  - name: Link for tftp services
+    shell: cp -v /usr/lib/systemd/system/tftp.socket /etc/systemd/system/tftp-server.socket
+
+  - name: Edit the tftp-server service file
+    replace:
+      path: /etc/systemd/system/tftp-server.service
+      regexp: ^Requires=tftp.socket
+      replace: Requires=tftp-server.socket
+
+  - name: Edit the tftp-server service file
+    replace:
+      path: /etc/systemd/system/tftp-server.service
+      regexp: ^ExecStart=/usr/sbin/in.tftpd -s /var/lib/tftpboot
+      replace: ExecStart=/usr/sbin/in.tftpd -c -p -s /var/lib/tftpboot
+
+  - name: Edit the tftp-server service file
+    replace:
+      path: /etc/systemd/system/tftp-server.service
+      regexp: ^Also=tftp.socket
+      replace: Also=tftp.socket
+
+  - name: Edit the tftp-server service file
+    lineinfile:
+      path: /etc/systemd/system/tftp-server.service
+      insertafter: '^[Install]'
+      line: 'WantedBy=multi-user.target'
+
+  - name: Edit the tftp-server socket file
+    lineinfile:
+      path: /etc/systemd/system/tftp-server.socket
+      line: "BindIPv6Only=both"
+      insertafter: [Socket]
+
+  - name: Start tftp services
+    service:
+      name: tftp-server
+      state: started
+
+  - name: Start dhcpd services
+    service:
+      name: dhcpd
+      state: started

control_plane/roles/control_plane_device/files/start_mngmnt_container.yml

@@ -0,0 +1,23 @@
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+- name: Start mngmnt_network on reboot
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  tasks:
+    - name: Wait for 2 minutes
+      pause:
+        minutes: 2

control_plane/roles/control_plane_device/files/temp_dhcp.template

@@ -0,0 +1,48 @@
+
+# ******************************************************************
+# Cobbler managed dhcpd.conf file
+#
+# generated from cobbler dhcp.conf template ($date)
+# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
+# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
+# overwritten.
+#
+# ******************************************************************
+
+ddns-update-style interim;
+
+allow booting;
+allow bootp;
+
+ignore client-updates;
+set vendorclass = option vendor-class-identifier;
+
+option pxe-system-type code 93 = unsigned integer 16;
+
+subnet subnet_mask netmask net_mask {
+option subnet-mask net_mask;
+range dynamic-bootp start end;
+default-lease-time  21600;
+max-lease-time  43200;
+next-server next_server;
+#insert the static DHCP leases for configuration here
+
+
+     class "pxeclients" {
+          match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
+          if option pxe-system-type = 00:02 {
+                  filename "ia64/elilo.efi";
+          } else if option pxe-system-type = 00:06 {
+                  filename "grub/grub-x86.efi";
+          } else if option pxe-system-type = 00:07 {
+                  filename "grub/grub-x86_64.efi";
+          } else if option pxe-system-type = 00:09 {
+                  filename "grub/grub-x86_64.efi";
+          } else {
+                  filename "pxelinux.0";
+          }
+     }
+
+}
+
+#end for

control_plane/roles/control_plane_device/files/tftp

@@ -0,0 +1,20 @@
+# default: off
+# description: The tftp server serves files using the trivial file transfer \
+#       protocol.  The tftp protocol is often used to boot diskless \
+#       workstations, download configuration files to network-aware printers, \
+#       and to start the installation process for some operating systems.
+service tftp
+{
+        socket_type             = dgram
+        protocol                = udp
+        wait                    = yes
+        user                    = root
+        server                  = /usr/sbin/in.tftpd
+        server_args             = -s /var/lib/tftpboot
+        disable                 = no
+        per_source              = 11
+        cps                     = 100 2
+        flags                   = IPv4
+}
+
+

control_plane/roles/control_plane_device/tasks/check_prerequisites.yml

@@ -0,0 +1,72 @@
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+- name: Initialize variables
+  set_fact:
+    mngmnt_network_container_status: false
+    mngmnt_network_container_image_status: false
+    mngmnt_network_container_config_status: false
+    backup_map_status: false
+    new_node_status: false
+  tags: install
+
+- name: Check if any backup file exists
+  block:
+  - name: Check status of backup file
+    stat:
+      path: "{{ role_path }}/files/backup_mapping_file.csv"
+    register: backup_map
+
+  - name: Set status for backup file
+    set_fact:
+      backup_map_status: true
+    when: backup_map.stat.exists == true  
+  rescue:
+  - name: Message
+    debug:
+      msg: "All nodes are new"
+      verbosity: 2
+
+- name: Inspect the mngmnt_network_container image
+  command: "buildah images {{ mngmnt_network_image_name }}"
+  register: mngmnt_network_container_image_result
+  ignore_errors: true
+  changed_when: false
+  tags: install
+
+- name: Check mngmnt_network_container status on the machine
+  command: kubectl get pods -n network-config
+  register: mngmnt_network_container_result
+  ignore_errors: true
+  changed_when: false
+  tags: install
+
+- name: Update mngmnt_network_container image status
+  set_fact:
+    mngmnt_network_container_image_status: true
+  when: "'No such image' not in mngmnt_network_container_image_result.stderr"
+  tags: install
+
+- name: Update mngmnt_network_container container status
+  set_fact:
+    mngmnt_network_container_status: true
+  when: "'mngmnt-network-container' in mngmnt_network_container_result.stdout"
+  tags: install
+
+- name: Update mngmnt_network_container  status
+  set_fact:
+    mngmnt_network_container_config_status: true
+  when:
+    - mngmnt_network_container_status == true

control_plane/roles/control_plane_device/tasks/configure_mngmnt_network_container.yml

@@ -0,0 +1,52 @@
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+- name: Check mngmnt_network pod status
+  command: kubectl get pods -n network-config
+  changed_when: false
+  register: mngmnt_network_pod_status
+  ignore_errors: true
+
+- name: Deploy mngmnt_network pod
+  command: "kubectl apply -f {{ role_path }}/files/k8s_mngmnt_network.yml"
+  changed_when: true
+  tags: install
+  when: mngmnt_network_container_status == true and  mngmnt_network_container_config_status == false
+
+- name: Wait for mngmnt_network pod to come to ready state
+  command: kubectl wait --for=condition=ready -n network-config pod -l app=mngmnt-network
+  changed_when: false
+  tags: install
+
+- name: Get mngmnt_network pod name
+  command: 'kubectl get pod -n network-config -l app=mngmnt-network -o jsonpath="{.items[0].metadata.name}"'
+  changed_when: false
+  register: mngmnt_network_pod_name
+  tags: install
+
+- name: Configuring mngmnt_network container
+  command: 'kubectl exec --stdin --tty -n network-config {{ mngmnt_network_pod_name.stdout }} \
+    -- ansible-playbook /root/omnia/control_plane/roles/control_plane_device/files/mngmnt_container_configure.yml'
+  changed_when: false
+  tags: install
+  when: mngmnt_network_container_config_status == false
+
+- name: Schedule task
+  cron:
+    name: "start mngmnt_network_container on reboot"
+    special_time: reboot
+    job: "ansible-playbook {{ role_path }}/files/start_mngmnt_container.yml"
+  tags: install
+  #when: mngmnt_network_container_config_status == false

control_plane/roles/control_plane_device/tasks/dhcp_configure.yml

@@ -0,0 +1,46 @@
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+- name: Create the dhcp template
+  copy:
+    src: "{{ role_path }}/files/temp_dhcp.template"
+    dest: "{{ role_path }}/files/dhcpd.conf"
+    mode: 0775
+  tags: install
+
+- name: Assign subnet and netmask
+  replace:
+    path: "{{ role_path }}/files/dhcpd.conf"
+    regexp: '^subnet subnet_mask netmask net_mask {'
+    replace: 'subnet {{ mngmnt_network_subnet }} netmask {{ mngmnt_network_netmask }} {'
+  tags: install
+
+- name: Assign netmask
+  replace:
+    path: "{{ role_path }}/files/dhcpd.conf"
+    regexp: '^option subnet-mask net_mask;'
+    replace: 'option subnet-mask {{ mngmnt_network_netmask }};'
+
+- name: Assign DHCP range
+  replace:
+    path: "{{ role_path }}/files/dhcpd.conf"
+    regexp: '^range dynamic-bootp start end;'
+    replace: 'range dynamic-bootp {{ mngmnt_network_dhcp_start_range }} {{ mngmnt_network_dhcp_end_range }};'
+
+- name: Assign next server range
+  replace:
+    path: "{{ role_path }}/files/dhcpd.conf"
+    regexp: '^next-server next_server;'
+    replace: 'next-server {{ mngmnt_network_ip }};'

control_plane/roles/control_plane_device/tasks/firewall_settings.yml

@@ -0,0 +1,29 @@
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+#Tasks for modifying firewall configurations for mngmnt_network_container
+
+- name: Permit traffic in default zone for tftp service
+  firewalld:
+    service: tftp
+    permanent: yes
+    state: enabled
+  tags: install
+
+- name: Reboot firewalld
+  systemd:
+    name: firewalld
+    state: reloaded
+  tags: install

control_plane/roles/control_plane_device/tasks/main.yml

@@ -1,4 +1,4 @@
-# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -13,7 +13,53 @@
 #  limitations under the License.
 ---
 
-# Will be updated later in each PR
-- name: Pass
-  debug:
-    msg: "Pass"
+# Tasks file for mngmnt_network
+
+- name: Check mngmnt_network_container status on machine
+  include_tasks: check_prerequisites.yml
+
+- name: Modify firewall settings for mngmnt_network_container
+  import_tasks: firewall_settings.yml
+  when: not mngmnt_network_container_status
+
+- name: Include common variables
+  include_vars:  ../../control_plane_common/vars/main.yml
+  when: not mngmnt_network_container_status
+
+- name: Internet validation
+  include_tasks: ../../control_plane_common/tasks/internet_validation.yml
+  when: not mngmnt_network_container_status
+
+- name: Include variable file base_vars.yml
+  include_vars: "{{ mngmnt_base_file }}"
+
+#- name: Fetch base inputs
+#  include_tasks: ../../control_plane_common/tasks/fetch_base_inputs.yml
+#  when: not mngmnt_network_container_status
+
+- name: Dhcp Configuration
+  import_tasks: dhcp_configure.yml
+  when: (not mngmnt_network_container_image_status) or ( backup_map_status == true)
+
+#- name: Mapping file validation
+#  import_tasks: mapping_file.yml
+#  when: (not mngmnt_network_container_image_status) and (mapping_file == true) or ( backup_map_status == true)
+
+- name: mngmnt_network_container image creation
+  import_tasks: mngmnt_network_container_image.yml
+  when: not mngmnt_network_container_status
+
+- name: mngmnt_network_container configuration
+  import_tasks: configure_mngmnt_network_container.yml
+
+- name: mngmnt_network_container container status message
+  block:
+    - debug:
+        msg: "{{ message_skipped }}"
+        verbosity: 2
+      when: mngmnt_network_container_status
+    - debug:
+        msg: "{{ message_installed }}"
+        verbosity: 2
+      when: not mngmnt_network_container_status
+  tags: install

control_plane/roles/control_plane_device/tasks/mngmnt_network_container_image.yml

