Merge pull request #495 from abhishek-s-a/provision_idrac

Issue #494: Allow PXE provisioning even when idrac enterprise license is present

control_plane/input_params/base_vars.yml

@@ -68,6 +68,13 @@ awx_organization: "DellEMC"
 
 ### Usage: provision_cobbler, provision_idrac ###
 
+# This variable is used to set node provisioning method
+# It accepts values: idrac, pxe
+# Default value is "idrac"
+# If provisioning needs to be done through cobbler, set it to "pxe"
+# If idrac license is not present, provisioning mode will be set to "pxe"
+provision_method: "idrac"
+
 # This is the timezone that will be set during provisioning of OS
 # Available timezones are provided in control_plane/common/files/timezone.txt
 # Default timezone will be "GMT"
@@ -142,4 +149,4 @@ ib_network_dhcp_end_range: ""
 # Eg: xx:yy:zz:aa:bb,server,172.17.0.5
 # A template for mapping file exists in omnia/examples and is named as mapping_file.csv.
 # This depicts the path where user has kept the mapping file for DHCP configurations.
-ib_mapping_file_path: ""
+ib_mapping_file_path: ""

control_plane/roles/control_plane_common/tasks/fetch_base_inputs.yml

@@ -34,7 +34,8 @@
       mngmnt_network_dhcp_end_range | length < 1 or
       host_network_nic | length < 1 or
       host_network_dhcp_start_range | length < 1 or
-      host_network_dhcp_end_range | length < 1
+      host_network_dhcp_end_range | length < 1 or
+      provision_method | length < 1
 
 - name: Validate infiniband base_vars are not empty
   assert:
@@ -47,7 +48,6 @@
   register: ib_check
   when: ib_switch_support
 
-
 - name: Set facts to validate snmp support
   set_fact:
     snmp_enabled: false   
@@ -159,6 +159,13 @@
     success_msg: "{{ success_awx_organization }}"
     fail_msg: "{{ fail_awx_organization }}"
 
+- name: Assert provisioning method
+  assert:
+    that:
+      - provision_method == "pxe" or provision_method == "idrac"
+    success_msg: "{{ success_provision_method }}"
+    fail_msg: "{{ fail_provision_method }}"
+    
 - name: Check timezone file
   command: grep -Fx "{{ timezone }}" {{ role_path }}/files/timezone.txt
   ignore_errors: yes
@@ -452,4 +459,4 @@
       - ib_network_nic != host_network_nic
     success_msg: "{{ success_msg_different_nics_ib }}"
     fail_msg: "{{ fail_msg_different_nics_ib }}"
-  when: ib_switch_support
+  when: ib_switch_support

control_plane/roles/control_plane_common/vars/main.yml

@@ -89,6 +89,8 @@ success_msg_k8s_pod_network_cidr: "Appliance k8s pod network cidr validated"
 fail_msg_k8s_pod_network_cidr: "Failed. Incorrect appliance k8s pod network cidr provided in base_vars.yml"
 success_awx_organization: "awx organization validated"
 fail_awx_organization: "Failed. Incorrect format in awx organization"
+success_provision_method: "Provision method validated"
+fail_provision_method: "Failed. Provision method can either be set to idrac or pxe"
 success_timezone_msg: "timezone validated"
 fail_timezone_msg: "Failed. Incorrect timezone provided. Please check the file timezone.txt in control_plane/roles/control_plane_common/files/ folder"
 fail_language: "Failed. Only en-US(english) language supported"
@@ -137,4 +139,4 @@ exports_file_path: /etc/exports
 nfs_services:
   - mountd
   - rpc-bind
-  - nfs
+  - nfs

control_plane/roles/control_plane_customiso/files/temp_centos7.cfg

@@ -53,4 +53,9 @@ reboot
 %packages
 @core
 net-tools
-%end
+%end
+
+%post --log=/root/ks-post.log
+yum groupinstall "Infiniband Support" -y
+yum install infiniband-diags perftest qperf -y
+%end

control_plane/roles/control_plane_customiso/vars/main.yml

@@ -32,9 +32,15 @@ host_nic:
  - em4
  - p4p1
  - p4p2
+ - p3p1
+ - p3p2
+ - p2p1
+ - p2p2
+ - p1p2
+ - p1p1
 
 #Usage: create_unattended_iso.yml
 unattended_iso_filename: unattended_centos7.iso
 custom_iso_success_msg: "Unattended ISO file created successfully"
 custom_iso_fail_msg: "Unattended ISO file creation failed. Ensure /mnt/iso path is mounted with valid centos minimal ISO file."
-management_station_ip_file: "management_station_ip.txt"
+management_station_ip_file: "management_station_ip.txt"

control_plane/roles/provision_idrac/tasks/check_prerequisites.yml

@@ -42,30 +42,6 @@
 - name: Set management_station_ip
   set_fact:
     management_station_ip: "{{ fetch_ip.stdout }}"
-    
-- name: Check NFS share access
-  idrac_server_config_profile:
-    idrac_ip: "{{ inventory_hostname }}"
-    idrac_user: "{{ idrac_username }}"
-    idrac_password: "{{ idrac_password }}"
-    share_name: "{{ management_station_ip }}:{{ nfs_share_offline_repo }}"
-    command: "export"
-    scp_components: "BIOS"
-    scp_file: "{{ nfs_check_file }}"
-    export_format: XML
-    export_use: Default
-    job_wait: true
-  register: nfs_check
-  ignore_errors: true
-  until: not nfs_check.failed
-  retries: 3
-
-- name: Missing entries in nfs exports
-  fail:
-    msg: "{{ missing_exports_fail_msg }}"
-  when:
-    - nfs_check_key in nfs_check.msg or
-      nfs_check_key in nfs_check.scp_status.Status
 
 - name: Initialize variables
   set_fact:
@@ -77,6 +53,8 @@
     datacenter_license: false
     provision_status: false
     model_status: false
+    idrac_license_name: ""
+    deploy_os_status: false
 
 - block:
     - name: Check tower_cli.cfg is encrypted
@@ -192,6 +170,7 @@
     - name: Set enterprise license status
       set_fact:
         enterprise_license: true
+        idrac_license_name: "{{ idrac_info.system_info.License[my_idx1].LicenseDescription }}"
       with_items: "{{ idrac_info.system_info.License }}"
       when:
         - '"iDRAC" in idrac_info.system_info.License[my_idx1].LicenseDescription'
@@ -204,6 +183,7 @@
     - name: Set datacenter license status
       set_fact:
         datacenter_license: true
+        idrac_license_name: "{{ idrac_info.system_info.License[my_idx1].LicenseDescription }}"
       with_items: "{{ idrac_info.system_info.License }}"
       when:
         - '"iDRAC" in idrac_info.system_info.License[my_idx2].LicenseDescription'
@@ -212,4 +192,47 @@
         - '"Healthy" in idrac_info.system_info.License[my_idx2].PrimaryStatus'
       loop_control:
         index_var: my_idx2
-  when: not provision_status
+
+    - name: Change provision mode in absence of license
+      set_fact:
+        provision_method: "pxe"
+      when: not (enterprise_license or datacenter_license)
+
+    - name: Firmware version of iDRAC9 not supported
+      debug:
+        msg: "{{ idrac9_firmware_not_supported_msg }}"
+      when:
+        - '"iDRAC9" in idrac_license_name'
+        - idrac_info.system_info.iDRAC[0].FirmwareVersion < idrac9_supported_version
+
+    - name: Firmware version of iDRAC8 not supported
+      debug:
+        msg: "{{ idrac8_firmware_not_supported_msg }}"
+      when:
+        - '"iDRAC8" in idrac_license_name'
+        - idrac_info.system_info.iDRAC[0].FirmwareVersion < idrac8_supported_version
+
+    - name: Check NFS share access
+      dellemc.openmanage.idrac_server_config_profile:
+        idrac_ip: "{{ inventory_hostname }}"
+        idrac_user: "{{ idrac_username }}"
+        idrac_password: "{{ idrac_password }}"
+        share_name: "{{ management_station_ip }}:{{ nfs_share_offline_repo }}"
+        command: "export"
+        scp_components: "BIOS"
+        scp_file: "{{ nfs_check_file }}"
+        export_format: XML
+        export_use: Default
+        job_wait: true
+      register: nfs_check
+      ignore_errors: true
+      until: not nfs_check.failed
+      retries: "{{ retries_count }}"
+
+    - name: Missing entries in nfs exports
+      fail:
+        msg: "{{ missing_exports_fail_msg }}"
+      when:
+        - nfs_check_key in nfs_check.msg or
+          nfs_check_key in nfs_check.scp_status.Status
+  when: not provision_status