@@ -0,0 +1,38 @@
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+- name: Image creation (It may take 5-10 mins)
+  command: "buildah bud -t {{ mngmnt_network_image_name }}:{{ mngmnt_network_image_tag }} --network host ."
+  changed_when: true
+  args:
+    chdir: "{{ role_path }}/files/"
+  tags: install
+
+- name: Update image name in k8s_mngmnt_network.yml
+  replace:
+    path: "{{ role_path }}/files/k8s_mngmnt_network.yml"
+    regexp: 'localhost/mngmnt_network_container:latest'
+    replace: "localhost/{{ mngmnt_network_image_name }}:{{ mngmnt_network_image_tag }}"
+
+- name: Update omnia project path in k8s_mngmnt_network.yml
+  replace:
+    path: "{{ role_path }}/files/k8s_mngmnt_network.yml"
+    regexp: 'path: /root/omnia'
+    replace: "path: {{ role_path.split('control_plane')[0] }}"
+
+- name: Deploy mngmnt_network pod
+  command: "kubectl apply -f {{ role_path }}/files/k8s_mngmnt_network.yml"
+  changed_when: true
+  tags: install

control_plane/roles/control_plane_device/vars/main.yml

@@ -0,0 +1,24 @@
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+# vars file for mngmnt_network
+
+# Usage: check_prerequisites.yml, mngmnt_network_container_image.yml
+mngmnt_network_image_name: mngmnt_network_container
+mngmnt_network_image_tag: latest
+mount_path: /root/omnia
+message_skipped: "The container is already present"
+message_installed: "The container is installed"
+mngmnt_base_file: "{{ role_path }}/../../input_params/base_vars.yml"

control_plane/roles/control_plane_ib/files/Dockerfile

@@ -0,0 +1,31 @@
+# Dockerfile for creating the management network container
+
+FROM centos:7
+
+# RPM REPOs
+RUN yum install -y \
+    epel-release \
+    && yum clean all \
+    && rm -rf /var/cache/yum
+
+RUN yum update -y \
+    && yum clean all \
+    && rm -rf /var/cache/yum
+
+RUN yum install -y \
+  ansible \
+  cronie \
+  dhcp \
+  net-tools \
+  && yum clean all \
+  &&  rm -rf /var/cache/yum
+
+RUN mkdir /root/omnia
+
+#Copy Configuration files
+COPY dhcpd.conf  /etc/dhcp/dhcpd.conf
+#COPY mngmnt_container_configure.yml /root/
+
+RUN systemctl enable dhcpd
+
+CMD ["sbin/init"]

control_plane/roles/control_plane_ib/files/dhcpd.conf

@@ -0,0 +1,48 @@
+
+# ******************************************************************
+# Cobbler managed dhcpd.conf file
+#
+# generated from cobbler dhcp.conf template ($date)
+# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
+# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
+# overwritten.
+#
+# ******************************************************************
+
+ddns-update-style interim;
+
+allow booting;
+allow bootp;
+
+ignore client-updates;
+set vendorclass = option vendor-class-identifier;
+
+option pxe-system-type code 93 = unsigned integer 16;
+
+subnet 172.25.0.0 netmask 255.255.0.0 {
+option subnet-mask 255.255.0.0;
+range dynamic-bootp 172.25.0.10 172.25.0.100;
+default-lease-time  21600;
+max-lease-time  43200;
+next-server 172.25.0.1;
+#insert the static DHCP leases for configuration here
+
+
+     class "pxeclients" {
+          match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
+          if option pxe-system-type = 00:02 {
+                  filename "ia64/elilo.efi";
+          } else if option pxe-system-type = 00:06 {
+                  filename "grub/grub-x86.efi";
+          } else if option pxe-system-type = 00:07 {
+                  filename "grub/grub-x86_64.efi";
+          } else if option pxe-system-type = 00:09 {
+                  filename "grub/grub-x86_64.efi";
+          } else {
+                  filename "pxelinux.0";
+          }
+     }
+
+}
+
+#end for

control_plane/roles/control_plane_ib/files/infiniband_container_configure.yml

@@ -0,0 +1,24 @@
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+- name: Initial  setup
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  tasks:
+  - name: Start dhcpd services
+    service:
+      name: dhcpd
+      state: started

control_plane/roles/control_plane_ib/files/infiniband_inventory_creation.yml

@@ -0,0 +1,43 @@
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+- hosts: localhost
+  connection: local
+  gather_facts: false
+  tasks:
+    - name: Read dhcp file
+      set_fact:
+        var: "{{ lookup('file', '/var/lib/dhcpd/dhcpd.leases').split()| unique | select| list }}"
+
+    - name: Filter the ip
+      set_fact:
+        vars_new: "{{ var| ipv4('address')| to_nice_yaml}}"
+
+    - name: Create the static ip
+      shell: awk -F',' 'NR >1{print $3}' omnia/appliance/roles/provision/files/new_mapping_file.csv > static_hosts.yml
+      changed_when: false
+      ignore_errors: true
+
+    - name: Create the dynamic inventory
+      shell: |
+        echo "[all]" >  omnia/appliance/roles/inventory/files/provisioned_hosts.yml
+        echo "{{ vars_new }}" > temp.txt
+        egrep -o '[1-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' temp.txt >>dynamic_hosts.yml
+      changed_when: false
+      ignore_errors: true
+
+    - name: Final inventory
+      shell: cat dynamic_hosts.yml static_hosts.yml| sort -ur  >> omnia/appliance/roles/inventory/files/provisioned_hosts.yml
+      changed_when: false

control_plane/roles/control_plane_ib/files/k8s_infiniband.yml

@@ -0,0 +1,36 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: infiniband-container
+  namespace: network-config
+  labels:
+    app: infiniband
+spec:
+  selector:
+    matchLabels:
+      app: infiniband
+  replicas: 1
+  strategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: infiniband
+    spec:
+      hostNetwork: true
+      volumes:
+        - name: omnia-storage
+          hostPath:
+            path: /home/omnia/
+            type: Directory
+      containers:
+        - name: infiniband-container
+          image: 'localhost/infiniband_container:latest'
+          imagePullPolicy: Never
+          command:
+            - /sbin/init
+          volumeMounts:
+            - name: omnia-storage
+              mountPath: /root/omnia
+          securityContext:
+            privileged: true

control_plane/roles/control_plane_ib/files/temp_dhcp.template

@@ -0,0 +1,48 @@
+
+# ******************************************************************
+# Cobbler managed dhcpd.conf file
+#
+# generated from cobbler dhcp.conf template ($date)
+# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
+# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
+# overwritten.
+#
+# ******************************************************************
+
+ddns-update-style interim;
+
+allow booting;
+allow bootp;
+
+ignore client-updates;
+set vendorclass = option vendor-class-identifier;
+
+option pxe-system-type code 93 = unsigned integer 16;
+
+subnet subnet_mask netmask net_mask {
+option subnet-mask net_mask;
+range dynamic-bootp start end;
+default-lease-time  21600;
+max-lease-time  43200;
+next-server next_server;
+#insert the static DHCP leases for configuration here
+
+
+     class "pxeclients" {
+          match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
+          if option pxe-system-type = 00:02 {
+                  filename "ia64/elilo.efi";
+          } else if option pxe-system-type = 00:06 {
+                  filename "grub/grub-x86.efi";
+          } else if option pxe-system-type = 00:07 {
+                  filename "grub/grub-x86_64.efi";
+          } else if option pxe-system-type = 00:09 {
+                  filename "grub/grub-x86_64.efi";
+          } else {
+                  filename "pxelinux.0";
+          }
+     }
+
+}
+
+#end for

control_plane/roles/control_plane_ib/tasks/check_prerequisites.yml

@@ -0,0 +1,72 @@
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+- name: Initialize variables
+  set_fact:
+    infiniband_container_status: false
+    infiniband_container_image_status: false
+    infiniband_container_config_status: false
+    infiniband_backup_map_status: false
+    infiniband_new_node_status: false
+  tags: install
+
+- name: Check if any backup file exists
+  block:
+  - name: Check status of backup file
+    stat:
+      path: "{{ role_path }}/files/backup_mapping_file.csv"
+    register: infiniband_backup_map
+
+  - name: Set status for backup file
+    set_fact:
+      infiniband_backup_map_status: true
+    when: infiniband_backup_map.stat.exists == true  
+  rescue:
+  - name: Message
+    debug:
+      msg: "All nodes are new"
+      verbosity: 2
+
+- name: Inspect the infiniband_container image
+  command: "buildah images {{ infiniband_image_name }}"
+  register: infiniband_container_image_result
+  ignore_errors: true
+  changed_when: false
+  tags: install
+
+- name: Check infiniband_container status on the machine
+  command: kubectl get pods -n network-config
+  register: infiniband_container_result
+  ignore_errors: true
+  changed_when: false
+  tags: install
+
+- name: Update infiniband_container image status
+  set_fact:
+    infiniband_container_image_status: true
+  when: "'No such image' not in infiniband_container_image_result.stderr"
+  tags: install
+
+- name: Update infiniband_container container status
+  set_fact:
+    infiniband_container_status: true
+  when: "'infiniband-container' in infiniband_container_result.stdout"
+  tags: install
+
+- name: Update infiniband_container  status
+  set_fact:
+    infiniband_container_config_status: true
+  when:
+    - infiniband_container_status == true

control_plane/roles/control_plane_ib/tasks/configure_infiniband_container.yml

@@ -0,0 +1,44 @@
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+- name: Check infiniband pod status
+  command: kubectl get pods -n network-config
+  changed_when: false
+  register: infiniband_pod_status
+  ignore_errors: true
+
+- name: Deploy infiniband pod
+  command: "kubectl apply -f {{ role_path }}/files/k8s_infiniband.yml"
+  changed_when: true
+  tags: install
+  when: infiniband_container_status == true and  infiniband_container_config_status == false
+
+- name: Wait for infiniband pod to come to ready state
+  command: kubectl wait --for=condition=ready -n network-config pod -l app=infiniband
+  changed_when: false
+  tags: install
+
+- name: Get infiniband pod name
+  command: 'kubectl get pod -n network-config -l app=infiniband -o jsonpath="{.items[0].metadata.name}"'
+  changed_when: false
+  register: infiniband_pod_name
+  tags: install
+
+- name: Configuring infiniband container
+  command: 'kubectl exec --stdin --tty -n network-config {{ infiniband_pod_name.stdout }} \
+    -- ansible-playbook /root/omnia/control_plane/roles/control_plane_ib/files/infiniband_container_configure.yml'
+  changed_when: false
+  tags: install
+#  when: infiniband_container_config_status == false

control_plane/roles/control_plane_ib/tasks/dhcp_configure.yml

@@ -0,0 +1,46 @@
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+- name: Create the dhcp template
+  copy:
+    src: "{{ role_path }}/files/temp_dhcp.template"
+    dest: "{{ role_path }}/files/dhcpd.conf"
+    mode: 0775
+  tags: install
+
+- name: Assign subnet and netmask
+  replace:
+    path: "{{ role_path }}/files/dhcpd.conf"
+    regexp: '^subnet subnet_mask netmask net_mask {'
+    replace: 'subnet {{ ib_subnet }} netmask {{ ib_netmask }} {'
+  tags: install
+
+- name: Assign netmask
+  replace:
+    path: "{{ role_path }}/files/dhcpd.conf"
+    regexp: '^option subnet-mask net_mask;'
+    replace: 'option subnet-mask {{ ib_netmask }};'
+
+- name: Assign DHCP range
+  replace:
+    path: "{{ role_path }}/files/dhcpd.conf"
+    regexp: '^range dynamic-bootp start end;'
+    replace: 'range dynamic-bootp {{ ib_network_dhcp_start_range }} {{ ib_network_dhcp_end_range }};'
+
+- name: Assign next server range
+  replace:
+    path: "{{ role_path }}/files/dhcpd.conf"
+    regexp: '^next-server next_server;'
+    replace: 'next-server {{ ib_ip }};'

control_plane/roles/control_plane_ib/tasks/infiniband_container_image.yml

@@ -0,0 +1,38 @@
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+- name: Image creation (It may take 5-10 mins)
+  command: "buildah bud -t {{ infiniband_image_name }}:{{ infiniband_image_tag }} --network host ."
+  changed_when: true
+  args:
+    chdir: "{{ role_path }}/files/"
+  tags: install
+
+- name: Update image name in k8s_infiniband.yml
+  replace:
+    path: "{{ role_path }}/files/k8s_infiniband.yml"
+    regexp: 'localhost/infiniband-container:latest'
+    replace: "localhost/{{ infiniband_image_name }}:{{ infiniband_image_tag }}"
+
+- name: Update omnia project path in k8s_infiniband.yml
+  replace:
+    path: "{{ role_path }}/files/k8s_infiniband.yml"
+    regexp: 'path: /root/omnia'
+    replace: "path: {{ role_path.split('control_plane')[0] }}"
+
+- name: Deploy infiniband pod
+  command: "kubectl apply -f {{ role_path }}/files/k8s_infiniband.yml"
+  changed_when: true
+  tags: install

control_plane/roles/control_plane_ib/tasks/main.yml

@@ -1,4 +1,4 @@
-# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -13,7 +13,49 @@
 #  limitations under the License.
 ---
 
-# Will be updated later in each PR
-- name: Pass
-  debug:
-    msg: "Pass"
+# Tasks file for infiniband
+
+- name: Check infiniband_container status on machine
+  include_tasks: check_prerequisites.yml
+
+- name: Include common variables
+  include_vars:  ../../control_plane_common/vars/main.yml
+  when: not infiniband_container_status
+
+- name: Internet validation
+  include_tasks:  ../../control_plane_common/tasks/internet_validation.yml
+  when: not infiniband_container_status
+
+#- name: Fetch base inputs
+#  include_tasks: ../../control_plane_common/tasks/fetch_base_inputs.yml
+#  when: not infiniband_container_status
+
+- name: Include variable file base_vars.yml
+  include_vars: "{{ ib_base_file }}"
+
+- name: Dhcp Configuration
+  import_tasks: dhcp_configure.yml
+  when: (not infiniband_container_image_status) or ( infiniband_backup_map_status == true)
+
+#- name: Mapping file validation
+#  import_tasks: mapping_file.yml
+#  when: (not infiniband_container_image_status) and (mapping_file == true) or ( backup_map_status == true)
+
+- name: infiniband_container image creation
+  import_tasks: infiniband_container_image.yml
+  when: not infiniband_container_status
+
+- name: infiniband_container configuration
+  import_tasks: configure_infiniband_container.yml
+
+- name: infiniband_container container status message
+  block:
+    - debug:
+        msg: "{{ infiniband_message_skipped }}"
+        verbosity: 2
+      when: infiniband_container_status
+    - debug:
+        msg: "{{ infiniband_message_installed }}"
+        verbosity: 2
+      when: not infiniband_container_status
+  tags: install

control_plane/roles/control_plane_ib/vars/main.yml

@@ -0,0 +1,24 @@
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+# vars file for infiniband
+
+# Usage: infiniband_container_image.yml
+infiniband_image_name: infiniband_container
+infiniband_image_tag: latest
+mount_path: /root/omnia
+infiniband_message_skipped: "The container is already present"
+infiniband_message_installed: "The container is installed"
+ib_base_file: "{{ role_path }}/../../input_params/base_vars.yml" 

control_plane/roles/provision_cobbler/files/inventory_creation.yml

@@ -1,4 +1,4 @@
-#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -26,18 +26,18 @@
         vars_new: "{{ var| ipv4('address')| to_nice_yaml}}"
 
     - name: Create the static ip
-      shell: awk -F',' 'NR >1{print $3}' omnia/control_plane/roles/provision/files/new_mapping_file.csv > static_hosts.yml
+      shell: awk -F',' 'NR >1{print $3}' omnia/control_plane/roles/provision_cobbler/files/new_mapping_file.csv > static_hosts.yml
       changed_when: false
       ignore_errors: true
 
     - name: Create the dynamic inventory
       shell: |
-        echo "[all]" >  omnia/control_plane/roles/collect_node_info/files/provisioned_hosts.yml
+        echo "[all]" >  omnia/control_plane/roles/inventory/files/provisioned_hosts.yml
         echo "{{ vars_new }}" > temp.txt
         egrep -o '[1-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' temp.txt >>dynamic_hosts.yml
       changed_when: false
       ignore_errors: true
 
     - name: Final inventory
-      shell: cat dynamic_hosts.yml static_hosts.yml| sort -ur  >> omnia/control_plane/roles/collect_node_info/files/provisioned_hosts.yml
-      changed_when: false     
+      shell: cat dynamic_hosts.yml static_hosts.yml| sort -ur  >> omnia/control_plane/roles/inventory/files/provisioned_hosts.yml
+      changed_when: false

control_plane/roles/provision_cobbler/files/k8s_cobbler.yml

@@ -0,0 +1,48 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cobbler
+  namespace: cobbler
+  labels:
+    app: cobbler
+spec:
+  selector:
+    matchLabels:
+      app: cobbler
+  replicas: 1
+  strategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: cobbler
+    spec:
+      hostNetwork: true
+      volumes:
+        - name: omnia-storage
+          hostPath:
+            path: /home/omnia/
+            type: Directory
+        - name: mnt-iso
+          hostPath:
+            path: /mnt/iso/
+            type: Directory
+      containers:
+        - name: cobbler
+          image: 'localhost/cobbler:latest'
+          imagePullPolicy: Never
+          command:
+            - /sbin/init
+          ports:
+            - containerPort: 25151
+            - containerPort: 443
+            - containerPort: 81
+            - containerPort: 69
+              protocol: UDP
+          volumeMounts:
+            - name: mnt-iso
+              mountPath: /mnt
+            - name: omnia-storage
+              mountPath: /root/omnia
+          securityContext:
+            privileged: true

control_plane/roles/provision_cobbler/files/kickstart.yml

@@ -1,4 +1,4 @@
-#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -12,6 +12,7 @@
 #  See the License for the specific language governing permissions and
 #  limitations under the License.
 ---
+
 - name: Initial cobbler setup
   hosts: localhost
   connection: local
@@ -117,4 +118,4 @@
     cron:
       name: Create inventory
       minute: "*/5"
-      job: "ansible-playbook /root/inventory_creation.yml"
+      job: "ansible-playbook /root/inventory_creation.yml"

control_plane/roles/provision_cobbler/files/start_cobbler.yml

@@ -1,4 +1,4 @@
-#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -22,6 +22,11 @@
       pause:
         minutes: 2
 
+    - name: Get cobbler pod name
+      command: 'kubectl get pod -n cobbler -l app=cobbler -o jsonpath="{.items[0].metadata.name}"'
+      changed_when: false
+      register: cobbler_pod_name
+
     - name: Execute cobbler sync in cobbler container
-      command: docker exec cobbler cobbler sync
+      command: 'kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- cobbler sync'
       changed_when: true

control_plane/roles/provision_cobbler/files/temp_centos7.ks

@@ -60,11 +60,4 @@ reboot
 %packages
 @core
 net-tools
-%end
-
-%post
-$SNIPPET('post_install_kernel_options')
-$SNIPPET('cobbler_register')
-$SNIPPET('kickstart_done')
-%end
-
+%end

control_plane/roles/provision_cobbler/files/temp_dhcp.template

@@ -19,8 +19,6 @@ set vendorclass = option vendor-class-identifier;
 option pxe-system-type code 93 = unsigned integer 16;
 
 subnet subnet_mask netmask net_mask {
-option routers router-ip;
-option domain-name-servers dns1, dns2;
 option subnet-mask net_mask;
 range dynamic-bootp start end;
 default-lease-time  21600;

control_plane/roles/provision_cobbler/files/tftp.yml

@@ -1,4 +1,4 @@
-#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -43,4 +43,4 @@
       command: systemctl start dhcpd.service
       args:
         warn: no
-      when: "('inactive' in dhcp_status.stdout) or ('unknown' in dhcp_status.stdout)"
+      when: "('inactive' in dhcp_status.stdout) or ('unknown' in dhcp_status.stdout)"

control_plane/roles/provision_cobbler/tasks/check_prerequisites.yml

@@ -1,4 +1,4 @@
-# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -39,53 +39,68 @@
       msg: "All nodes are new"
       verbosity: 2
 
+- name: Get K8s namespaces
+  command: kubectl get namespaces
+  changed_when: false
+  register: k8s_namespaces
+
+- name: Create namespace network-config
+  command: kubectl create namespace cobbler
+  changed_when: true
+  when: "'cobbler' not in k8s_namespaces.stdout"
+
 - name: Inspect the cobbler image
-  docker_image_info:
-    name: cobbler
+  command: "buildah images {{ cobbler_image_name }}"
   register: cobbler_image_result
+  ignore_errors: true
+  changed_when: false
   tags: install
-  vars:
-    ansible_python_interpreter: "/usr/bin/python3"
 
-- name: Check cobbler status on the machine
-  docker_container_info:
-    name: cobbler
-  register: cobbler_result
+- name: Check cobbler pod status on the machine
+  command: kubectl get pods -n cobbler
+  register: cobbler_pod_result
+  ignore_errors: true
+  changed_when: false
   tags: install
-  vars:
-    ansible_python_interpreter: "/usr/bin/python3"
 
 - name: Update cobbler image status
   set_fact:
     cobbler_image_status: true
-  when: cobbler_image_result.images| length==1
+  when: "'No such image' not in cobbler_image_result.stderr"
   tags: install
 
 - name: Update cobbler container status
   set_fact:
     cobbler_container_status: true
-  when: cobbler_result.exists
+  when: "'cobbler' in cobbler_pod_result.stdout"
+  tags: install
+
+- name: Get cobbler pod name
+  command: 'kubectl get pod -n cobbler -l app=cobbler -o jsonpath="{.items[0].metadata.name}"'
+  changed_when: false
+  register: cobbler_pod_name
+  when: cobbler_container_status
   tags: install
 
 - name: Fetch cobbler profile list
-  command: docker exec cobbler cobbler profile list
+  command: "kubectl exec --stdin --tty -n {{ cobbler_pod_name.stdout }} -- cobbler profile list"
   changed_when: false
   register: cobbler_profile_list
   ignore_errors: true
-  when: cobbler_container_status == true
+  when: cobbler_container_status
 
 - name: Check crontab list
-  command: docker exec cobbler crontab -l
+  command: "kubectl exec --stdin --tty -n {{ cobbler_pod_name.stdout }} -- crontab -l"
   changed_when: false
   register: crontab_list
   ignore_errors: true
-  when: cobbler_container_status == true
+  when: cobbler_container_status
 
-- name: Update cobbler container status
+- name: Update cobbler config status
   set_fact:
     cobbler_config_status: true
   when:
-    - cobbler_container_status == true
+    - cobbler_container_status
     - "'CentOS' in cobbler_profile_list.stdout"
     - "'* * * * * ansible-playbook /root/tftp.yml' in crontab_list.stdout"
-    - "'5 * * * * ansible-playbook /root/inventory_creation.yml' in crontab_list.stdout"
+    - "'5 * * * * ansible-playbook /root/inventory_creation.yml' in crontab_list.stdout"

control_plane/roles/provision_cobbler/tasks/cobbler_image.yml

@@ -1,4 +1,4 @@
-# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -14,19 +14,25 @@
 ---
 
 - name: Image creation (It may take 5-10 mins)
-  docker_image:
-    name: "{{ docker_image_name }}"
-    tag: "{{ docker_image_tag }}"
-    source: build
-    build:
-      path: "{{ role_path }}/files/"
-      network: host
-    state: present
+  command: "buildah bud -t {{ cobbler_image_name }}:{{ cobbler_image_tag }} --network host ."
+  changed_when: true
+  args:
+    chdir: "{{ role_path }}/files/"
   tags: install
-  vars:
-    ansible_python_interpreter: "/usr/bin/python3"
 