control_plane/roles/provision_idrac/tasks/deploy_os.yml

@@ -13,24 +13,21 @@
 # limitations under the License.
 ---
 
-- name: Set one-time boot device to PXE
-  community.general.redfish_command:
-    category: Systems
-    command: SetOneTimeBoot
-    bootdevice: "Pxe"
-    baseuri: "{{ inventory_hostname }}"
-    username: "{{ idrac_username }}"
-    password: "{{ idrac_password }}"
-  when: not (enterprise_license or datacenter_license)
+- name: Configure boot order for PXE booting
+  dellemc.openmanage.idrac_bios:
+    idrac_ip: "{{ inventory_hostname }}"
+    idrac_user: "{{ idrac_username }}"
+    idrac_password: "{{ idrac_password }}"
+    attributes:
+      SetBootOrderEn: NIC.PxeDevice.1-1,NIC.PxeDevice.2-1,NIC.PxeDevice.3-1,NIC.PxeDevice.4-1
+      UefiBootSeq: NIC.PxeDevice.1-1,NIC.PxeDevice.2-1,NIC.PxeDevice.3-1,NIC.PxeDevice.4-1
+  register: deploy_os_pxe
+  when: provision_method == "pxe"
 
-- name: Reboot server
-  dellemc.openmanage.redfish_powerstate:
-    baseuri: "{{ inventory_hostname }}"
-    username: "{{ idrac_username }}"
-    password: "{{ idrac_password }}"
-    reset_type: ForceRestart
-  when: not (enterprise_license or datacenter_license)
-  register: deploy_os
+- name: Set deploy_os_status when provision_method == pxe
+  set_fact:
+    deploy_os_status: "{{ not deploy_os_pxe.failed }}"
+  when: provision_method == "pxe"
 
 - name: Install OS using iDRAC
   dellemc.openmanage.idrac_os_deployment:
@@ -40,12 +37,17 @@
     share_name: "{{ management_station_ip }}:{{ nfs_share_offline_repo }}"
     iso_image: "{{ unattended_iso_filename }}"
     expose_duration: "{{ expose_duration }}"
-  register: deploy_os
-  when: enterprise_license or datacenter_license
+  register: deploy_os_idrac
+  when: provision_method == "idrac"
+
+- name: Set deploy_os_status when provision_method == idrac
+  set_fact:
+    deploy_os_status: "{{ not deploy_os_idrac.failed }}"
+  when: provision_method == "idrac"
 
 - name: Add to provisioned_hosts to inventory
   command: >-
-    awx --conf.host {{ awx_host }} --conf.username {{ awx_username }} --conf.password {{ awx_password }} 
+    awx --conf.host {{ awx_host }} --conf.username {{ awx_username }} --conf.password {{ awx_password }}
     hosts create --name {{ inventory_hostname }} --inventory "{{ provisioned_idrac_inventory_name }}"
   register: update_inventory
   changed_when: true
@@ -53,9 +55,9 @@
   when:
     - awx_search_key in hostname.stdout
     - inventory_hostname not in fetch_inventory.stdout
-    - not deploy_os.failed
+    - deploy_os_status
 