-- name: Run cobbler container
-  command: "{{ cobbler_run_command }}"
-  changed_when: false
-  tags: install
+- name: Update image name in k8s_cobbler.yml
+  replace:
+    path: "{{ role_path }}/files/k8s_cobbler.yml"
+    regexp: 'localhost/cobbler:latest'
+    replace: "localhost/{{ cobbler_image_name }}:{{ cobbler_image_tag }}"
+
+- name: Update omnia project path in k8s_cobbler.yml
+  replace:
+    path: "{{ role_path }}/files/k8s_cobbler.yml"
+    regexp: 'path: /root/omnia'
+    replace: "path: {{ role_path.split('control_plane')[0] }}"
+
+- name: Deploy cobbler pod
+  command: "kubectl apply -f {{ role_path }}/files/k8s_cobbler.yml"
+  changed_when: true
+  tags: install

control_plane/roles/provision_cobbler/tasks/configure_cobbler.yml

@@ -1,4 +1,4 @@
-# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,24 +12,29 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ---
-- name: Delete the cobbler container if exits
-  docker_container:
-    name: cobbler
-    state: absent
+
+- name: Deploy cobbler pod
+  command: "kubectl apply -f {{ role_path }}/files/k8s_cobbler.yml"
+  changed_when: true
   tags: install
-  when: cobbler_container_status == true and cobbler_config_status == false
+  when: cobbler_container_status and not cobbler_config_status
 
-- name: Run cobbler container
-  command: "{{ cobbler_run_command }}"
+- name: Wait for cobbler pod to come to ready state
+  command: kubectl wait --for=condition=ready -n cobbler pod -l app=cobbler
   changed_when: false
   tags: install
-  when: cobbler_container_status == true and cobbler_config_status == false
 
-- name: Configuring cobbler inside container (It may take 5-10 mins)
-  command: docker exec cobbler ansible-playbook /root/kickstart.yml
+- name: Get cobbler pod name
+  command: 'kubectl get pod -n cobbler -l app=cobbler -o jsonpath="{.items[0].metadata.name}"'
   changed_when: false
+  register: cobbler_pod_name
+  tags: install
+
+- name: Configuring cobbler inside container (It may take 5-10 mins)
+  command: "kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- ansible-playbook /root/kickstart.yml"
+  changed_when: true
   tags: install
-  when: cobbler_config_status == false
+  when: not cobbler_config_status
 
 - name: Schedule task
   cron:
@@ -37,12 +42,12 @@
     special_time: reboot
     job: "ansible-playbook {{ role_path }}/files/start_cobbler.yml"
   tags: install
-  when: cobbler_config_status == false
+  when: not cobbler_config_status
 
 - name: Execute cobbler sync in cobbler container
-  command: docker exec cobbler cobbler sync
+  command: 'kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- cobbler sync'
   changed_when: true
-  when: cobbler_config_status == true
+  when: cobbler_config_status
 
 - name: Remove the files
   file:
@@ -53,4 +58,4 @@
     - "{{ role_path }}/files/dhcp.template"
     - "{{ role_path }}/files/settings"
     - "{{ role_path }}/files/centos7.ks"
-    - "{{ role_path }}/files/new_mapping_file.csv.bak"
+    - "{{ role_path }}/files/new_mapping_file.csv.bak"

control_plane/roles/provision_cobbler/tasks/dhcp_configure.yml

@@ -1,4 +1,4 @@
-# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -32,27 +32,12 @@
     path: "{{ role_path }}/files/dhcp.template"
     regexp: '^option subnet-mask net_mask;'
     replace: 'option subnet-mask {{ netmask }};'
-  tags: install
-
-- name: Assign gateway
-  replace:
-    path: "{{ role_path }}/files/dhcp.template"
-    regexp: '^option routers router-ip;'
-    replace: 'option routers {{ dhcp_gateway }};'
-  tags: install
-
-- name: Assign DNS
-  replace:
-    path: "{{ role_path }}/files/dhcp.template"
-    regexp: '^option domain-name-servers dns1, dns2;'
-    replace: 'option domain-name-servers {{ dhcp_dns1 }}, {{ dhcp_dns2 }};'
-  tags: install
 
 - name: Assign DHCP range
   replace:
     path: "{{ role_path }}/files/dhcp.template"
     regexp: '^range dynamic-bootp start end;'
-    replace: 'range dynamic-bootp {{ dhcp_start_ip }} {{ dhcp_end_ip }};'
+    replace: 'range dynamic-bootp {{ host_network_dhcp_start_range }} {{ host_network_dhcp_end_range }};'
 
 - name: Create the cobbler settings file
   copy:
@@ -71,5 +56,4 @@
   replace:
     path: "{{ role_path }}/files/settings"
     regexp: '^next_server: ip'
-    replace: 'next_server: {{ hpc_ip }}'
-
+    replace: 'next_server: {{ hpc_ip }}'

control_plane/roles/provision_cobbler/tasks/firewall_settings.yml

@@ -1,4 +1,4 @@
-# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -61,4 +61,4 @@
   systemd:
     name: firewalld
     state: reloaded
-  tags: install
+  tags: install

control_plane/roles/provision_cobbler/tasks/main.yml

@@ -1,4 +1,4 @@
-#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -26,7 +26,21 @@
   import_tasks: firewall_settings.yml
   when: not cobbler_container_status
 
-- name: Include control_plane_common variables
+- name: Decrpyt login_vars.yml
+  command: >-
+    ansible-vault decrypt {{ login_file }}
+    --vault-password-file {{ login_vault_file }}
+  changed_when: false
+
+- name: Include variable file login_vars.yml
+  include_vars: "{{ login_file }}"
+#  no_log: true
+
+- name: Include variable file base_vars.yml
+  include_vars: "{{ base_file }}"
+#  no_log: true
+
+- name: Include common variables
   include_vars: ../../control_plane_common/vars/main.yml
   when: not cobbler_container_status
 
@@ -38,13 +52,19 @@
   import_tasks: provision_password.yml
   when: not cobbler_image_status
 
+- name: Encypt login file
+  command: >-
+    ansible-vault encrypt {{ login_file }}
+    --vault-password-file {{ login_vault_file }}
+  changed_when: false
+
 - name: Dhcp Configuration
   import_tasks: dhcp_configure.yml
   when: (not cobbler_image_status) or ( backup_map_status == true)
 
 - name: Mapping file validation
   import_tasks: mapping_file.yml
-  when: (not cobbler_image_status) and (mapping_file == true) or ( backup_map_status == true)
+  when: (not cobbler_image_status) and (host_mapping_file == true) or ( backup_map_status == true)
 
 - name: Cobbler image creation
   import_tasks: cobbler_image.yml

control_plane/roles/provision_cobbler/tasks/mapping_file.yml

@@ -1,4 +1,4 @@
-# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -13,7 +13,7 @@
 ---
 
 - name: Check if file is comma seperated
-  shell: awk -F\, '{print NF-1}' {{ path_for_mapping_file }}
+  shell: awk -F\, '{print NF-1}' {{ host_mapping_file_path }}
   register: comma_seperated
   changed_when: false
   tags: install
@@ -26,19 +26,19 @@
   tags: install
 
 - name: Remove blank lines
-  shell:  awk -F, 'length>NF+1' {{ path_for_mapping_file }} > {{ role_path }}/files/new_mapping_file.csv
+  shell:  awk -F, 'length>NF+1' {{ host_mapping_file_path }} > {{ role_path }}/files/new_host_mapping_file.csv
   changed_when: false
   tags: install
 
 - name: Remove blank spaces
-  shell:  sed -i.bak -E 's/(^|,)[[:blank:]]+/\1/g; s/[[:blank:]]+(,|$)/\1/g'  {{ role_path }}/files/new_mapping_file.csv
+  shell:  sed -i.bak -E 's/(^|,)[[:blank:]]+/\1/g; s/[[:blank:]]+(,|$)/\1/g'  {{ role_path }}/files/new_host_mapping_file.csv
   args:
     warn: no
   changed_when: false
   tags: install
 
 - name: Check if header present
-  shell:  awk 'NR==1 { print $1}' {{ role_path }}/files/new_mapping_file.csv
+  shell:  awk 'NR==1 { print $1}' {{ role_path }}/files/new_host_mapping_file.csv
   register: header
   changed_when: false
   tags: install
@@ -49,37 +49,37 @@
   when: header.stdout !=  valid_header
 
 - name: Count the hostname
-  shell: awk -F',' '{print $2}' {{ role_path }}/files/new_mapping_file.csv | wc -l
+  shell: awk -F',' '{print $2}' {{ role_path }}/files/new_host_mapping_file.csv | wc -l
   register: total_hostname
   changed_when: false
   tags: install
 
 - name: Count the ip
-  shell: awk -F',' '{print $3}' {{ role_path }}/files/new_mapping_file.csv | wc -l
+  shell: awk -F',' '{print $3}' {{ role_path }}/files/new_host_mapping_file.csv | wc -l
   register: total_ip
   changed_when: false
   tags: install
 
 - name: Count the macs
-  shell: awk -F',' '{print $1}' {{ role_path }}/files/new_mapping_file.csv | wc -l
+  shell: awk -F',' '{print $1}' {{ role_path }}/files/new_host_mapping_file.csv | wc -l
   register: total_mac
   changed_when: false
   tags: install
 
 - name: Check for duplicate hostname
-  shell: awk -F',' '{print $2}' {{ role_path }}/files/new_mapping_file.csv | uniq | wc -l
+  shell: awk -F',' '{print $2}' {{ role_path }}/files/new_host_mapping_file.csv | uniq | wc -l
   register: uniq_hostname
   changed_when: false
   tags: install
 
 - name: Check for duplicate ip
-  shell: awk -F',' '{print $3}' {{ role_path }}/files/new_mapping_file.csv | uniq | wc -l
+  shell: awk -F',' '{print $3}' {{ role_path }}/files/new__host_mapping_file.csv | uniq | wc -l
   register: uniq_ip
   changed_when: false
   tags: install
 
 - name: Check for duplicate mac
-  shell: awk -F',' '{print $1}' {{ role_path }}/files/new_mapping_file.csv | uniq | wc -l
+  shell: awk -F',' '{print $1}' {{ role_path }}/files/new_host_mapping_file.csv | uniq | wc -l
   register: uniq_mac
   changed_when: false
   tags: install
@@ -103,7 +103,7 @@
   tags: install
 
 - name: Check if _ or . or space present in hostname
-  shell: awk -F',' '{print $2}' {{ role_path }}/files/new_mapping_file.csv |grep -E -- '_|\.| '
+  shell: awk -F',' '{print $2}' {{ role_path }}/files/new_host_mapping_file.csv |grep -E -- '_|\.| '
   register: hostname_result
   ignore_errors: true
   changed_when: false
@@ -118,7 +118,7 @@
 - name: Compare the file for new nodes
   block:
   - name: difference
-    shell: diff {{ role_path }}/files/new_mapping_file.csv {{role_path}}/files/backup_mapping_file.csv| tr -d \>|tr -d \<| grep -E -- ', & :| '
+    shell: diff {{ role_path }}/files/new_host_mapping_file.csv {{role_path}}/files/backup_host_mapping_file.csv| tr -d \>|tr -d \<| grep -E -- ', & :| '
     register: diff_output
     when: backup_map_status == true
 
@@ -149,18 +149,28 @@
 
 - name: Create a backup file
   copy:
-    src: "{{ role_path }}/files/new_mapping_file.csv"
-    dest: "{{ role_path }}/files/backup_mapping_file.csv"
+    src: "{{ role_path }}/files/new_host_mapping_file.csv"
+    dest: "{{ role_path }}/files/backup_host_mapping_file.csv"
+
+- name: Get cobbler pod name
+  command: 'kubectl get pod -n cobbler -l app=cobbler -o jsonpath="{.items[0].metadata.name}"'
+  changed_when: false
+  register: cobbler_pod_name
+  when: cobbler_container_status
+  tags: install
 
 - name: Copy the dhcp.template inside container
-  command: docker exec cobbler cp {{ role_path }}/files/dhcp.template /etc/cobbler/dhcp.template
+  command: 'kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} \
+    -- cp /root/omnia/control_plane/roles/provision_cobbler/files/dhcp.template /etc/cobbler/dhcp.template'
+  changed_when: true
   when:  ( cobbler_container_status == true ) and ( new_node_status == true )
 
 - name: Cobbler sync for adding new nodes
-  command: docker exec cobbler cobbler sync
+  command: 'kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- cobbler sync'
+  changed_when: true
   when:  ( cobbler_container_status == true ) and ( new_node_status == true )
 
 - name: Restart dhcpd
-  command: docker exec cobbler systemctl restart dhcpd
-  when:  ( cobbler_container_status == true ) and ( new_node_status == true )
-
+  command: 'kubectl exec --stdin --tty -n cobbler {{ cobbler_pod_name.stdout }} -- systemctl restart dhcpd'
+  changed_when: true
+  when:  ( cobbler_container_status == true ) and ( new_node_status == true )

control_plane/roles/provision_cobbler/tasks/mount_iso.yml

@@ -1,4 +1,4 @@
-# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -19,12 +19,12 @@
 
 - name: Create iso directory
   file:
-    path: "/mnt/{{ iso_path }}"
+    path: "/mnt/{{ iso_dir_name }}"
     state: directory
   tags: install
 
 - name: Check mountpoint
-  command: mountpoint /mnt/{{ iso_path }}
+  command: mountpoint /mnt/{{ iso_dir_name }}
   changed_when: false
   register: result
   ignore_errors: yes
@@ -36,9 +36,9 @@
   tags: install
 
 - name: Mount the iso file
-  command: mount -o loop {{ path_for_iso_file }} /mnt/{{ iso_path }}
+  command: mount -o loop {{ iso_file_path }} /mnt/{{ iso_dir_name }}
   changed_when: false
   args:
     warn: no
   when: mount_check == true
-  tags: install
+  tags: install

control_plane/roles/provision_cobbler/tasks/provision_password.yml

@@ -1,4 +1,4 @@
-#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -23,7 +23,7 @@
   file:
     path: "{{ role_path }}/files/.users.digest"
     state: touch
-    mode: 0644
+    mode: "{{ user_mode }}"
   tags: install
 
 - name: Encrypt cobbler password
@@ -67,7 +67,7 @@
   no_log: true
 
 - name: Login password
-  command: openssl passwd -1 -salt {{ random_phrase }} {{ cobbler_password }}
+  command: openssl passwd -1 -salt {{ random_phrase }} {{ provision_password }}
   no_log: true
   changed_when: false
   register: login_pass
@@ -85,12 +85,12 @@
   replace:
     path: "{{ role_path }}/files/centos7.ks"
     regexp: '^network  --bootproto=dhcp --device=nic --onboot=on'
-    replace: 'network  --bootproto=dhcp --device={{ nic }} --onboot=on'
+    replace: 'network  --bootproto=dhcp --device={{ host_network_nic }} --onboot=on'
   tags: install
 
 - name: Configure kickstart file- timezone
   replace:
     path: "{{ role_path }}/files/centos7.ks"
     regexp: '^timezone --utc ks_timezone'
-    replace: 'timezone --utc {{ ks_timezone }}'
+    replace: 'timezone --utc {{ timezone }}'
   tags: install

control_plane/roles/provision_cobbler/vars/main.yml

@@ -1,4 +1,4 @@
-# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -26,20 +26,23 @@ not_comma_seperated: "Failed: Mapping file should be comma seperated."
 
 #Usage: check_prerequisite.yml
 iso_name: CentOS-7-x86_64-Minimal-2009.iso
-iso_fail: "Iso file not found. Download and copy the iso file to omnia/appliance/roles/provision/files"
+iso_fail: "Iso file not found. Download and copy the iso file to omnia/control_plane/roles/provision_cobbler/files"
 
 # Usage: provision_password.yml
 provision_encrypted_dest: ../files/
+login_file: "{{ role_path }}/../../input_params/login_vars.yml"
+base_file: "{{ role_path }}/../../input_params/base_vars.yml"
+login_vault_file: "{{ role_path }}/../../input_params/.login_vault_key"
 username: cobbler
+user_mode: 0644
 
 # Usage: cobbler_image.yml
-docker_image_name: cobbler
-docker_image_tag: latest
-cobbler_run_command: docker run -itd --privileged --net=host --restart=always -v {{ mount_path }}:/root/omnia  -v cobbler_www:/var/www/cobbler:Z -v cobbler_backup:/var/lib/cobbler/backup:Z -v /mnt/iso:/mnt:Z -p 69:69/udp -p 81:80 -p 443:443 -p 25151:25151 --name cobbler  cobbler:latest  /sbin/init
+cobbler_image_name: cobbler
+cobbler_image_tag: latest
 
 # Usage: main.yml
 message_skipped: "Installation Skipped: Cobbler instance is already running in your system"
 message_installed: "Installation Successful"
 
 # Usage: mount_iso.yml
-iso_path: iso
+iso_dir_name: iso

control_plane/roles/webui_awx/files/awx.yml

@@ -0,0 +1,37 @@
+---
+apiVersion: awx.ansible.com/v1beta1
+kind: AWX
+metadata:
+  name: awx
+  namespace: awx
+spec:
+  deployment_type: awx
+
+  #tower_hostname:
+  #tower_secret_key_secret:
+
+  #tower_extra_volumes:
+
+  #tower_admin_user: admin
+  #tower_admin_email:
+  #tower_admin_password_secret:
+
+  tower_ingress_type: Ingress
+  #tower_ingress_type:
+  #tower_loadbalancer_protocol:
+  #tower_loadbalancer_port:
+
+  #tower_image_pull_secret:
+
+  tower_postgres_storage_class: nfs-client
+
+  tower_projects_persistence: true
+  tower_projects_use_existing_claim: "_Yes_"
+  tower_projects_existing_claim: awx-pv-claim
+  tower_projects_storage_class: manual
+  tower_projects_storage_size: 10Gi
+  tower_projects_storage_access_mode: RWO
+
+  tower_ee_images:
+    - name: custom-awx-ee
+      image: localhost/custom-awx-ee

control_plane/roles/webui_awx/files/awx_ee.yml

@@ -0,0 +1,18 @@
+FROM quay.io/ansible/awx-ee:0.2.0
+
+USER root
+
+# add Ansible galaxy dependencies
+ADD requirements.yml /tmp/requirements.yml
+
+# install omsdk
+RUN pip install omsdk --upgrade
+
+# install Ansible Galaxy collections
+RUN ansible-galaxy collection install -r /tmp/requirements.yml --collections-path /usr/share/ansible/collections
+
+# add certificates
+RUN update-ca-trust force-enable
+RUN chmod -R 0777 /usr/share/ansible/collections
+
+USER 1000