 - name: Provision OS status
   debug:
     msg: "{{ provision_os_msg }}"
-  when: not deploy_os.failed
+  when: deploy_os_status

control_plane/roles/provision_idrac/tasks/import_scp.yml

@@ -44,22 +44,29 @@
     path: "{{ role_path }}/files/{{ scp_filename }}"
     line: "{{ item }}"
     insertafter: '^(.*)SysProfile'
-    with_items:
-      - '  <Attribute Name="PxeDev1VlanPriority">0</Attribute>'
-      - '  <Attribute Name="PxeDev1Interface">NIC.Integrated.1-1-1</Attribute>'
-      - '  <Attribute Name="PxeDev1VlanId">1</Attribute>'
-      - '  <Attribute Name="PxeDev1VlanEnDis">Enabled</Attribute>'
-      - '  <Attribute Name="PxeDev1Protocol">IPv4</Attribute>'
-      - '  <Attribute Name="PxeDev1EnDis">Enabled</Attribute>'
-  when: not (enterprise_license or datacenter_license)
+  with_items:
+    - '  <Attribute Name="PxeDev1EnDis">Enabled</Attribute>'
+    - '  <Attribute Name="PxeDev2EnDis">Enabled</Attribute>'
+    - '  <Attribute Name="PxeDev3EnDis">Enabled</Attribute>'
+    - '  <Attribute Name="PxeDev4EnDis">Enabled</Attribute>'
+    - '  <Attribute Name="HttpDev1EnDis">Disabled</Attribute>'
+    - '  <Attribute Name="HttpDev2EnDis">Disabled</Attribute>'
+    - '  <Attribute Name="HttpDev3EnDis">Disabled</Attribute>'
+    - '  <Attribute Name="HttpDev4EnDis">Disabled</Attribute>'
+  when: provision_method == "pxe"
   run_once: true
 
 - name: Disable PXE attributes to SCP file
   lineinfile:
     path: "{{ role_path }}/files/{{ scp_filename }}"
-    line: '  <Attribute Name="PxeDev1EnDis">Disabled</Attribute>'
+    line: "{{ item }}"
     insertafter: '^(.*)SysProfile'
-  when: enterprise_license or datacenter_license
+  with_items:
+    - '  <Attribute Name="PxeDev1EnDis">Disabled</Attribute>'
+    - '  <Attribute Name="PxeDev2EnDis">Disabled</Attribute>'
+    - '  <Attribute Name="PxeDev3EnDis">Disabled</Attribute>'
+    - '  <Attribute Name="PxeDev4EnDis">Disabled</Attribute>'
+  when: provision_method == "idrac"
   run_once: true
 
 - name: Add SNMP community name attribute to SCP file
@@ -89,12 +96,14 @@
     command: "import"
     scp_file: "{{ scp_filename }}"
     scp_components: "ALL"
-    shutdown_type: "Graceful"
+    shutdown_type: "Forced"
     job_wait: "True"
   register: import_scp_status
-
+  until: not import_scp_status.failed
+  retries: "{{ retries_count }}"
+  
 - name: Remove the SCP file
   file:
     path: "{{ role_path }}/files/{{ scp_filename }}"
     state: absent
-  run_once: true
+  run_once: true

control_plane/roles/provision_idrac/vars/main.yml

@@ -44,6 +44,11 @@ nfs_check_file: "nfs_check.xml"
 provisioned_idrac_inventory_name: "provisioned_idrac_inventory"
 awx_vars_filename: ".tower_cli.cfg"
 awx_vaultname: ".tower_vault_key"
+idrac9_supported_version: "4.40.40.00"
+idrac9_firmware_not_supported_msg: "[WARNING]Firmware version of iDRAC9 less than 4.40.40.00 is not supported for provisioning. Following tasks can be failed due to older firmware version. In case of failure, update firmware manually and re-run the idrac_template"
+idrac8_supported_version: "2.75.75.75"
+idrac8_firmware_not_supported_msg: "[WARNING]Firmware version of iDRAC8 less than 2.75.75.75 is not supported for provisioning. Following tasks can be failed due to older firmware version. In case of failure, update firmware manually and re-run the idrac_template"
+retries_count: 5
 
 # Usage: update_firmware.yml
 idrac_port: 443
@@ -60,4 +65,4 @@ raid_level: "RAID 0"
 # Usage: deploy_os.yml
 expose_duration: 60
 file_permission: 0644
-provision_os_msg: "OS provisioning is initiated. Wait for installation to complete for all servers."
+provision_os_msg: "OS provisioning is initiated. Wait for installation to complete for all servers."