control_plane/roles/webui_awx/files/awx_operator.yml

@@ -0,0 +1,531 @@
+# This file is generated by Ansible. Changes will be lost.
+# Update templates under ansible/templates/
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: awxs.awx.ansible.com
+  namespace: awx
+spec:
+  group: awx.ansible.com
+  names:
+    kind: AWX
+    listKind: AWXList
+    plural: awxs
+    singular: awx
+  scope: Namespaced
+  versions:
+    - name: v1beta1
+      served: true
+      storage: true
+      subresources:
+        status: {}
+      schema:
+        openAPIV3Schema:
+          description: Schema validation for the AWX CRD
+          properties:
+            spec:
+              properties:
+                deployment_type:
+                  description: Name of the deployment type
+                  type: string
+                  default: awx
+                kind:
+                  description: Kind of the deployment type
+                  type: string
+                  default: AWX
+                api_version:
+                  description: apiVersion of the deployment type
+                  type: string
+                  default: awx.ansible.com/v1beta1
+                tower_task_privileged:
+                  description: If a privileged security context should be enabled
+                  type: boolean
+                  default: false
+                tower_admin_user:
+                  description: Username to use for the admin account
+                  type: string
+                  default: admin
+                tower_hostname:
+                  description: The hostname of the instance
+                  type: string
+                tower_admin_email:
+                  description: The admin user email
+                  type: string
+                tower_admin_password_secret:
+                  description: Secret where the admin password can be found
+                  type: string
+                tower_postgres_configuration_secret:
+                  description: Secret where the database configuration can be found
+                  type: string
+                tower_old_postgres_configuration_secret:
+                  description: Secret where the old database configuration can be found for data migration
+                  type: string
+                tower_secret_key_secret:
+                  description: Secret where the secret key can be found
+                  type: string
+                tower_broadcast_websocket_secret:
+                  description: Secret where the broadcast websocket secret can be found
+                  type: string
+                tower_extra_volumes:
+                  description: Specify extra volumes to add to the application pod
+                  type: string
+                tower_ingress_type:
+                  description: The ingress type to use to reach the deployed instance
+                  type: string
+                  enum:
+                    - none
+                    - Ingress
+                    - ingress
+                    - Route
+                    - route
+                    - LoadBalancer
+                    - loadbalancer
+                    - NodePort
+                    - nodeport
+                tower_ingress_annotations:
+                  description: Annotations to add to the ingress
+                  type: string
+                tower_ingress_tls_secret:
+                  description: Secret where the ingress TLS secret can be found
+                  type: string
+                tower_loadbalancer_annotations:
+                  description: Annotations to add to the loadbalancer
+                  type: string
+                tower_loadbalancer_protocol:
+                  description: Protocol to use for the loadbalancer
+                  type: string
+                  default: http
+                  enum:
+                    - http
+                    - https
+                tower_loadbalancer_port:
+                  description: Port to use for the loadbalancer
+                  type: integer
+                  default: 80
+                tower_route_host:
+                  description: The DNS to use to points to the instance
+                  type: string
+                tower_route_tls_termination_mechanism:
+                  description: The secure TLS termination mechanism to use
+                  type: string
+                  default: Edge
+                  enum:
+                    - Edge
+                    - edge
+                    - Passthrough
+                    - passthrough
+                tower_route_tls_secret:
+                  description: Secret where the TLS related credentials are stored
+                  type: string
+                tower_node_selector:
+                  description: nodeSelector for the AWX pods
+                  type: string
+                tower_tolerations:
+                  description: node tolerations for the AWX pods
+                  type: string
+                tower_image:
+                  description: Registry path to the application container to use
+                  type: string
+                tower_image_version:
+                  description: Application container image version to use
+                  type: string
+                tower_ee_images:
+                  description: Registry path to the Execution Environment container to use
+                  type: array
+                  items:
+                    type: object
+                    properties:
+                      name:
+                        type: string
+                      image:
+                        type: string
+                tower_image_pull_policy:
+                  description: The image pull policy
+                  type: string
+                  default: IfNotPresent
+                  enum:
+                    - Always
+                    - always
+                    - Never
+                    - never
+                    - IfNotPresent
+                    - ifnotpresent
+                tower_image_pull_secret:
+                  description: The image pull secret
+                  type: string
+                tower_task_resource_requirements:
+                  description: Resource requirements for the task container
+                  properties:
+                    requests:
+                      properties:
+                        cpu:
+                          type: string
+                        memory:
+                          type: string
+                        storage:
+                          type: string
+                      type: object
+                    limits:
+                      properties:
+                        cpu:
+                          type: string
+                        memory:
+                          type: string
+                        storage:
+                          type: string
+                      type: object
+                  type: object
+                tower_web_resource_requirements:
+                  description: Resource requirements for the web container
+                  properties:
+                    requests:
+                      properties:
+                        cpu:
+                          type: string
+                        memory:
+                          type: string
+                        storage:
+                          type: string
+                      type: object
+                    limits:
+                      properties:
+                        cpu:
+                          type: string
+                        memory:
+                          type: string
+                        storage:
+                          type: string
+                      type: object
+                  type: object
+                tower_replicas:
+                  description: Number of instance replicas
+                  type: integer
+                  default: 1
+                  format: int32
+                tower_garbage_collect_secrets:
+                  description: Whether or not to remove secrets upon instance removal
+                  default: false
+                  type: boolean
+                tower_create_preload_data:
+                  description: Whether or not to preload data upon Tower instance creation
+                  default: true
+                  type: boolean
+                tower_task_args:
+                  type: array
+                  items:
+                    type: string
+                tower_task_command:
+                  type: array
+                  items:
+                    type: string
+                tower_web_args:
+                  type: array
+                  items:
+                    type: string
+                tower_web_command:
+                  type: array
+                  items:
+                    type: string
+                tower_task_extra_env:
+                  type: string
+                tower_web_extra_env:
+                  type: string
+                tower_ee_extra_volume_mounts:
+                  description: Specify volume mounts to be added to Execution container
+                  type: string
+                tower_task_extra_volume_mounts:
+                  description: Specify volume mounts to be added to Task container
+                  type: string
+                tower_web_extra_volume_mounts:
+                  description: Specify volume mounts to be added to the Web container
+                  type: string
+                tower_redis_image:
+                  description: Registry path to the redis container to use
+                  type: string
+                tower_redis_image_version:
+                  description: Redis container image version to use
+                  type: string
+                tower_postgres_image:
+                  description: Registry path to the PostgreSQL container to use
+                  type: string
+                tower_postgres_image_version:
+                  description: PostgreSQL container image version to use
+                  type: string
+                tower_postgres_selector:
+                  description: nodeSelector for the Postgres pods
+                  type: string
+                tower_postgres_tolerations:
+                  description: node tolerations for the Postgres pods
+                  type: string
+                tower_postgres_storage_requirements:
+                  description: Storage requirements for the PostgreSQL container
+                  properties:
+                    requests:
+                      properties:
+                        storage:
+                          type: string
+                      type: object
+                    limits:
+                      properties:
+                        storage:
+                          type: string
+                      type: object
+                  type: object
+                tower_postgres_resource_requirements:
+                  description: Resource requirements for the PostgreSQL container
+                  properties:
+                    requests:
+                      properties:
+                        cpu:
+                          type: string
+                        memory:
+                          type: string
+                      type: object
+                    limits:
+                      properties:
+                        cpu:
+                          type: string
+                        memory:
+                          type: string
+                      type: object
+                  type: object
+                tower_postgres_storage_class:
+                  description: Storage class to use for the PostgreSQL PVC
+                  type: string
+                tower_postgres_data_path:
+                  description: Path where the PostgreSQL data are located
+                  type: string
+                ca_trust_bundle:
+                  description: Path where the trusted CA bundle is available
+                  type: string
+                development_mode:
+                  description: If the deployment should be done in development mode
+                  type: boolean
+                ldap_cacert_secret:
+                  description: Secret where can be found the LDAP trusted Certificate Authority Bundle
+                  type: string
+                tower_projects_persistence:
+                  description: Whether or not the /var/lib/projects directory will be persistent
+                  default: false
+                  type: boolean
+                tower_projects_use_existing_claim:
+                  description: Using existing PersistentVolumeClaim
+                  type: string
+                  enum:
+                    - _Yes_
+                    - _No_
+                tower_projects_existing_claim:
+                  description: PersistentVolumeClaim to mount /var/lib/projects directory
+                  type: string
+                tower_projects_storage_class:
+                  description: Storage class for the /var/lib/projects PersistentVolumeClaim
+                  type: string
+                tower_projects_storage_size:
+                  description: Size for the /var/lib/projects PersistentVolumeClaim
+                  default: 8Gi
+                  type: string
+                tower_projects_storage_access_mode:
+                  description: AccessMode for the /var/lib/projects PersistentVolumeClaim
+                  default: ReadWriteMany
+                  type: string
+                extra_settings:
+                  description: Extra settings to specify for the API
+                  items:
+                    properties:
+                      setting:
+                        type: string
+                      value:
+                        type: string
+                    type: object
+                  type: array
+              type: object
+            status:
+              properties:
+                towerURL:
+                  description: URL to access the deployed instance
+                  type: string
+                towerAdminUser:
+                  description: Admin user of the deployed instance
+                  type: string
+                towerAdminPasswordSecret:
+                  description: Admin password of the deployed instance
+                  type: string
+                towerMigratedFromSecret:
+                  description: The secret used for migrating an old Tower.
+                  type: string
+                towerVersion:
+                  description: Version of the deployed instance
+                  type: string
+                towerImage:
+                  description: URL of the image used for the deployed instance
+                  type: string
+                conditions:
+                  description: The resulting conditions when a Service Telemetry is instantiated
+                  items:
+                    properties:
+                      status:
+                        type: string
+                      type:
+                        type: string
+                      reason:
+                        type: string
+                      lastTransitionTime:
+                        type: string
+                    type: object
+                  type: array
+              type: object
+          type: object
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  name: awx-operator
+  namespace: awx
+rules:
+  - apiGroups:
+      - route.openshift.io
+    resources:
+      - routes
+      - routes/custom-host
+    verbs:
+      - '*'
+  - apiGroups:
+      - ""
+      - "rbac.authorization.k8s.io"
+    resources:
+      - pods
+      - services
+      - services/finalizers
+      - serviceaccounts
+      - endpoints
+      - persistentvolumeclaims
+      - events
+      - configmaps
+      - secrets
+      - roles
+      - rolebindings
+    verbs:
+      - '*'
+  - apiGroups:
+      - apps
+      - extensions
+    resources:
+      - deployments
+      - daemonsets
+      - replicasets
+      - statefulsets
+      - ingresses
+    verbs:
+      - '*'
+  - apiGroups:
+      - monitoring.coreos.com
+    resources:
+      - servicemonitors
+    verbs:
+      - get
+      - create
+  - apiGroups:
+      - apps
+    resourceNames:
+      - awx-operator
+    resources:
+      - deployments/finalizers
+    verbs:
+      - update
+  - apiGroups:
+      - apps
+    resources:
+      - deployments/scale
+      - statefulsets/scale
+    verbs:
+      - patch
+  - apiGroups:
+      - ""
+    resources:
+      - pods/exec
+    verbs:
+      - create
+      - get
+  - apiGroups:
+      - apps
+    resources:
+      - replicasets
+    verbs:
+      - get
+  - apiGroups:
+      - awx.ansible.com
+    resources:
+      - '*'
+    verbs:
+      - '*'
+
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: awx-operator
+  namespace: awx
+subjects:
+  - kind: ServiceAccount
+    name: awx-operator
+    namespace: awx
+roleRef:
+  kind: ClusterRole
+  name: awx-operator
+  apiGroup: rbac.authorization.k8s.io
+
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: awx-operator
+  namespace: awx
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: awx-operator
+  namespace: awx
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      name: awx-operator
+  template:
+    metadata:
+      labels:
+        name: awx-operator
+    spec:
+      serviceAccountName: awx-operator
+      containers:
+        - name: awx-operator
+          image: "quay.io/ansible/awx-operator:0.9.0"
+          imagePullPolicy: "Always"
+          volumeMounts:
+            - mountPath: /tmp/ansible-operator/runner
+              name: runner
+          env:
+            # Watch all namespaces (cluster-scoped).
+            - name: WATCH_NAMESPACE
+              value: ""
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.name
+            - name: OPERATOR_NAME
+              value: awx-operator
+            - name: ANSIBLE_GATHERING
+              value: explicit
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: 6789
+            initialDelaySeconds: 15
+            periodSeconds: 20
+      volumes:
+        - name: runner
+          emptyDir: {}

control_plane/roles/webui_awx/files/awx_postgres_pv.yml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: awx-postgres-pv
+  namespace: awx
+  labels:
+    type: local
+spec:
+  storageClassName: nfs-client
+  capacity:
+    storage: 10Gi
+  accessModes:
+    - ReadWriteOnce
+  hostPath:
+    path: "/var/nfs_awx"

control_plane/roles/webui_awx/files/awx_projects_pv.yml

@@ -0,0 +1,29 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: awx-projects-pv
+  namespace: awx
+  labels:
+    type: local
+spec:
+  storageClassName: manual
+  capacity:
+    storage: 10Gi
+  accessModes:
+    - ReadWriteOnce
+  hostPath:
+    path: "/etc"
+
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: awx-pv-claim
+  namespace: awx
+spec:
+  storageClassName: manual
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 3Gi

control_plane/roles/webui_awx/files/requirements.yml

@@ -0,0 +1,5 @@
+---
+collections:
+  - community.general
+  - dellemc.openmanage
+  - dellemc.os10

control_plane/roles/webui_awx/tasks/awx_configuration.yml

@@ -1,4 +1,4 @@
-# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -13,272 +13,120 @@
 # limitations under the License.
 ---
 
-# Get Current AWX configuration
-- name: Waiting for 30 seconds for UI components to be accessible
-  wait_for:
-    timeout: 30
-
-- name: Organization list
-  block:
-    - name: Get organization list
-      command: >-
-        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-        organizations list -f human
-      register: organizations_list
-      changed_when: no
-      no_log: True
-  rescue:
-    - name: Message
-      fail:
-        msg: "{{ organizations_list.stdout | regex_replace(awx_user) | regex_replace(admin_password) }}"
-
-- name: Project list
-  block:
-    - name: Get project list
-      command: >-
-        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-        projects list -f human
-      register: projects_list
-      changed_when: no
-      no_log: True
-  rescue:
-    - name: Message
-      fail:
-        msg: "{{ projects_list.stdout | regex_replace(awx_user) | regex_replace(admin_password) }}"
-
-- name: Inventory list
-  block:
-    - name: Get inventory list
-      command: >-
-        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-        inventory list -f human
-      register: inventory_list
-      changed_when: no
-      no_log: True
-  rescue:
-    - name: Message
-      fail:
-        msg: "{{ inventory_list.stdout | regex_replace(awx_user) | regex_replace(admin_password) }}"
-
-- name: Credential list
-  block:
-    - name: Get credentials list
-      command: >-
-        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-        credentials list -f human
-      register: credentials_list
-      changed_when: no
-      no_log: True
-  rescue:
-    - name: Message
-      fail:
-        msg: "{{ credentials_list.stdout | regex_replace(awx_user) | regex_replace(admin_password) }}"
-
-- name: Template List
-  block:
-    - name: Get template list
-      command: >-
-        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-        job_templates list -f human
-      register: job_templates_list
-      changed_when: no
-      no_log: True
-  rescue:
-    - name: Message
-      fail:
-        msg: "{{ job_templates_list.stdout | regex_replace(awx_user) | regex_replace(admin_password) }}"
-
-- name: Group names
-  block:
-    - name: If omnia-inventory exists, fetch group names in the inventory
-      command: >-
-        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-        groups list --inventory "{{ omnia_inventory_name }}" -f human
-      register: groups_list
-      when: omnia_inventory_name in inventory_list.stdout
-      no_log: True
-  rescue:
-    - name: Message
-      fail:
-        msg: "{{ groups_list.stdout | regex_replace(awx_user) | regex_replace(admin_password) }}"
-
-- name: Schedules list
-  block:
-    - name: Get schedules list
-      command: >-
-        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-        schedules list -f human
-      register: schedules_list
-      changed_when: no
-      no_log: True
-  rescue:
-    - name: Message
-      fail:
-        msg: "{{ schedules_list.stdout | regex_replace(awx_user) | regex_replace(admin_password) }}"
-
-# Delete Default Configurations
-- name: Delete default configurations
-  block:
-    - name: Delete default organization
-      command: >-
-        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-        organizations delete "{{ default_org }}"
-      when: default_org in organizations_list.stdout
-      register: register_error
-      no_log: True
-
-    - name: Delete default job template
-      command: >-
-        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-        job_templates delete "{{ default_template }}"
-      when: default_template in job_templates_list.stdout
-      register: register_error
-      no_log: True
-
-    - name: Delete default project
-      command: >-
-        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-        projects delete "{{ default_projects }}"
-      when: default_projects in projects_list.stdout
-      register: register_error
-      no_log: True
-
-    - name: Delete default credential
-      command: >-
-        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-        credentials delete "{{ default_credentials }}"
-      when: default_credentials in credentials_list.stdout
-      register: register_error
-      no_log: True
-
-  rescue:
-    - name: Message
-      fail:
-        msg: "{{ register_error.stdout | regex_replace(awx_user) | regex_replace(admin_password) }}"
-
-# Create required configuration if not present
-- name: Create required configurations
-  block:
-    - name: Create organisation
-      command: >-
-        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-        organizations create --name "{{ organization_name }}"
-      when: organization_name not in organizations_list.stdout
-      register: register_error
-      no_log: True
-
-    - name: Create new project
-      command: >-
-        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-        projects create --name "{{ project_name }}" --organization "{{ organization_name }}"
-        --local_path "{{ role_path.split('/')[-4] }}"
-      when: project_name not in projects_list.stdout
-      register: register_error
-      no_log: True
-
-    - name: Create new omnia inventory
-      command: >-
-        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-        inventory create --name "{{ omnia_inventory_name }}" --organization "{{ organization_name }}"
-      when: omnia_inventory_name not in inventory_list.stdout
-      register: register_error
-      no_log: True
-
-    - name: Create groups in omnia inventory
-      command: >-
-        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-        groups create --name "{{ item }}" --inventory "{{ omnia_inventory_name }}"
-      when: omnia_inventory_name not in inventory_list.stdout or item not in groups_list.stdout
-      register: register_error
-      no_log: True
-      loop: "{{ group_names }}"
-
-    - name: Create credentials for omnia
-      command: >-
-        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-        credentials create --name "{{ credential_name }}" --organization "{{ organization_name }}"
-        --credential_type "{{ credential_type }}"
-        --inputs '{"username": "{{ cobbler_username }}", "password": "{{ cobbler_password }}"}'
-      when: credential_name not in credentials_list.stdout
-      register: register_error
-      no_log: True
-
-    - name: DeployOmnia Template
-      block:
-        - name: Create template to deploy omnia
-          command: >-
-            awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-            job_templates create
-            --name "{{ omnia_template_name }}"
-            --job_type run
-            --inventory "{{ omnia_inventory_name }}"
-            --project "{{ project_name }}"
-            --playbook "{{ omnia_playbook }}"
-            --verbosity "{{ playbooks_verbosity }}"
-            --ask_skip_tags_on_launch true
-          register: register_error
-          no_log: True
-
-        - name: Associate credential
-          command: >-
-            awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-            job_templates associate "{{ omnia_template_name }}"
-            --credential ""{{ credential_name }}""
-          register: register_error
-          no_log: True
-
-      when: omnia_template_name not in job_templates_list.stdout
-
-    - name: DynamicInventory template
-      block:
-        - name: Create template to fetch dynamic inventory
-          command: >-
-            awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-            job_templates create
-            --name "{{ inventory_template_name }}"
-            --job_type run
-            --inventory "{{ omnia_inventory_name }}"
-            --project "{{ project_name }}"
-            --playbook "{{ inventory_playbook }}"
-            --verbosity "{{ playbooks_verbosity }}"
-            --use_fact_cache true
-          register: register_error
-          no_log: True
-
-        - name: Associate credential
-          command: >-
-            awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-            job_templates associate "{{ inventory_template_name }}"
-            --credential ""{{ credential_name }}""
-          register: register_error
-          no_log: True
-
-      when: inventory_template_name not in job_templates_list.stdout
-
-    - name: Schedule dynamic inventory template
-      block:
-        - name: Get unified job template list
-          command: >-
-            awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-            unified_job_templates list --name "{{ inventory_template_name }}" -f human
-          no_log: True
-          register: unified_job_template_list
-
-        - name: Get job ID
-          set_fact:
-            job_id: "{{ unified_job_template_list.stdout | regex_search('[0-9]+') }}"
-
-        - name: Schedule dynamic inventory job
-          command: >-
-            awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
-            schedules create --name "{{ schedule_name }}"
-            --unified_job_template="{{ job_id }}" --rrule="{{ schedule_rule }}"
-          register: register_error
-          no_log: True
-
-      when: schedule_name not in schedules_list.stdout
-
-  rescue:
-    - name: Message
-      fail:
-        msg: "{{ register_error.stdout | regex_replace(awx_user) | regex_replace(admin_password) }}"
+# Deleting the defaults
+- name: Delete machine credential
+  awx.awx.tower_credential:
+    name: "{{ default_credential }}"
+    credential_type: "{{ default_credential_type }}"
+    state: absent
+    tower_config_file: "~/.tower_cli.cfg"
+
+- name: Delete job template
+  awx.awx.tower_job_template:
+    name: "{{ default_template }}"
+    state: absent
+    tower_config_file: "~/.tower_cli.cfg"
+    
+- name: Delete project
+  awx.awx.tower_project:
+    name: "{{ default_project }}"
+    state: absent
+    tower_config_file: "~/.tower_cli.cfg"
+
+- name: Delete organization
+  awx.awx.tower_organization:
+    name: "{{ default_org }}"
+    state: absent
+    tower_config_file: "~/.tower_cli.cfg"
+
+# Configuration begins
+- name: Create organization
+  awx.awx.tower_organization:
+    name: "{{ awx_organization }}"
+    description: "Name of organization using this product"
+    state: present
+    tower_config_file: "~/.tower_cli.cfg"
+
+- name: Create awx inventories
+  awx.awx.tower_inventory:
+    name: "{{ item.name }}"
+    description: "{{ item.description }}"
+    organization: "{{ awx_organization }}"
+    state: present
+    tower_config_file: "~/.tower_cli.cfg"
+  loop: "{{ inventory_names }}"
+  when: item.flag
+
+- name: Add groups to node_inventory
+  awx.awx.tower_group:
+    name: "{{ item.name }}"
+    description: "{{ item.description }}"
+    inventory: "node_inventory"
+    state: present
+    tower_config_file: "~/.tower_cli.cfg"
+  loop: "{{ group_names }}"
+
+- name: Add project
+  awx.awx.tower_project:
+    name: "{{ project_name }}"
+    description: "{{ project_description }}"
+    organization: "{{ awx_organization }}"
+    scm_type: manual
+    local_path: "{{ role_path.split('/')[-4] }}"
+    default_environment: "custom-awx-ee"
+    state: present
+    tower_config_file: "~/.tower_cli.cfg"
+
+- name: Add awx credentials
+  awx.awx.tower_credential:
+    name: "{{ item.name }}"
+    organization: "{{ awx_organization }}"
+    credential_type: "{{ item.type }}"
+    inputs:
+      username: "{{ item.username }}"
+      password: "{{ item.password }}"
+    state: present
+    tower_config_file: "~/.tower_cli.cfg"
+  loop: "{{ credential_details }}"
+  changed_when: true
+  when: item.flag
+
+- name: Create awx job templates
+  awx.awx.tower_job_template:
+    name: "{{ item.name }}"
+    job_type: "run"
+    organization: "{{ awx_organization }}"
+    inventory: "{{ item.inventory }}"
+    project: "{{ project_name }}"
+    playbook: "{{ item.playbook }}"
+    credentials:
+      - "{{ item.credential }}"
+    state: present
+    tower_config_file: "~/.tower_cli.cfg"
+  loop: "{{ job_template_details }}"
+  when: item.flag
+
+- name: Create deploy_omnia_template
+  awx.awx.tower_job_template:
+    name: "{{ item.name }}"
+    job_type: "run"
+    organization: "{{ awx_organization }}"
+    inventory: "{{ item.inventory }}"
+    project: "{{ project_name }}"
+    playbook: "{{ item.playbook }}"
+    credentials:
+      - "{{ item.credential }}"
+    ask_skip_tags_on_launch: true
+    state: present
+    tower_config_file: "~/.tower_cli.cfg"
+  loop: "{{ deploy_omnia_details }}"
+
+- name: Build a schedule for idrac job template
+  awx.awx.tower_schedule:
+    name: "{{ item.name }}"
+    unified_job_template: "{{ item.template }}"
+    rrule: "{{ schedule_rule }}"
+    state: present
+    tower_config_file: "~/.tower_cli.cfg"
+  register: result
+  loop: "{{ scheduled_templates}}"

control_plane/roles/webui_awx/tasks/configure_settings.yml

@@ -0,0 +1,71 @@
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+# Get Current AWX configuration
+
+- name: Get awx-service Cluster-IP
+  command: "kubectl get svc awx-service -n {{ awx_namespace }} -o jsonpath='{.spec.clusterIP}'"
+  register: awx_cluster_ip
+  changed_when: false
+
+- name: Get AWX admin password
+  shell: "kubectl get secret awx-admin-password -n {{ awx_namespace }} -o jsonpath='{.data.password}' | base64 --decode"
+  register: awx_admin_password
+  changed_when: false
+
+- name: Check if config file exists
+  stat:
+    path: "~/.tower_cli.cfg"
+  register: config_file_status
+
+- name: Create config file
+  copy:
+    dest:  "~/.tower_cli.cfg"
+    content: |
+      [general]
+      host: http://{{ awx_cluster_ip.stdout }}
+      username: admin
+      password: {{ awx_admin_password.stdout }}
+      verify_ssl: false
+      use_token: false
+    owner: root
+    mode: "{{ file_perm }}"
+
+- name: Stop and disable firewalld
+  service:
+    name: firewalld
+    state: stopped
+    enabled: no
+
+- name: Waiting for the AWX UI to be up
+  uri:
+    url: "http://{{ awx_cluster_ip.stdout }}"
+    status_code: "{{ return_status }}"
+  register: display
+  until: display.status == 200
+  retries: 20
+  delay: 15
+  changed_when: false
+
+- name: Waiting for the AWX UI to be in running state
+  uri:
+    url: "http://{{ awx_cluster_ip.stdout }}"
+    status_code: "{{ return_status }}"
+    return_content: true
+  register: display
+  until: awx_ui_msg not in display.content
+  retries: 20
+  delay: 15
+  changed_when: false

control_plane/roles/webui_awx/tasks/install_awx.yml

@@ -1,4 +1,4 @@
-# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -15,50 +15,82 @@
 
 # Tasks for installing AWX
 
-- name: Change inventory file
+- name: Get all namespaces
+  command: kubectl get ns
+  changed_when: false
+  register: namespaces
+
+- name: Create namespace
+  command: "kubectl create namespace {{ awx_namespace }}"
+  changed_when: true
+  when: "'awx' not in namespaces.stdout"
+
+- name: Get K8s pods
+  command: "kubectl get pods -n {{ awx_namespace }}"
+  changed_when: false
+  register: k8s_pods
+
+- name: Deploy awx-operator
+  command: "kubectl apply -f {{ awx_operator_yml_file_path }}"
+  changed_when: true
+  when: '"awx-operator" not in k8s_pods.stdout'
+
+- name: Get K8s persistent volumes
+  command: "kubectl get pv -n {{ awx_namespace }}"
+  changed_when: false
+  register: k8s_pvs
+
+- name: Configure host volume as playbooks directory path
   replace:
-    path: "{{ awx_inventory_path }}"
-    regexp: "{{ item.regexp }}"
-    replace: "{{ item.replace }}"
-  loop:
-    - { name: Project data directory, regexp: "{{ project_data_dir_old }}" , replace: "{{ project_data_dir_new }}" }
-    - { name: Alternate DNS Servers, regexp: "{{ awx_alternate_dns_servers_old }}", replace: "{{ awx_alternate_dns_servers_new }}" }
-    - { name: Credentials, regexp: "{{ admin_password_old }}", replace: "{{ admin_password_new }}"}
-  loop_control:
-    label: "{{ item.name }}"
-  tags: install
-
-- name: Ensure port is 8081
-  lineinfile:
-    path: "{{ awx_inventory_path }}"
-    regexp: "{{ port_old }}"
-    line: "{{ port_new }}"
+    path: "{{ awx_pv_yml_file_path }}"
+    regexp: 'path: "/etc"'
+    replace: 'path: "{{ playbook_dir | dirname | dirname }}"'
+  when: "'awx-projects-pv' not in k8s_pvs.stdout"
+
+- name: Create persistent volume and volumeclaim for projects
+  command: "kubectl apply -f {{ awx_pv_yml_file_path }}"
+  changed_when: true
+  when: "'awx-projects-pv' not in k8s_pvs.stdout"
+
+- name: Create persistent volume for postgres
+  command: "kubectl apply -f {{ awx_postgres_pv_file_path }}"
+  changed_when: true
+  when: "'awx-postgres-pv' not in k8s_pvs.stdout"
+
+- name: Get the docker images
+  command: buildah images
+  changed_when: false
+  register: docker_images
+
+- name: Build the custom-awx-ee image from the docker file
+  command: "buildah bud -t custom-awx-ee {{ awx_ee_docker_file }}"
+  changed_when: false
+  when: "'custom-awx-ee' not in docker_images.stdout"
+
+- name: Waiting for awx-operator deployment to be up and running
+  shell: "kubectl wait --for=condition=available deployment/awx-operator -n {{ awx_namespace }} --timeout=600s"
+  changed_when: false
+
+- name: Deploy awx
+  command: "kubectl apply -f {{ awx_yml_file_path }}"
+  changed_when: true
+  when: not k8s_pods.stdout | regex_search('awx-([A-Za-z0-9]{10})-([A-Za-z0-9]{5})')
+
+- name: Install awxkit using pip3
+  pip:
+    name: awxkit
     state: present
 
-- name: Create pgdocker directory
-  file:
-    path: "{{ pgdocker_dir_path }}"
-    state: directory
-    mode: 0775
-  tags: install
-
-- name: Install AWX
-  block:
-    - name: Run AWX install.yml file
-      command: ansible-playbook -i inventory install.yml --extra-vars "admin_password={{ admin_password }}"
-      args:
-        chdir: "{{ awx_installer_path }}"
-      register: awx_installation
-      no_log: True
-
-  rescue:
-    - name: Check AWX status on machine
-      include_tasks: check_awx_status.yml
-
-    - name: Fail if container are not running
-      fail:
-        msg: "AWX installation failed with error msg:
-        {{ awx_installation.stdout | regex_replace(admin_password) }}."
-      when: not awx_status
-
-  tags: install
+- name: Install awx collection
+  command: "ansible-galaxy collection install awx.awx:{{ awx_version }}"
+  changed_when: true
+  register: installation_status
+
+- name: Wait for awx pods to get created
+  wait_for:
+    timeout: "{{ awx_wait_time }}"
+  when: not k8s_pods.stdout | regex_search('awx-([A-Za-z0-9]{10})-([A-Za-z0-9]{5})')
+
+- name: Waiting for awx deployment to be up and running
+  shell: "kubectl wait --for=condition=available deployment/awx -n {{ awx_namespace }} --timeout=1200s"
+  changed_when: false

control_plane/roles/webui_awx/tasks/main.yml

@@ -1,4 +1,4 @@
-# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -14,63 +14,27 @@
 ---
 
 # Tasks for Deploying AWX on the system
-- name: Check AWX status on machine
-  include_tasks: check_awx_status.yml
-  tags: install
-
-- name: Include control_plane_common variables
-  include_vars: ../../control_plane_common/vars/main.yml
-  tags: install
 
 - name: Internet validation
   include_tasks: ../../control_plane_common/tasks/internet_validation.yml
-  when: not awx_status
-  tags: install
-
-- name: Clone AWX repo
-  include_tasks: clone_awx.yml
-  when: not awx_status
-  tags: install
-
-- name: Modify firewall config
-  include_tasks: firewall_settings.yml
-  when: not awx_status
   tags: install
 
 - name: Install AWX
   include_tasks: install_awx.yml
-  when: not awx_status
-  tags: install
-
-- name: Status message
-  block:
-    - debug:
-        msg: "{{ message_skipped }}"
-        verbosity: 2
-      when: awx_status
-    - debug:
-        msg: "{{ message_installed }}"
-        verbosity: 2
-      when: not awx_status
   tags: install
 
 - name: Internet validation
   include_tasks: ../../control_plane_common/tasks/internet_validation.yml
   tags: install
 
-- name: Install AWX-CLI
-  include_tasks: install_awx_cli.yml
+- name: Configure settings
+  include_tasks: configure_settings.yml
   tags: install
 
-- name: Check if AWX-UI is accessible
-  include_tasks: ui_accessibility.yml
+- name: Internet validation
+  include_tasks: ../../control_plane_common/tasks/internet_validation.yml
   tags: install
 
 - name: Configure AWX
-  block:
-    - include_tasks: awx_configuration.yml
-  rescue:
-    - name: Display msg
-      debug:
-        msg: "{{ conf_fail_msg }}"
+  include_tasks: awx_configuration.yml
   tags: install

control_plane/roles/webui_awx/vars/main.yml

@@ -1,4 +1,4 @@
-# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,58 +12,62 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ---
-
 # vars file for webui_awx
 
-# Usage: clone_awx.yml
-awx_git_repo: "https://github.com/ansible/awx.git"
-docker_volume: "/var/lib/docker/volumes/{{ docker_volume_name }}"
-awx_repo_path: "{{ docker_volume }}/awx/"
-awx_installer_path: "{{ awx_repo_path }}/installer/"
-
 # Usage: install_awx.yml
-awx_inventory_path: "{{ awx_repo_path }}/installer/inventory"
-pgdocker_dir_path: /var/lib/pgdocker
-project_data_dir_old: "#project_data_dir=/var/lib/awx/projects"
-project_data_dir_new: "project_data_dir= {{ role_path + '/../../../..' }} "
-awx_alternate_dns_servers_old: '#awx_alternate_dns_servers="10.1.2.3,10.2.3.4"'
-awx_alternate_dns_servers_new: 'awx_alternate_dns_servers="8.8.8.8,8.8.4.4"'
-admin_password_old: "admin_password=password"
-admin_password_new: "#admin_password=password"
-port_old: "host_port=80"
-port_new: "host_port=8081"
+awx_namespace: awx
+awx_pv_yml_file_path: "{{ role_path }}/files/awx_projects_pv.yml"
+awx_postgres_pv_file_path: "{{ role_path }}/files/awx_postgres_pv.yml"
+awx_pvc_yml_file_path: "{{ role_path }}/files/awx_projects_pvclaim.yml"
+awx_operator_yml_file_path: "{{ role_path }}/files/awx_operator.yml"
+awx_ee_docker_file: "{{ role_path }}/files/awx_ee.yml"
+awx_yml_file_path: "{{ role_path }}/files/awx.yml"
+postgres_storage_class: nfs-client
+projects_existing_claim: awx-pv-claim
+awx_version: 19.1.0
+file_perm: 644
+awx_wait_time: 90
 
-# Usage: main.yml
-message_skipped: "Installation Skipped: AWX instance is already running on your system"
-message_installed: "Installation Successful"
-awx_ip: http://localhost:8081
+# Usage: configure_settings.yml
+awx_ui_msg: "AWX Upgrading"
 return_status: 200
-awx_ui_msg: "Password Dialog"
-conf_fail_msg: "AWX configuration failed at the last executed task."
-
-# Usage: install_awx_cli.yml
-awx_cli_repo: "https://releases.ansible.com/ansible-tower/cli/ansible-tower-cli-centos7.repo"
-awx_cli_repo_path: "/etc/yum.repos.d/ansible-tower-cli-centos7.repo"
 
 # Usage: awx_configuration.yml
-awx_user: admin         #Don't change it. It is set as admin while installing AWX
 default_org: Default
 default_template: 'Demo Job Template'
-default_projects: 'Demo Project'
-default_credentials: 'Demo Credential'
-organization_name: DellEMC
-project_name: omnia
-omnia_inventory_name: omnia_inventory
+default_project: 'Demo Project'
+default_credential: 'Demo Credential'
+default_credential_type: Machine
+organization_name: 'DellEMC'
+project_name: 'omnia'
+project_description: "Directory which contains configuration playbooks"
+inventory_names:
+  - { name: idrac_inventory, description: "Inventory to store IPs of idrac servers", flag: true }
+  - { name: ethernet_inventory, description: "Inventory to store IPs of ethernet switches", flag: "{{ ethernet_switch_support }}" }
+  - { name: infiniband_inventory, description: "Inventory to store IPs of infiniband switches", flag: "{{ ib_switch_support }}" }
+  - { name: powervault_me4_inventory, description: "Inventory to store IPs of ME4 servers", flag: "{{ powervault_support }}" }
+  - { name: node_inventory, description: "Inventory to store host IPs of servers", flag: true }
 group_names:
-  - manager
-  - compute
-credential_name: omnia_credential
-credential_type: Machine
-cobbler_username: root
-omnia_template_name: DeployOmnia
-omnia_playbook: omnia.yml
-inventory_template_name: DynamicInventory
-inventory_playbook: control_plane/collect_node_info.yml
-playbooks_verbosity: 0
-schedule_name: DynamicInventorySchedule
-schedule_rule: "DTSTART:20201201T000000Z RRULE:FREQ=MINUTELY;INTERVAL=10"
+  - { name: manager, description: "Group to store IP of head node" }
+  - { name: compute, description: "Group to store IPs of compute nodes" }
+  - { name: login, description: "Group to store IP of login node" }
+  - { name: nfs, description: "Group to store IP of NFS node" }
+credential_details:
+  - { name: idrac_credential, type: Network, username: "{{ idrac_username }}", password: "{{ idrac_password }}", flag: true }
+  - { name: ethernet_credential, type: Machine, username: "{{ ethernet_switch_username }}", password: "{{ ethernet_switch_password }}", flag: "{{ ethernet_switch_support }}" }
+  - { name: infiniband_credential, type: Network, username: "{{ ib_username }}", password: "{{ ib_password }}", flag: "{{ ib_switch_support }}" }
+  - { name: powervault_me4_credential, type: Network, username: "{{ powervault_me4_username }}", password: "{{ powervault_me4_password }}", flag: "{{ powervault_support }}" }
+  - { name: node_credential, type: Machine, username: root, password: "{{ provision_password }}", flag: true }
+job_template_details:
+  - { name: idrac_template, inventory: idrac_inventory, playbook: control_plane/idrac.yml, credential: idrac_credential, flag: true }
+  - { name: ethernet_template, inventory: ethernet_inventory, playbook: control_plane/ethernet.yml, credential: ethernet_credential, flag: "{{ ethernet_switch_support }}" }
+  - { name: infiniband_template, inventory: infiniband_inventory, playbook: control_plane/infiniband.yml, credential: infiniband_credential, flag: "{{ ib_switch_support }}" }
+  - { name: powervault_me4_template, inventory: powervault_me4_inventory, playbook: control_plane/powervault_me4.yml, credential: powervault_me4_credential, flag: "{{ powervault_support }}" }
+  - { name: node_inventory_job, inventory: node_inventory, playbook: control_plane/collect_node_info.yml, credential: node_credential, flag: true }
+  - { name: device_inventory_job, inventory: node_inventory, playbook: control_plane/collect_device_info.yml, credential: node_credential, flag: true }
+deploy_omnia_details:
+  - { name: deploy_omnia_template, inventory: node_inventory, playbook: omnia.yml, credential: node_credential }
+schedule_rule: "DTSTART:20210608T120000Z RRULE:FREQ=MINUTELY;INTERVAL=10"
+scheduled_templates:
+  - { name: NodeInventorySchedule, template: node_inventory_job }
+  - { name: DeviceInventorySchedule, template: device_inventory_job }